| cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js |  104.17.25.14 | 200 OK | 27 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js IP104.17.25.14:443
Requested byhttps://aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769 CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (32180) Hash7f9fb969ce353c5d77707836391eb28d 62c4042e9ebc691a5372d653b424512a561d1670 2051d61446d4dbffb03727031022a08c84528ab44d203a7669c101e5fbdd5515
GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aseer.mtowaasep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 07 Dec 2023 08:33:49 GMT
content-type: application/javascript; charset=utf-8
content-length: 26660
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-14983"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1145292
expires: Tue, 26 Nov 2024 08:33:49 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NmB2m375jq4lleB19AUeMC9jH0AgSykdWkCu9wK1LIcOQ1ul9Loxzbt1ieBKZtl6EtKTtZW4rfGwc1rM6ftB%2FBDe%2FE55ih4DSCUc75EjJwXcC%2BrZbSJnFWo6e%2FSNdA6eS4HdrbEy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 831b6d0b2ad5712a-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js | 104.17.25.14 | 200 OK | 4.0 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js IP104.17.25.14:443
Requested byhttps://aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769 CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (11084), with no line terminators Hash65f1d21d5fcc9d21da758adababd0c3c e0661d07d64c00008bc9d013d16eec0a0f156dc7 d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
GET /ajax/libs/modernizr/2.8.3/modernizr.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aseer.mtowaasep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 07 Dec 2023 08:33:49 GMT
content-type: application/javascript; charset=utf-8
content-length: 3980
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03f26-2b4c"
last-modified: Mon, 04 May 2020 16:13:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 543457
expires: Tue, 26 Nov 2024 08:33:49 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3hubq2RIdvoUWcz7MAnZS91ZFpWFUpspjkZQ6vVV78bQfeIkW%2BldLwfE6Ale47ptt8ifrYhirYkXUnGPYLFXeKFs32y%2BHk4Tu9DsxptMtKlqQZDtI7JMjziFlCtk12dq8HtJ9FsA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 831b6d0b3ae5712a-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/def.png | 104.21.61.196 | 200 OK | 3.8 kB |
URL GET HTTP/3aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/def.png IP104.21.61.196:443
Requested byhttps://aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769 CertificateIssuerGoogle Trust Services LLC Subjectmtowaasep.com Fingerprint5D:E6:37:D9:57:33:43:61:52:DB:1E:93:73:3D:6F:FC:75:6F:CC:16 ValidityFri, 01 Dec 2023 12:34:27 GMT - Thu, 29 Feb 2024 12:34:26 GMT
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data Hash77a2ffc5545f87551d74781201de9b3b c9c3798afd2ae95aa3bba3c428335d49c8255b06 316e6a6737bd296ab30aca2ef7fa36f119d15786a2432d01e31fdc130272f15c
| Analyzer | Verdict | Alert |
|---|
| urlquery | scam | Scam - Fake AntiVirus / Security software |
GET /ijskaxajskdjkasdkas/wos/def.png HTTP/1.1
Host: aseer.mtowaasep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 07 Dec 2023 08:33:49 GMT
content-type: image/png
content-length: 3834
last-modified: Fri, 01 Dec 2023 20:27:41 GMT
etag: "656a41bd-efa"
expires: Sat, 06 Jan 2024 08:33:49 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DQQodS6LpcUA1jRU7yIjL4%2FCtysEpsvtZPlI2Aac09HjtQADMigY8b1mLwhstK4EdbDzCPZjbl5f0IylpgM%2BY%2BeNjQqNJrr%2FJzjFImx6zUkmfK%2FpCie77ysqoCUREYm9L0NGhbbv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831b6d0b0a6f5685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/virus-images.jpg | 104.21.61.196 | 200 OK | 8.2 kB |
URL GET HTTP/3aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/virus-images.jpg IP104.21.61.196:443
Requested byhttps://aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769 CertificateIssuerGoogle Trust Services LLC Subjectmtowaasep.com Fingerprint5D:E6:37:D9:57:33:43:61:52:DB:1E:93:73:3D:6F:FC:75:6F:CC:16 ValidityFri, 01 Dec 2023 12:34:27 GMT - Thu, 29 Feb 2024 12:34:26 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 254x71, components 3\012- data Hash5fc559a242f0ea0a023f10830887d2af 9d744c2f3a6bf5b715496350c8de7124cdd7ddc8 3b531d403dc8ce7cbb0efb1a0c307cfb2bbaaf21feaff9f3546f13bebda71887
| Analyzer | Verdict | Alert |
|---|
| urlquery | scam | Scam - Fake AntiVirus / Security software |
GET /ijskaxajskdjkasdkas/wos/virus-images.jpg HTTP/1.1
Host: aseer.mtowaasep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 07 Dec 2023 08:33:49 GMT
content-type: image/jpeg
content-length: 8196
last-modified: Fri, 01 Dec 2023 20:27:35 GMT
etag: "656a41b7-2004"
expires: Sat, 06 Jan 2024 08:33:49 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kBetiVEmSwLeSx5cs2OoHTZeFDE6aj2EDqM0w%2Bl3Oo3O5nmrDCNVPxX3xTUiK9kRVGkogLlBb406KfvCns8zXZvlCSD7z%2FzMs0uDdHyKalSS78U6TU2UXrkavwdL04BPGNbVou3f"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831b6d0b0a7c5685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/microsoft.png | 104.21.61.196 | 200 OK | 1.0 kB |
URL GET HTTP/3aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/microsoft.png IP104.21.61.196:443
Requested byhttps://aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769 CertificateIssuerGoogle Trust Services LLC Subjectmtowaasep.com Fingerprint5D:E6:37:D9:57:33:43:61:52:DB:1E:93:73:3D:6F:FC:75:6F:CC:16 ValidityFri, 01 Dec 2023 12:34:27 GMT - Thu, 29 Feb 2024 12:34:26 GMT
File typePNG image data, 47 x 46, 8-bit/color RGBA, non-interlaced\012- data Hashbf2b460590fbb9d8e9611a6e9006b816 561e1dab259d61e798b3ce380527b71b61074ff3 ee4bc5fe81fa7c1e8497d79c9c8a96485df217092d334e9b48fa8840fed11d03
| Analyzer | Verdict | Alert |
|---|
| urlquery | scam | Scam - Fake AntiVirus / Security software |
GET /ijskaxajskdjkasdkas/wos/microsoft.png HTTP/1.1
Host: aseer.mtowaasep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 07 Dec 2023 08:33:49 GMT
content-type: image/png
content-length: 1045
last-modified: Fri, 01 Dec 2023 20:27:45 GMT
etag: "656a41c1-415"
expires: Sat, 06 Jan 2024 08:33:49 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JHrqBIicgjRwCMIlWDXhBhwFLFc6SkIo2Fw3PTI7qLUCdM0qJmKx%2Fb0BBqybXhqWku9%2BJs5Rs9E4FG9DTdbq5DJwt%2BVG5hrEpOdxufoYJFljhGWPt08tAWjYpFMKjs5lRujdYC2%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831b6d0b0a6e5685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js |  151.101.1.229 | 200 OK | 23 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js IP151.101.1.229:443
Requested byhttps://aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769 CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeASCII text, with very long lines (65299) Hashf81d0a1705048649befc8b595e455a94 aec551e4d573463088fca7d14fb644eb389f1839 b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b
GET /npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://aseer.mtowaasep.com
DNT: 1
Connection: keep-alive
Referer: https://aseer.mtowaasep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 4.6.0
x-jsd-version-type: version
etag: W/"1499a-rsVR5NVzRjCI/KfRT7ZE6zifGDk"
content-encoding: br
accept-ranges: bytes
date: Thu, 07 Dec 2023 08:33:49 GMT
age: 23052846
x-served-by: cache-fra-eddf8230133-FRA, cache-bma1646-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23377
X-Firefox-Spdy: h2
|
|
| aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos?t=(0101)-50555-94769 | 104.21.61.196 | 301 Moved Permanently | 44 kB |
URL User Request GET HTTP/2aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos?t=(0101)-50555-94769 IP104.21.61.196:443
CertificateIssuerGoogle Trust Services LLC Subjectmtowaasep.com Fingerprint5D:E6:37:D9:57:33:43:61:52:DB:1E:93:73:3D:6F:FC:75:6F:CC:16 ValidityFri, 01 Dec 2023 12:34:27 GMT - Thu, 29 Feb 2024 12:34:26 GMT
Hashd36c7dc5e147fc083a754afd62a51dc4 ec985192fcf8a0555cd0e2e0c3e3e5a34b526a4f e62c44014d11b7b7675be61f0603cdb2adf051e300f5fedc4be52746afb67d4f
GET /ijskaxajskdjkasdkas/wos?t=(0101)-50555-94769 HTTP/1.1
Host: aseer.mtowaasep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Thu, 07 Dec 2023 08:33:48 GMT
content-type: text/html
location: https://aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fsm%2Fy5QTsobQcnljzFtbxuGhWJCU4vyy%2FMMuY4WhFxVyHuWRK4DfLJVIdZ%2FdvuM43ItuDxy7AWlH0qzQ0h%2Bo7KECPoMj7I09IlXkiaDvVxfHKZBV7ePEEZb%2BdGENywX6U1FKl59L"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831b6d06599756a8-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/bg2.jpg | 104.21.61.196 | 200 OK | 114 kB |
URL GET HTTP/3aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/bg2.jpg IP104.21.61.196:443
Requested byhttps://aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769 CertificateIssuerGoogle Trust Services LLC Subjectmtowaasep.com Fingerprint5D:E6:37:D9:57:33:43:61:52:DB:1E:93:73:3D:6F:FC:75:6F:CC:16 ValidityFri, 01 Dec 2023 12:34:27 GMT - Thu, 29 Feb 2024 12:34:26 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1920x941, components 3\012- data Size114 kB (113635 bytes) Hash5e20d8c5bd6c7a06298a2663a1cc8403 b6a831847567c49b247932edea74bbaec30dd4c5 948b1331677d0f9991d50376bfba436033c5a9cc5919cf9f74c03424b6f3e342
| Analyzer | Verdict | Alert |
|---|
| urlquery | scam | Scam - Fake AntiVirus / Security software |
GET /ijskaxajskdjkasdkas/wos/bg2.jpg HTTP/1.1
Host: aseer.mtowaasep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 07 Dec 2023 08:33:49 GMT
content-type: image/jpeg
content-length: 113635
last-modified: Fri, 01 Dec 2023 20:27:52 GMT
etag: "656a41c8-1bbe3"
expires: Sat, 06 Jan 2024 08:33:49 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t2l6XE%2Br%2Bow41uz%2FDdh7ThmfyeHVCRa%2FYtAqzRk2l8BIFc84SS97sMqu8cDJktUCD%2Bx2APeB5xxjFaKoE2OuTSW%2F2zXDf4LQq7SkgQNpsu3hW%2F5XUKt0zt70aiNGDQErtvEn%2BG0L"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831b6d0b0a6b5685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.googletagmanager.com/gtag/js?id=G-GZ2WHBX513 | 216.58.207.200 | 200 OK | 89 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-GZ2WHBX513 IP216.58.207.200:443
Requested byhttps://aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34 ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File typeASCII text, with very long lines (5955) Hash151feb3febe968eed930130d0a08c14d 623e29cca81e920343e3a313a69ce766e2dd0bf9 af7e5234d91fee5b804c7d8da81446b61352a120e919a5dec93dfe54f6b45900
GET /gtag/js?id=G-GZ2WHBX513 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aseer.mtowaasep.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 07 Dec 2023 08:33:50 GMT
expires: Thu, 07 Dec 2023 08:33:50 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 89403
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css | 151.101.1.229 | 200 OK | 26 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css IP151.101.1.229:443
Requested byhttps://aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769 CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeASCII text, with very long lines (65326) Hashd432e4222814b62dd30c9513dcc29440 2cac4afc120983921411296bd4e8fd8a94ba237e 4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
GET /npm/bootstrap@4.6.0/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://aseer.mtowaasep.com
DNT: 1
Connection: keep-alive
Referer: https://aseer.mtowaasep.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.6.0
x-jsd-version-type: version
etag: W/"27681-LKxK/BIJg5IUESlr1Oj9ipS6I34"
content-encoding: br
accept-ranges: bytes
date: Thu, 07 Dec 2023 08:33:50 GMT
age: 22897725
x-served-by: cache-fra-eddf8230111-FRA, cache-bma1646-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26291
X-Firefox-Spdy: h2
|
|
| aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/jscode.js | 104.21.61.196 | 200 OK | 6.5 kB |
URL GET HTTP/3aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/jscode.js IP104.21.61.196:443
Requested byhttps://aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769 CertificateIssuerGoogle Trust Services LLC Subjectmtowaasep.com Fingerprint5D:E6:37:D9:57:33:43:61:52:DB:1E:93:73:3D:6F:FC:75:6F:CC:16 ValidityFri, 01 Dec 2023 12:34:27 GMT - Thu, 29 Feb 2024 12:34:26 GMT
File typeASCII text, with very long lines (6918), with no line terminators Hashfbde4da0cb2f7af54c8ad1096fe4d1ce 9609bb67494ece0223a173a55025d128b14f1530 d70004786e99422691c01033d6753fa256b2d088f486c6509f374f12605f4c61
| Analyzer | Verdict | Alert |
|---|
| urlquery | scam | Scam - Fake AntiVirus / Security software |
GET /ijskaxajskdjkasdkas/wos/jscode.js HTTP/1.1
Host: aseer.mtowaasep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 07 Dec 2023 08:33:49 GMT
content-type: application/javascript
last-modified: Fri, 01 Dec 2023 20:27:38 GMT
vary: Accept-Encoding
etag: W/"656a41ba-194d"
expires: Sat, 06 Jan 2024 08:33:49 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0vuKDk3q0uOAq1rUKgS1Pe7IQpIKd8CajKbB2zv3PUZV%2Bh0aworCcEHwI4QFpxEk9Ftt3FN05TiqqcOXIlIg7f0F28r00b%2FR6osFTUz6yDFwTPiIQSHgF2JUIg9dWShBbbLC02Dn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831b6d0b2ab85685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/fullscreen.js | 104.21.61.196 | 200 OK | 245 B |
URL GET HTTP/3aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/fullscreen.js IP104.21.61.196:443
Requested byhttps://aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769 CertificateIssuerGoogle Trust Services LLC Subjectmtowaasep.com Fingerprint5D:E6:37:D9:57:33:43:61:52:DB:1E:93:73:3D:6F:FC:75:6F:CC:16 ValidityFri, 01 Dec 2023 12:34:27 GMT - Thu, 29 Feb 2024 12:34:26 GMT
File typeASCII text, with no line terminators Hashe70e5bc6acccc111d1016ccb1de66c20 b75154dabdb11f3c546fe085efdd740a8b88ea90 c8988f92f8e1a825f5f34ed45ca542b25eab1b845c5a0f459dff5045a4ee486e
| Analyzer | Verdict | Alert |
|---|
| urlquery | scam | Scam - Fake AntiVirus / Security software |
GET /ijskaxajskdjkasdkas/wos/fullscreen.js HTTP/1.1
Host: aseer.mtowaasep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 07 Dec 2023 08:33:49 GMT
content-type: application/javascript
last-modified: Fri, 01 Dec 2023 20:27:54 GMT
vary: Accept-Encoding
etag: W/"656a41ca-f5"
expires: Sat, 06 Jan 2024 08:33:49 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CBEmM7rbem45A4MHit4ECRjT1aXIRDKiYSLX1FjLbePoMAFe3baKjPVO%2BOaP%2BgUrP%2BXVEerZZT5DNWXg3cGq02Nuj2KwonGxJq%2BcJS9v2CAAttvxuR6ux5MD7%2BXOwi52piqmLe0i"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831b6d0b0a7e5685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/before.js | 104.21.61.196 | 200 OK | 366 B |
URL GET HTTP/3aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/before.js IP104.21.61.196:443
Requested byhttps://aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769 CertificateIssuerGoogle Trust Services LLC Subjectmtowaasep.com Fingerprint5D:E6:37:D9:57:33:43:61:52:DB:1E:93:73:3D:6F:FC:75:6F:CC:16 ValidityFri, 01 Dec 2023 12:34:27 GMT - Thu, 29 Feb 2024 12:34:26 GMT
File typeASCII text, with very long lines (380), with no line terminators Hash30ab0fccfb4c857f608e51c255c26796 5923f53a21825d79b436e2c98e6ab53068370ad3 92e7f01957ef9660eb84aa2d821d4fff017b66659f7a74b900fad60053a1c88c
| Analyzer | Verdict | Alert |
|---|
| urlquery | scam | Scam - Fake AntiVirus / Security software |
GET /ijskaxajskdjkasdkas/wos/before.js HTTP/1.1
Host: aseer.mtowaasep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 07 Dec 2023 08:33:49 GMT
content-type: application/javascript
last-modified: Fri, 01 Dec 2023 20:27:41 GMT
vary: Accept-Encoding
etag: W/"656a41bd-16e"
expires: Sat, 06 Jan 2024 08:33:49 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rsdoq5eTA8fn%2FmvXWQv3oscjHn2rTJHP3rYdiePMV80x2leIFv1xhDOECVOFQk%2BmrUjF972qaj%2BDskCLrQsfHOSOYf2fEwlKjm1WfJDsI%2Ffyvvvnvbg0ht8LYkES5%2FqCnJ7jatvI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831b6d0b1a885685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/main.js | 104.21.61.196 | 200 OK | 1.4 kB |
URL GET HTTP/3aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/main.js IP104.21.61.196:443
Requested byhttps://aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769 CertificateIssuerGoogle Trust Services LLC Subjectmtowaasep.com Fingerprint5D:E6:37:D9:57:33:43:61:52:DB:1E:93:73:3D:6F:FC:75:6F:CC:16 ValidityFri, 01 Dec 2023 12:34:27 GMT - Thu, 29 Feb 2024 12:34:26 GMT
File typeASCII text, with very long lines (1587), with no line terminators Hash8a61bd76a24b9f1ae3f0864256fe2219 48e7ab3d8ed14bf21d63c879e48899e70793073a e65cc6553c751e915ab1ff5ab7698bdf0aaf907845ce6324407f6e49b4c154a6
| Analyzer | Verdict | Alert |
|---|
| urlquery | scam | Scam - Fake AntiVirus / Security software |
GET /ijskaxajskdjkasdkas/wos/main.js HTTP/1.1
Host: aseer.mtowaasep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 07 Dec 2023 08:33:49 GMT
content-type: application/javascript
last-modified: Fri, 01 Dec 2023 20:27:46 GMT
vary: Accept-Encoding
etag: W/"656a41c2-595"
expires: Sat, 06 Jan 2024 08:33:49 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4on8f5DtVpSkYCt4%2FAlF83xMMtmT07ae23wQ56YTJFGPG%2F6RVtW2SJFEJgb2b%2FQICIPabFkbGb300lgkikpB2RlF1GtYWOsYpTkFHys1CESOYaVIkjhvlf6msqjkBk6XhPwllZzh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831b6d0b1a8b5685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/main.css | 104.21.61.196 | 200 OK | 12 kB |
URL GET HTTP/3aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/main.css IP104.21.61.196:443
Requested byhttps://aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769 CertificateIssuerGoogle Trust Services LLC Subjectmtowaasep.com Fingerprint5D:E6:37:D9:57:33:43:61:52:DB:1E:93:73:3D:6F:FC:75:6F:CC:16 ValidityFri, 01 Dec 2023 12:34:27 GMT - Thu, 29 Feb 2024 12:34:26 GMT
File typeASCII text, with CRLF line terminators Hash28169309e74f1e0028e6e719676ab188 bfcad26f7a2ee391cb20e446b0f1a4e17499507a d5d2eaec4d8f18123d2db3b457a892a5566da301d10ddb3afa85d059c64df7f6
| Analyzer | Verdict | Alert |
|---|
| urlquery | scam | Scam - Fake AntiVirus / Security software |
GET /ijskaxajskdjkasdkas/wos/main.css HTTP/1.1
Host: aseer.mtowaasep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 07 Dec 2023 08:33:49 GMT
content-type: text/css
last-modified: Fri, 01 Dec 2023 20:27:46 GMT
vary: Accept-Encoding
etag: W/"656a41c2-2f4f"
expires: Sat, 06 Jan 2024 08:33:49 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C1q8tQwLLxwPlZ2hvEfNhubjWJK4oKyLxk7%2FOv4EBs99MYQLpZbz%2BxXodHguZX7dRz4gDyCvOsPkNKtuAf3%2BRTugcLzTtUXxtL71F19JEWwRsEEz89%2FXaRg7b9NAry65JMcuQ4ZZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831b6d0afa655685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/alert-en.wav | 104.21.61.196 | 206 Partial Content | 49 kB |
URL GET HTTP/3aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/alert-en.wav IP104.21.61.196:443
Requested byhttps://aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769 CertificateIssuerGoogle Trust Services LLC Subjectmtowaasep.com Fingerprint5D:E6:37:D9:57:33:43:61:52:DB:1E:93:73:3D:6F:FC:75:6F:CC:16 ValidityFri, 01 Dec 2023 12:34:27 GMT - Thu, 29 Feb 2024 12:34:26 GMT
File typeRIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 22050 Hz\012- data Hasheaba2def43c393dec5968574cb6a93b2 2301a72722e9e456c60bb3a261790c876a3e0c32 01779f322914cd536b687be02e2f8bb3cf91821bfa2dbaa2bbff255c38724641
| Analyzer | Verdict | Alert |
|---|
| urlquery | scam | Scam - Fake AntiVirus / Security software |
GET /ijskaxajskdjkasdkas/wos/alert-en.wav HTTP/1.1
Host: aseer.mtowaasep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 206 Partial Content
date: Thu, 07 Dec 2023 08:33:51 GMT
content-type: application/octet-stream
content-length: 1701582
last-modified: Fri, 01 Dec 2023 20:27:52 GMT
etag: "656a41c8-19f6ce"
content-range: bytes 0-1701581/1701582
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dm7IW3DGtACOI4M%2BUO3naWUprBJ4riiHFFvlmFxJ4qfNmt9nQDgec%2BlYsJZK%2FpGA6%2FZaqQeK%2BFLsAnEISCxs60bsJbyFgEoWGqomk7DVYprjpcuON9UY7agXeQJeikMx69bnJ8RZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831b6d164f4c5685-OSL
alt-svc: h3=":443"; ma=86400
|
|
| maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css | 104.18.11.207 | 200 OK | 28 kB |
URL GET HTTP/2maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css IP104.18.11.207:443
Requested byhttps://aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769 CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint34:BC:91:5F:B9:EC:32:2C:D9:73:C7:88:C3:6C:FB:77:E7:70:8D:04 ValidityThu, 30 Nov 2023 00:15:17 GMT - Wed, 28 Feb 2024 00:15:16 GMT
File typeASCII text, with very long lines (27303) Hash4fbd15cb6047af93373f4f895639c8bf 12d6861075de8e293265ff6ff03b1f3adcb44c76 ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
GET /font-awesome/4.5.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aseer.mtowaasep.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 07 Dec 2023 08:33:49 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"4fbd15cb6047af93373f4f895639c8bf"
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 10/31/2023 18:58:32
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1047
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 25754c75fb460a03a208e88579fbc0b3
cdn-cache: HIT
cf-cache-status: HIT
age: 1041674
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 831b6d0b38c2b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/light.js | 104.21.61.196 | 200 OK | 503 B |
URL GET HTTP/3aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/light.js IP104.21.61.196:443
Requested byhttps://aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769 CertificateIssuerGoogle Trust Services LLC Subjectmtowaasep.com Fingerprint5D:E6:37:D9:57:33:43:61:52:DB:1E:93:73:3D:6F:FC:75:6F:CC:16 ValidityFri, 01 Dec 2023 12:34:27 GMT - Thu, 29 Feb 2024 12:34:26 GMT
File typeASCII text, with very long lines (545), with no line terminators Hashd64718a85daf432be5f8d3c9fe3a45bd d1b2721f29e5a1a6e6344a53162f32c53eb98e1e de0997f0917e44e1840ce9d82cc86fd7f6cae542f906c62d78ae71c6af0ee303
| Analyzer | Verdict | Alert |
|---|
| urlquery | scam | Scam - Fake AntiVirus / Security software |
GET /ijskaxajskdjkasdkas/wos/light.js HTTP/1.1
Host: aseer.mtowaasep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 07 Dec 2023 08:33:49 GMT
content-type: application/javascript
last-modified: Fri, 01 Dec 2023 20:27:45 GMT
vary: Accept-Encoding
etag: W/"656a41c1-1f7"
expires: Sat, 06 Jan 2024 08:33:49 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z1IsS2PhLY393zC%2BAw7mVln9EyyZkc6Ox4m3Ls1d18umZ73WTg2%2FbGwj46wEX69hHMboR9C%2BJH3sUULICU8V%2BpyrwMANa9KVQJaLVpINEvjBrljjp7aysw2yC6mdgTeIhMvTT%2F3f"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831b6d0b1a8d5685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| aseer.mtowaasep.com/favicon.ico | 104.21.61.196 | 404 Not Found | 146 B |
URL GET HTTP/3aseer.mtowaasep.com/favicon.ico IP104.21.61.196:443
Requested byhttps://aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769 CertificateIssuerGoogle Trust Services LLC Subjectmtowaasep.com Fingerprint5D:E6:37:D9:57:33:43:61:52:DB:1E:93:73:3D:6F:FC:75:6F:CC:16 ValidityFri, 01 Dec 2023 12:34:27 GMT - Thu, 29 Feb 2024 12:34:26 GMT
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators Hash40b3fc14254227ec5012d996bf90c4e1 b0dd06eb5a779151151101337889ff09953f8ac0 740816c1b61e4a8443c26d30d3eecfea04815fca8cd605a142f9d8a35f86ceca
| Analyzer | Verdict | Alert |
|---|
| urlquery | scam | Scam - Fake AntiVirus / Security software |
GET /favicon.ico HTTP/1.1
Host: aseer.mtowaasep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Thu, 07 Dec 2023 08:33:51 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xdt7FqjNafWjFHQL%2FquXH3eupE1TddRnoHbU2j609zjU2moOmCkqk2zngv0EXaj4lv%2FX1RjaYLJGU1QVhrCBZLZUQ81CkIz3G8LSB5kIuzNF5Vj03%2BlcrpEEZy3nva5PoPPv%2BAeV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831b6d16eff45685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769 | 104.21.61.196 | 200 OK | 10 kB |
URL User Request GET HTTP/2aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769 IP104.21.61.196:443
CertificateIssuerGoogle Trust Services LLC Subjectmtowaasep.com Fingerprint5D:E6:37:D9:57:33:43:61:52:DB:1E:93:73:3D:6F:FC:75:6F:CC:16 ValidityFri, 01 Dec 2023 12:34:27 GMT - Thu, 29 Feb 2024 12:34:26 GMT
File typeHTML document, ASCII text, with very long lines (10482), with no line terminators Hash1025857932908193729ddbe440b6a84c a10d7b20fcac0c1fd52f8dbe4c0979e8cda38644 27c788474e8de5020c07016ebcb567d2772ae5ecd37d7f56854c25431e56377e
GET /ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769 HTTP/1.1
Host: aseer.mtowaasep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 07 Dec 2023 08:33:48 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1eoqvYqwMsdRUkSMah7rl6mpTJO0nxdpktDb16%2B%2FNbuD8oSSGWXA9kj1yGuyXXnrYmthSDefEBYtofr79MYaHm%2FDEl4A8AnQO6SekJIWmiMTNJyeLYRZFLSMZzJhYpRziOHbLN7A"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831b6d085c3656a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/cross.png | 104.21.61.196 | 200 OK | 44 kB |
URL GET HTTP/3aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/cross.png IP104.21.61.196:443
Requested byhttps://aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769 CertificateIssuerGoogle Trust Services LLC Subjectmtowaasep.com Fingerprint5D:E6:37:D9:57:33:43:61:52:DB:1E:93:73:3D:6F:FC:75:6F:CC:16 ValidityFri, 01 Dec 2023 12:34:27 GMT - Thu, 29 Feb 2024 12:34:26 GMT
File typePNG image data, 2080 x 2080, 8-bit/color RGBA, non-interlaced\012- data Hash4487a588bf2a07e3d1936d705c5ceefd db193b3e2ab9fbee6eae99ced2366b1ef5f16971 3821ef20f5904fdb993e34d87ff8fb9c5786a382efb0eeee8b4f00c91428b701
| Analyzer | Verdict | Alert |
|---|
| urlquery | scam | Scam - Fake AntiVirus / Security software |
GET /ijskaxajskdjkasdkas/wos/cross.png HTTP/1.1
Host: aseer.mtowaasep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aseer.mtowaasep.com/ijskaxajskdjkasdkas/wos/?t=(0101)-50555-94769
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 07 Dec 2023 08:33:49 GMT
content-type: image/png
content-length: 44098
last-modified: Fri, 01 Dec 2023 20:27:48 GMT
etag: "656a41c4-ac42"
expires: Sat, 06 Jan 2024 08:33:49 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ug4Mb%2B3hAxOjtYB1Dq%2FjdtUeE6YA%2B0to7gym9G1jK%2Bv0sBieiPgpCrsExYomM%2FscdCs%2BfsyRLVz0hC3iu5EQS8nNKsUnMAT%2BjVfiZIpYUFlYO1jMOX1VbEc5xQyPcuQOo3WdU5RI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831b6d0b0a705685-OSL
alt-svc: h3=":443"; ma=86400
|
|