Overview

URLmyiphone-lost.com/afJSG/
IP 162.251.80.223 (United States)
ASN#394695 PUBLIC-DOMAIN-REGISTRY
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-25 12:23:09 UTC
StatusLoading report..
IDS alerts0
Blocklist alert0
urlquery alerts
26
Phishing - Apple
Tags None

Domain Summary (12)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
ocsp.comodoca.com (1) 1696 2012-05-21 07:01:17 UTC 2021-12-08 16:29:47 UTC 104.18.32.68
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 34.213.121.129
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
code.jquery.com (1) 634 2012-05-21 17:28:02 UTC 2020-04-21 12:46:20 UTC 69.16.175.10
myiphone-lost.com (32) 0 2015-08-16 22:18:30 UTC 2022-11-19 22:04:32 UTC 162.251.80.223 Unknown ranking
ocsp.digicert.com (3) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-25 06:03:02 UTC 34.102.187.140
images.apple.com (1) 78858 2012-06-29 05:49:30 UTC 2020-05-14 14:23:37 UTC 23.38.200.210
r3.o.lencr.org (7) 344 No data No data 23.36.77.32
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-25 05:51:47 UTC 34.117.237.239
i.imgur.com (2) 5110 2012-05-21 08:09:36 UTC 2018-08-28 18:45:07 UTC 151.101.84.193

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
 No alerts detected

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 162.251.80.223
Date UQ / IDS / BL URL IP
2023-02-03 09:05:25 +0000 0 - 0 - 2 appleld.serchmyphone.online/ 162.251.80.223
2023-01-24 19:25:37 +0000 0 - 0 - 2 i.cluob.pro/expire/index2.html 162.251.80.223
2023-01-24 16:59:42 +0000 0 - 0 - 2 i.cluob.pro/expire/index2.html 162.251.80.223
2023-01-21 19:54:00 +0000 0 - 0 - 2 lcloud.find-la.info/expire/index2.html 162.251.80.223
2023-01-12 07:26:12 +0000 0 - 0 - 2 www.account.xioami.info/expire/index2.html 162.251.80.223


Last 5 reports on ASN: PUBLIC-DOMAIN-REGISTRY
Date UQ / IDS / BL URL IP
2023-02-04 01:53:04 +0000 0 - 0 - 2 www.naturalrocksand.com/office/index.html 103.195.185.115
2023-02-04 01:29:58 +0000 0 - 0 - 2 mytasqr.com/api/app/Mail/mtbcom.zip 216.10.243.125
2023-02-04 01:29:18 +0000 4 - 0 - 56 rishamam.com/wp-includes/css/BDO/sso/login.php 119.18.58.248
2023-02-04 01:12:38 +0000 0 - 2 - 7 girirajpackersmovers.com/BDO/sso/login.php 103.76.231.42
2023-02-04 01:07:32 +0000 3 - 2 - 7 www.umaplastoware.com/aaq/LinkedInhardxxx/900 (...) 216.10.252.35


Last 1 reports on domain: myiphone-lost.com
Date UQ / IDS / BL URL IP
2022-11-25 12:23:09 +0000 26 - 0 - 0 myiphone-lost.com/afJSG/ 162.251.80.223


Last 1 reports with similar screenshot
Date UQ / IDS / BL URL IP
2022-11-25 12:25:20 +0000 25 - 0 - 30 contact-applefinder.com/?i=afJSG 162.251.80.223

JavaScript

Executed Scripts (4)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (58)


Request Response
                                        
                                            GET /afJSG/ HTTP/1.1 
Host: myiphone-lost.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         162.251.80.223
HTTP/1.1 302 Found
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Fri, 25 Nov 2022 12:22:57 GMT
Server: Apache
Content-Security-Policy: upgrade-insecure-requests;
Location: http://myiphone-lost.com/?i=afJSG
Content-Length: 217
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   217
Md5:    5553820edebe1058f33dbf0969cc6be4
Sha1:   ad820295bb9c0af6388886c7b8061328d8e4f404
Sha256: 8400a5ec8c65eafc3831c004cca09ccb6642a443220d3f72103d9e2459758dc9
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3255
Expires: Fri, 25 Nov 2022 13:17:13 GMT
Date: Fri, 25 Nov 2022 12:22:58 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6201
Cache-Control: max-age=85894
Date: Fri, 25 Nov 2022 12:22:58 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 12:14:32 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 12:19:06 GMT
cache-control: public,max-age=3600
age: 232
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    4d7e4eed097b9c4e5d509419f1cfc85a
Sha1:   290bb3d428a7c6330e2e3d73a952b16f820896c8
Sha256: 0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11526
Expires: Fri, 25 Nov 2022 15:35:04 GMT
Date: Fri, 25 Nov 2022 12:22:58 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: FkcDNhjmGBvklbBVO2Y2ud2rcEpDZ6jTBPh8pXYwtRQqiU/W/L+h3mtXATVSW+TmS/QF89hhpRQ=
x-amz-request-id: BYA5KP3P05QNJWQ7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 11:40:47 GMT
age: 2531
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 25 Nov 2022 12:22:58 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /?i=afJSG HTTP/1.1 
Host: myiphone-lost.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         162.251.80.223
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Fri, 25 Nov 2022 12:22:58 GMT
Server: Apache
Content-Security-Policy: upgrade-insecure-requests;
Location: https://myiphone-lost.com/?i=afJSG
Content-Length: 242
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   242
Md5:    1c47424394d4429cad92a157a8eaeccf
Sha1:   51600cd29ba0b42112cf0fd69a84285ee6694c4d
Sha256: 2876d8a43d164f838d998bf3b0bd105c748cd79ccb5d0ecd4df82cb6ef85e532
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 12:08:53 GMT
cache-control: public,max-age=3600
age: 845
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 12:22:58 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 03:06:08 GMT
Expires: Wed, 30 Nov 2022 03:06:07 GMT
Etag: "d89c83de699eafd9e9e8a6bc567ffcc27c1159c2"
Cache-Control: max-age=397988,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76fa5a596c1bb524-OSL

                                        
                                            GET /?i=afJSG HTTP/1.1 
Host: myiphone-lost.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         162.251.80.223
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=5ca4c18048e3c01f7d75e14b9507c56f; path=/
content-security-policy: upgrade-insecure-requests;
location: ./aU3V4/?CQKogoiSrDG3BdQ2jwj9r01RrFWAn9J5nqMrLOJN8AVtTiD5XHVL9JaKmaFcGkxGQ1TFNyHvkkPqPKYfvhBu3xSbdzwmDkGZqoINfMZ2h6pzfPXeD5UxWmzWHJwX9Qg7Ye9KWeMBL9Of3hVnwtLkU0gRUetTsJ0tMkrt0xmNLJ
content-length: 0
date: Fri, 25 Nov 2022 12:22:58 GMT
server: Apache
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1468
Cache-Control: max-age=162500
Date: Fri, 25 Nov 2022 12:22:59 GMT
Etag: "638085ab-1d7"
Expires: Sun, 27 Nov 2022 09:31:19 GMT
Last-Modified: Fri, 25 Nov 2022 09:06:51 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: TxBEHCnosnwnHrDn7M/oLg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         34.213.121.129
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fksbSlE/4IjXzCTArWvwIOyvMF0=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8940
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 12:23:00 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8940
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 12:23:00 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8940
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 12:23:00 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8940
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 12:23:00 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8940
Expires: Fri, 25 Nov 2022 14:52:00 GMT
Date: Fri, 25 Nov 2022 12:23:00 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11743
x-amzn-requestid: 9ab0aba7-5cd1-4f6c-8984-dc221e1cbf8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cICD-F7joAMFqmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe3b2-152ba5f1495a44447356cdab;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oWSNdsrz59sJC2znLnFqa_Zm3T14_d6j-rjzDQe4yV22Dy2Qc4Swaw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:54:45 GMT
age: 52095
etag: "b0ddc1555d2506177adcdcea77864d75f1245d07"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11743
Md5:    8784bb7a8b88736a6016f712e3183bf3
Sha1:   b0ddc1555d2506177adcdcea77864d75f1245d07
Sha256: 8e331713b0ad0b5670dd33dfdadde665e076a40ddb80905d4df89876d49803d8
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11249
x-amzn-requestid: 8f679d7f-2ea5-4e47-b78d-79af59435a62
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFPHYHkAIAMFpBg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637ec562-26108a785e910dc3355d58f1;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 01:14:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NKwpIdw2RZNZNh69AF5GNvunA_QfRGClvzcRP3zYwn7c8BLBlt097g==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 08:37:15 GMT
age: 13545
etag: "85d3baad9217af2b5d75c019d2ef95dbb919a788"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11249
Md5:    481c033b9ffd030ff0de6e35cf788b47
Sha1:   85d3baad9217af2b5d75c019d2ef95dbb919a788
Sha256: 02443c7869914c2b29892deb0c645395bcf4e8379da3cf20974614ff9c92893b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3955
x-amzn-requestid: 42c8d309-a8d2-47cc-8d97-c7fa3a63f8cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM9NGJHoAMF4sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8eba-2a06cda9346bd02c46955444;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5MlzpHpq7auKLSAYikINuPAylXI11VJL3xxIJ9Dyub-7rjQaPfg0WQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 02:07:28 GMT
age: 36932
etag: "74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3955
Md5:    4006a9037ab5f28dca62b0aa7a704c41
Sha1:   74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b
Sha256: 556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7YSXUV-LZpsI7vciFhuqt1EVr6YRkhxcOgMg8z8bxLcOE01_baf6Gg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:47:08 GMT
age: 52552
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7993
Md5:    92c78302bcce1568eb6a5563100b932c
Sha1:   43d1dec7fc06879988c9c3cadd800cc8145df988
Sha256: 0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe021fc4e-f76c-4fe9-9470-b59452c93459.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11401
x-amzn-requestid: 3bc374eb-7d70-4b95-94a7-2ad06cae4726
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCtHcmoAMFxgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-333793987245ff9e741b9aed;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: K4A6bdVv0gauO3YWTEPWMS6fhuB9CZ6o5dUL-O6G5-NzqOGQRzQLUw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 22:30:31 GMT
age: 49949
etag: "4b131a189db1b615e2519a28cad83d78297ab67f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11401
Md5:    eb94ecb5881a7e49d964e4287d11e7a4
Sha1:   4b131a189db1b615e2519a28cad83d78297ab67f
Sha256: f3693e29eb7b72361093434142e3f18969c1a0b02350fab430fa29c7c127bd1a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8006
x-amzn-requestid: 78aab013-df11-464b-a1c7-ee41b7e77b40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB-AHSrIAMFvKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe38c-4d795f410a57fc2c21d7075d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: q53jN1uOtSdeThbk2_0UF6Rl3g4_-_TW7uK1_6Z5oDwSTSRk8XRjyQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:35:08 GMT
etag: "5d15fd672e968d59b541e4d5d0d01cd5e69f4075"
age: 53272
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8006
Md5:    8b6ee13d43732f7c764a49500d092865
Sha1:   5d15fd672e968d59b541e4d5d0d01cd5e69f4075
Sha256: fc3623d527147e1c6aab399251ed8d527e6eefdee6ad7183f00df2613498bfe4
                                        
