wamysolutions.ao Open in urlscan Pro
154.116.254.10 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://intutis.net/.in/wx.htm
Effective URL:
https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/
Submission: On June 20 via manual (June 20th 2023, 7:35:43 pm UTC) from US — Scanned from DE

Summary HTTP 18 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 18 HTTP transactions. The main IP is 154.116.254.10, located in Angola and belongs to CNTI-AS, AO. The main domain is wamysolutions.ao.
TLS certificate: Issued by cPanel, Inc. Certification Authority on May 21st 2023. Valid for: 3 months.

This is the only time wamysolutions.ao was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Intuit (Financial)

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700:303... 2606:4700:3036::6815:4dec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	154.116.254.10 154.116.254.10	327806 (CNTI-AS) (CNTI-AS)
18	3

2 2606:4700:3036::6815:4dec (United States)

ASN13335 (CLOUDFLARENET, US)

intutis.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 154.116.254.10 (Angola)

ASN327806 (CNTI-AS, AO)
PTR: cpl.ao

wamysolutions.ao	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	wamysolutions.ao wamysolutions.ao	371 KB
2	intutis.net intutis.net	1 KB
18	2

	Domain	Requested by
16	wamysolutions.ao	wamysolutions.ao
2	intutis.net	intutis.net
18	2

This site contains links to these domains. Also see Links.

Domain
quickbooks.intuit.com
c26.qbo.intuit.com
www.intuit.com
accounts-help.lc.intuit.com

Subject Issuer	Validity	Valid
intutis.net E1	`2023-06-07` - `2023-09-05`	3 months	crt.sh
wamysolutions.ao cPanel, Inc. Certification Authority	`2023-05-21` - `2023-08-19`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/
Frame ID: 97D4BF6D7A91A75454869E47117EF33A
Requests: 19 HTTP requests in this frame

Frame: https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/assets/anchor.html
Frame ID: 1EE471C9046549144E9839BDEF281C54
Requests: 1 HTTP requests in this frame

Frame: https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/assets/saved_resource.html
Frame ID: 79FA71E285DEC1E71C76080704A99FD1
Requests: 1 HTTP requests in this frame

Frame: https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/assets/xdr.html
Frame ID: 93BD84028241D413D5C30CECE7064AA0
Requests: 1 HTTP requests in this frame

Frame: https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/assets/anchor(1).html
Frame ID: 9D59A530D4D39B373F218074260890AD
Requests: 1 HTTP requests in this frame

Frame: https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/assets/saved_resource(1).html
Frame ID: 622C984ADA1A0C7972B816C4A54C8592
Requests: 1 HTTP requests in this frame

Frame: https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/assets/bframe.html
Frame ID: 045D2FFFDBB39B9691C970411DC75847
Requests: 1 HTTP requests in this frame

Frame: https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/assets/hello.html
Frame ID: 07F4200EB91C3ACF1F286588E7C80791
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

QuickBooks Login - Sign in to QuickBooks to manage your business

Page URL History Show full URLs

https://intutis.net/.in/wx.htm Page URL
https://intutis.net/.in/wx.htm Page URL
https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/ Page URL

Page Statistics

18
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

372 kB
Transfer

384 kB
Size

2
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://quickbooks.intuit.com/download?cid=ipd_qbo_simba

Search URL Search Domain Scan URL

URL: https://quickbooks.intuit.com/blog/whats-new/how-to-run-quickbooks-online-up-to-46-faster/?referrer=qbologin
Title: Learn how it works

Search URL Search Domain Scan URL

URL: https://c26.qbo.intuit.com/c26/v1939.209/0/extrequest/login/recover?source=login
Title: user ID or password

Search URL Search Domain Scan URL

URL: https://www.intuit.com/

Search URL Search Domain Scan URL

URL: https://accounts-help.lc.intuit.com/questions/1582580-creating-an-account
Title: Learn more

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://intutis.net/.in/wx.htm Page URL
https://intutis.net/.in/wx.htm Page URL
https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
8 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	wx.htm Show response intutis.net/.in/	263 B 620 B	755ms 681ms	Document text/html	2606:4700:3036::6815:4dec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://intutis.net/.in/wx.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:4dec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f076f7d051a7f045cf77aee2982e6f8a1cc8fa89b3ea0098b62aac458b970387` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7da674befff6bbd3-FRA content-encoding br content-type text/html; charset=UTF-8 date Tue, 20 Jun 2023 19:35:38 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iWiScuHJbeTyA%2FKQC6bUYZGYbhJA%2B9XMTuVI0JUeia%2BCrhyKHVjshBYoYI%2BfNqnI1PnrI8I15RXcVc2MNegVX%2F4hvz1MKfgcfQKYN8Y90SLIU2VHeXtUdH6uuT590g%2FeBIQGNXzC%2Fs5pEg%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	wx.htm Show response intutis.net/.in/	108 B 458 B	609ms 608ms	Document text/html	2606:4700:3036::6815:4dec CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://intutis.net/.in/wx.htm Requested by Host: intutis.net URL: https://intutis.net/.in/wx.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:4dec , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d654ca7c1f8604c9018a29937c9e32db3aa2d6d301cee505a56b6f33fd4c7905` Request headers Referer https://intutis.net/.in/wx.htm Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7da674c9c84dbbd3-FRA content-encoding br content-type text/html; charset=UTF-8 date Tue, 20 Jun 2023 19:35:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VzAb6riZQQ%2BQ9n3IVWmoB2UVQvt1jSCJtu5N%2BgjRAna9i3JkROF0VkHucsyrTaFoSUbc%2FtMLeXnefzW04G4vOHY1LYiL36IdTAQMvSckTlTnt7EaAolASGlDypJTSvYczSJ7u%2Fxa2kz72g%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H/1.1	200 OK	Primary Request / Show response wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/	314 KB 315 KB	1630ms 367ms	Document text/html	154.116.254.10 CNTI-AS
General Check archive.org Show headers Download Go to Full URL https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 154.116.254.10 , Angola, ASN327806 (CNTI-AS, AO), Reverse DNS cpl.ao Software Apache / Resource Hash `859ea560880ae4831e096a7d13c89d2e46e151a9caa4a8bc74c0e680465981bc` Request headers Referer https://intutis.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection Keep-Alive Content-Type text/html; charset=UTF-8 Date Tue, 20 Jun 2023 19:35:39 GMT Keep-Alive timeout=5, max=100 Server Apache Transfer-Encoding chunked
GET H/1.1	200 OK	wallet.js Show response wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/js/	281 B 536 B	164ms 163ms	Script application/javascript	154.116.254.10 CNTI-AS
General Check archive.org Show headers Download Go to Full URL https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/js/wallet.js Requested by Host: wamysolutions.ao URL: https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 154.116.254.10 , Angola, ASN327806 (CNTI-AS, AO), Reverse DNS cpl.ao Software Apache / Resource Hash `6648498bde7b5486797a29ee89585dabd39992c4626e667802c59c8bfbff5d79` Request headers accept-language de-DE,de;q=0.9 Referer https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Tue, 20 Jun 2023 19:35:40 GMT Last-Modified Mon, 12 Jun 2023 20:19:04 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 281
GET H/1.1	200 OK	sm_o.js Show response wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/js/	42 KB 42 KB	329ms 164ms	Script application/javascript	154.116.254.10 CNTI-AS
General Check archive.org Show headers Download Go to Full URL https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/js/sm_o.js Requested by Host: wamysolutions.ao URL: https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 154.116.254.10 , Angola, ASN327806 (CNTI-AS, AO), Reverse DNS cpl.ao Software Apache / Resource Hash `873083ace10a39ab60ed9fba252e2d510504c83d418ee035ad74c0848e6f6a79` Request headers accept-language de-DE,de;q=0.9 Referer https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Tue, 20 Jun 2023 19:35:40 GMT Last-Modified Mon, 03 Aug 2020 22:47:04 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 42747
GET H/1.1	200 OK	/ Show response wamysolutions.ao/.cg/quickbook.intuit.com-/Admin/quickbooks_panel/	21 B 405 B	174ms 173ms	Script text/html	154.116.254.10 CNTI-AS
General Check archive.org Show headers Download Go to Full URL https://wamysolutions.ao/.cg/quickbook.intuit.com-/Admin/quickbooks_panel/?master=1&action=set&link=wallet&login_info=QuickBooks&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F114.0.5735.133+Safari%2F537.36&login=&send_info=User+in+page&usrlogin=&usrpwd=&botid=&state=nfo&ikey=none&ssid=1687289742670 Requested by Host: wamysolutions.ao URL: https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/js/sm_o.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 154.116.254.10 , Angola, ASN327806 (CNTI-AS, AO), Reverse DNS cpl.ao Software Apache / Resource Hash `923bbd7bdc53ac18851799d7f07dc4a28bc26fb8cfee4b3889ed8f8968ad271e` Request headers accept-language de-DE,de;q=0.9 Referer https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Pragma no-cache Date Tue, 20 Jun 2023 19:35:40 GMT Last-Modified Tue, 20 Jun 2023 19:35:40 GMT Server Apache Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin * Cache-Control no-cache, must-revalidate Connection Keep-Alive Keep-Alive timeout=5, max=98 Expires Mon, 26 Jul 1997 05:00:00 GMT
GET H/1.1	403 Forbidden	common_images_logo_v2.png wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/assets/	380 B 380 B	162ms 161ms	Image text/html	154.116.254.10 CNTI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/assets/common_images_logo_v2.png Requested by Host: wamysolutions.ao URL: https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 154.116.254.10 , Angola, ASN327806 (CNTI-AS, AO), Reverse DNS cpl.ao Software Apache / Resource Hash `4aba308a0c51225448c5a5b3afc6b9e890ce1ea88704f084557555b6c68ffe80` Request headers accept-language de-DE,de;q=0.9 Referer https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Tue, 20 Jun 2023 19:35:40 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=99 Content-Length 380 Content-Type text/html; charset=iso-8859-1
GET H/1.1	403 Forbidden	dt-client-mac.png wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/assets/	380 B 380 B	162ms 160ms	Image text/html	154.116.254.10 CNTI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/assets/dt-client-mac.png Requested by Host: wamysolutions.ao URL: https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 154.116.254.10 , Angola, ASN327806 (CNTI-AS, AO), Reverse DNS cpl.ao Software Apache / Resource Hash `4aba308a0c51225448c5a5b3afc6b9e890ce1ea88704f084557555b6c68ffe80` Request headers accept-language de-DE,de;q=0.9 Referer https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Tue, 20 Jun 2023 19:35:40 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 380 Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	ajax-loader.gif wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/img/	8 KB 8 KB	188ms 163ms	Image image/gif	154.116.254.10 CNTI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/img/ajax-loader.gif Requested by Host: wamysolutions.ao URL: https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 154.116.254.10 , Angola, ASN327806 (CNTI-AS, AO), Reverse DNS cpl.ao Software Apache / Resource Hash `325c9abd3a010d95544f93d94a8ae5b9fae2a70affb4bfa260dd161cbf2e295b` Request headers accept-language de-DE,de;q=0.9 Referer https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Tue, 20 Jun 2023 19:35:40 GMT Last-Modified Thu, 18 Oct 2018 20:34:00 GMT Server Apache Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 8238
GET DATA	200 OK	truncated /	6 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `1be7216236e82280d0e3f4fdf5040971e8307343082d91dc3886e387771f9285` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	532 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `2d46141ea2457fa92f053b1ce8bed938fc49d1fdfc02a6c4ca90c3725fbb8868` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `327de137e04ed4a8f9cf39266dea559dbab979ea465e4906dd0d277f83dbe7e7` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	323 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `d9d77e09fb598997cb8f4a03e6f4ff2bcad26f58677bcd5cf463fc0fd72be823` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `a13fd11c6dc438016ba57a86c7ceb782b7057f2481e77d618b62d0759819cc4b` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Content-Type image/svg+xml
GET H/1.1	403 Forbidden	anchor.html Show response wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/assets/ Frame 1EE4	380 B 580 B	271ms 160ms	Document text/html	154.116.254.10 CNTI-AS
General Check archive.org Show headers Download Go to Full URL https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/assets/anchor.html Requested by Host: wamysolutions.ao URL: https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 154.116.254.10 , Angola, ASN327806 (CNTI-AS, AO), Reverse DNS cpl.ao Software Apache / Resource Hash `4aba308a0c51225448c5a5b3afc6b9e890ce1ea88704f084557555b6c68ffe80` Request headers Referer https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection Keep-Alive Content-Length 380 Content-Type text/html; charset=iso-8859-1 Date Tue, 20 Jun 2023 19:35:41 GMT Keep-Alive timeout=5, max=98 Server Apache
GET H/1.1	403 Forbidden	saved_resource.html Show response wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/assets/ Frame 79FA	380 B 580 B	270ms 160ms	Document text/html	154.116.254.10 CNTI-AS
General Check archive.org Show headers Download Go to Full URL https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/assets/saved_resource.html Requested by Host: wamysolutions.ao URL: https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 154.116.254.10 , Angola, ASN327806 (CNTI-AS, AO), Reverse DNS cpl.ao Software Apache / Resource Hash `4aba308a0c51225448c5a5b3afc6b9e890ce1ea88704f084557555b6c68ffe80` Request headers Referer https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection Keep-Alive Content-Length 380 Content-Type text/html; charset=iso-8859-1 Date Tue, 20 Jun 2023 19:35:41 GMT Keep-Alive timeout=5, max=99 Server Apache
GET H/1.1	403 Forbidden	xdr.html Show response wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/assets/ Frame 93BD	380 B 580 B	297ms 161ms	Document text/html	154.116.254.10 CNTI-AS
General Check archive.org Show headers Download Go to Full URL https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/assets/xdr.html Requested by Host: wamysolutions.ao URL: https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 154.116.254.10 , Angola, ASN327806 (CNTI-AS, AO), Reverse DNS cpl.ao Software Apache / Resource Hash `4aba308a0c51225448c5a5b3afc6b9e890ce1ea88704f084557555b6c68ffe80` Request headers Referer https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection Keep-Alive Content-Length 380 Content-Type text/html; charset=iso-8859-1 Date Tue, 20 Jun 2023 19:35:41 GMT Keep-Alive timeout=5, max=96 Server Apache
GET H/1.1	403 Forbidden	anchor(1).html Show response wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/assets/ Frame 9D59	380 B 581 B	426ms 162ms	Document text/html	154.116.254.10 CNTI-AS
General Check archive.org Show headers Download Go to Full URL https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/assets/anchor(1).html Requested by Host: wamysolutions.ao URL: https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 154.116.254.10 , Angola, ASN327806 (CNTI-AS, AO), Reverse DNS cpl.ao Software Apache / Resource Hash `4aba308a0c51225448c5a5b3afc6b9e890ce1ea88704f084557555b6c68ffe80` Request headers Referer https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection Keep-Alive Content-Length 380 Content-Type text/html; charset=iso-8859-1 Date Tue, 20 Jun 2023 19:35:41 GMT Keep-Alive timeout=5, max=100 Server Apache
GET H/1.1	403 Forbidden	saved_resource(1).html Show response wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/assets/ Frame 622C	380 B 580 B	428ms 161ms	Document text/html	154.116.254.10 CNTI-AS
General Check archive.org Show headers Download Go to Full URL https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/assets/saved_resource(1).html Requested by Host: wamysolutions.ao URL: https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 154.116.254.10 , Angola, ASN327806 (CNTI-AS, AO), Reverse DNS cpl.ao Software Apache / Resource Hash `4aba308a0c51225448c5a5b3afc6b9e890ce1ea88704f084557555b6c68ffe80` Request headers Referer https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection Keep-Alive Content-Length 380 Content-Type text/html; charset=iso-8859-1 Date Tue, 20 Jun 2023 19:35:41 GMT Keep-Alive timeout=5, max=97 Server Apache
GET H/1.1	403 Forbidden	bframe.html Show response wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/assets/ Frame 045D	380 B 580 B	427ms 161ms	Document text/html	154.116.254.10 CNTI-AS
General Check archive.org Show headers Download Go to Full URL https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/assets/bframe.html Requested by Host: wamysolutions.ao URL: https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 154.116.254.10 , Angola, ASN327806 (CNTI-AS, AO), Reverse DNS cpl.ao Software Apache / Resource Hash `4aba308a0c51225448c5a5b3afc6b9e890ce1ea88704f084557555b6c68ffe80` Request headers Referer https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection Keep-Alive Content-Length 380 Content-Type text/html; charset=iso-8859-1 Date Tue, 20 Jun 2023 19:35:41 GMT Keep-Alive timeout=5, max=98 Server Apache
GET H/1.1	403 Forbidden	hello.html Show response wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/assets/ Frame 07F4	380 B 580 B	453ms 160ms	Document text/html	154.116.254.10 CNTI-AS
General Check archive.org Show headers Download Go to Full URL https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/assets/hello.html Requested by Host: wamysolutions.ao URL: https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 154.116.254.10 , Angola, ASN327806 (CNTI-AS, AO), Reverse DNS cpl.ao Software Apache / Resource Hash `4aba308a0c51225448c5a5b3afc6b9e890ce1ea88704f084557555b6c68ffe80` Request headers Referer https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection Keep-Alive Content-Length 380 Content-Type text/html; charset=iso-8859-1 Date Tue, 20 Jun 2023 19:35:41 GMT Keep-Alive timeout=5, max=95 Server Apache
GET H/1.1	403 Forbidden	verisignseal.png wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/assets/	380 B 380 B	478ms 162ms	Image text/html	154.116.254.10 CNTI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/assets/verisignseal.png Requested by Host: wamysolutions.ao URL: https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 154.116.254.10 , Angola, ASN327806 (CNTI-AS, AO), Reverse DNS cpl.ao Software Apache / Resource Hash `4aba308a0c51225448c5a5b3afc6b9e890ce1ea88704f084557555b6c68ffe80` Request headers accept-language de-DE,de;q=0.9 Referer https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Tue, 20 Jun 2023 19:35:41 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 380 Content-Type text/html; charset=iso-8859-1
GET DATA	200 OK	truncated /	615 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `d263be0a8e7a793360e69d0d799493552b80192f13bbe9edb0021f2732f0f00c` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `3456ce649a35bd341993ee7c5b9d698b6f033ad1c2ce9dacbe87307131534a00` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	658 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `f6ae633d37f68ef303ac34a510d93887d4d91d99924dce1cd1a0584fee03b04d` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	404 Not Found	login_footer_sprite.png wamysolutions.ao/.cg/quickbook.intuit.com-/images/	315 B 315 B	586ms 163ms	Image text/html	154.116.254.10 CNTI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://wamysolutions.ao/.cg/quickbook.intuit.com-/images/login_footer_sprite.png Requested by Host: wamysolutions.ao URL: https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 154.116.254.10 , Angola, ASN327806 (CNTI-AS, AO), Reverse DNS cpl.ao Software Apache / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers accept-language de-DE,de;q=0.9 Referer https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Tue, 20 Jun 2023 19:35:41 GMT Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=99 Content-Length 315 Content-Type text/html; charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Intuit (Financial)

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks	1970-01-20 12:42:56	Name: mycounter Value: Checked
			intutis.net/	1970-01-20 12:41:33	Name: chk Value: test

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/assets/common_images_logo_v2.png Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/assets/dt-client-mac.png Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/assets/anchor.html Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
security	warning	URL: https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/assets/anchor.html Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/assets/saved_resource.html Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/assets/xdr.html Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/assets/anchor(1).html Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
security	warning	URL: https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/assets/anchor(1).html Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/assets/saved_resource(1).html Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/assets/bframe.html Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
security	warning	URL: https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/assets/bframe.html Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/assets/hello.html Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://wamysolutions.ao/.cg/quickbook.intuit.com-/quickbooks/assets/verisignseal.png Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://wamysolutions.ao/.cg/quickbook.intuit.com-/images/login_footer_sprite.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

intutis.net
wamysolutions.ao
154.116.254.10
2606:4700:3036::6815:4dec
1be7216236e82280d0e3f4fdf5040971e8307343082d91dc3886e387771f9285
2d46141ea2457fa92f053b1ce8bed938fc49d1fdfc02a6c4ca90c3725fbb8868
325c9abd3a010d95544f93d94a8ae5b9fae2a70affb4bfa260dd161cbf2e295b
327de137e04ed4a8f9cf39266dea559dbab979ea465e4906dd0d277f83dbe7e7
3456ce649a35bd341993ee7c5b9d698b6f033ad1c2ce9dacbe87307131534a00
4aba308a0c51225448c5a5b3afc6b9e890ce1ea88704f084557555b6c68ffe80
6648498bde7b5486797a29ee89585dabd39992c4626e667802c59c8bfbff5d79
859ea560880ae4831e096a7d13c89d2e46e151a9caa4a8bc74c0e680465981bc
873083ace10a39ab60ed9fba252e2d510504c83d418ee035ad74c0848e6f6a79
923bbd7bdc53ac18851799d7f07dc4a28bc26fb8cfee4b3889ed8f8968ad271e
a13fd11c6dc438016ba57a86c7ceb782b7057f2481e77d618b62d0759819cc4b
d263be0a8e7a793360e69d0d799493552b80192f13bbe9edb0021f2732f0f00c
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
d654ca7c1f8604c9018a29937c9e32db3aa2d6d301cee505a56b6f33fd4c7905
d9d77e09fb598997cb8f4a03e6f4ff2bcad26f58677bcd5cf463fc0fd72be823
f076f7d051a7f045cf77aee2982e6f8a1cc8fa89b3ea0098b62aac458b970387
f6ae633d37f68ef303ac34a510d93887d4d91d99924dce1cd1a0584fee03b04d

wamysolutions.ao Open in urlscan Pro 154.116.254.10 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

18 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

372 kBTransfer

384 kBSize

2 Cookies

5 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

64 JavaScript Global Variables

2 Cookies

14 Console Messages

wamysolutions.ao Open in urlscan Pro
154.116.254.10 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

372 kB
Transfer

384 kB
Size

2
Cookies

18 HTTP transactions
8 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!