Report - qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01?phone=(0101)-50555-94769&

Report Overview

Visited public
2023-12-07 16:46:50
Tags
fake_software scam
URL
qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01?phone=(0101)-50555-94769&
Finishing URL
qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
IP / ASN
172.67.219.36
#13335 CLOUDFLARENET
Title
コンピューターエラー00r コード#B81TS100d83
Scam - Fake AntiVirus / Security software

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
code.jquery.com	634	2005-12-10	2012-05-21 19:28:02	2023-12-07 07:59:32	423 B	28 kB	151.101.194.137
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-12-07 08:07:58	436 B	90 kB	142.250.74.168
qname.oweesnm.com	unknown	2023-12-01	2023-12-01 11:45:33	2023-12-07 08:31:52	19 kB	2.4 MB	104.21.67.90
ocsp.usertrust.com	899	1997-12-05	2012-05-21 17:43:18	2023-12-06 13:14:13	342 B	823 B	172.64.149.23
ipwho.is	unknown	2022-01-29	2020-06-08 13:52:47	2023-12-05 13:04:26	438 B	928 B	195.201.57.90

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-12-07 16:46:39	medium	Client IP	Internal IP	ET INFO External IP Lookup Domain in DNS Lookup (ipwho .is)
2023-12-07 16:46:39	medium	Client IP	Internal IP	ET INFO External IP Lookup Domain in DNS Lookup (ipwho .is)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-12-07	medium	qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01?phone=(0101)-50555-94769&	Office365

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (18)

	URL	From	Size	First Seen	Last Seen
	unknown	ScriptElement	29 B	2024-08-20	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 16:27 Last Seen2024-08-20 16:27 Times Seen1 Hash 29f7b9a3ffe0ca816a56d944fa053df1 534234c3547affff0194f1a87b208d8ff9b988c2 2b9dece71bbcdf5c0a129e81a8249a538bc0c9151161007158d68fdea8c849ca Loading...

	qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&	ScriptElement	120 B	2023-03-07	2025-05-10
Pretty URL qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769& IP 104.21.67.90 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:11 Last Seen2025-05-10 22:27 Times Seen1802 Hash fb5ce230a20baf9bce84978701f34a28 bc1166d544f12f34e387980cd8c8e9abd111f579 1e1dc4934ec57af1a5653b1b8564edffc6e887db27ea7b1064d3c3f0e5a788f7 Loading...

	qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&	ScriptElement	153 B	2023-03-07	2024-08-21
Pretty URL qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769& IP 104.21.67.90 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:14 Last Seen2024-08-21 09:37 Times Seen322 Hash 9137b98341083aee1bb7d37390d413dc 5980264c8aea8736bdac95312317f1c3d99139ef 78046f3ea9749a9db4de7041abda950750fedb4317c1b8f10ecbfff76ce85d56 Loading...

	qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&	ScriptElement	728 B	2023-09-19	2024-08-21
Pretty URL qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769& IP 104.21.67.90 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-19 04:54 Last Seen2024-08-21 06:23 Times Seen32 Hash 31a60c7c3566494decc69242c94104c0 c5889624a86a9e8e8b8e8f2ea4414bcc9f6da063 7c26ea376a4bd99032172c5836ebbfead68b4f8d4b56b4cd57f42e116ed39493 Loading...

	qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&	ScriptElement	478 B	2023-05-22	2024-08-21
Pretty URL qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769& IP 104.21.67.90 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-22 20:33 Last Seen2024-08-21 06:23 Times Seen85 Hash 2abe02239036c6ee802124310daa80ea 674449171b7d779bf32d8a660fac1387676921d8 048ce6af2cbade70e606d186e2b1bcfdd612281349ee11d724990d813a5e5326 Loading...

	code.jquery.com/jquery-1.4.4.min.js	ScriptElement	79 kB	2023-03-07	2025-05-11
Pretty URL code.jquery.com/jquery-1.4.4.min.js IP 151.101.194.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10 Last Seen2025-05-11 09:54 Times Seen4870 Hash 73a9c334c5ca71d70d092b42064f6476 b75990598ee8d3895448ed9d08726af63109f842 517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c Loading...

	qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&	ScriptElement	21 B	2023-03-07	2025-04-30
Pretty URL qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769& IP 104.21.67.90 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-04-30 14:41 Times Seen1187 Hash 011a84e54de113cd8bee0e17ae8aa515 e84b14b6ec396b1ab045b7e667f90536cd5c6083 13fcca4523b328c51789df37af5275739fd57abf684e5d3658e7d69210f9ec53 Loading...

	qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/jupiter.js	ScriptElement	503 B	2023-03-07	2025-05-10
Pretty URL qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/jupiter.js IP 104.21.67.90 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-10 22:27 Times Seen4282 Hash cd6c33fbc221d0271c910af910e6ebed 9b52f24d6f10b885bb19db1c4b531469f96d2914 318698ae5e67c32550d6b40ac09848d598f6317f51a8f09638ba925f6e7cc479 Loading...

	unknown	EventHandler	19 B	2023-04-10	2025-05-10
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-10 16:23 Last Seen2025-05-10 22:27 Times Seen7895 Hash 57381d43f260aa3b8c47820ca38655a3 8d087b53d91f8e3ff0def7d1d94a6dada72fac79 35b90e4b54b87ed6cd2b439eac195f9eb59e731e17248c95fb1e26e15d61f943 Loading...

	qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/nvidia.js	ScriptElement	2.1 kB	2023-09-20	2024-08-21
Pretty URL qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/nvidia.js IP 104.21.67.90 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-20 14:54 Last Seen2024-08-21 06:14 Times Seen25 Hash 14a4a955dd45070774964890a45da077 cd954c10f6f681724d5b383a6922a4707316b5ad 2b63d60986df43fb0cdb9915ee4ca5db82220f0b4c52db86b860192fba3aa1a7 Loading...

	www.googletagmanager.com/gtag/js?id=G-GZ2WHBX513	ScriptElement	263 kB	2023-12-07	2023-12-07
Pretty URL www.googletagmanager.com/gtag/js?id=G-GZ2WHBX513 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-07 17:46 Last Seen2023-12-07 17:46 Times Seen1 Hash 4bd74f438c66b40bff6d84b119987b8b 0fe2da5304d3ba1694f5d1b1ef709c3f0e0f1f61 c433db4aecd7cc01505509140b90a4911d29d4fc6162b4fe99c87fc588da2278 Loading...

	qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&	ScriptElement	12 B	2023-03-07	2025-05-10
Pretty URL qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769& IP 104.21.67.90 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:59 Last Seen2025-05-10 22:32 Times Seen386 Hash 9cf7ef8f0076ec8f655651e4ad413566 0e10ff7142aa51d499ce2ce2cdf109babfbbaba2 cdacd64d1d17162d63221382039cf25948c5df5b804b5984311a1e81b0d3ea95 Loading...

	qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&	ScriptElement	13 B	2023-09-20	2024-08-21
Pretty URL qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769& IP 104.21.67.90 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-20 14:54 Last Seen2024-08-21 06:14 Times Seen27 Hash 6c26123e9f6454cd43d6e16612721ebc 926f45b6cdc652e1d58aec635f50f65d0826ea8a 8caba8f7feb660810621e8a54b1de7931b6d8dd9224dca271cf6625fe56a92ef Loading...

	qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&	ScriptElement	11 B	2023-03-07	2025-04-11
Pretty URL qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769& IP 104.21.67.90 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 13:48 Last Seen2025-04-11 04:43 Times Seen44 Hash 494042cce2c8b7a453154e1a43cd2357 bdaa7fdb3f4fd1a3bb4cc6c8140d50895ece4b8b 289fd79fe3bb723f2726e117a8105dbe4f93828b6e6f035f481ed04dd928371b Loading...

	qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/jscode.js	ScriptElement	5.8 kB	2023-09-20	2023-12-07
Pretty URL qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/jscode.js IP 104.21.67.90 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-20 14:54 Last Seen2023-12-07 17:46 Times Seen17 Hash b2f9eb5fc68aff9e3cbcedb09bb5e619 355a11567ae9ea94b1c9ae6991a6e3d195b0c729 2d3925cb64216249a26889744c08cbb37f4c56f0a224fdd4e264623a31b48a32 Loading...

	qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&	ScriptElement	6 B	2023-03-08	2025-04-29
Pretty URL qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769& IP 104.21.67.90 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 13:35 Last Seen2025-04-29 16:40 Times Seen50 Hash 74773fba4937369782a559ee0dea974f 2aa96fc31260708da5dfc1e21dc7c9020e641614 3b3fd0f9b57145c158d1ac6080ad487180fc78b849c76cbb369928333d6bf6d5 Loading...

	qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&	ScriptElement	3 B	2023-03-07	2025-04-29
Pretty URL qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769& IP 104.21.67.90 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:58 Last Seen2025-04-29 09:32 Times Seen106 Hash 0d43126fad68fe2c979d6a117ae97cc5 79598fd5a47cd4cd6abf84a090310f1ef6b2977b fc1fd07c7cc51c082eca5bbb70fec30c863b608b78ba6913e39165433972c386 Loading...