                                            GET /aU3V4/?CQKogoiSrDG3BdQ2jwj9r01RrFWAn9J5nqMrLOJN8AVtTiD5XHVL9JaKmaFcGkxGQ1TFNyHvkkPqPKYfvhBu3xSbdzwmDkGZqoINfMZ2h6pzfPXeD5UxWmzWHJwX9Qg7Ye9KWeMBL9Of3hVnwtLkU0gRUetTsJ0tMkrt0xmNLJ HTTP/1.1 
Host: myiphone-lost.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=5ca4c18048e3c01f7d75e14b9507c56f
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

search
                                         162.251.80.223
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding
content-encoding: gzip
content-length: 5396
date: Fri, 25 Nov 2022 12:22:59 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (417), with CRLF line terminators
Size:   5396
Md5:    c29c14f6aacb6a825e88bf53a82da985
Sha1:   6f110c79fc4772e7f38d3cc7fa012b661067c082
Sha256: 4011c8e256c4ac25c4c5f27eb8f3d2826654867f6823cb3279ec2fe17240dacc
                                        
                                            GET /aU3V4/wss/fonts.css HTTP/1.1 
Host: myiphone-lost.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myiphone-lost.com/aU3V4/?CQKogoiSrDG3BdQ2jwj9r01RrFWAn9J5nqMrLOJN8AVtTiD5XHVL9JaKmaFcGkxGQ1TFNyHvkkPqPKYfvhBu3xSbdzwmDkGZqoINfMZ2h6pzfPXeD5UxWmzWHJwX9Qg7Ye9KWeMBL9Of3hVnwtLkU0gRUetTsJ0tMkrt0xmNLJ
Cookie: PHPSESSID=5ca4c18048e3c01f7d75e14b9507c56f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.251.80.223
HTTP/2 200 OK
content-type: text/css
                                        
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 31 May 2022 01:37:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 482
date: Fri, 25 Nov 2022 12:23:02 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with CRLF line terminators
Size:   482
Md5:    e6d84af8efaa629ed1235a1980e83f9e
Sha1:   5c72033b122e501a71dbd8053db8c2f5e0fe6b59
Sha256: 322ee744c6e9fa56703f02fb657c4b40c5ec3581cec12084dc79b327fb969c31

Alerts:
  urlquery:
    - Phishing - Apple
                                        
                                            GET /aU3V4/css/ac-globalfooter.built.css HTTP/1.1 
Host: myiphone-lost.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myiphone-lost.com/aU3V4/?CQKogoiSrDG3BdQ2jwj9r01RrFWAn9J5nqMrLOJN8AVtTiD5XHVL9JaKmaFcGkxGQ1TFNyHvkkPqPKYfvhBu3xSbdzwmDkGZqoINfMZ2h6pzfPXeD5UxWmzWHJwX9Qg7Ye9KWeMBL9Of3hVnwtLkU0gRUetTsJ0tMkrt0xmNLJ
Cookie: PHPSESSID=5ca4c18048e3c01f7d75e14b9507c56f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.251.80.223
HTTP/2 200 OK
content-type: text/css
                                        
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 31 May 2022 01:37:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7973
date: Fri, 25 Nov 2022 12:23:02 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (42677), with CRLF line terminators
Size:   7973
Md5:    1d10c342ef2151f60ca7cfad240e6878
Sha1:   52717f425396f5375451fa6a5986f9899b637b47
Sha256: a304d83c21658d8a34f9837e49c7e705e2c3bfe719f04c52484687f3967fad40

Alerts:
  urlquery:
    - Phishing - Apple
                                        
                                            GET /aU3V4/ac-globalnav.built.js HTTP/1.1 
Host: myiphone-lost.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myiphone-lost.com/aU3V4/?CQKogoiSrDG3BdQ2jwj9r01RrFWAn9J5nqMrLOJN8AVtTiD5XHVL9JaKmaFcGkxGQ1TFNyHvkkPqPKYfvhBu3xSbdzwmDkGZqoINfMZ2h6pzfPXeD5UxWmzWHJwX9Qg7Ye9KWeMBL9Of3hVnwtLkU0gRUetTsJ0tMkrt0xmNLJ
Cookie: PHPSESSID=5ca4c18048e3c01f7d75e14b9507c56f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.251.80.223
HTTP/2 404 Not Found
content-type: text/html
                                        
last-modified: Wed, 16 Mar 2022 18:40:56 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 358
date: Fri, 25 Nov 2022 12:23:02 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   358
Md5:    e6380e0c65d744670ca2bdfdebf952e7
Sha1:   72010e09611689dba83d615d7d4e14525584f574
Sha256: a5a070dc995c94a5ecc33cec32455618639d9ea695e8a58df9bb22eee7e9ab09

Alerts:
  urlquery:
    - Phishing - Apple
                                        
                                            GET /w3t79Ct.jpg HTTP/1.1 
Host: i.imgur.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myiphone-lost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.84.193
HTTP/2 200 OK
content-type: image/jpeg
                                        
last-modified: Sat, 11 Aug 2018 06:20:00 GMT
etag: "2440d3523d702f7cf56148c2719d96af"
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 25 Nov 2022 12:23:02 GMT
age: 98056
x-served-by: cache-iad-kcgs7200170-IAD, cache-bma1656-BMA
x-cache: HIT, MISS
x-cache-hits: 3, 0
x-timer: S1669378983.564457,VS0,VE98
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 31498
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, progressive, precision 8, 352x234, components 3\012- data
Size:   31498
Md5:    2440d3523d702f7cf56148c2719d96af
Sha1:   9084c5e1785b3e37a4694d57eee51721c2c098be
Sha256: 8decf96116dea068738bbb5cc66b4351ddb6536e04fa5333d1ccff5e12230776
                                        
                                            GET /aU3V4/css/country/english.png HTTP/1.1 
Host: myiphone-lost.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myiphone-lost.com/aU3V4/?CQKogoiSrDG3BdQ2jwj9r01RrFWAn9J5nqMrLOJN8AVtTiD5XHVL9JaKmaFcGkxGQ1TFNyHvkkPqPKYfvhBu3xSbdzwmDkGZqoINfMZ2h6pzfPXeD5UxWmzWHJwX9Qg7Ye9KWeMBL9Of3hVnwtLkU0gRUetTsJ0tMkrt0xmNLJ
Cookie: PHPSESSID=5ca4c18048e3c01f7d75e14b9507c56f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.251.80.223
HTTP/2 200 OK
content-type: image/png
                                        
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 31 May 2022 01:37:38 GMT
accept-ranges: bytes
content-length: 5153
date: Fri, 25 Nov 2022 12:23:02 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Size:   5153
Md5:    058fa46a2ac00f78090352eec8b480cf
Sha1:   01c74b308b02f66e7ffc85a3bc226ec64afa7756
Sha256: 45cc3a70de8db3fde81b3228c0a9a5f81764225bb58668ce29ad4862854e5df5

Alerts:
  urlquery:
    - Phishing - Apple
                                        
                                            GET /aU3V4/static/jsj/2128701510/common-header.js HTTP/1.1 
Host: myiphone-lost.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myiphone-lost.com/aU3V4/?CQKogoiSrDG3BdQ2jwj9r01RrFWAn9J5nqMrLOJN8AVtTiD5XHVL9JaKmaFcGkxGQ1TFNyHvkkPqPKYfvhBu3xSbdzwmDkGZqoINfMZ2h6pzfPXeD5UxWmzWHJwX9Qg7Ye9KWeMBL9Of3hVnwtLkU0gRUetTsJ0tMkrt0xmNLJ
Cookie: PHPSESSID=5ca4c18048e3c01f7d75e14b9507c56f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.251.80.223
HTTP/2 200 OK
content-type: application/javascript
                                        
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 31 May 2022 01:37:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8643
date: Fri, 25 Nov 2022 12:23:02 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (18546), with CRLF line terminators
Size:   8643
Md5:    767c0089a52c5af4f1c6214b7cc55f0b
Sha1:   147fa7da4a7835836692c87ae08faa7cf181af48
Sha256: c9fbbf2b3bd5e8158407462979b58154b7652fb3eb97a3836eb85bf925870bea

Alerts:
  urlquery:
    - Phishing - Apple
                                        
                                            GET /aU3V4/ac/globalnav/2.0/en_US/styles/ac-globalnav.built.css HTTP/1.1 
Host: myiphone-lost.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myiphone-lost.com/aU3V4/?CQKogoiSrDG3BdQ2jwj9r01RrFWAn9J5nqMrLOJN8AVtTiD5XHVL9JaKmaFcGkxGQ1TFNyHvkkPqPKYfvhBu3xSbdzwmDkGZqoINfMZ2h6pzfPXeD5UxWmzWHJwX9Qg7Ye9KWeMBL9Of3hVnwtLkU0gRUetTsJ0tMkrt0xmNLJ
Cookie: PHPSESSID=5ca4c18048e3c01f7d75e14b9507c56f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.251.80.223
HTTP/2 200 OK
content-type: text/css
                                        
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 31 May 2022 01:37:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 15204
date: Fri, 25 Nov 2022 12:23:02 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   15204
Md5:    21a8208013dccd1a1dcd4701c44f68b9
Sha1:   0facea0b5eb980069de25225930679d0708d8ba0
Sha256: e5a25ee1706ec78ced581e208679beabd758d7b6f87a222e62f21b5f537e7c31

Alerts:
  urlquery:
    - Phishing - Apple
                                        
                                            GET /aU3V4/wss/myriad-set-pro_text.woff HTTP/1.1 
Host: myiphone-lost.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://myiphone-lost.com/aU3V4/wss/fonts.css
Cookie: PHPSESSID=5ca4c18048e3c01f7d75e14b9507c56f
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.251.80.223
HTTP/2 200 OK
content-type: font/woff
                                        
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 31 May 2022 01:37:38 GMT
accept-ranges: bytes
content-length: 97772
date: Fri, 25 Nov 2022 12:23:03 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 97772, version 0.0\012- data
Size:   97772
Md5:    c6d6740894f7f423cc79eae3f14ddc7f
Sha1:   436e652ae506dfc28916bb3466620c5ff996c2fc
Sha256: 44dfe40f670e8be3ed9fcf21ef8809442a52e5d3be4651ee104b9b79e35c6edb

Alerts:
  urlquery:
    - Phishing - Apple
                                        
                                            GET /aU3V4/ac-globalnav.built.js HTTP/1.1 
Host: myiphone-lost.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myiphone-lost.com/aU3V4/?CQKogoiSrDG3BdQ2jwj9r01RrFWAn9J5nqMrLOJN8AVtTiD5XHVL9JaKmaFcGkxGQ1TFNyHvkkPqPKYfvhBu3xSbdzwmDkGZqoINfMZ2h6pzfPXeD5UxWmzWHJwX9Qg7Ye9KWeMBL9Of3hVnwtLkU0gRUetTsJ0tMkrt0xmNLJ
Cookie: PHPSESSID=5ca4c18048e3c01f7d75e14b9507c56f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.251.80.223
HTTP/2 404 Not Found
content-type: text/html
                                        
last-modified: Wed, 16 Mar 2022 18:40:56 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 358
date: Fri, 25 Nov 2022 12:23:03 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   358
Md5:    e6380e0c65d744670ca2bdfdebf952e7
Sha1:   72010e09611689dba83d615d7d4e14525584f574
Sha256: a5a070dc995c94a5ecc33cec32455618639d9ea695e8a58df9bb22eee7e9ab09

Alerts:
  urlquery:
    - Phishing - Apple
                                        
                                            GET /aU3V4/ac/globalnav/2.0/en_US/images/ac-globalnav/globalnav/apple/image_large.svg HTTP/1.1 
Host: myiphone-lost.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myiphone-lost.com/aU3V4/ac/globalnav/2.0/en_US/styles/ac-globalnav.built.css
Cookie: PHPSESSID=5ca4c18048e3c01f7d75e14b9507c56f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.251.80.223
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 31 May 2022 01:37:38 GMT
accept-ranges: bytes
content-length: 1860
date: Fri, 25 Nov 2022 12:23:03 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   1860
Md5:    daaed59106db7f383f672c229ac26639
Sha1:   a339941baabc1a87488bc6bbb2ce72df7964b8bc
Sha256: f674d38daae4a3e966f218fbd0c6384af4ac3996f6797952b264e495e740152f

Alerts:
  urlquery:
    - Phishing - Apple
                                        
                                            GET /aU3V4/ac/globalnav/2.0/en_US/images/ac-globalnav/globalnav/links/ipad/image_large.svg HTTP/1.1 
Host: myiphone-lost.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myiphone-lost.com/aU3V4/ac/globalnav/2.0/en_US/styles/ac-globalnav.built.css
Cookie: PHPSESSID=5ca4c18048e3c01f7d75e14b9507c56f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.251.80.223
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 31 May 2022 01:37:38 GMT
accept-ranges: bytes
content-length: 1691
date: Fri, 25 Nov 2022 12:23:03 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   1691
Md5:    ab1ead95468a6c26fca3184a63396765
Sha1:   a9731f60a7aec5f5765a80ae3935a009e71c8b9f
Sha256: 5a2eeab668c66f256ea01081e068841838eb66b68c71649f06a715172701ce3a

Alerts:
  urlquery:
    - Phishing - Apple
                                        
                                            GET /aU3V4/ac/globalnav/2.0/en_US/images/ac-globalnav/globalnav/links/watch/image_large.svg HTTP/1.1 
Host: myiphone-lost.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myiphone-lost.com/aU3V4/ac/globalnav/2.0/en_US/styles/ac-globalnav.built.css
Cookie: PHPSESSID=5ca4c18048e3c01f7d75e14b9507c56f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.251.80.223
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 31 May 2022 01:37:38 GMT
accept-ranges: bytes
content-length: 1878
date: Fri, 25 Nov 2022 12:23:03 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   1878
Md5:    328cc4d18b074c9dd916f37db08f8549
Sha1:   03dff44cef5fa73e116d1befbf86337c2bd927ed
Sha256: 13509388876bad8bd8a6acc2f6e663a43d2a4fb3f4dbaa5e41ae66272e2acfba

Alerts:
  urlquery:
    - Phishing - Apple
                                        
                                            GET /aU3V4/ac/globalnav/2.0/en_US/images/ac-globalnav/globalnav/links/tv/image_large.svg HTTP/1.1 
Host: myiphone-lost.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myiphone-lost.com/aU3V4/ac/globalnav/2.0/en_US/styles/ac-globalnav.built.css
Cookie: PHPSESSID=5ca4c18048e3c01f7d75e14b9507c56f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.251.80.223
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 31 May 2022 01:37:38 GMT
accept-ranges: bytes
content-length: 694
date: Fri, 25 Nov 2022 12:23:03 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   694
Md5:    7e46df91487c94bcb426f834069b1d10
Sha1:   9076be4eee883d7746d6c7d060f1a3cfa53c7df6
Sha256: e6abe67e9994bff25163c93c213530b71e361de62ac75b9cd19eb76249ccf810

Alerts:
  urlquery:
    - Phishing - Apple
                                        
                                            GET /aU3V4/ac/globalnav/2.0/en_US/images/ac-globalnav/globalnav/links/iphone/image_large.svg HTTP/1.1 
Host: myiphone-lost.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myiphone-lost.com/aU3V4/ac/globalnav/2.0/en_US/styles/ac-globalnav.built.css
Cookie: PHPSESSID=5ca4c18048e3c01f7d75e14b9507c56f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.251.80.223
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 31 May 2022 01:37:38 GMT
accept-ranges: bytes
content-length: 1953
date: Fri, 25 Nov 2022 12:23:03 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   1953
Md5:    b740c564b1fb7c082dd53049d3b1a2a3
Sha1:   e09f30e33ab45aca59185c500928f4523ecabdf8
Sha256: 30f0350ee48fcee0812c9f36371411d7e267f0df1e523fbbf28544ed57321f0b

Alerts:
  urlquery:
    - Phishing - Apple
                                        
                                            GET /aU3V4/ac/globalnav/2.0/en_US/images/ac-globalnav/globalnav/links/music/image_large.svg HTTP/1.1 
Host: myiphone-lost.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myiphone-lost.com/aU3V4/ac/globalnav/2.0/en_US/styles/ac-globalnav.built.css
Cookie: PHPSESSID=5ca4c18048e3c01f7d75e14b9507c56f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.251.80.223
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 31 May 2022 01:37:38 GMT
accept-ranges: bytes
content-length: 1815
date: Fri, 25 Nov 2022 12:23:03 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   1815
Md5:    3cb426b50eb67f48bfb5b48e2cf170e2
Sha1:   fcc21940ce068c9273deeae6171182a5fb94a55d
Sha256: ceecbcb5baeb247f092aa23d32ee1f8654a34c804613f75abd6353562d34986e

Alerts:
  urlquery:
    - Phishing - Apple
                                        
                                            GET /aU3V4/ac/globalnav/2.0/en_US/images/ac-globalnav/globalnav/links/support/image_large.svg HTTP/1.1 
Host: myiphone-lost.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myiphone-lost.com/aU3V4/ac/globalnav/2.0/en_US/styles/ac-globalnav.built.css
Cookie: PHPSESSID=5ca4c18048e3c01f7d75e14b9507c56f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.251.80.223
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 31 May 2022 01:37:38 GMT
accept-ranges: bytes
content-length: 2226
date: Fri, 25 Nov 2022 12:23:03 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   2226
Md5:    c6ac58a04d53a4f59c73b6882ae65713
Sha1:   1d55ce1b66d843ec0e576840497ce03f9b47fe83
Sha256: 5806ecd85de231e6489d88016b892a979ebee087fc73089534580e69764729f1

Alerts:
  urlquery:
    - Phishing - Apple
                                        
                                            GET /aU3V4/ac/globalnav/2.0/en_US/images/ac-globalnav/globalnav/links/mac/image_large.svg HTTP/1.1 
Host: myiphone-lost.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myiphone-lost.com/aU3V4/ac/globalnav/2.0/en_US/styles/ac-globalnav.built.css
Cookie: PHPSESSID=5ca4c18048e3c01f7d75e14b9507c56f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.251.80.223
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 31 May 2022 01:37:38 GMT
accept-ranges: bytes
content-length: 1397
date: Fri, 25 Nov 2022 12:23:03 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   1397
Md5:    84344d68d3aff09c1a1e5531d1480c64
Sha1:   a53a76c3477a43f3b2c23df9e303ed51eb860866
Sha256: dea3fdb5d1d35af9e89f169fd81292d46c64c7ecb2d20464431bc2ef083db73d

Alerts:
  urlquery:
    - Phishing - Apple
                                        
                                            GET /aU3V4/ac/globalnav/2.0/en_US/images/ac-globalnav/globalnav/search/image_large.svg HTTP/1.1 
Host: myiphone-lost.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myiphone-lost.com/aU3V4/ac/globalnav/2.0/en_US/styles/ac-globalnav.built.css
Cookie: PHPSESSID=5ca4c18048e3c01f7d75e14b9507c56f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.251.80.223
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 31 May 2022 01:37:38 GMT
accept-ranges: bytes
content-length: 1031
date: Fri, 25 Nov 2022 12:23:03 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   1031
Md5:    f4b098fa112a1cb9e2e0174f1b2bcf85
Sha1:   801fce1e2f3b97456f5f2e5820f3fae2dd74915d
Sha256: 98e256b4b96b4c80754ee598e4724e736d6241714f2c2bb1a4b88dac0cbf02c1

Alerts:
  urlquery:
    - Phishing - Apple
                                        
                                            GET /aU3V4/ac/globalnav/2.0/en_US/images/ac-globalnav/globalnav/bag/image_large.svg HTTP/1.1 
Host: myiphone-lost.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myiphone-lost.com/aU3V4/ac/globalnav/2.0/en_US/styles/ac-globalnav.built.css
Cookie: PHPSESSID=5ca4c18048e3c01f7d75e14b9507c56f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.251.80.223
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 31 May 2022 01:37:38 GMT
accept-ranges: bytes
content-length: 908
date: Fri, 25 Nov 2022 12:23:03 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   908
Md5:    5d891d7227c0faca658e2b1153d79a90
Sha1:   1033d758ce1d501c4b4a31ef9d12f02448bf13be
Sha256: 814c6edd999840cacfcf9eef57fe8fc8c68a1a1c80c215373bcccf216dda0bfd

Alerts:
  urlquery:
    - Phishing - Apple
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4326
Cache-Control: max-age=106343
Date: Fri, 25 Nov 2022 12:23:03 GMT
Etag: "637f9f28-1d7"
Expires: Sat, 26 Nov 2022 17:55:26 GMT
Last-Modified: Thu, 24 Nov 2022 16:43:20 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /aU3V4/static/bin/cb2619138005/dist/assets/images/apple_id_desktop_2x.jpg HTTP/1.1 
Host: myiphone-lost.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myiphone-lost.com/aU3V4/static/cssj/N1251275612/account/web/app.css
Cookie: PHPSESSID=5ca4c18048e3c01f7d75e14b9507c56f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.251.80.223
HTTP/2 200 OK
content-type: image/jpeg
                                        
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 31 May 2022 01:37:38 GMT
accept-ranges: bytes
content-length: 211108
date: Fri, 25 Nov 2022 12:23:03 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2136x840, components 3\012- data
Size:   211108
Md5:    6dfe5e9069c95b15a9a8605e34781ee2
Sha1:   7dd09d41c5bcfda8cf3fa784e78d34b123f68266
Sha256: de27083c71e485355cdd56b6d6cea69578a2a56cb503d338269ffc025b76f6af
                                        
                                            GET /aU3V4/signin.php HTTP/1.1 
Host: myiphone-lost.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myiphone-lost.com/aU3V4/?CQKogoiSrDG3BdQ2jwj9r01RrFWAn9J5nqMrLOJN8AVtTiD5XHVL9JaKmaFcGkxGQ1TFNyHvkkPqPKYfvhBu3xSbdzwmDkGZqoINfMZ2h6pzfPXeD5UxWmzWHJwX9Qg7Ye9KWeMBL9Of3hVnwtLkU0gRUetTsJ0tMkrt0xmNLJ
Cookie: PHPSESSID=5ca4c18048e3c01f7d75e14b9507c56f
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.251.80.223
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding
content-encoding: gzip
content-length: 1872
date: Fri, 25 Nov 2022 12:23:03 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (307), with CRLF line terminators
Size:   1872
Md5:    8c2d1ca9d2cb6e18a629d18fa5f93e4a
Sha1:   76e62b09eed5c1ca26bf2d03ca5c9365d49b0e5e
Sha256: 22f3727ac7c1789cb870e8af7dcc50bc3917275f8751141650374fef96d54b27
                                        
                                            GET /aU3V4/wss/myriad-set-pro_thin.woff HTTP/1.1 
Host: myiphone-lost.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://myiphone-lost.com/aU3V4/wss/fonts.css
Cookie: PHPSESSID=5ca4c18048e3c01f7d75e14b9507c56f
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.251.80.223
HTTP/2 200 OK
content-type: font/woff
                                        
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 31 May 2022 01:37:38 GMT
accept-ranges: bytes
content-length: 98104
date: Fri, 25 Nov 2022 12:23:03 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 98104, version 0.0\012- data
Size:   98104
Md5:    6f7194dbaf62b3f2c5154284c1e72b02
Sha1:   cbe8adae44d2ec5b742ef7bcb34a5891bde79ff6
Sha256: 9ef316298efb45356282fe5be756c8a7c562e1e32f5c74521d851af59208ab08

Alerts:
  urlquery:
    - Phishing - Apple
                                        
                                            GET /aU3V4/wss/myriad-set-pro_medium.woff HTTP/1.1 
Host: myiphone-lost.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://myiphone-lost.com/aU3V4/wss/fonts.css
Cookie: PHPSESSID=5ca4c18048e3c01f7d75e14b9507c56f
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.251.80.223
HTTP/2 200 OK
content-type: font/woff
                                        
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 31 May 2022 01:37:38 GMT
accept-ranges: bytes
content-length: 94980
date: Fri, 25 Nov 2022 12:23:03 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 94980, version 0.0\012- data
Size:   94980
Md5:    7028a7c3250606308ac47d8c4a725a8d
Sha1:   978e75aef4d551af241ba3963e57d1315e5939cf
Sha256: 6585dc80ba7519d9cc037ace4f441b7545c7ca247e5bdb58949c1d5c13056daa

Alerts:
  urlquery:
    - Phishing - Apple
                                        
                                            GET /ac/flags/1/images/us/16.png HTTP/1.1 
Host: images.apple.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myiphone-lost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.38.200.210
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=utf-8
                                        
Server: Apple
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
Accept-Ranges: bytes
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubdomains
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Content-Security-Policy: default-src 'self' blob: data: *.akamaized.net *.apple.com *.apple-mapkit.com *.cdn-apple.com *.organicfruitapps.com; child-src blob: embed.music.apple.com embed.podcasts.apple.com swdlp.apple.com www.apple.com www.instagram.com platform.twitter.com www.youtube-nocookie.com; img-src 'unsafe-inline' blob: data: *.apple.com *.apple-mapkit.com *.cdn-apple.com *.mzstatic.com; script-src 'unsafe-inline' 'unsafe-eval' blob: *.apple.com *.apple-mapkit.com www.instagram.com platform.twitter.com; style-src 'unsafe-inline' *.apple.com
Content-Length: 5988
Vary: Accept-Encoding
Cache-Control: private, max-age=3600
Date: Fri, 25 Nov 2022 12:23:03 GMT
X-Cache: TCP_MISS from a23-36-79-12.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
Connection: keep-alive
X-Cache-Remote: TCP_MISS from a2-21-243-242.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
Access-Control-Allow-Origin: https://www.apple.com
Set-Cookie: geo=NO; path=/; domain=.apple.com


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (469)
Size:   5988
Md5:    054d4b77236ddcbdef74c15813c74d4b
Sha1:   e397f8fcd0208379e2e499a2bdfda9d6c39933ae
Sha256: 814ba2566b726127b17beaa0f2a8f02285f1a052d91d62b555ebe6f712aff19b
                                        
                                            GET /jquery-1.12.4.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myiphone-lost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         69.16.175.10
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 25 Nov 2022 12:23:03 GMT
content-encoding: gzip
content-length: 87176
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-47a36"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1669378983.dop206.sk1.t,1669378983.cds201.sk1.hn,1669378983.cds203.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   87176
Md5:    4cc1fb9dd16dba6f29268671930d0c91
Sha1:   dcd1f866cbd8b126e3d70ea2c26fc648db5460d4
Sha256: a2a66bcd92ddb55a079903017b9d58c79c434f085ef54e69596acadbb8dc215d
                                        
                                            GET /bPyBm4y.png HTTP/1.1 
Host: i.imgur.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myiphone-lost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.84.193
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Mon, 28 May 2018 05:23:14 GMT
etag: "720baa947669aab32557f2b785abcbbe"
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 25 Nov 2022 12:23:03 GMT
age: 2028550
x-served-by: cache-iad-kiad7000072-IAD, cache-bma1656-BMA
x-cache: HIT, MISS
x-cache-hits: 23, 0
x-timer: S1669378984.817038,VS0,VE93
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 47527
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 477 x 477, 8-bit/color RGBA, non-interlaced\012- data
Size:   47527
Md5:    720baa947669aab32557f2b785abcbbe
Sha1:   b2bc51d2f3fcd3490d40cf4a4bd839210180ba43
Sha256: b81807d184d98d863321e0c42db6215afe553feae8d2962ce38f9ec050ed5a7c
                                        
                                            GET /aU3V4/wss/myriad-set-pro_bold.woff HTTP/1.1 
Host: myiphone-lost.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://myiphone-lost.com/aU3V4/wss/fonts.css
Cookie: PHPSESSID=5ca4c18048e3c01f7d75e14b9507c56f
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.251.80.223
HTTP/2 200 OK
content-type: font/woff
                                        
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 31 May 2022 01:37:38 GMT
accept-ranges: bytes
content-length: 99664
date: Fri, 25 Nov 2022 12:23:03 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 99664, version 0.0\012- data
Size:   99664
Md5:    3156a9cde2949d5bf99d1b130f743179
Sha1:   c0f809c6c05229561dbe7aa2b68ae6e3707d9426
Sha256: 5cb859bc26509da8a69ef723c024eb781ef2d5fb6c137ac09cb418dfc217531b

Alerts:
  urlquery:
    - Phishing - Apple
                                        
                                            GET /aU3V4/js/login.js HTTP/1.1 
Host: myiphone-lost.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myiphone-lost.com/aU3V4/signin.php
Cookie: PHPSESSID=5ca4c18048e3c01f7d75e14b9507c56f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.251.80.223
HTTP/2 200 OK
content-type: application/javascript
                                        
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 31 May 2022 01:37:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 226
date: Fri, 25 Nov 2022 12:23:03 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   226
Md5:    f1bf27075a88ebd431f9b693e9dfed33
Sha1:   08806ac8d4410c59f7b2e6c3f707edcaf87d4551
Sha256: f24ea6f9764dadd541b4a01d3692db1a98300690b837d8d2449e0ac66ef48bab

Alerts:
  urlquery:
    - Phishing - Apple
                                        
                                            GET /aU3V4/auth/app.css HTTP/1.1 
Host: myiphone-lost.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myiphone-lost.com/aU3V4/signin.php
Cookie: PHPSESSID=5ca4c18048e3c01f7d75e14b9507c56f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.251.80.223
HTTP/2 200 OK
content-type: text/css
                                        
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 31 May 2022 01:37:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 17468
date: Fri, 25 Nov 2022 12:23:03 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   17468
Md5:    2f8b8058a336f4bae12f24dd6afb5636
Sha1:   4f7b352b8dc28322a1e34ba5429e675af96cf610
Sha256: 197cf944fb81852b99d7a2b9834023d4d59e7654e43864065920ee8b78955385

Alerts:
  urlquery:
    - Phishing - Apple
                                        
                                            GET /aU3V4/css/favicon.ico HTTP/1.1 
Host: myiphone-lost.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myiphone-lost.com/aU3V4/?CQKogoiSrDG3BdQ2jwj9r01RrFWAn9J5nqMrLOJN8AVtTiD5XHVL9JaKmaFcGkxGQ1TFNyHvkkPqPKYfvhBu3xSbdzwmDkGZqoINfMZ2h6pzfPXeD5UxWmzWHJwX9Qg7Ye9KWeMBL9Of3hVnwtLkU0gRUetTsJ0tMkrt0xmNLJ
Cookie: PHPSESSID=5ca4c18048e3c01f7d75e14b9507c56f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.251.80.223
HTTP/2 200 OK
content-type: image/x-icon
                                        
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 31 May 2022 01:37:38 GMT
accept-ranges: bytes
content-length: 9062
cache-control: max-age=604800
expires: Fri, 02 Dec 2022 12:23:04 GMT
date: Fri, 25 Nov 2022 12:23:04 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  MS Windows icon resource - 4 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data
Size:   9062
Md5:    28ec4eaba5ae210b98a11257caf5bade
Sha1:   6164148a39d6a27286641896fce3b76f439aeab1
Sha256: 3f5086612aae9363c9fb02949219cef19854c18fe5ad4eda78aa1aefcc79cc71

Alerts:
  urlquery:
    - Phishing - Apple
                                        
                                            GET /aU3V4/auth/shared-icons.woff HTTP/1.1 
Host: myiphone-lost.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://myiphone-lost.com/aU3V4/auth/app.css
Cookie: PHPSESSID=5ca4c18048e3c01f7d75e14b9507c56f
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.251.80.223
HTTP/2 200 OK
content-type: font/woff
                                        
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 31 May 2022 01:37:38 GMT
accept-ranges: bytes
content-length: 7944
date: Fri, 25 Nov 2022 12:23:04 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 7944, version 1.0\012- data
Size:   7944
Md5:    5e01630de5d0dad02c927c49d22436f1
Sha1:   1f991fe5eaaf73408294818725ec9dac5b978568
Sha256: 3d12586b3d24efe92df696c5b7a9aab33d89deee147f9ff1a6e957db6a962abd

Alerts:
  urlquery:
    - Phishing - Apple
                                        
                                            GET /aU3V4/static/cssj/N1251275612/account/web/app.css HTTP/1.1 
Host: myiphone-lost.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://myiphone-lost.com/aU3V4/?CQKogoiSrDG3BdQ2jwj9r01RrFWAn9J5nqMrLOJN8AVtTiD5XHVL9JaKmaFcGkxGQ1TFNyHvkkPqPKYfvhBu3xSbdzwmDkGZqoINfMZ2h6pzfPXeD5UxWmzWHJwX9Qg7Ye9KWeMBL9Of3hVnwtLkU0gRUetTsJ0tMkrt0xmNLJ
Cookie: PHPSESSID=5ca4c18048e3c01f7d75e14b9507c56f
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         162.251.80.223
HTTP/2 200 OK
content-type: text/css
                                        
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 31 May 2022 01:37:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
date: Fri, 25 Nov 2022 12:23:02 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---