waterx.download Open in urlscan Pro
170.187.189.97 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://waterx.download/
Submission: On May 28 via manual (May 28th 2023, 4:04:09 pm UTC) from IL — Scanned from DE

Summary HTTP 23 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 10 domains to perform 23 HTTP transactions. The main IP is 170.187.189.97, located in Frankfurt am Main, Germany and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is waterx.download.
TLS certificate: Issued by R3 on May 1st 2023. Valid for: 3 months.

This is the only time waterx.download was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	170.187.189.97 170.187.189.97	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
3	2600:9000:225... 2600:9000:2250:5c00:2:bb72:9400:21	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
4	172.64.132.29 172.64.132.29	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	52.222.236.125 52.222.236.125	16509 (AMAZON-02) (AMAZON-02)
2	104.21.93.237 104.21.93.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4 6	2a00:1450:400... 2a00:1450:4001:828::200d	15169 (GOOGLE) (GOOGLE)
23	10

5 170.187.189.97 (Frankfurt am Main, Germany)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 170-187-189-97.akamai-compute.nexuspipe.com

waterx.download	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2250:5c00:2:bb72:9400:21 (United States)

ASN16509 (AMAZON-02, US)

d1lnjzqqshwcwg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.132.29 (United States)

ASN13335 (CLOUDFLARENET, US)

pogothere.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.236.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-125.fra56.r.cloudfront.net

adthereissome.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.93.237 (None, )

ASN13335 (CLOUDFLARENET, US)

gforanythingamgl.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::200d (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	google.com 4 redirects accounts.google.com — Cisco Umbrella Rank: 33	3 KB
5	waterx.download waterx.download	54 KB
4	pogothere.xyz pogothere.xyz — Cisco Umbrella Rank: 27873	202 KB
3	adthereissome.info adthereissome.info	3 KB
3	cloudfront.net d1lnjzqqshwcwg.cloudfront.net	107 KB
2	gforanythingamgl.info gforanythingamgl.info	804 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 102
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2230	254 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	86 KB
0	nexuspipe.com Failed fonts.nexuspipe.com Failed
23	10

	Domain	Requested by
6	accounts.google.com	4 redirects waterx.download
5	waterx.download	waterx.download
4	pogothere.xyz	d1lnjzqqshwcwg.cloudfront.net
3	adthereissome.info	d1lnjzqqshwcwg.cloudfront.net
3	d1lnjzqqshwcwg.cloudfront.net	waterx.download adthereissome.info
2	gforanythingamgl.info	waterx.download
1	www.facebook.com	waterx.download
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	waterx.download
0	fonts.nexuspipe.com Failed	waterx.download
23	10

This site contains links to these domains. Also see Links.

Domain
discord.gg
filedm.com

Subject Issuer	Validity	Valid
waterx.download R3	`2023-05-01` - `2023-07-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-28` - `2024-02-27`	a year	crt.sh
adthereissome.info Amazon RSA 2048 M01	`2023-05-05` - `2024-06-02`	a year	crt.sh
gforanythingamgl.info GTS CA 1P5	`2023-05-05` - `2023-08-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-03-07` - `2023-06-05`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://waterx.download/
Frame ID: E742F04CB419EFD80CFD540978045BB2
Requests: 21 HTTP requests in this frame

Frame: https://adthereissome.info/aUc4S1kIJVsmZgh6Wm0sGysFbmsvYgoNPVgrViEjGDZLIy4KMF9lOgUoTS8/GyhWP3cHIkxuay9yWhwXOxFgJBYtAwAxCzsscwUOAQNvehcGHlNyFSoUcX0fK3ZdBT48C3QILQQAbScMIBBqMR0BJHApHj8keRoQTHV+BjINC3ohYVsVCTMfJAN9EgwvIwsCCAYEewwuAQB6cxEkAwgbGA4sACguUQpgIS5fBnkaCTkTai0BEBFTLmkZDm0cH1ADaRoXJxNXBRECHVIRCzgdaiYXBRQJehcwH3oBFVkdUhEIWQJ8HD0BHwl/MQ0AXAAfPxFULR9QIW0xdCgreywcLg1SCgArIFcnOiwgSh00Iy5uDWw/I38vEjsWX34QOyR6GTQkEGB6YD0XbDwLKgJiIQM7d3EKHQZxbXsxOx5sEgohME9zFC9+XgEOKyxrHhc9IQoJFD4rfm5rLx19Izs7KnYnGjgwfgYaChNrDRwxHn0nOD0QciEBKy9dEhhPLUskNxl6XxsoKA8PB2pQBQ0
Frame ID: ABCCC03BD5C8224CD70E47016237F824
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Water X

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

23
Requests

87 %
HTTPS

56 %
IPv6

10
Domains

10
Subdomains

10
IPs

3
Countries

452 kB
Transfer

833 kB
Size

3
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://discord.gg/waterx
Title: Support

Search URL Search Domain Scan URL

URL: https://filedm.com/JDs4E
Title: Download Water X

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneFUmq6BV8zouDsr3vjNYBg6MrN2vBH75tstSPZ-XyGv6hL6F2AvJoo7DbldDi-6AYJOqdcH3w HTTP 302
https://accounts.google.com/v3/signin/identifier?dsh=S701277%3A1685289845782001&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneEm2wT1VOqCCoQdv-t7eQYrqcTATsfI-L4rkCUgTJNpNFrAxfcKltjbHrk-HdOUeN50Bh2qEQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin

Request Chain 14

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneH-Gz12H-47nMRjg6wWpDqSlEE_mNq4BSl8A3ipxwMH7wEjsDpaS3bZyHT0tD4pkgB8ShP0gQ HTTP 302
https://accounts.google.com/v3/signin/identifier?dsh=S-1090178536%3A1685289845780003&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneGDwdpJA0FBNhJzJUZbDxDYabb-tdAZ5P5A6106JlNEwNgG4qdfS4708MGfrqSkc-x9dgiURw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
waterx.download/ 3 KB
4 KB 229ms
188ms Document
text/html 170.187.189.97
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://waterx.download/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 170.187.189.97 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 170-187-189-97.akamai-compute.nexuspipe.com
Software: Nexuspipe.com | DDoS Mitigation Cluster /
Resource Hash: 73e683f04e561015cb341a7995e575154ed76edf99d292f44f4d3be642a4c4c0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: public, max-age: 86400
content-length: 3446
content-type: text/html
date: Sun, 28 May 2023 16:04:05 GMT
etag: "647198d9-d76"
last-modified: Sat, 27 May 2023 05:44:57 GMT
nexus-cache: BYPASS
server: Nexuspipe.com | DDoS Mitigation Cluster
upgrade-insecure-requests: 1

GET /
fonts.nexuspipe.com/ 0
0

GET
H2 200 style.css
waterx.download/ 3 KB
3 KB 18ms
17ms Stylesheet
text/css 170.187.189.97
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://waterx.download/style.css
Requested by: Host: waterx.download
URL: https://waterx.download/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 170.187.189.97 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 170-187-189-97.akamai-compute.nexuspipe.com
Software: Nexuspipe.com | DDoS Mitigation Cluster /
Resource Hash: 172eb9ce1bb5a26fc5d378b212e41e9dec3b86aeb9b95eab9b5c38c4da4849fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://waterx.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 16:04:05 GMT
last-modified: Sun, 02 Apr 2023 14:33:36 GMT
server: Nexuspipe.com | DDoS Mitigation Cluster
nexus-cache: HIT
upgrade-insecure-requests: 1
etag: "64299240-bb2"
content-type: text/css
cache-control: public, max-age: 86400
accept-ranges: bytes
content-length: 2994

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 253 KB
86 KB 43ms
23ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-E1LJBD7MPZ

Requested by

Host: waterx.download
URL: https://waterx.download/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ea0a02d42ae8a5a4631917ec7a290886582aefa318bc05151d40a87e46562a72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://waterx.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 16:04:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87497
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 28 May 2023 16:04:05 GMT

GET
H2 200 / Show response
d1lnjzqqshwcwg.cloudfront.net/ 161 KB
53 KB 196ms
160ms Script
text/plain 2600:9000:2250:5c00:2:bb72:9400:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lnjzqqshwcwg.cloudfront.net/?zjnld=960975
Requested by: Host: waterx.download
URL: https://waterx.download/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5c00:2:bb72:9400:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: faadefb166f38f01ec58a38153fd63e9f722935ccd2dd2c15858942a2ae3e45a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://waterx.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 May 2023 16:04:05 GMT
content-encoding: gzip
via: 1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 53822
x-amz-cf-id: qzmauHyJYGAq8M_88Sgi61bKnEFYKc3WsaN18HvKl56hz9zHPRUpwA==

