![](/screenshots/345ab0d4-9a17-49c8-a70c-e08570e85946.png)
waterx.download
Open in
urlscan Pro
170.187.189.97
Public Scan
Submission: On May 28 via manual from IL — Scanned from DE
Summary
TLS certificate: Issued by R3 on May 1st 2023. Valid for: 3 months.
This is the only time waterx.download was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
5 | 170.187.189.97 170.187.189.97 | 63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud) | |
1 | 2a00:1450:400... 2a00:1450:4001:82f::2008 | 15169 (GOOGLE) (GOOGLE) | |
3 | 2600:9000:225... 2600:9000:2250:5c00:2:bb72:9400:21 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2001:4860:480... 2001:4860:4802:34::36 | 15169 (GOOGLE) (GOOGLE) | |
4 | 172.64.132.29 172.64.132.29 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 52.222.236.125 52.222.236.125 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 104.21.93.237 104.21.93.237 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
4 6 | 2a00:1450:400... 2a00:1450:4001:828::200d | 15169 (GOOGLE) (GOOGLE) | |
23 | 10 |
ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 170-187-189-97.akamai-compute.nexuspipe.com
waterx.download |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
d1lnjzqqshwcwg.cloudfront.net |
ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-125.fra56.r.cloudfront.net
adthereissome.info |
ASN32934 (FACEBOOK, US)
www.facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
google.com
4 redirects
accounts.google.com — Cisco Umbrella Rank: 33 |
3 KB |
5 |
waterx.download
waterx.download |
54 KB |
4 |
pogothere.xyz
pogothere.xyz — Cisco Umbrella Rank: 27873 |
202 KB |
3 |
adthereissome.info
adthereissome.info |
3 KB |
3 |
cloudfront.net
d1lnjzqqshwcwg.cloudfront.net |
107 KB |
2 |
gforanythingamgl.info
gforanythingamgl.info |
804 B |
1 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 102 |
|
1 |
google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2230 |
254 B |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40 |
86 KB |
0 |
nexuspipe.com
Failed
fonts.nexuspipe.com Failed |
|
23 | 10 |
Domain | Requested by | |
---|---|---|
6 | accounts.google.com |
4 redirects
waterx.download
|
5 | waterx.download |
waterx.download
|
4 | pogothere.xyz |
d1lnjzqqshwcwg.cloudfront.net
|
3 | adthereissome.info |
d1lnjzqqshwcwg.cloudfront.net
|
3 | d1lnjzqqshwcwg.cloudfront.net |
waterx.download
adthereissome.info |
2 | gforanythingamgl.info |
waterx.download
|
1 | www.facebook.com |
waterx.download
|
1 | region1.google-analytics.com |
www.googletagmanager.com
|
1 | www.googletagmanager.com |
waterx.download
|
0 | fonts.nexuspipe.com Failed |
waterx.download
|
23 | 10 |
This site contains links to these domains. Also see Links.
Domain |
---|
discord.gg |
filedm.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
waterx.download R3 |
2023-05-01 - 2023-07-30 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-05-08 - 2023-07-31 |
3 months | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2022-12-08 - 2023-12-07 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-02-28 - 2024-02-27 |
a year | crt.sh |
adthereissome.info Amazon RSA 2048 M01 |
2023-05-05 - 2024-06-02 |
a year | crt.sh |
gforanythingamgl.info GTS CA 1P5 |
2023-05-05 - 2023-08-03 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2023-03-07 - 2023-06-05 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://waterx.download/
Frame ID: E742F04CB419EFD80CFD540978045BB2
Requests: 21 HTTP requests in this frame
Frame:
https://adthereissome.info/aUc4S1kIJVsmZgh6Wm0sGysFbmsvYgoNPVgrViEjGDZLIy4KMF9lOgUoTS8/GyhWP3cHIkxuay9yWhwXOxFgJBYtAwAxCzsscwUOAQNvehcGHlNyFSoUcX0fK3ZdBT48C3QILQQAbScMIBBqMR0BJHApHj8keRoQTHV+BjINC3ohYVsVCTMfJAN9EgwvIwsCCAYEewwuAQB6cxEkAwgbGA4sACguUQpgIS5fBnkaCTkTai0BEBFTLmkZDm0cH1ADaRoXJxNXBRECHVIRCzgdaiYXBRQJehcwH3oBFVkdUhEIWQJ8HD0BHwl/MQ0AXAAfPxFULR9QIW0xdCgreywcLg1SCgArIFcnOiwgSh00Iy5uDWw/I38vEjsWX34QOyR6GTQkEGB6YD0XbDwLKgJiIQM7d3EKHQZxbXsxOx5sEgohME9zFC9+XgEOKyxrHhc9IQoJFD4rfm5rLx19Izs7KnYnGjgwfgYaChNrDRwxHn0nOD0QciEBKy9dEhhPLUskNxl6XxsoKA8PB2pQBQ0
Frame ID: ABCCC03BD5C8224CD70E47016237F824
Requests: 2 HTTP requests in this frame
Screenshot
![](/screenshots/345ab0d4-9a17-49c8-a70c-e08570e85946.png)
Page Title
Water XDetected technologies
Detected patterns
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/gtag/js
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Support
Search URL Search Domain Scan URL
Title: Download Water X
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 13- https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
- https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneFUmq6BV8zouDsr3vjNYBg6MrN2vBH75tstSPZ-XyGv6hL6F2AvJoo7DbldDi-6AYJOqdcH3w HTTP 302
- https://accounts.google.com/v3/signin/identifier?dsh=S701277%3A1685289845782001&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneEm2wT1VOqCCoQdv-t7eQYrqcTATsfI-L4rkCUgTJNpNFrAxfcKltjbHrk-HdOUeN50Bh2qEQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
- https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
- https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneH-Gz12H-47nMRjg6wWpDqSlEE_mNq4BSl8A3ipxwMH7wEjsDpaS3bZyHT0tD4pkgB8ShP0gQ HTTP 302
- https://accounts.google.com/v3/signin/identifier?dsh=S-1090178536%3A1685289845780003&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneGDwdpJA0FBNhJzJUZbDxDYabb-tdAZ5P5A6106JlNEwNgG4qdfS4708MGfrqSkc-x9dgiURw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
waterx.download/ |
3 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
fonts.nexuspipe.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
waterx.download/ |
3 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
253 KB 86 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
d1lnjzqqshwcwg.cloudfront.net/ |
161 KB 53 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WaterXLogo.png
waterx.download/ |
46 KB 46 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
phantomforces.png
waterx.download/ |
564 B 564 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bloxfruits.png
waterx.download/ |
564 B 564 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 254 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
asd100.bin
pogothere.xyz/ |
100 KB 101 KB |
Fetch
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
pogothere.xyz/ |
26 B 351 B |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utx
adthereissome.info/ |
0 537 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HBJGLSxsDQR0cWYBFDQhNQkDYjslVUYxO2wFFC0mN1sPYj5sBRx3fH8HAGp6d0EPdW4lRFMjdWASQjA8PQkDcnBkBgp9cGUBBHd6
gforanythingamgl.info/SFE0MkRnbldBeR8/XwIJIhtdYwUFHXV1fQoQQ0EDKToMcQY/ |
0 263 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.php
www.facebook.com/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
identifier
accounts.google.com/v3/signin/ Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
identifier
accounts.google.com/v3/signin/ Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popunder.gif
gforanythingamgl.info/ |
35 B 541 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
d1lnjzqqshwcwg.cloudfront.net/ |
161 KB 53 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
asd100.bin
pogothere.xyz/ |
100 KB 100 KB |
Fetch
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
pogothere.xyz/ |
26 B 369 B |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utx
adthereissome.info/ |
0 539 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
I38vEjsWX34QOyR6GTQkEGB6YD0XbDwLKgJiIQM7d3EKHQZxbXsxOx5sEgohME9zFC9+XgEOKyxrHhc9IQoJFD4rfm5rLx19Izs7KnYnGjgwfgYaChNrDRwxHn0nOD0QciEBKy9dEhhPLUskNxl6XxsoKA8PB2pQBQ0
adthereissome.info/aUc4S1kIJVsmZgh6Wm0sGysFbmsvYgoNPVgrViEjGDZLIy4KMF9lOgUoTS8/GyhWP3cHIkxuay9yWhwXOxFgJBYtAwAxCzsscwUOAQNvehcGHlNyFSoUcX0fK3ZdBT48C3QILQQAbScMIBBqMR0BJHApHj8keRoQTHV+BjINC3ohYVsVCT... Frame ABCC |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ZEhbRmNlCQwFMCcTSFEXYElaTWJjXBheYA
d1lnjzqqshwcwg.cloudfront.net/5bWNRVXoODD8zRRkKNWhDW1NoYk9LCSI6FB1eNgULLCtmGUlUIWRzDhcHbGVcAQI/MkdLBj82R1xFMDEYUFd3IQoCCGwhGB8HMD0PAgk8cw8MXjw6AAQPPTRfXyVke0pIUWF9DQQNNToNHkZjZRQZRmNlS11NYXBJL0ZjZQ... Frame ABCC |
779 B 833 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- fonts.nexuspipe.com
- URL
- https://fonts.nexuspipe.com/
Verdicts & Comments Add Verdict or Comment
12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal number| LAST_CORRECT_EVENT_TIME object| utr_960975 number| userTrackingInterval number| _3849823730 number| iinf3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.waterx.download/ | Name: _ga Value: GA1.1.1157981038.1685289846 |
|
.waterx.download/ | Name: _ga_E1LJBD7MPZ Value: GS1.1.1685289845.1.0.1685289845.0.0.0 |
|
pogothere.xyz/ | Name: csu Value: 831804057534146@1@1685289845 |
6 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
accounts.google.com
adthereissome.info
d1lnjzqqshwcwg.cloudfront.net
fonts.nexuspipe.com
gforanythingamgl.info
pogothere.xyz
region1.google-analytics.com
waterx.download
www.facebook.com
www.googletagmanager.com
fonts.nexuspipe.com
104.21.93.237
170.187.189.97
172.64.132.29
2001:4860:4802:34::36
2600:9000:2250:5c00:2:bb72:9400:21
2a00:1450:4001:828::200d
2a00:1450:4001:82f::2008
2a03:2880:f176:181:face:b00c:0:25de
52.222.236.125
172eb9ce1bb5a26fc5d378b212e41e9dec3b86aeb9b95eab9b5c38c4da4849fe
32516d54787cde1eb8b5d180d8a71991369dc9113c1ace6d6d4ab679c2ec7442
3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f
4370ac5e7c351e241fd0c7e0ea3e82da0fa59b58cf8e19fd5666d19e89360712
56ca28d85bfd72c1c2bb3875e7d30b05b759f2d3882963eb5a7efacbcd32cba4
73e683f04e561015cb341a7995e575154ed76edf99d292f44f4d3be642a4c4c0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
abe781c82c448847e5e0434bf867f2816f22a3fc06f1a30c8d0814133d0b49c9
d7b4e5e109042cfd07f56345780d2db32cd82a90546f7df4c8a061413c38fc71
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea0a02d42ae8a5a4631917ec7a290886582aefa318bc05151d40a87e46562a72
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
faadefb166f38f01ec58a38153fd63e9f722935ccd2dd2c15858942a2ae3e45a