Report - othn.pnsiayfas.net/?qzopaqrv.apple.com=https//account.apple.com)%E3%81%AB%E3%82%A2%E3%82%AF%E3%82%BB%E3%82%B9%E3%81%97%E3%81%A6%E3%81%8F%E3%81%A0%E3%81%95%E3%81%84%E3%80%82

Report Overview

Visited public
2025-03-15 10:08:29
Tags
URL
othn.pnsiayfas.net/?qzopaqrv.apple.com=https//account.apple.com)%E3%81%AB%E3%82%A2%E3%82%AF%E3%82%BB%E3%82%B9%E3%81%97%E3%81%A6%E3%81%8F%E3%81%A0%E3%81%95%E3%81%84%E3%80%82
Finishing URL
oisbafaisapp.com/apple/
IP / ASN
172.67.199.250
#13335 CLOUDFLARENET
Title
oisbafaisapp.com/apple/

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
oisbafaisapp.com	unknown	unknown	No data	No data	2.9 kB	460 kB	43.133.90.179
othn.pnsiayfas.net	unknown	2025-03-08	2025-03-15	2025-03-15	640 B	1.3 kB	188.114.97.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2025-03-12	medium	othn.pnsiayfas.net/?qzopaqrv.apple.com=https//account.apple.com)%E3%81%AB%E3%82%A2%E3%82%AF%E3%82%BB%E3%82%B9%E3%81%97%E3%81%A6%E3%81%8F%E3%81%A0%E3%81%95%E3%81%84%E3%80%82	Apple Inc.

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-03-15	medium	pnsiayfas.net	Sinkholed

ThreatFox

No alerts detected

JavaScript (1)

	URL	From	Size	First Seen	Last Seen
	oisbafaisapp.com/apple/assets/index-0RiKJXyi.js	ScriptElement	417 kB	2025-03-06	2025-03-20
Pretty URL oisbafaisapp.com/apple/assets/index-0RiKJXyi.js IP 43.133.90.179 ASN #132203 Tencent Building, Kejizhongyi Avenue Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-06 10:11 Last Seen2025-03-20 05:43 Times Seen11 Hash d4922643450431f05bd8261913278891 e26cb286d79082b013b5aa8e8014e91c21ad7906 44aa126473cadbf5ea30c24c3de748de7250842156d62696d4cc21b7bee13b01 Loading...

HTTP Transactions (7)

URL IP Response Size

oisbafaisapp.com/apple/assets/index-0RiKJXyi.js

43.133.90.179

200 OK

417 kB

URL GET
oisbafaisapp.com/apple/assets/index-0RiKJXyi.js
IP
43.133.90.179:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://oisbafaisapp.com/apple/
Certificate
IssuerLet's Encrypt
Subjectoisbafaisapp.com
Fingerprint56:87:86:78:82:65:AC:E9:60:02:C8:5B:16:D3:B5:79:15:E1:1C:11
ValidityFri, 14 Mar 2025 10:56:33 GMT - Thu, 12 Jun 2025 10:56:32 GMT

File type

Size
417 kB (416763 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /apple/assets/index-0RiKJXyi.js HTTP/1.1
Host: oisbafaisapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oisbafaisapp.com/apple/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.26.2
Date: Sat, 15 Mar 2025 10:08:10 GMT
Content-Type: application/javascript
Last-Modified: Sat, 01 Mar 2025 15:37:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"67c329aa-65bfb"
Expires: Mon, 14 Apr 2025 10:08:10 GMT
Cache-Control: max-age=2592000, public, max-age=2592000
Content-Encoding: gzip

oisbafaisapp.com/open/visitors/info/createOrGetUserInfo

43.133.90.179

404 Not Found

9 B

URL POST
oisbafaisapp.com/open/visitors/info/createOrGetUserInfo
IP
43.133.90.179:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://oisbafaisapp.com/apple/
Certificate
IssuerLet's Encrypt
Subjectoisbafaisapp.com
Fingerprint56:87:86:78:82:65:AC:E9:60:02:C8:5B:16:D3:B5:79:15:E1:1C:11
ValidityFri, 14 Mar 2025 10:56:33 GMT - Thu, 12 Jun 2025 10:56:32 GMT

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
9d1ead73e678fa2f51a70a933b0bf017
d205cbd6783332a212c5ae92d73c77178c2d2f28
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

HTTP Headers

POST /open/visitors/info/createOrGetUserInfo HTTP/1.1
Host: oisbafaisapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 399
Origin: https://oisbafaisapp.com
DNT: 1
Connection: keep-alive
Referer: https://oisbafaisapp.com/apple/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Server: nginx/1.26.2
Date: Sat, 15 Mar 2025 10:08:11 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 9
Connection: keep-alive
Vary: Origin
Access-Control-Allow-Origin: https://oisbafaisapp.com
set-cookie: locale=en-us; path=/; max-age=31557600; expires=Sun, 15 Mar 2026 16:08:11 GMT

oisbafaisapp.com/apple/favicon.ico

43.133.90.179

200 OK

22 kB

URL GET
oisbafaisapp.com/apple/favicon.ico
IP
43.133.90.179:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://oisbafaisapp.com/apple/
Certificate
IssuerLet's Encrypt
Subjectoisbafaisapp.com
Fingerprint56:87:86:78:82:65:AC:E9:60:02:C8:5B:16:D3:B5:79:15:E1:1C:11
ValidityFri, 14 Mar 2025 10:56:33 GMT - Thu, 12 Jun 2025 10:56:32 GMT

File type
MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Size
22 kB (22382 bytes)
Hash
891e510219786f543ca998282ed99f45
19fe2ff6a2418bcb44b02308b998cef84199ee08
e4bdf72e2f803f7e19907c12f407ac7f7cd5f1f94bfd730b9be24b0d49191b48

HTTP Headers

GET /apple/favicon.ico HTTP/1.1
Host: oisbafaisapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oisbafaisapp.com/apple/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.26.2
Date: Sat, 15 Mar 2025 10:08:11 GMT
Content-Type: image/x-icon
Content-Length: 22382
Last-Modified: Sat, 02 Nov 2024 07:20:58 GMT
Connection: keep-alive
ETag: "6725d2da-576e"
Expires: Mon, 14 Apr 2025 10:08:11 GMT
Cache-Control: max-age=2592000, public, max-age=2592000
Accept-Ranges: bytes

othn.pnsiayfas.net/?qzopaqrv.apple.com=https//account.apple.com)%E3%81%AB%E3%82%A2%E3%82%AF%E3%82%BB%E3%82%B9%E3%81%97%E3%81%A6%E3%81%8F%E3%81%A0%E3%81%95%E3%81%84%E3%80%82

188.114.97.1

302 Found

478 B

URL User Request GET
othn.pnsiayfas.net/?qzopaqrv.apple.com=https//account.apple.com)%E3%81%AB%E3%82%A2%E3%82%AF%E3%82%BB%E3%82%B9%E3%81%97%E3%81%A6%E3%81%8F%E3%81%A0%E3%81%95%E3%81%84%E3%80%82
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectpnsiayfas.net
FingerprintC6:6D:82:AC:CF:71:43:66:C3:43:11:8F:9F:6F:7D:4F:6D:67:2E:54
ValiditySat, 08 Mar 2025 05:32:05 GMT - Fri, 06 Jun 2025 06:28:21 GMT

File type

Size
478 B (478 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Apple Inc.
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?qzopaqrv.apple.com=https//account.apple.com)%E3%81%AB%E3%82%A2%E3%82%AF%E3%82%BB%E3%82%B9%E3%81%97%E3%81%A6%E3%81%8F%E3%81%A0%E3%81%95%E3%81%84%E3%80%82 HTTP/1.1
Host: othn.pnsiayfas.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sat, 15 Mar 2025 10:08:07 GMT
content-type: text/html; charset=UTF-8
location: https://oisbafaisapp.com/apple
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=96U03M3mzLzVGcMngnR5f5G0badVTGj2FyJrUgu52tCGCGPF1upA7%2BpKNbC8L8m4Pxw3CGbDQu1s9kneqY8%2Bj%2FgR%2BuL1vVmiWeoVZpS9zc%2BYCaq6N3w6FOl0P0qbGuhvISZe%2BvI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 920b352c887f56cc-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6139&min_rtt=502&rtt_var=11310&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3279&recv_bytes=1373&delivery_rate=7661375&cwnd=254&unsent_bytes=0&cid=4901270ebac910fd&ts=859&x=0"
X-Firefox-Spdy: h2

oisbafaisapp.com/apple

43.133.90.179

301 Moved Permanently

478 B

URL User Request GET
oisbafaisapp.com/apple
IP
43.133.90.179:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Certificate
IssuerLet's Encrypt
Subjectoisbafaisapp.com
Fingerprint56:87:86:78:82:65:AC:E9:60:02:C8:5B:16:D3:B5:79:15:E1:1C:11
ValidityFri, 14 Mar 2025 10:56:33 GMT - Thu, 12 Jun 2025 10:56:32 GMT

File type

Size
478 B (478 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /apple HTTP/1.1
Host: oisbafaisapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx/1.26.2
Date: Sat, 15 Mar 2025 10:08:09 GMT
Content-Type: text/html
Content-Length: 169
Location: https://oisbafaisapp.com/apple/
Connection: keep-alive

oisbafaisapp.com/apple/

43.133.90.179

200 OK

478 B

URL User Request GET
oisbafaisapp.com/apple/
IP
43.133.90.179:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Certificate
IssuerLet's Encrypt
Subjectoisbafaisapp.com
Fingerprint56:87:86:78:82:65:AC:E9:60:02:C8:5B:16:D3:B5:79:15:E1:1C:11
ValidityFri, 14 Mar 2025 10:56:33 GMT - Thu, 12 Jun 2025 10:56:32 GMT

File type
HTML document, ASCII text, with very long lines (519), with no line terminators
Size
478 B (478 bytes)
Hash
67dd0b90e1d2619540b04955301449c3
ab98d6d20711f54197970d889099578f070a159d
1339f1d2ab46953a71a6db7d3e818b4cc96b88c5a8358786b9828ec39c6716ea

HTTP Headers

GET /apple/ HTTP/1.1
Host: oisbafaisapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.26.2
Date: Sat, 15 Mar 2025 10:08:09 GMT
Content-Type: text/html
Last-Modified: Sat, 01 Mar 2025 15:37:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"67c329aa-1de"
Content-Encoding: gzip

oisbafaisapp.com/apple/assets/index-B0fb89Gx.css

43.133.90.179

200 OK

18 kB

URL GET
oisbafaisapp.com/apple/assets/index-B0fb89Gx.css
IP
43.133.90.179:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://oisbafaisapp.com/apple/
Certificate
IssuerLet's Encrypt
Subjectoisbafaisapp.com
Fingerprint56:87:86:78:82:65:AC:E9:60:02:C8:5B:16:D3:B5:79:15:E1:1C:11
ValidityFri, 14 Mar 2025 10:56:33 GMT - Thu, 12 Jun 2025 10:56:32 GMT

File type
ASCII text, with very long lines (18006)
Size
18 kB (18007 bytes)
Hash
c9599fecbded29fa7597bcb4e28648e3
8d0f0c751e9f4a386dade9da9e643168c20a2ddb
ac34fd85ed17d48ab3cd02061a41d90bf3f2bfcec6c122f952f479ca15c80e0d

HTTP Headers

GET /apple/assets/index-B0fb89Gx.css HTTP/1.1
Host: oisbafaisapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://oisbafaisapp.com/apple/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.26.2
Date: Sat, 15 Mar 2025 10:08:10 GMT
Content-Type: text/css
Last-Modified: Sat, 01 Mar 2025 15:37:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"67c329aa-4657"
Expires: Mon, 14 Apr 2025 10:08:10 GMT
Cache-Control: max-age=2592000, public, max-age=2592000
Content-Encoding: gzip

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (1)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (7)

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL POST

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash