| asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/bg2.jpg |  104.21.61.196 | 200 OK | 114 kB |
URL GET HTTP/3asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/bg2.jpg IP104.21.61.196:443
Requested byhttps://asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769& CertificateIssuerGoogle Trust Services LLC Subjectmtowaasep.com Fingerprint5D:E6:37:D9:57:33:43:61:52:DB:1E:93:73:3D:6F:FC:75:6F:CC:16 ValidityFri, 01 Dec 2023 12:34:27 GMT - Thu, 29 Feb 2024 12:34:26 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1920x941, components 3\012- data Size114 kB (113635 bytes) Hash5e20d8c5bd6c7a06298a2663a1cc8403 b6a831847567c49b247932edea74bbaec30dd4c5 948b1331677d0f9991d50376bfba436033c5a9cc5919cf9f74c03424b6f3e342
| Analyzer | Verdict | Alert |
|---|
| urlquery | scam | Scam - Fake AntiVirus / Security software |
GET /ijskaxajskdjkasdkas/wos/bg2.jpg HTTP/1.1
Host: asmm.mtowaasep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769&
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 02 Dec 2023 13:08:45 GMT
content-type: image/jpeg
content-length: 113635
last-modified: Fri, 01 Dec 2023 20:27:52 GMT
etag: "656a41c8-1bbe3"
expires: Mon, 01 Jan 2024 08:30:41 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 16684
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zP7LKwtKAmh4FqQs8B3lwjyKFrp5r9CTPeKVqyuBD%2BBrsCzz3AgWco1meeEpDnr7JOTaZdYbwnwb7ttXsm1lLPdSO4mRbaRZXUII6qrivgOeZqsDDyZO5%2B5ezUeojXZwqFAiWps%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82f3cce83bf50b51-OSL
alt-svc: h3=":443"; ma=86400
|
|
| asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/microsoft.png | 104.21.61.196 | 200 OK | 1.0 kB |
URL GET HTTP/3asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/microsoft.png IP104.21.61.196:443
Requested byhttps://asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769& CertificateIssuerGoogle Trust Services LLC Subjectmtowaasep.com Fingerprint5D:E6:37:D9:57:33:43:61:52:DB:1E:93:73:3D:6F:FC:75:6F:CC:16 ValidityFri, 01 Dec 2023 12:34:27 GMT - Thu, 29 Feb 2024 12:34:26 GMT
File typePNG image data, 47 x 46, 8-bit/color RGBA, non-interlaced\012- data Hashbf2b460590fbb9d8e9611a6e9006b816 561e1dab259d61e798b3ce380527b71b61074ff3 ee4bc5fe81fa7c1e8497d79c9c8a96485df217092d334e9b48fa8840fed11d03
| Analyzer | Verdict | Alert |
|---|
| urlquery | scam | Scam - Fake AntiVirus / Security software |
GET /ijskaxajskdjkasdkas/wos/microsoft.png HTTP/1.1
Host: asmm.mtowaasep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769&
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 02 Dec 2023 13:08:45 GMT
content-type: image/png
content-length: 1045
last-modified: Fri, 01 Dec 2023 20:27:45 GMT
etag: "656a41c1-415"
expires: Mon, 01 Jan 2024 08:30:41 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 16684
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=asjy%2BlHOoJ01QPczIrbsIOj7N3A%2FPII9RWGhnw4Wbku3hJF%2F4yfMCLjU3MAS5qeCiadM%2FDspyZZSVulpOBDCoTQGXm5bh8ma2gHl0XKEVv7hGmVQLnHPmqB%2FDDwNYNaM240GlDw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82f3cce84c050b51-OSL
alt-svc: h3=":443"; ma=86400
|
|
| asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/def.png | 104.21.61.196 | 200 OK | 3.8 kB |
URL GET HTTP/3asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/def.png IP104.21.61.196:443
Requested byhttps://asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769& CertificateIssuerGoogle Trust Services LLC Subjectmtowaasep.com Fingerprint5D:E6:37:D9:57:33:43:61:52:DB:1E:93:73:3D:6F:FC:75:6F:CC:16 ValidityFri, 01 Dec 2023 12:34:27 GMT - Thu, 29 Feb 2024 12:34:26 GMT
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data Hash77a2ffc5545f87551d74781201de9b3b c9c3798afd2ae95aa3bba3c428335d49c8255b06 316e6a6737bd296ab30aca2ef7fa36f119d15786a2432d01e31fdc130272f15c
| Analyzer | Verdict | Alert |
|---|
| urlquery | scam | Scam - Fake AntiVirus / Security software |
GET /ijskaxajskdjkasdkas/wos/def.png HTTP/1.1
Host: asmm.mtowaasep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769&
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 02 Dec 2023 13:08:45 GMT
content-type: image/png
content-length: 3834
last-modified: Fri, 01 Dec 2023 20:27:41 GMT
etag: "656a41bd-efa"
expires: Mon, 01 Jan 2024 08:30:41 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 16684
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HFdCQDVbMD27FIEDCelnqBbvFq9eVt7QPxavHVfpNTL9ak45vhLZPYs%2BqiUkb9iDVmao%2BBtdretRKtqqvv5SnsLFqBe8X3KYqvMyqa5uRo9vIlZcaO1u1cNpMEmftKS7WWuFMeE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82f3cce84c070b51-OSL
alt-svc: h3=":443"; ma=86400
|
|
| asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/cross.png | 104.21.61.196 | 200 OK | 44 kB |
URL GET HTTP/3asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/cross.png IP104.21.61.196:443
Requested byhttps://asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769& CertificateIssuerGoogle Trust Services LLC Subjectmtowaasep.com Fingerprint5D:E6:37:D9:57:33:43:61:52:DB:1E:93:73:3D:6F:FC:75:6F:CC:16 ValidityFri, 01 Dec 2023 12:34:27 GMT - Thu, 29 Feb 2024 12:34:26 GMT
File typePNG image data, 2080 x 2080, 8-bit/color RGBA, non-interlaced\012- data Hash4487a588bf2a07e3d1936d705c5ceefd db193b3e2ab9fbee6eae99ced2366b1ef5f16971 3821ef20f5904fdb993e34d87ff8fb9c5786a382efb0eeee8b4f00c91428b701
| Analyzer | Verdict | Alert |
|---|
| urlquery | scam | Scam - Fake AntiVirus / Security software |
GET /ijskaxajskdjkasdkas/wos/cross.png HTTP/1.1
Host: asmm.mtowaasep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769&
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 02 Dec 2023 13:08:45 GMT
content-type: image/png
content-length: 44098
last-modified: Fri, 01 Dec 2023 20:27:48 GMT
etag: "656a41c4-ac42"
expires: Mon, 01 Jan 2024 08:30:41 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 16684
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ekps5lzBdhuijC1zi9Srfg%2B%2FXwliz41nDIAvNnaiJAT8uwDQ1PfG0m%2BuT0SNj1nJOVvpyNcH%2FaHhUB0qwv2bGRMve3dZ9M1c8WgsZB1%2B%2FgPWAspSZavDu081fHW1gnSm%2BKxSu1c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82f3cce86c150b51-OSL
alt-svc: h3=":443"; ma=86400
|
|
| asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/virus-images.jpg | 104.21.61.196 | 200 OK | 8.2 kB |
URL GET HTTP/3asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/virus-images.jpg IP104.21.61.196:443
Requested byhttps://asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769& CertificateIssuerGoogle Trust Services LLC Subjectmtowaasep.com Fingerprint5D:E6:37:D9:57:33:43:61:52:DB:1E:93:73:3D:6F:FC:75:6F:CC:16 ValidityFri, 01 Dec 2023 12:34:27 GMT - Thu, 29 Feb 2024 12:34:26 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 254x71, components 3\012- data Hash5fc559a242f0ea0a023f10830887d2af 9d744c2f3a6bf5b715496350c8de7124cdd7ddc8 3b531d403dc8ce7cbb0efb1a0c307cfb2bbaaf21feaff9f3546f13bebda71887
| Analyzer | Verdict | Alert |
|---|
| urlquery | scam | Scam - Fake AntiVirus / Security software |
GET /ijskaxajskdjkasdkas/wos/virus-images.jpg HTTP/1.1
Host: asmm.mtowaasep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769&
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 02 Dec 2023 13:08:45 GMT
content-type: image/jpeg
content-length: 8196
last-modified: Fri, 01 Dec 2023 20:27:35 GMT
etag: "656a41b7-2004"
expires: Mon, 01 Jan 2024 08:30:41 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 16684
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rAv7R3phSPQaC9oauzH0Dh0GRLwvIMgn%2FQZ5AfFiIhgAxQP6n0uOLBpYtVJ%2B1zoptzoxh%2FYNciG5HOnTtSXUYDsUaA31ZnudxMQYR%2FcIfElv6W%2Fjzntp9QQwIwzfL5cRWOUgNDQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82f3cce8ac580b51-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js | 104.17.25.14 | 200 OK | 4.0 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js IP104.17.25.14:443
Requested byhttps://asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769& CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (11084), with no line terminators Hash65f1d21d5fcc9d21da758adababd0c3c e0661d07d64c00008bc9d013d16eec0a0f156dc7 d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
GET /ajax/libs/modernizr/2.8.3/modernizr.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://asmm.mtowaasep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 02 Dec 2023 13:08:45 GMT
content-type: application/javascript; charset=utf-8
content-length: 3980
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03f26-2b4c"
last-modified: Mon, 04 May 2020 16:13:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 127953
expires: Thu, 21 Nov 2024 13:08:45 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7XYGEQaEAYD1dmas6YQ5F62mNpnzWB550AjnQddckuZgTkZjM7sf%2BUXWkXATfzoZ9VbCNpP01mpcGzy5YAcz5h%2BTLxi5dMbaZULDNEYxWH%2B8RRdqLTeJ1VejURrt2jUZWhBwrjNN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 82f3cce928fb0b69-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js | 104.17.25.14 | 200 OK | 27 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js IP104.17.25.14:443
Requested byhttps://asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769& CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (32180) Hash7f9fb969ce353c5d77707836391eb28d 62c4042e9ebc691a5372d653b424512a561d1670 2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://asmm.mtowaasep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 02 Dec 2023 13:08:45 GMT
content-type: application/javascript; charset=utf-8
content-length: 26660
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-14983"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 729788
expires: Thu, 21 Nov 2024 13:08:45 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IW7uWJL7MAq19TecIPGaQ6gBjb3OJc5zg9pxQipxXpwT02NIcTDWA2s5xUf%2BVA9MV6MoXSSr0DgCJRVgJ7he0miMBBvuIu2io%2BxrnhnnHm34cQbv6jTkoJnub9MdAz4KtlWxjIaB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 82f3cce929000b69-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css |  151.101.129.229 | 200 OK | 26 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css IP151.101.129.229:443
Requested byhttps://asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769& CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeASCII text, with very long lines (65326) Hashd432e4222814b62dd30c9513dcc29440 2cac4afc120983921411296bd4e8fd8a94ba237e 4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
GET /npm/bootstrap@4.6.0/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://asmm.mtowaasep.com
DNT: 1
Connection: keep-alive
Referer: https://asmm.mtowaasep.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.6.0
x-jsd-version-type: version
etag: W/"27681-LKxK/BIJg5IUESlr1Oj9ipS6I34"
content-encoding: br
accept-ranges: bytes
date: Sat, 02 Dec 2023 13:08:45 GMT
age: 22482220
x-served-by: cache-fra-eddf8230111-FRA, cache-bma1662-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26291
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js | 151.101.129.229 | 200 OK | 23 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js IP151.101.129.229:443
Requested byhttps://asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769& CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeASCII text, with very long lines (65299) Hashf81d0a1705048649befc8b595e455a94 aec551e4d573463088fca7d14fb644eb389f1839 b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b
GET /npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://asmm.mtowaasep.com
DNT: 1
Connection: keep-alive
Referer: https://asmm.mtowaasep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 4.6.0
x-jsd-version-type: version
etag: W/"1499a-rsVR5NVzRjCI/KfRT7ZE6zifGDk"
content-encoding: br
accept-ranges: bytes
date: Sat, 02 Dec 2023 13:08:45 GMT
age: 22637342
x-served-by: cache-fra-eddf8230133-FRA, cache-bma1662-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23377
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-GZ2WHBX513 | 142.250.74.168 | 200 OK | 89 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-GZ2WHBX513 IP142.250.74.168:443
Requested byhttps://asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769& CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34 ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File typeASCII text, with very long lines (5955) Hasha7db1affbe90cb2d71cd46d0edd15165 36e5901c36212d57b19c1ac1180c74b1a4852ebd 56bfa963f38e973c4388447825fd0ab71c44e2043bf1526f61bc10c7d3a34141
GET /gtag/js?id=G-GZ2WHBX513 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://asmm.mtowaasep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 02 Dec 2023 13:08:45 GMT
expires: Sat, 02 Dec 2023 13:08:45 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 89445
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/before.js | 104.21.61.196 | 200 OK | 366 B |
URL GET HTTP/3asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/before.js IP104.21.61.196:443
Requested byhttps://asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769& CertificateIssuerGoogle Trust Services LLC Subjectmtowaasep.com Fingerprint5D:E6:37:D9:57:33:43:61:52:DB:1E:93:73:3D:6F:FC:75:6F:CC:16 ValidityFri, 01 Dec 2023 12:34:27 GMT - Thu, 29 Feb 2024 12:34:26 GMT
File typeASCII text, with very long lines (380), with no line terminators Hash30ab0fccfb4c857f608e51c255c26796 5923f53a21825d79b436e2c98e6ab53068370ad3 92e7f01957ef9660eb84aa2d821d4fff017b66659f7a74b900fad60053a1c88c
| Analyzer | Verdict | Alert |
|---|
| urlquery | scam | Scam - Fake AntiVirus / Security software |
GET /ijskaxajskdjkasdkas/wos/before.js HTTP/1.1
Host: asmm.mtowaasep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769&
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 02 Dec 2023 13:08:45 GMT
content-type: application/javascript
last-modified: Fri, 01 Dec 2023 20:27:41 GMT
vary: Accept-Encoding
etag: W/"656a41bd-16e"
expires: Mon, 01 Jan 2024 08:30:41 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 16684
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hbOEMLB9jcA2KiDiXNnLHwwiru%2FjV6AJo5FN1EqjmowhSWAJZA6iJoDcfdiydjL6HR7Q%2FGpSc83aGVPMFpKL78xki0jiEmCEwz16id6IRHIinfK3%2FOEa47JAdhfLG9Nj2oY%2BI3Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f3cce8ac5c0b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769& | 104.21.61.196 | 200 OK | 10 kB |
URL User Request GET HTTP/2asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769& IP104.21.61.196:443
CertificateIssuerGoogle Trust Services LLC Subjectmtowaasep.com Fingerprint5D:E6:37:D9:57:33:43:61:52:DB:1E:93:73:3D:6F:FC:75:6F:CC:16 ValidityFri, 01 Dec 2023 12:34:27 GMT - Thu, 29 Feb 2024 12:34:26 GMT
File typeHTML document, ASCII text, with very long lines (10482), with no line terminators Hash1025857932908193729ddbe440b6a84c a10d7b20fcac0c1fd52f8dbe4c0979e8cda38644 27c788474e8de5020c07016ebcb567d2772ae5ecd37d7f56854c25431e56377e
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Office365 |
GET /ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769& HTTP/1.1
Host: asmm.mtowaasep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 02 Dec 2023 13:08:45 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2Bzb%2BsCXmMOtfZPlL277ZBSs0n%2FTMz293wkGsgSqZYnLVsjoFOivw9Gn2yY3CIf0ENPyUDTQ%2FFng5KAWZzM8ukEq%2Fzzb5%2BgC5Xh%2BYscW8lzzbxyP%2F1uuX%2BF1aULYTSzHn%2BLZEE4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f3cce31b2e5699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/jscode.js | 104.21.61.196 | 200 OK | 6.5 kB |
URL GET HTTP/3asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/jscode.js IP104.21.61.196:443
Requested byhttps://asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769& CertificateIssuerGoogle Trust Services LLC Subjectmtowaasep.com Fingerprint5D:E6:37:D9:57:33:43:61:52:DB:1E:93:73:3D:6F:FC:75:6F:CC:16 ValidityFri, 01 Dec 2023 12:34:27 GMT - Thu, 29 Feb 2024 12:34:26 GMT
File typeASCII text, with very long lines (6918), with no line terminators Hashfbde4da0cb2f7af54c8ad1096fe4d1ce 9609bb67494ece0223a173a55025d128b14f1530 d70004786e99422691c01033d6753fa256b2d088f486c6509f374f12605f4c61
| Analyzer | Verdict | Alert |
|---|
| urlquery | scam | Scam - Fake AntiVirus / Security software |
GET /ijskaxajskdjkasdkas/wos/jscode.js HTTP/1.1
Host: asmm.mtowaasep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769&
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 02 Dec 2023 13:08:45 GMT
content-type: application/javascript
last-modified: Fri, 01 Dec 2023 20:27:38 GMT
vary: Accept-Encoding
etag: W/"656a41ba-194d"
expires: Mon, 01 Jan 2024 08:30:41 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 16684
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CqiN3EDr0nCZHmPS0dTpjXrh7LBv5Jr8pY7DdWd85Qo7pXKENXTzLzYsJ0quQA%2BJn5rv2w8430p42GDp5vTpDudjTcAFAHj6Pp%2BSC5oQq43wyGXahdLbHDmMofYFYP%2B4Rmr7zJM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f3cce8ac5f0b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| asmm.mtowaasep.com/favicon.ico | 104.21.61.196 | 404 Not Found | 146 B |
URL GET HTTP/3asmm.mtowaasep.com/favicon.ico IP104.21.61.196:443
Requested byhttps://asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769& CertificateIssuerGoogle Trust Services LLC Subjectmtowaasep.com Fingerprint5D:E6:37:D9:57:33:43:61:52:DB:1E:93:73:3D:6F:FC:75:6F:CC:16 ValidityFri, 01 Dec 2023 12:34:27 GMT - Thu, 29 Feb 2024 12:34:26 GMT
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators Hash40b3fc14254227ec5012d996bf90c4e1 b0dd06eb5a779151151101337889ff09953f8ac0 740816c1b61e4a8443c26d30d3eecfea04815fca8cd605a142f9d8a35f86ceca
| Analyzer | Verdict | Alert |
|---|
| urlquery | scam | Scam - Fake AntiVirus / Security software |
GET /favicon.ico HTTP/1.1
Host: asmm.mtowaasep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769&
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Sat, 02 Dec 2023 13:08:46 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rNg3TYz0X5qA65QTScVMTNu1vbIHL0a7rC7H%2FU1IFcp90sCvn074%2BJVW8tXNd56ycRkI5cgog0mn1b3LAGfmovWjCZfWl0h3zG8twQZ7xZf7aykMqiTaQbGvLqo7MCvB3RhMobg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f3cced2f580b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css | 104.18.10.207 | 200 OK | 28 kB |
URL GET HTTP/2maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css IP104.18.10.207:443
Requested byhttps://asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769& CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint34:BC:91:5F:B9:EC:32:2C:D9:73:C7:88:C3:6C:FB:77:E7:70:8D:04 ValidityThu, 30 Nov 2023 00:15:17 GMT - Wed, 28 Feb 2024 00:15:16 GMT
File typeASCII text, with very long lines (27303) Hash4fbd15cb6047af93373f4f895639c8bf 12d6861075de8e293265ff6ff03b1f3adcb44c76 ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
GET /font-awesome/4.5.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://asmm.mtowaasep.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 02 Dec 2023 13:08:45 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"4fbd15cb6047af93373f4f895639c8bf"
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 10/31/2023 18:58:32
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1047
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 25754c75fb460a03a208e88579fbc0b3
cdn-cache: HIT
cf-cache-status: HIT
age: 626170
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 82f3cce8b8e95694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/light.js | 104.21.61.196 | 200 OK | 503 B |
URL GET HTTP/3asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/light.js IP104.21.61.196:443
Requested byhttps://asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769& CertificateIssuerGoogle Trust Services LLC Subjectmtowaasep.com Fingerprint5D:E6:37:D9:57:33:43:61:52:DB:1E:93:73:3D:6F:FC:75:6F:CC:16 ValidityFri, 01 Dec 2023 12:34:27 GMT - Thu, 29 Feb 2024 12:34:26 GMT
File typeASCII text, with very long lines (545), with no line terminators Hashd64718a85daf432be5f8d3c9fe3a45bd d1b2721f29e5a1a6e6344a53162f32c53eb98e1e de0997f0917e44e1840ce9d82cc86fd7f6cae542f906c62d78ae71c6af0ee303
| Analyzer | Verdict | Alert |
|---|
| urlquery | scam | Scam - Fake AntiVirus / Security software |
GET /ijskaxajskdjkasdkas/wos/light.js HTTP/1.1
Host: asmm.mtowaasep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769&
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 02 Dec 2023 13:08:45 GMT
content-type: application/javascript
last-modified: Fri, 01 Dec 2023 20:27:45 GMT
vary: Accept-Encoding
etag: W/"656a41c1-1f7"
expires: Mon, 01 Jan 2024 08:30:41 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 16684
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DXhlg2zkbcDiSloFrLZEOC5LTJGQXzqiBMJCdIVwsj14lUetDSEycLQyfP%2FoCiuoc58%2BvQniNNcEx9DUIJVKTWKct6n6ohA7SsfvLXF449uoqvRMEO1OupUaF90Dg%2FLaexMgoYs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f3cce8ac5e0b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/alert-en.wav | 104.21.61.196 | 206 Partial Content | 65 kB |
URL GET HTTP/3asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/alert-en.wav IP104.21.61.196:443
Requested byhttps://asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769& CertificateIssuerGoogle Trust Services LLC Subjectmtowaasep.com Fingerprint5D:E6:37:D9:57:33:43:61:52:DB:1E:93:73:3D:6F:FC:75:6F:CC:16 ValidityFri, 01 Dec 2023 12:34:27 GMT - Thu, 29 Feb 2024 12:34:26 GMT
File typeRIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 22050 Hz\012- data Hash023c2f70371cf98f89862957c0f2558f 405e8e548d74d3400b8ce739d33681686b8e8bbb 1438fd99990c08e38293291f13821f15733bc09b69cb434cd01bb52d5141b2e9
GET /ijskaxajskdjkasdkas/wos/alert-en.wav HTTP/1.1
Host: asmm.mtowaasep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769&
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 206 Partial Content
date: Sat, 02 Dec 2023 13:08:46 GMT
content-type: application/octet-stream
content-length: 1701582
last-modified: Fri, 01 Dec 2023 20:27:52 GMT
etag: "656a41c8-19f6ce"
content-range: bytes 0-1701581/1701582
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tsX6W87%2F1cwtVf6GMl5%2BnLtcAOHMVb93DBs1IlEcQ2q%2Blo5k%2FLL3X5DOlr%2BLkCi3wdYRiulFoXcKbISeE9UXDyDmwT%2FVzs%2FXezDsLgCLdYgY%2F5GsVnI7yCf4CCpTGMaoH%2FhKKlM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f3cced5f720b51-OSL
alt-svc: h3=":443"; ma=86400
|
|
| asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/main.js | 104.21.61.196 | 200 OK | 1.4 kB |
URL GET HTTP/3asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/main.js IP104.21.61.196:443
Requested byhttps://asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769& CertificateIssuerGoogle Trust Services LLC Subjectmtowaasep.com Fingerprint5D:E6:37:D9:57:33:43:61:52:DB:1E:93:73:3D:6F:FC:75:6F:CC:16 ValidityFri, 01 Dec 2023 12:34:27 GMT - Thu, 29 Feb 2024 12:34:26 GMT
File typeASCII text, with very long lines (1587), with no line terminators Hash8a61bd76a24b9f1ae3f0864256fe2219 48e7ab3d8ed14bf21d63c879e48899e70793073a e65cc6553c751e915ab1ff5ab7698bdf0aaf907845ce6324407f6e49b4c154a6
| Analyzer | Verdict | Alert |
|---|
| urlquery | scam | Scam - Fake AntiVirus / Security software |
GET /ijskaxajskdjkasdkas/wos/main.js HTTP/1.1
Host: asmm.mtowaasep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769&
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 02 Dec 2023 13:08:45 GMT
content-type: application/javascript
last-modified: Fri, 01 Dec 2023 20:27:46 GMT
vary: Accept-Encoding
etag: W/"656a41c2-595"
expires: Mon, 01 Jan 2024 08:30:41 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 16684
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KKQME5I2s%2FA%2F%2BFwc%2BsARNBaHuVaKjb0JVUaQX8D1F4GHqxd%2BWWY04NT1iUbqiss%2BNOiPquD0eeTqoCux%2FkjoARS7yUDxdWqBTUMMk%2FVEgmOTZDEsT%2BCIFEwPNnGHuI9Mv2tCkAs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f3cce8ac5d0b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/main.css | 104.21.61.196 | 200 OK | 12 kB |
URL GET HTTP/3asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/main.css IP104.21.61.196:443
Requested byhttps://asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769& CertificateIssuerGoogle Trust Services LLC Subjectmtowaasep.com Fingerprint5D:E6:37:D9:57:33:43:61:52:DB:1E:93:73:3D:6F:FC:75:6F:CC:16 ValidityFri, 01 Dec 2023 12:34:27 GMT - Thu, 29 Feb 2024 12:34:26 GMT
File typeASCII text, with CRLF line terminators Hash28169309e74f1e0028e6e719676ab188 bfcad26f7a2ee391cb20e446b0f1a4e17499507a d5d2eaec4d8f18123d2db3b457a892a5566da301d10ddb3afa85d059c64df7f6
| Analyzer | Verdict | Alert |
|---|
| urlquery | scam | Scam - Fake AntiVirus / Security software |
GET /ijskaxajskdjkasdkas/wos/main.css HTTP/1.1
Host: asmm.mtowaasep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769&
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 02 Dec 2023 13:08:45 GMT
content-type: text/css
last-modified: Fri, 01 Dec 2023 20:27:46 GMT
vary: Accept-Encoding
etag: W/"656a41c2-2f4f"
expires: Mon, 01 Jan 2024 08:30:41 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 16684
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FKZ2vF4jpO%2FBkLUlVqCfaT%2Fg%2FVIvbcvgaxkmWZfIJa8%2BNa3dU4p7HegkfQdkfxEGZ6S2eY6WEiN0RsQOwJfx4GhWdr%2B4haDW6ZOz8UltK8A1uE0R3ZFKuSvEGMyi2WqEk8wMYSo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f3cce81be20b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/fullscreen.js | 104.21.61.196 | 200 OK | 245 B |
URL GET HTTP/3asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/fullscreen.js IP104.21.61.196:443
Requested byhttps://asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769& CertificateIssuerGoogle Trust Services LLC Subjectmtowaasep.com Fingerprint5D:E6:37:D9:57:33:43:61:52:DB:1E:93:73:3D:6F:FC:75:6F:CC:16 ValidityFri, 01 Dec 2023 12:34:27 GMT - Thu, 29 Feb 2024 12:34:26 GMT
File typeASCII text, with no line terminators Hashe70e5bc6acccc111d1016ccb1de66c20 b75154dabdb11f3c546fe085efdd740a8b88ea90 c8988f92f8e1a825f5f34ed45ca542b25eab1b845c5a0f459dff5045a4ee486e
| Analyzer | Verdict | Alert |
|---|
| urlquery | scam | Scam - Fake AntiVirus / Security software |
GET /ijskaxajskdjkasdkas/wos/fullscreen.js HTTP/1.1
Host: asmm.mtowaasep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://asmm.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769&
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 02 Dec 2023 13:08:45 GMT
content-type: application/javascript
last-modified: Fri, 01 Dec 2023 20:27:54 GMT
vary: Accept-Encoding
etag: W/"656a41ca-f5"
expires: Mon, 01 Jan 2024 08:30:41 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 16684
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2FjDOKDwOLa0xRe0qZhILgSWBQYcK6mGgGPhJnK0gBoOYFqbRRUbjq7e1Va75mnhLwwNyAvK2v4XYtzPZXjQIaX50japLuTz%2FBX7tjX7IjPqPoRxKA5mSmH3xGHEn7B0JddMjV0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f3cce8ac5a0b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|