		Size	First Seen	Last Seen
	#1 Write - 5e495b31ae26132e1d1b927619102d4c	18 B	2023-11-02 11:53	2024-08-20 21:23
Pretty Observations First Seen2023-11-02 11:53 Last Seen2024-08-20 21:23 Times Seen151 Hash 5e495b31ae26132e1d1b927619102d4c 06aef2913469890c92f2c4d3bc1c56bd959e33fc 107a36c139dfc605a6848adc3417d797c6658e0b1099993b97017e7406f3e0c8 Loading...

HTTP Transactions (37)

URL IP Response Size

code.jquery.com/jquery-1.4.4.min.js

151.101.194.137

200 OK

27 kB

URL GET HTTP/2
code.jquery.com/jquery-1.4.4.min.js
IP
151.101.194.137:443
ASN
#54113 FASTLY

Requested by
https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (820)
Size
27 kB (27078 bytes)
Hash
73a9c334c5ca71d70d092b42064f6476
b75990598ee8d3895448ed9d08726af63109f842
517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c

HTTP Headers

GET /jquery-1.4.4.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qname.oweesnm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-13309"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 07 Dec 2023 16:46:33 GMT
age: 3840209
x-served-by: cache-lga21980-LGA, cache-bma1622-BMA
x-cache: HIT, HIT
x-cache-hits: 8715, 5
x-timer: S1701967593.176123,VS0,VE0
vary: Accept-Encoding
content-length: 27078
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-GZ2WHBX513

142.250.74.168

200 OK

89 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-GZ2WHBX513
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (5955)
Size
89 kB (89403 bytes)
Hash
4bd74f438c66b40bff6d84b119987b8b
0fe2da5304d3ba1694f5d1b1ef709c3f0e0f1f61
c433db4aecd7cc01505509140b90a4911d29d4fc6162b4fe99c87fc588da2278

HTTP Headers

GET /gtag/js?id=G-GZ2WHBX513 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qname.oweesnm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 07 Dec 2023 16:46:33 GMT
expires: Thu, 07 Dec 2023 16:46:33 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 89403
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01?phone=(0101)-50555-94769&

104.21.67.90

301 Moved Permanently

526 B

URL User Request GET HTTP/2
qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01?phone=(0101)-50555-94769&
IP
104.21.67.90:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectoweesnm.com
Fingerprint26:56:05:7F:27:6B:18:A4:19:9C:DF:48:04:7E:9B:27:67:ED:4D:61
ValidityFri, 01 Dec 2023 05:52:30 GMT - Thu, 29 Feb 2024 05:52:29 GMT

File type
data
Size
526 B (526 bytes)
Hash
e7223b5de4781c16b849e2bcf6fdc978
36d0f4c1c5698128033c004335b259b805694f07
623e70fb1e836fd4465288775be3b552b75ef40b61d67ab5ac50088272601077

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365

HTTP Headers

GET /akjsskjnxnskjnanknm/werrx01?phone=(0101)-50555-94769& HTTP/1.1
Host: qname.oweesnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Thu, 07 Dec 2023 16:46:32 GMT
content-type: text/html
location: https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jElKmPqzYgLI8aAwGBlULLzpLXF369f%2Bhaq59lpLVHyJIbFTMVnFeXu97%2BoeH8yUly7qxMpqeQzm0jJd4BFmoq63PkzO9kLRg0Jfr1EFTG0uP1ONosxmecExHz3vMCpQEDOqkg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831e3ecb998856c5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/mnc.png

104.21.67.90

200 OK

187 B

URL GET HTTP/3
qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/mnc.png
IP
104.21.67.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Certificate
IssuerGoogle Trust Services LLC
Subjectoweesnm.com
Fingerprint26:56:05:7F:27:6B:18:A4:19:9C:DF:48:04:7E:9B:27:67:ED:4D:61
ValidityFri, 01 Dec 2023 05:52:30 GMT - Thu, 29 Feb 2024 05:52:29 GMT

File type
PNG image data, 140 x 30, 1-bit colormap, non-interlaced\012- data
Size
187 B (187 bytes)
Hash
271021cfa45940978184be0489841fd3
201030af9b1bc5d3c8d453efbfdf89b68d6c1be5
c5a324f181af16879b6c4c52b731b23392f2816def159b157c4de620cff1cd41

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /akjsskjnxnskjnanknm/werrx01/mnc.png HTTP/1.1
Host: qname.oweesnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 07 Dec 2023 16:46:33 GMT
content-type: image/png
content-length: 187
last-modified: Fri, 01 Dec 2023 06:39:59 GMT
etag: "65697fbf-bb"
expires: Sat, 06 Jan 2024 16:46:33 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uHO9akO267kZ4mrTzlNzjChXcsld9bltCgIOKD6GvIw73LvJCyaIPFR740YrNt3bR04esgUBTM70atfOYbf9TWp43bYwFhh1Bu0gG77GLGhQwjRvrdUhZMDHgY9Opqb1v2GUjg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831e3ed10b81568e-OSL
alt-svc: h3=":443"; ma=86400

qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/bel.png

104.21.67.90

200 OK

276 B

URL GET HTTP/3
qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/bel.png
IP
104.21.67.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Certificate
IssuerGoogle Trust Services LLC
Subjectoweesnm.com
Fingerprint26:56:05:7F:27:6B:18:A4:19:9C:DF:48:04:7E:9B:27:67:ED:4D:61
ValidityFri, 01 Dec 2023 05:52:30 GMT - Thu, 29 Feb 2024 05:52:29 GMT

File type
PNG image data, 13 x 13, 8-bit colormap, non-interlaced\012- data
Size
276 B (276 bytes)
Hash
7616d96c388301e391653647e1f5f057
b1868c8f0f46309a8e26f584ac82000d54c06ecd
4c1606563842cce5f1788329d4417ae3618b33c6365c56a7122439b6ab45c977

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /akjsskjnxnskjnanknm/werrx01/bel.png HTTP/1.1
Host: qname.oweesnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 07 Dec 2023 16:46:33 GMT
content-type: image/png
content-length: 276
last-modified: Fri, 01 Dec 2023 06:39:59 GMT
etag: "65697fbf-114"
expires: Sat, 06 Jan 2024 16:46:33 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=829yedereQ7IdUgSW%2Fhej2BNESFMrFnxy5CHZYmTE2fxTVYGD6293BXFomRJrUIE%2FRAq7NOTLcnvyxxfV33cjWPmjsakq2UFzd%2FT8uwTM0s%2BtzG9%2BX0Z4FQD4T76MOWXJ%2Bmh%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831e3ed10b8f568e-OSL
alt-svc: h3=":443"; ma=86400

qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/msmm.png

104.21.67.90

200 OK

168 B

URL GET HTTP/3
qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/msmm.png
IP
104.21.67.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Certificate
IssuerGoogle Trust Services LLC
Subjectoweesnm.com
Fingerprint26:56:05:7F:27:6B:18:A4:19:9C:DF:48:04:7E:9B:27:67:ED:4D:61
ValidityFri, 01 Dec 2023 05:52:30 GMT - Thu, 29 Feb 2024 05:52:29 GMT

File type
PNG image data, 31 x 30, 4-bit colormap, non-interlaced\012- data
Size
168 B (168 bytes)
Hash
acb05ebcd5f488fc99169cff02b6dd04
dca893a7b514503e947a57aa072482a0e0cba912
1ab5ef4e7e196cb1ff39df44e1a0a39f6880b906ef6fd6da3cfdbb92ffd33115

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /akjsskjnxnskjnanknm/werrx01/msmm.png HTTP/1.1
Host: qname.oweesnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 07 Dec 2023 16:46:33 GMT
content-type: image/png
content-length: 168
last-modified: Fri, 01 Dec 2023 06:39:54 GMT
etag: "65697fba-a8"
expires: Sat, 06 Jan 2024 16:46:33 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DiQ1Q3s0K3WwU21Pg1wW57SLcq1JI%2F0Sl27FJkfpTU%2FMpeA4yBB98knYNTUfrbP4PT3Cd8IPg8T0GZy7JXUFMpE4QcWjE9LijVKHf%2BD%2FaXWaTJvrQzg6m9myyQskfItIYEz7aA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831e3ed10b84568e-OSL
alt-svc: h3=":443"; ma=86400

qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/vsc.png

104.21.67.90

200 OK

722 B

URL GET HTTP/3
qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/vsc.png
IP
104.21.67.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Certificate
IssuerGoogle Trust Services LLC
Subjectoweesnm.com
Fingerprint26:56:05:7F:27:6B:18:A4:19:9C:DF:48:04:7E:9B:27:67:ED:4D:61
ValidityFri, 01 Dec 2023 05:52:30 GMT - Thu, 29 Feb 2024 05:52:29 GMT

File type
PNG image data, 128 x 128, 1-bit colormap, non-interlaced\012- data
Size
722 B (722 bytes)
Hash
42d8f2cc1ae5759c2369f255f36ebc03
8e592162eec14e72d0a751d714a641dbece91f6b
31c6dbe9d867436244f38566adad57e3870f4c8489c6804280eb564bfac5c1bd

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /akjsskjnxnskjnanknm/werrx01/vsc.png HTTP/1.1
Host: qname.oweesnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 07 Dec 2023 16:46:33 GMT
content-type: image/png
content-length: 722
last-modified: Fri, 01 Dec 2023 06:39:52 GMT
etag: "65697fb8-2d2"
expires: Sat, 06 Jan 2024 16:46:33 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M2Wu%2FlEWiNINcuySNKCwUlOgZlS3wZnmMu4UBddEG8v6GHAXz03J98%2FayMr%2Bnz%2B3m9VrB0bIt6Da9%2BCFHgcYOfo8PyfjrzaRNLWpMUmEEOrioFxhEi4Hw2Jzn%2BfEdaJ47L%2FLhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831e3ed10b8b568e-OSL
alt-svc: h3=":443"; ma=86400

qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/pcm.png

104.21.67.90

200 OK

1.3 kB

URL GET HTTP/3
qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/pcm.png
IP
104.21.67.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Certificate
IssuerGoogle Trust Services LLC
Subjectoweesnm.com
Fingerprint26:56:05:7F:27:6B:18:A4:19:9C:DF:48:04:7E:9B:27:67:ED:4D:61
ValidityFri, 01 Dec 2023 05:52:30 GMT - Thu, 29 Feb 2024 05:52:29 GMT

File type
PNG image data, 166 x 92, 4-bit colormap, non-interlaced\012- data
Size
1.3 kB (1270 bytes)
Hash
05cdf1a2c2fc8f07bea0a8f4f9356637
b7bbd626d1d6c832509e820cae1d971b34f625e6
afe332157f4efe355f3181284e99f4331c4d19703ed1678b5316d2933f95e98e

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /akjsskjnxnskjnanknm/werrx01/pcm.png HTTP/1.1
Host: qname.oweesnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 07 Dec 2023 16:46:33 GMT
content-type: image/png
content-length: 1270
last-modified: Fri, 01 Dec 2023 06:39:57 GMT
etag: "65697fbd-4f6"
expires: Sat, 06 Jan 2024 16:46:33 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3BkxDXgOWNnFpqUMyzX1omaISQMeeYgQLz1NGthjASOiI8FJXzsEQSPgWVROms5Bx4WRfmE7hyGYcVDpu%2BbHLYVJhPjJtSgyvvYxCR9HrOw05oKK1niLm1wyLZQ0JYH2RkvpDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831e3ed11ba7568e-OSL
alt-svc: h3=":443"; ma=86400

qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/dm.png

104.21.67.90

200 OK

332 B

URL GET HTTP/3
qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/dm.png
IP
104.21.67.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Certificate
IssuerGoogle Trust Services LLC
Subjectoweesnm.com
Fingerprint26:56:05:7F:27:6B:18:A4:19:9C:DF:48:04:7E:9B:27:67:ED:4D:61
ValidityFri, 01 Dec 2023 05:52:30 GMT - Thu, 29 Feb 2024 05:52:29 GMT

File type
PNG image data, 100 x 100, 1-bit colormap, non-interlaced\012- data
Size
332 B (332 bytes)
Hash
9d8a90a63d20f05d27e5d6abb35e0cd0
5873b4007e9d55b4d891a4c427b3735ed23dbfe8
7df9f467d23ee1887edb2123cca10a1a9c4624cdcf7199c64e78a8430031f9f5

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /akjsskjnxnskjnanknm/werrx01/dm.png HTTP/1.1
Host: qname.oweesnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 07 Dec 2023 16:46:33 GMT
content-type: image/png
content-length: 332
last-modified: Fri, 01 Dec 2023 06:39:58 GMT
etag: "65697fbe-14c"
expires: Sat, 06 Jan 2024 16:46:33 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BFzJpvb36hz4DnEmNEBiFhr7SxGwnngol20LFAoRjPAazlc9lbWI%2FNKmgTsI08odi0JInfMQf%2FIvY75epY7730EGSUNUdvReICKYuw%2FoxtlgPaXJvPjvP2QYfyBxRINCIgYsww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831e3ed11bac568e-OSL
alt-svc: h3=":443"; ma=86400

qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/cs.png

104.21.67.90

200 OK

2.7 kB

URL GET HTTP/3
qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/cs.png
IP
104.21.67.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Certificate
IssuerGoogle Trust Services LLC
Subjectoweesnm.com
Fingerprint26:56:05:7F:27:6B:18:A4:19:9C:DF:48:04:7E:9B:27:67:ED:4D:61
ValidityFri, 01 Dec 2023 05:52:30 GMT - Thu, 29 Feb 2024 05:52:29 GMT

File type
PNG image data, 520 x 520, 8-bit colormap, non-interlaced\012- data
Size
2.7 kB (2681 bytes)
Hash
b01a30d354bfcf51edf33e0b0ea07402
c421359518d1ae258237bf501c563b7f059f8b9b
b67a7c07a045d7cb0f2e216a557aec0d99405e17c36d1a6b1ff3e2733aa35348

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /akjsskjnxnskjnanknm/werrx01/cs.png HTTP/1.1
Host: qname.oweesnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 07 Dec 2023 16:46:33 GMT
content-type: image/png
content-length: 2681
last-modified: Fri, 01 Dec 2023 06:40:01 GMT
etag: "65697fc1-a79"
expires: Sat, 06 Jan 2024 16:46:33 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=081jOrjkZmKJfwdyqTxO5T2GvCi2RtTOCyi7H6TpSaYPOSluGMbePCNq%2FGjNxZ%2BVHcpplLvOXhzAE7UlESUT3SdAYssemdrl2bP9yQeyXmRGibej7eJ2wJDK%2Bi7%2Fz5%2FggPeKmw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831e3ed11bae568e-OSL
alt-svc: h3=":443"; ma=86400

qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/re.gif

104.21.67.90

200 OK

15 kB

URL GET HTTP/3
qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/re.gif
IP
104.21.67.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Certificate
IssuerGoogle Trust Services LLC
Subjectoweesnm.com
Fingerprint26:56:05:7F:27:6B:18:A4:19:9C:DF:48:04:7E:9B:27:67:ED:4D:61
ValidityFri, 01 Dec 2023 05:52:30 GMT - Thu, 29 Feb 2024 05:52:29 GMT

File type
GIF image data, version 89a, 193 x 71\012- data
Size
15 kB (14751 bytes)
Hash
6fcb78e0cd7933a70eea2cf071f82118
70364bffd62fe33360abe70ecc7f7c0541b3b54c
4b436b0b6a47db85c88f83dc3fe3fd9a96c0a4018b28832165df929dffe0bc86

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /akjsskjnxnskjnanknm/werrx01/re.gif HTTP/1.1
Host: qname.oweesnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 07 Dec 2023 16:46:33 GMT
content-type: image/gif
content-length: 14751
last-modified: Fri, 01 Dec 2023 06:40:00 GMT
etag: "65697fc0-399f"
expires: Sat, 06 Jan 2024 16:46:33 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ABKGAamgd39QY%2F8ci%2BYbw9Eg6DM3f6d1AomX7%2BGEBpJLVdbCExHp9Ms4RJazBDcshs6TvtWCcU8skCV4wgdKurBDliCMlpA8Q3MtsHE939WHXkktMV9Ds67%2FbX9uwp61ruyocw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831e3ed12bbe568e-OSL
alt-svc: h3=":443"; ma=86400

ocsp.usertrust.com/

172.64.149.23

282 B

URL
ocsp.usertrust.com/
IP
172.64.149.23:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
282 B (282 bytes)
Hash
8666cf051c1e35d45c02946c400e93e4
c4f2943322fd3f208f94d67eca415a90e08742ea
d76f2a6168f48e3d6fd2a68fa54c5f9952ceb6e6971a05c78ffc54df4fb122f1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 07 Dec 2023 16:46:33 GMT
Content-Type: application/ocsp-response
Content-Length: 282
Connection: keep-alive
Last-Modified: Tue, 05 Dec 2023 01:02:32 GMT
Expires: Tue, 12 Dec 2023 01:02:31 GMT
Etag: "c4f2943322fd3f208f94d67eca415a90e08742ea"
Cache-Control: max-age=441491,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 831e3ed4ad27b4f4-OSL

qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/jscode.js

104.21.67.90

200 OK

2.4 kB

URL GET HTTP/3
qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/jscode.js
IP
104.21.67.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Certificate
IssuerGoogle Trust Services LLC
Subjectoweesnm.com
Fingerprint26:56:05:7F:27:6B:18:A4:19:9C:DF:48:04:7E:9B:27:67:ED:4D:61
ValidityFri, 01 Dec 2023 05:52:30 GMT - Thu, 29 Feb 2024 05:52:29 GMT

File type
ASCII text, with CRLF line terminators
Size
2.4 kB (2362 bytes)
Hash
b2f9eb5fc68aff9e3cbcedb09bb5e619
355a11567ae9ea94b1c9ae6991a6e3d195b0c729
2d3925cb64216249a26889744c08cbb37f4c56f0a224fdd4e264623a31b48a32

HTTP Headers

GET /akjsskjnxnskjnanknm/werrx01/jscode.js HTTP/1.1
Host: qname.oweesnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 07 Dec 2023 16:46:33 GMT
content-type: application/javascript
last-modified: Fri, 01 Dec 2023 06:39:55 GMT
vary: Accept-Encoding
etag: W/"65697fbb-1695"
expires: Sat, 06 Jan 2024 16:46:33 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bj3nFqseqW3MKIR%2FP03gqZRgOQKUQJQf7X9ylPeLVR8DxR5glZ1nVq9n%2Fy%2BT2OrIXEr5J7R8IU6rK%2FYoy99bt0FHFv6iaSsUfHiw23JBqjg2j8qqf%2BNtW0CxKNb8yEUSnjskjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831e3ed12bc3568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/bx1.png

104.21.67.90

200 OK

99 kB

URL GET HTTP/3
qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/bx1.png
IP
104.21.67.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Certificate
IssuerGoogle Trust Services LLC
Subjectoweesnm.com
Fingerprint26:56:05:7F:27:6B:18:A4:19:9C:DF:48:04:7E:9B:27:67:ED:4D:61
ValidityFri, 01 Dec 2023 05:52:30 GMT - Thu, 29 Feb 2024 05:52:29 GMT

File type
PNG image data, 1056 x 908, 8-bit/color RGBA, non-interlaced\012- data
Size
99 kB (99389 bytes)
Hash
6b11ad15da74888bea9095007a9f7dd6
e0bc4a256c552041a88fdaf1a33e8f6494fcfd78
93ab9ddc223156f5f4ba7ff8fc14a885e9b5946fc10917571022d7c2d9a08886

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /akjsskjnxnskjnanknm/werrx01/bx1.png HTTP/1.1
Host: qname.oweesnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 07 Dec 2023 16:46:33 GMT
content-type: image/png
content-length: 99389
last-modified: Fri, 01 Dec 2023 06:40:01 GMT
etag: "65697fc1-1843d"
expires: Sat, 06 Jan 2024 16:46:33 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2FPiPNOAbkC2fqFyADGWOSQVDbGUNogfUUcFIdHdMlFKuALDCo2bM3sSQSahOYAAyd5VLDDe1rjSWiF9CGHFLn%2FlKAYMgwsDgjMYOYYP6wcO7YBrlKcsh99xPneugDo6EzBkYA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831e3ed10b8e568e-OSL
alt-svc: h3=":443"; ma=86400

qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/bg.png

104.21.67.90

200 OK

463 kB

URL GET HTTP/3
qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/bg.png
IP
104.21.67.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Certificate
IssuerGoogle Trust Services LLC
Subjectoweesnm.com
Fingerprint26:56:05:7F:27:6B:18:A4:19:9C:DF:48:04:7E:9B:27:67:ED:4D:61
ValidityFri, 01 Dec 2023 05:52:30 GMT - Thu, 29 Feb 2024 05:52:29 GMT

File type
PNG image data, 1920 x 4340, 8-bit colormap, non-interlaced\012- data
Size
463 kB (462770 bytes)
Hash
ab996ed3b126f2b5f0c1f214b96afe7a
77223f12976d20e06058fe40040e261bd5688f39
4eaf7b7f53ea1a27a22bae168f560d9dc78dc2e2185162be9ee4db59e1e1065a

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /akjsskjnxnskjnanknm/werrx01/bg.png HTTP/1.1
Host: qname.oweesnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 07 Dec 2023 16:46:33 GMT
content-type: image/png
content-length: 462770
last-modified: Fri, 01 Dec 2023 06:40:02 GMT
etag: "65697fc2-70fb2"
expires: Sat, 06 Jan 2024 16:46:33 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=82U7Rd5X5pUKkEn0SE%2FvElmRFSqODA%2BM6zLH88PcKKC5jHU3FNXvChoC5lafgbvsIhfELu8AdgfFj3kiM98uqbPLZYLiO6ULbQi4LCTHgKPJm6ulLZN2yNpgZCy4HjV3M6C7Hw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831e3ed0fb80568e-OSL
alt-svc: h3=":443"; ma=86400

qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/msmm.png

104.21.67.90

200 OK

168 B

URL GET HTTP/3
qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/msmm.png
IP
104.21.67.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Certificate
IssuerGoogle Trust Services LLC
Subjectoweesnm.com
Fingerprint26:56:05:7F:27:6B:18:A4:19:9C:DF:48:04:7E:9B:27:67:ED:4D:61
ValidityFri, 01 Dec 2023 05:52:30 GMT - Thu, 29 Feb 2024 05:52:29 GMT

File type
PNG image data, 31 x 30, 4-bit colormap, non-interlaced\012- data
Size
168 B (168 bytes)
Hash
acb05ebcd5f488fc99169cff02b6dd04
dca893a7b514503e947a57aa072482a0e0cba912
1ab5ef4e7e196cb1ff39df44e1a0a39f6880b906ef6fd6da3cfdbb92ffd33115

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /akjsskjnxnskjnanknm/werrx01/msmm.png HTTP/1.1
Host: qname.oweesnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Cookie: _ga_GZ2WHBX513=GS1.1.1701967600.1.0.1701967600.0.0.0; _ga=GA1.1.1837651493.1701967600
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 07 Dec 2023 16:46:34 GMT
content-type: image/png
content-length: 168
last-modified: Fri, 01 Dec 2023 06:39:54 GMT
etag: "65697fba-a8"
expires: Sat, 06 Jan 2024 16:46:33 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wn2TpgOLNwhm9McwLnllGLBDNfLllf3SyqBfi%2F5rNBq6FdtOHQEpQW19sEl5k4H7OAdz9ZYd3RthPfBPDTBfXs67c9ISvTS2aBIuAWRDAZrgEfeEbkKH9DNsUXDx0ufsxtDVVA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831e3ed83ce9568e-OSL
alt-svc: h3=":443"; ma=86400

qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/Fm7-alert.wav

104.21.67.90

206 Partial Content

1.7 MB

URL GET HTTP/3
qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/Fm7-alert.wav
IP
104.21.67.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Certificate
IssuerGoogle Trust Services LLC
Subjectoweesnm.com
Fingerprint26:56:05:7F:27:6B:18:A4:19:9C:DF:48:04:7E:9B:27:67:ED:4D:61
ValidityFri, 01 Dec 2023 05:52:30 GMT - Thu, 29 Feb 2024 05:52:29 GMT

File type
RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 22050 Hz\012- data
Size
1.7 MB (1701582 bytes)
Hash
bc750f522d327ce9eb63b695fde55114
dc6c10cdd22508b588ef9289f4eaf80906f88058
9eba85aa63b0803a208db80410a234f1ee7525fabed2d39dabd9ad2307abb24b

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /akjsskjnxnskjnanknm/werrx01/Fm7-alert.wav HTTP/1.1
Host: qname.oweesnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 206 Partial Content
date: Thu, 07 Dec 2023 16:46:34 GMT
content-type: application/octet-stream
content-length: 1701582
last-modified: Fri, 01 Dec 2023 06:39:57 GMT
etag: "65697fbd-19f6ce"
content-range: bytes 0-1701581/1701582
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LWfjMnN9UAcOlo4aYceA43axtbiGC7BowHKJDZeOB28XtMo3HMI3XTo8%2FGSDsHjRUdPBaRrx0FrrhSs%2Buz62uRKQqkPlvFFFSSDbZXE9Vm9%2BFIRbPVh9spnpZegaZRJOJY0TNg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831e3ed4d8da568e-OSL
alt-svc: h3=":443"; ma=86400

qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/ai2.mp3

104.21.67.90

404 Not Found

146 B

URL GET HTTP/3
qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/ai2.mp3
IP
104.21.67.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Certificate
IssuerGoogle Trust Services LLC
Subjectoweesnm.com
Fingerprint26:56:05:7F:27:6B:18:A4:19:9C:DF:48:04:7E:9B:27:67:ED:4D:61
ValidityFri, 01 Dec 2023 05:52:30 GMT - Thu, 29 Feb 2024 05:52:29 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Size
146 B (146 bytes)
Hash
40b3fc14254227ec5012d996bf90c4e1
b0dd06eb5a779151151101337889ff09953f8ac0
740816c1b61e4a8443c26d30d3eecfea04815fca8cd605a142f9d8a35f86ceca

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /akjsskjnxnskjnanknm/werrx01/ai2.mp3 HTTP/1.1
Host: qname.oweesnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Thu, 07 Dec 2023 16:46:34 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F9KucZcpwfWM0YHou5UcvfqMSLgfDheR3QwPjeWKa0ycMFk1NxOdsl7z2eLgXuL4TvSlGsnJ%2BzsS9ejgAgF752GqEeWIlwGZOgl2cMaOSagfHvw180xMuskKtlG5igz10BEbdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831e3ed50910568e-OSL
alt-svc: h3=":443"; ma=86400

qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/w1.png

104.21.67.90

404 Not Found

146 B

URL GET HTTP/3
qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/w1.png
IP
104.21.67.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Certificate
IssuerGoogle Trust Services LLC
Subjectoweesnm.com
Fingerprint26:56:05:7F:27:6B:18:A4:19:9C:DF:48:04:7E:9B:27:67:ED:4D:61
ValidityFri, 01 Dec 2023 05:52:30 GMT - Thu, 29 Feb 2024 05:52:29 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Size
146 B (146 bytes)
Hash
40b3fc14254227ec5012d996bf90c4e1
b0dd06eb5a779151151101337889ff09953f8ac0
740816c1b61e4a8443c26d30d3eecfea04815fca8cd605a142f9d8a35f86ceca

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /akjsskjnxnskjnanknm/werrx01/w1.png HTTP/1.1
Host: qname.oweesnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Cookie: _ga_GZ2WHBX513=GS1.1.1701967600.1.0.1701967600.0.0.0; _ga=GA1.1.1837651493.1701967600
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Thu, 07 Dec 2023 16:46:37 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2gqi93t5uWHVP80%2F%2Fl8VZuRSDQv%2BgILufstlPVpgBatHLynBaZ%2FoHfjNGRKA4W1zdEYIV%2BBCMlQq0UlJTUTT7183lpT8Uzl2qibPuY1JErvYvALTWyYz83xeJ%2BoNlYz7glhFVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831e3eee8a63568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/w3.png

104.21.67.90

404 Not Found

146 B

URL GET HTTP/3
qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/w3.png
IP
104.21.67.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Certificate
IssuerGoogle Trust Services LLC
Subjectoweesnm.com
Fingerprint26:56:05:7F:27:6B:18:A4:19:9C:DF:48:04:7E:9B:27:67:ED:4D:61
ValidityFri, 01 Dec 2023 05:52:30 GMT - Thu, 29 Feb 2024 05:52:29 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Size
146 B (146 bytes)
Hash
40b3fc14254227ec5012d996bf90c4e1
b0dd06eb5a779151151101337889ff09953f8ac0
740816c1b61e4a8443c26d30d3eecfea04815fca8cd605a142f9d8a35f86ceca

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /akjsskjnxnskjnanknm/werrx01/w3.png HTTP/1.1
Host: qname.oweesnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Cookie: _ga_GZ2WHBX513=GS1.1.1701967600.1.0.1701967600.0.0.0; _ga=GA1.1.1837651493.1701967600
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Thu, 07 Dec 2023 16:46:38 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JC%2F3UxLULdXjywn8HBKhBk8hZTCOQivVCf1RPn5AxUFeO3bXw5d7OF5rnk9QjxWsuwqPjW2esLtoKUAD4O3gwop8HB99TEur02%2FiebE5HTRMPXeP1DmZuWvBAzpFfGlqLUaVQA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831e3ef4ca63568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/w3.png

104.21.67.90

404 Not Found

146 B

URL GET HTTP/3
qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/w3.png
IP
104.21.67.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Certificate
IssuerGoogle Trust Services LLC
Subjectoweesnm.com
Fingerprint26:56:05:7F:27:6B:18:A4:19:9C:DF:48:04:7E:9B:27:67:ED:4D:61
ValidityFri, 01 Dec 2023 05:52:30 GMT - Thu, 29 Feb 2024 05:52:29 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Size
146 B (146 bytes)
Hash
40b3fc14254227ec5012d996bf90c4e1
b0dd06eb5a779151151101337889ff09953f8ac0
740816c1b61e4a8443c26d30d3eecfea04815fca8cd605a142f9d8a35f86ceca

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /akjsskjnxnskjnanknm/werrx01/w3.png HTTP/1.1
Host: qname.oweesnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Cookie: _ga_GZ2WHBX513=GS1.1.1701967600.1.0.1701967600.0.0.0; _ga=GA1.1.1837651493.1701967600
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Thu, 07 Dec 2023 16:46:42 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 7
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bzT68p0XGTw%2BkG7VATzRpOeOiOlUh%2FtkDppxHktyXlodpkfK0Hp20geRGVgZaHzZoT5YCE1qiGg9ZU2Vi%2BTN8IGKHUt049Jmwj1wpxtN5yjN1Gfm8pk6FwgPwQtGId4%2F%2B%2FekmA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831e3f0dcf32568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&

104.21.67.90

200 OK

20 kB

URL User Request GET HTTP/2
qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
IP
104.21.67.90:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectoweesnm.com
Fingerprint26:56:05:7F:27:6B:18:A4:19:9C:DF:48:04:7E:9B:27:67:ED:4D:61
ValidityFri, 01 Dec 2023 05:52:30 GMT - Thu, 29 Feb 2024 05:52:29 GMT

File type

Size
20 kB (20346 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769& HTTP/1.1
Host: qname.oweesnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 07 Dec 2023 16:46:32 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FBH7YPg%2FcFER2xC%2B4NEkPRO7U65PX0s1MELIJlkDV7chYGuO52JLjaEHoOvidxRb5%2Bhy07SdlhXRHdYY%2FHr9vUOu%2BNxQ3BgehKB%2BEe0F%2BPNOkUJ8e%2BhX7ZrEAApE5jahVL9QGA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831e3ecdfcc956c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/jupiter.js

104.21.67.90

200 OK

503 B

URL GET HTTP/3
qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/jupiter.js
IP
104.21.67.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Certificate
IssuerGoogle Trust Services LLC
Subjectoweesnm.com
Fingerprint26:56:05:7F:27:6B:18:A4:19:9C:DF:48:04:7E:9B:27:67:ED:4D:61
ValidityFri, 01 Dec 2023 05:52:30 GMT - Thu, 29 Feb 2024 05:52:29 GMT

File type
ASCII text, with very long lines (545), with no line terminators
Size
503 B (503 bytes)
Hash
d64718a85daf432be5f8d3c9fe3a45bd
d1b2721f29e5a1a6e6344a53162f32c53eb98e1e
de0997f0917e44e1840ce9d82cc86fd7f6cae542f906c62d78ae71c6af0ee303

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /akjsskjnxnskjnanknm/werrx01/jupiter.js HTTP/1.1
Host: qname.oweesnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 07 Dec 2023 16:46:33 GMT
content-type: application/javascript
last-modified: Fri, 01 Dec 2023 06:39:54 GMT
vary: Accept-Encoding
etag: W/"65697fba-1f7"
expires: Sat, 06 Jan 2024 16:46:33 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kOUs%2BPyITpHOM8KBWSgLQWIkQ9e2qjx6Z5Kmky%2B65SE%2BsukVWhg732yO%2FPDN5o1GJgojWw8o%2FkxFfZq%2BqvouG%2BwKCYXcRPpZ1jk4%2BNfpd55%2Bt1NPaI1u82PkYD0nrWhbBkkHRg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831e3ed12bc2568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/w3.png

104.21.67.90

404 Not Found

146 B

URL GET HTTP/3
qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/w3.png
IP
104.21.67.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Certificate
IssuerGoogle Trust Services LLC
Subjectoweesnm.com
Fingerprint26:56:05:7F:27:6B:18:A4:19:9C:DF:48:04:7E:9B:27:67:ED:4D:61
ValidityFri, 01 Dec 2023 05:52:30 GMT - Thu, 29 Feb 2024 05:52:29 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Size
146 B (146 bytes)
Hash
40b3fc14254227ec5012d996bf90c4e1
b0dd06eb5a779151151101337889ff09953f8ac0
740816c1b61e4a8443c26d30d3eecfea04815fca8cd605a142f9d8a35f86ceca

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /akjsskjnxnskjnanknm/werrx01/w3.png HTTP/1.1
Host: qname.oweesnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Cookie: _ga_GZ2WHBX513=GS1.1.1701967600.1.0.1701967600.0.0.0; _ga=GA1.1.1837651493.1701967600
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Thu, 07 Dec 2023 16:46:36 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ius%2FPx13Z1hfoO8K0kjB8LXtaig9nb%2F4Vdy7tHeG34YqqrJ9T%2B4CO2VMSvpRFMEkjSNmz9M8DB7Rf817HvvCUOyOwUlQOHi5Ywr0ap0vuBKxXjRBoRcyJzC7BBXUxLH63fKiYA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831e3ee85a56568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/set.png

104.21.67.90

200 OK

364 B

URL GET HTTP/3
qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/set.png
IP
104.21.67.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Certificate
IssuerGoogle Trust Services LLC
Subjectoweesnm.com
Fingerprint26:56:05:7F:27:6B:18:A4:19:9C:DF:48:04:7E:9B:27:67:ED:4D:61
ValidityFri, 01 Dec 2023 05:52:30 GMT - Thu, 29 Feb 2024 05:52:29 GMT

File type
PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced\012- data
Size
364 B (364 bytes)
Hash
e144c3378090087c8ce129a30cb6cb4e
59da5466551de941d0215e45c54aa2ceaf436be1
b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /akjsskjnxnskjnanknm/werrx01/set.png HTTP/1.1
Host: qname.oweesnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 07 Dec 2023 16:46:33 GMT
content-type: image/png
content-length: 364
last-modified: Fri, 01 Dec 2023 06:39:58 GMT
etag: "65697fbe-16c"
expires: Sat, 06 Jan 2024 16:46:33 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uyyneSUOPrChwovqrT%2BPBgQ3WOkKVWsflb1314uFxSrzG%2Btqin3DeGrfEnDWxGxdrj5KJ4Dk%2Bz596sna862bizc4BYqTr5685grAZVqx3P9DeeMpLS6gm895cnrf%2FXXSCW7X7g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 831e3ed10b87568e-OSL
alt-svc: h3=":443"; ma=86400

qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/tapa.css

104.21.67.90

200 OK

18 kB

URL GET HTTP/3
qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/tapa.css
IP
104.21.67.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Certificate
IssuerGoogle Trust Services LLC
Subjectoweesnm.com
Fingerprint26:56:05:7F:27:6B:18:A4:19:9C:DF:48:04:7E:9B:27:67:ED:4D:61
ValidityFri, 01 Dec 2023 05:52:30 GMT - Thu, 29 Feb 2024 05:52:29 GMT

File type
assembler source, ASCII text, with very long lines (324), with CRLF line terminators
Size
18 kB (18164 bytes)
Hash
4db40d52a9241d5fd8bae9406d85f761
8acbcaca3a104745c41b589c04c9c5be412cef77
e4b00622d2eb35c56b71dfff7abb006a89588495e92cdb77ad4031ec84f179e8

HTTP Headers

GET /akjsskjnxnskjnanknm/werrx01/tapa.css HTTP/1.1
Host: qname.oweesnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 07 Dec 2023 16:46:33 GMT
content-type: text/css
last-modified: Fri, 01 Dec 2023 06:39:53 GMT
vary: Accept-Encoding
etag: W/"65697fb9-46f4"
expires: Sat, 06 Jan 2024 16:46:33 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5nL3bR3TKh6aRs3keg2d6NJeW04073mbLgVjj2wH88khnlXbf%2BkFsnfdmbsnRlq%2BwhH9S8lXpEkq%2BD6SQLmV%2BC9pxY4DkGuCk9zVQk31w0NbKDlbbsey07knm%2FHsVQi0RUUsMA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831e3ed0fb7a568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/w3.png

104.21.67.90

404 Not Found

146 B

URL GET HTTP/3
qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/w3.png
IP
104.21.67.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Certificate
IssuerGoogle Trust Services LLC
Subjectoweesnm.com
Fingerprint26:56:05:7F:27:6B:18:A4:19:9C:DF:48:04:7E:9B:27:67:ED:4D:61
ValidityFri, 01 Dec 2023 05:52:30 GMT - Thu, 29 Feb 2024 05:52:29 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Size
146 B (146 bytes)
Hash
40b3fc14254227ec5012d996bf90c4e1
b0dd06eb5a779151151101337889ff09953f8ac0
740816c1b61e4a8443c26d30d3eecfea04815fca8cd605a142f9d8a35f86ceca

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /akjsskjnxnskjnanknm/werrx01/w3.png HTTP/1.1
Host: qname.oweesnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Cookie: _ga_GZ2WHBX513=GS1.1.1701967600.1.0.1701967600.0.0.0; _ga=GA1.1.1837651493.1701967600
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Thu, 07 Dec 2023 16:46:35 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oY052pyVGB59LI234oR3ZjhqMykcSeclWBR%2BizOczW%2B%2FIYpJ4Lbz1U6TavNENPr0UJFqQEZVIS63QAQtbCubqE8yd%2FWtpEWz2aS394HK3CtjP5%2FV2vttN9rIBz8GZ3vWH6mIWg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831e3edbd9e8568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/w1.png

104.21.67.90

404 Not Found

146 B

URL GET HTTP/3
qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/w1.png
IP
104.21.67.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Certificate
IssuerGoogle Trust Services LLC
Subjectoweesnm.com
Fingerprint26:56:05:7F:27:6B:18:A4:19:9C:DF:48:04:7E:9B:27:67:ED:4D:61
ValidityFri, 01 Dec 2023 05:52:30 GMT - Thu, 29 Feb 2024 05:52:29 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Size
146 B (146 bytes)
Hash
40b3fc14254227ec5012d996bf90c4e1
b0dd06eb5a779151151101337889ff09953f8ac0
740816c1b61e4a8443c26d30d3eecfea04815fca8cd605a142f9d8a35f86ceca

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /akjsskjnxnskjnanknm/werrx01/w1.png HTTP/1.1
Host: qname.oweesnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Cookie: _ga_GZ2WHBX513=GS1.1.1701967600.1.0.1701967600.0.0.0; _ga=GA1.1.1837651493.1701967600
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Thu, 07 Dec 2023 16:46:39 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sWiS4vIr5dQYXM1ssUOXEN7IOl0fkgrBc5dAsja9KMdJIzAl3GJeLTe3g1GH2wQ6pxcJW9o0vim8jQQgUulCV%2F57AdwmlCCpEqjz424Y2kvOfjomEEM%2F2%2B4%2BG7fwhYOJO151hg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831e3efb1dbb568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/w1.png

104.21.67.90

404 Not Found

146 B

URL GET HTTP/3
qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/w1.png
IP
104.21.67.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Certificate
IssuerGoogle Trust Services LLC
Subjectoweesnm.com
Fingerprint26:56:05:7F:27:6B:18:A4:19:9C:DF:48:04:7E:9B:27:67:ED:4D:61
ValidityFri, 01 Dec 2023 05:52:30 GMT - Thu, 29 Feb 2024 05:52:29 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Size
146 B (146 bytes)
Hash
40b3fc14254227ec5012d996bf90c4e1
b0dd06eb5a779151151101337889ff09953f8ac0
740816c1b61e4a8443c26d30d3eecfea04815fca8cd605a142f9d8a35f86ceca

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /akjsskjnxnskjnanknm/werrx01/w1.png HTTP/1.1
Host: qname.oweesnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Cookie: _ga_GZ2WHBX513=GS1.1.1701967600.1.0.1701967600.0.0.0; _ga=GA1.1.1837651493.1701967600
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Thu, 07 Dec 2023 16:46:45 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 9
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3AC4zvdPqVKasJfbEI%2FUyHYSo5re8RFqxA6Akb18qM7NNiDUMqrcswnJUhS8BRhlJ6CvWFbVjc936oY94HjaBi9vq6ZgSeYBm8U8yJFUFy93IKV1b3Sb%2BYaRkK4JOQ8EOCvXIw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831e3f208afe568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/w3.png

104.21.67.90

404 Not Found

146 B

URL GET HTTP/3
qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/w3.png
IP
104.21.67.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Certificate
IssuerGoogle Trust Services LLC
Subjectoweesnm.com
Fingerprint26:56:05:7F:27:6B:18:A4:19:9C:DF:48:04:7E:9B:27:67:ED:4D:61
ValidityFri, 01 Dec 2023 05:52:30 GMT - Thu, 29 Feb 2024 05:52:29 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Size
146 B (146 bytes)
Hash
40b3fc14254227ec5012d996bf90c4e1
b0dd06eb5a779151151101337889ff09953f8ac0
740816c1b61e4a8443c26d30d3eecfea04815fca8cd605a142f9d8a35f86ceca

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /akjsskjnxnskjnanknm/werrx01/w3.png HTTP/1.1
Host: qname.oweesnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Cookie: _ga_GZ2WHBX513=GS1.1.1701967600.1.0.1701967600.0.0.0; _ga=GA1.1.1837651493.1701967600
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Thu, 07 Dec 2023 16:46:46 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 11
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qMD94eNHxcDazu6D00fX%2FnIJ%2BayDELZLeybb4ei%2B9vpqc4fSb8liVPiovEKxRm%2Fv8t8baOLz9EC53zxVQ4fftxNLtZC1Q32LxaqGAhywp%2F8HfWL08IIt8HMn2T1vFH7b9k5bVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831e3f26cd89568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/w1.png

104.21.67.90

404 Not Found

146 B

URL GET HTTP/3
qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/w1.png
IP
104.21.67.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Certificate
IssuerGoogle Trust Services LLC
Subjectoweesnm.com
Fingerprint26:56:05:7F:27:6B:18:A4:19:9C:DF:48:04:7E:9B:27:67:ED:4D:61
ValidityFri, 01 Dec 2023 05:52:30 GMT - Thu, 29 Feb 2024 05:52:29 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Size
146 B (146 bytes)
Hash
40b3fc14254227ec5012d996bf90c4e1
b0dd06eb5a779151151101337889ff09953f8ac0
740816c1b61e4a8443c26d30d3eecfea04815fca8cd605a142f9d8a35f86ceca

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /akjsskjnxnskjnanknm/werrx01/w1.png HTTP/1.1
Host: qname.oweesnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Cookie: _ga_GZ2WHBX513=GS1.1.1701967600.1.0.1701967600.0.0.0; _ga=GA1.1.1837651493.1701967600
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Thu, 07 Dec 2023 16:46:36 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6YIdVj63QqL6QEb2D7kjSIfHKgRbks0D20t3TpwAY%2BEAagbv9TUoojbTBJav6IzeZv%2FTAz9y0NaUaJ60Uwc8jLlf0wStAXR%2FwIJaYZ7VrfGd8HdlZdoQgCaLcQFjhSerG0NfSg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831e3ee20a0f568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/nvidia.js

104.21.67.90

200 OK

2.1 kB

URL GET HTTP/3
qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/nvidia.js
IP
104.21.67.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Certificate
IssuerGoogle Trust Services LLC
Subjectoweesnm.com
Fingerprint26:56:05:7F:27:6B:18:A4:19:9C:DF:48:04:7E:9B:27:67:ED:4D:61
ValidityFri, 01 Dec 2023 05:52:30 GMT - Thu, 29 Feb 2024 05:52:29 GMT

File type
ASCII text, with very long lines (2149), with no line terminators
Size
2.1 kB (2079 bytes)
Hash
9d39837a2a4650e657d69e15d26fab54
3051453ebc7bc07a77f08416cfda5a8133349411
f025353d7212a0a19b65b770ef1a3efe14e22c6305bed18e345f9c7d0ad6f921

HTTP Headers

GET /akjsskjnxnskjnanknm/werrx01/nvidia.js HTTP/1.1
Host: qname.oweesnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 07 Dec 2023 16:46:33 GMT
content-type: application/javascript
last-modified: Fri, 01 Dec 2023 06:39:55 GMT
vary: Accept-Encoding
etag: W/"65697fbb-81f"
expires: Sat, 06 Jan 2024 16:46:33 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mUVNdQnOYQjittEqnIk5%2FeW5Gkur36Ks66wcTJZD6elsUSuE%2FmwbpOwcgNL7cK%2Fnex2Rzif8d8B91%2F3QvHg72bYPMfbngijtDFf2Yi%2FzAQ0ie1jY6%2F%2FW9%2BQECRF%2BDxzv5aAayg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831e3ed12bc0568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/w3.png

104.21.67.90

404 Not Found

146 B

URL GET HTTP/3
qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/w3.png
IP
104.21.67.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Certificate
IssuerGoogle Trust Services LLC
Subjectoweesnm.com
Fingerprint26:56:05:7F:27:6B:18:A4:19:9C:DF:48:04:7E:9B:27:67:ED:4D:61
ValidityFri, 01 Dec 2023 05:52:30 GMT - Thu, 29 Feb 2024 05:52:29 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Size
146 B (146 bytes)
Hash
40b3fc14254227ec5012d996bf90c4e1
b0dd06eb5a779151151101337889ff09953f8ac0
740816c1b61e4a8443c26d30d3eecfea04815fca8cd605a142f9d8a35f86ceca

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /akjsskjnxnskjnanknm/werrx01/w3.png HTTP/1.1
Host: qname.oweesnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Cookie: _ga_GZ2WHBX513=GS1.1.1701967600.1.0.1701967600.0.0.0; _ga=GA1.1.1837651493.1701967600
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Thu, 07 Dec 2023 16:46:40 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KQx22itKNZ7d1CWO3kQ2Uwdp9ys0UIulPfl6iKKiHlZEf%2BABiCcjSMm%2BhaZQjY9nDEqph4N8QC9Fi6eVDUnBQjgyhprAn93gn0jKe7xerZ4D7ZmYwivkwmvbXo1LnyAuFDvwnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831e3f015e34568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/w1.png

104.21.67.90

404 Not Found

146 B

URL GET HTTP/3
qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/w1.png
IP
104.21.67.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Certificate
IssuerGoogle Trust Services LLC
Subjectoweesnm.com
Fingerprint26:56:05:7F:27:6B:18:A4:19:9C:DF:48:04:7E:9B:27:67:ED:4D:61
ValidityFri, 01 Dec 2023 05:52:30 GMT - Thu, 29 Feb 2024 05:52:29 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Size
146 B (146 bytes)
Hash
40b3fc14254227ec5012d996bf90c4e1
b0dd06eb5a779151151101337889ff09953f8ac0
740816c1b61e4a8443c26d30d3eecfea04815fca8cd605a142f9d8a35f86ceca

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /akjsskjnxnskjnanknm/werrx01/w1.png HTTP/1.1
Host: qname.oweesnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Cookie: _ga_GZ2WHBX513=GS1.1.1701967600.1.0.1701967600.0.0.0; _ga=GA1.1.1837651493.1701967600
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Thu, 07 Dec 2023 16:46:41 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fdf1sS0dsoKG1LimNga8Zzy8tlG%2B2jYTF%2B7h24ZgyQuZ1r%2Fd2LR4UhoFYR6s%2BKFHEJmg3PAQ3v0SRJOv0Mjgg4bsLG1d6r6qtR0hIw1FB6%2FIhpYa%2Bn2oKTbSw95HmMgf%2FKGK1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831e3f079f0f568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/w1.png

104.21.67.90

404 Not Found

146 B

URL GET HTTP/3
qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/w1.png
IP
104.21.67.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Certificate
IssuerGoogle Trust Services LLC
Subjectoweesnm.com
Fingerprint26:56:05:7F:27:6B:18:A4:19:9C:DF:48:04:7E:9B:27:67:ED:4D:61
ValidityFri, 01 Dec 2023 05:52:30 GMT - Thu, 29 Feb 2024 05:52:29 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Size
146 B (146 bytes)
Hash
40b3fc14254227ec5012d996bf90c4e1
b0dd06eb5a779151151101337889ff09953f8ac0
740816c1b61e4a8443c26d30d3eecfea04815fca8cd605a142f9d8a35f86ceca

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /akjsskjnxnskjnanknm/werrx01/w1.png HTTP/1.1
Host: qname.oweesnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Cookie: _ga_GZ2WHBX513=GS1.1.1701967600.1.0.1701967600.0.0.0; _ga=GA1.1.1837651493.1701967600
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Thu, 07 Dec 2023 16:46:43 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 7
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5WCIzZgrz%2BjKHSDgkO4Q0%2FTJLOJaa1YG9OGyuRHBb3aRmJS8z%2F9nXNGeI4zsa0dwhyoNSlO70OuHDH6w%2FEL0bXhdsg2I8sC61TNG%2BNxdSVSeSyzVrXZ52i7O2I3v8LS11u2c2A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831e3f141fc1568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ipwho.is/?lang=en

195.201.57.90

200 OK

668 B

URL GET HTTP/1.1
ipwho.is/?lang=en
IP
195.201.57.90:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Certificate
IssuerGoGetSSL
Subjectipwho.is
FingerprintCF:72:15:7E:2B:59:F6:B9:88:69:73:70:91:60:90:87:80:67:B9:A4
ValidityWed, 05 Apr 2023 00:00:00 GMT - Fri, 05 Apr 2024 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (789), with no line terminators
Size
668 B (668 bytes)
Hash
936321c649e697614c8d5bdb64a3a7b5
848e8deacea3b2aea9cfe19b57413bebe7629c0e
927b4d96600e375f0875dffe284a5f7dd7b7fce41987e68c10f65ebf3d9a4b89

HTTP Headers

GET /?lang=en HTTP/1.1
Host: ipwho.is
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://qname.oweesnm.com
DNT: 1
Connection: keep-alive
Referer: https://qname.oweesnm.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 07 Dec 2023 16:46:33 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: ipwhois
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
X-Robots-Tag: noindex

qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/w3.png

104.21.67.90

404 Not Found

146 B

URL GET HTTP/3
qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/w3.png
IP
104.21.67.90:443
ASN
#13335 CLOUDFLARENET

Requested by
https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Certificate
IssuerGoogle Trust Services LLC
Subjectoweesnm.com
Fingerprint26:56:05:7F:27:6B:18:A4:19:9C:DF:48:04:7E:9B:27:67:ED:4D:61
ValidityFri, 01 Dec 2023 05:52:30 GMT - Thu, 29 Feb 2024 05:52:29 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Size
146 B (146 bytes)
Hash
40b3fc14254227ec5012d996bf90c4e1
b0dd06eb5a779151151101337889ff09953f8ac0
740816c1b61e4a8443c26d30d3eecfea04815fca8cd605a142f9d8a35f86ceca

Detections

Analyzer	Verdict	Alert
urlquery	scam	Scam - Fake AntiVirus / Security software

HTTP Headers

GET /akjsskjnxnskjnanknm/werrx01/w3.png HTTP/1.1
Host: qname.oweesnm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://qname.oweesnm.com/akjsskjnxnskjnanknm/werrx01/?phone=(0101)-50555-94769&
Cookie: _ga_GZ2WHBX513=GS1.1.1701967600.1.0.1701967600.0.0.0; _ga=GA1.1.1837651493.1701967600
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Thu, 07 Dec 2023 16:46:44 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 9
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tt995Df8jYjj7bh8g1yg6O%2F7MxvAjoqzzZmajF8g0a4egJJHdDgcKoFfNX%2FCH2RRVaVVHQVP6PTI5iiVq9IACgFu%2B3Lv3c%2BcITqEubPizEHJUceqfTl9P28bAJbifW0Euq5xVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 831e3f1a58b5568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (18)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN