# fapp1.sulekhanotifications.com — SUSPICIOUS

> fapp1.sulekhanotifications.com is a confirmed brand impersonation site flagged by 2/95 VirusTotal scanners while impersonating Apple. Avoid entering credentials.

## Summary
PhishDestroy identifies fapp1.sulekhanotifications.com as an active brand impersonation scam targeting Apple users with elevated risk. This domain resolves to IP 202.162.242.179 and was registered through Network Solutions, LLC on March 25, 2016. The site currently shows a 2/95 detection rate on VirusTotal, indicating minimal but concerning security vendor recognition.  This domain poses a clear credential theft threat by masquerading as official Apple notifications, leveraging the brand’s trust to trick users into surrendering login details or payment data. The use of the subdomain fapp1 (suggesting ‘fake Apple app notifications’) and the inclusion of ‘notifications’ in the hostname are deliberate attempts to appear legitimate. The long domain age (8 years) may be exploited to evade recent blocklists despite its malicious purpose. Security vendors such as MetaDefender and ThreatHive have already flagged this domain, but the low detection count suggests it may be newly active or using evasion techniques.  Users who visited fapp1.sulekhanotifications.com should immediately check their Apple accounts for unauthorized access and revoke any suspicious sessions via appleid.apple.com. Do not enter passwords or payment information on this site. If credentials were entered, change them immediately and enable two-factor authentication. Report the domain to Apple via reportphishing@apple.com and block it using your browser’s security settings or a reputable blocklist. For network-level protection, consider updating your DNS resolver to include threat intelligence feeds that block known malicious domains.

## Threat Details
- Verdict: SUSPICIOUS
- Site status: unknown (HTTP ?)
- Target brand: Apple

## Domain Intelligence
- Registered: 2016-03-25 12:15:43
- Registrar: Network Solutions, LLC
- IP: 202.162.242.179

## Detection Status
- VirusTotal: 2 vendors flagged
- Google Safe Browsing: clean
- Blocklists: 0 hits

## Evidence
- Cloudflare Radar: https://radar.cloudflare.com/scan/339929f6-fe88-4bde-98de-f70efc7d0193
- PhishDestroy: https://phishdestroy.io/domain/fapp1.sulekhanotifications.com/
- LLM endpoint: https://phishdestroy.io/domain/fapp1.sulekhanotifications.com/llm.txt

## If You Visited This Site
1. Change any passwords you may have entered
2. Enable 2FA on all related accounts
3. Monitor your accounts for unauthorized activity
4. Report to: FBI IC3, Europol, local authorities

---
Report by PhishDestroy | https://phishdestroy.io/domain/fapp1.sulekhanotifications.com/
Last updated: 2026-03-29