GET
H2 200 WaterXLogo.png
waterx.download/ 46 KB
46 KB 9ms
8ms Image
image/png 170.187.189.97
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://waterx.download/WaterXLogo.png
Requested by: Host: waterx.download
URL: https://waterx.download/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 170.187.189.97 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 170-187-189-97.akamai-compute.nexuspipe.com
Software: Nexuspipe.com | DDoS Mitigation Cluster /
Resource Hash: abe781c82c448847e5e0434bf867f2816f22a3fc06f1a30c8d0814133d0b49c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://waterx.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 16:04:05 GMT
last-modified: Sun, 07 May 2023 08:00:45 GMT
server: Nexuspipe.com | DDoS Mitigation Cluster
nexus-cache: HIT
upgrade-insecure-requests: 1
etag: "64575aad-b649"
content-type: image/png
cache-control: public, max-age: 86400
accept-ranges: bytes
content-length: 46665

GET
H2 404 phantomforces.png
waterx.download/ 564 B
564 B 187ms
187ms Image
text/html 170.187.189.97
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://waterx.download/phantomforces.png
Requested by: Host: waterx.download
URL: https://waterx.download/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 170.187.189.97 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 170-187-189-97.akamai-compute.nexuspipe.com
Software: Nexuspipe.com | DDoS Mitigation Cluster /
Resource Hash: 3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://waterx.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 16:04:05 GMT
server: Nexuspipe.com | DDoS Mitigation Cluster
upgrade-insecure-requests: 1
content-length: 564
content-type: text/html

GET
H2 404 bloxfruits.png
waterx.download/ 564 B
564 B 192ms
192ms Image
text/html 170.187.189.97
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://waterx.download/bloxfruits.png
Requested by: Host: waterx.download
URL: https://waterx.download/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 170.187.189.97 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 170-187-189-97.akamai-compute.nexuspipe.com
Software: Nexuspipe.com | DDoS Mitigation Cluster /
Resource Hash: 3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://waterx.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 16:04:05 GMT
server: Nexuspipe.com | DDoS Mitigation Cluster
upgrade-insecure-requests: 1
content-length: 564
content-type: text/html

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 34ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-E1LJBD7MPZ&gtm=45je35o0&_p=1842361746&cid=1157981038.1685289846&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1685289845&sct=1&seg=0&dl=https%3A%2F%2Fwaterx.download%2F&dt=Water%20X&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E1LJBD7MPZ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://waterx.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 May 2023 16:04:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://waterx.download
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
101 KB 42ms
13ms Fetch
binary/octet-stream 172.64.132.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: d1lnjzqqshwcwg.cloudfront.net
URL: https://d1lnjzqqshwcwg.cloudfront.net/?zjnld=960975
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.132.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://waterx.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 16:04:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7055
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 28 May 2023 14:06:30 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://waterx.download
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BPFxM7VdN5lFqFPFtD2wQh91%2BL1AqovEoC1Wvox3rD3CZw8gh%2FtJ5%2FWL6OdtOcOuDnIkpVnVqEnZApAtsI83SZIkH%2BBqCv24suBrun0M%2Fm06h9yrOf18Bf7uqK1VL8eF"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7ce7bb3f5eb2085d-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
pogothere.xyz/ 26 B
351 B 140ms
111ms Fetch
text/plain 172.64.132.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: d1lnjzqqshwcwg.cloudfront.net
URL: https://d1lnjzqqshwcwg.cloudfront.net/?zjnld=960975
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.132.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7b4e5e109042cfd07f56345780d2db32cd82a90546f7df4c8a061413c38fc71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://waterx.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 16:04:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RepKxL5rimyGJnuAToD9luy4ANo9FDgZfnDMPVnQngZegjj2kH%2Fabj3oEmYIVQOizRHMJ%2FhpJd6FZCKrF3sGf8ythf8haTuuSoinavv94fIOlMW%2FE%2FeZ3RgDQKiSEw6N"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://waterx.download
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 7ce7bb3f5eb3085d-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400

GET
H2 204 utx Show response
adthereissome.info/ 0
537 B 135ms
106ms XHR
text/plain 52.222.236.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adthereissome.info/utx?cb=4mSCalmKPDuO&top=waterx.download&tid=960975
Requested by: Host: d1lnjzqqshwcwg.cloudfront.net
URL: https://d1lnjzqqshwcwg.cloudfront.net/?zjnld=960975
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-125.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://waterx.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 May 2023 16:04:05 GMT
via: 1.1 ade2b5e2170ccd4f394b741b27bb0eec.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://waterx.download
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: Mwj3SHuYawEfvyEnkEDI88m0ATYEm12-9_xRtPsr3-3W4ltb6tSywQ==

GET
H2 204 HBJGLSxsDQR0cWYBFDQhNQkDYjslVUYxO2wFFC0mN1sPYj5sBRx3fH8HAGp6d0EPdW4lRFMjdWASQjA8PQkDcnBkBgp9cGUBBHd6
gforanythingamgl.info/SFE0MkRnbldBeR8/XwIJIhtdYwUFHXV1fQoQQ0EDKToMcQY/ 0
263 B 138ms
109ms Image
text/plain 104.21.93.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gforanythingamgl.info/SFE0MkRnbldBeR8/XwIJIhtdYwUFHXV1fQoQQ0EDKToMcQY/HBJGLSxsDQR0cWYBFDQhNQkDYjslVUYxO2wFFC0mN1sPYj5sBRx3fH8HAGp6d0EPdW4lRFMjdWASQjA8PQkDcnBkBgp9cGUBBHd6
Requested by: Host: waterx.download
URL: https://waterx.download/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.93.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://waterx.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 16:04:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9MdC3X8Biq4slW4Q3SpirzoZQvfMJc56sMLwFXYNKWCucM2C7VC%2BaNLjZRFw72LnUa0QZ3SGFaU2EuKX5m1IrKVxcHUhTV%2BS7jtywWkUJm%2FvM%2Bzh5tr9IykATQkJ8Bmv3SSqi0Fv0Dg%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7ce7bb3f8ee53738-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 login.php
www.facebook.com/ 0
0 175ms
160ms Image
text/html 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by: Host: waterx.download
URL: https://waterx.download/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://waterx.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H2

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=Af_xneFUmq6BV8zouDsr3vjNYBg6MrN2vBH75tstSPZ-XyGv6hL6F2AvJoo7Dbl...
https://accounts.google.com/v3/signin/identifier?dsh=S701277%3A1685289845782001&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneEm2wT1VOqCCoQdv-t7eQYrqcTATsfI-L4rkCUgTJNpNFrAxf...

0
0

28ms
28ms

Image
text/html

2a00:1450:4001:828::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?dsh=S701277%3A1685289845782001&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneEm2wT1VOqCCoQdv-t7eQYrqcTATsfI-L4rkCUgTJNpNFrAxfcKltjbHrk-HdOUeN50Bh2qEQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Requested by: Host: waterx.download
URL: https://waterx.download/
Protocol: H2
Server: 2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://waterx.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Redirect headers

date: Sun, 28 May 2023 16:04:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-SbzLGscvhwA6mHokk3OX_A' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 391
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?dsh=S701277%3A1685289845782001&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneEm2wT1VOqCCoQdv-t7eQYrqcTATsfI-L4rkCUgTJNpNFrAxfcKltjbHrk-HdOUeN50Bh2qEQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=Af_xneH-Gz12H-47nMRjg6wWpDqSlEE_mNq4BSl8A3ipxwMH7wEjsDpaS3b...
https://accounts.google.com/v3/signin/identifier?dsh=S-1090178536%3A1685289845780003&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneGDwdpJA0FBNhJzJUZbDxDYabb-tdAZ5P5A6106JlNE...

0
0

28ms
27ms

Image
text/html

2a00:1450:4001:828::200d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?dsh=S-1090178536%3A1685289845780003&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneGDwdpJA0FBNhJzJUZbDxDYabb-tdAZ5P5A6106JlNEwNgG4qdfS4708MGfrqSkc-x9dgiURw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
Requested by: Host: waterx.download
URL: https://waterx.download/
Protocol: H2
Server: 2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://waterx.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Redirect headers

date: Sun, 28 May 2023 16:04:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-89Bbngrs5akoWzmqGRnyjg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 399
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1090178536%3A1685289845780003&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneGDwdpJA0FBNhJzJUZbDxDYabb-tdAZ5P5A6106JlNEwNgG4qdfS4708MGfrqSkc-x9dgiURw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 popunder.gif
gforanythingamgl.info/ 35 B
541 B 43ms
14ms Image
image/gif 104.21.93.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gforanythingamgl.info/popunder.gif
Requested by: Host: waterx.download
URL: https://waterx.download/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.93.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://waterx.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: public
date: Sun, 28 May 2023 16:04:05 GMT
cf-cache-status: HIT
last-modified: Mon, 22 May 2023 00:04:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 575997
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O0R36PJE21RoSeceUNR%2FYzJPraTaQZLyPlbAQyEUOfc4X2PGmLjwPvjP%2BE%2BtDeKMIdpCdCofhaZ%2Biju1CQ28O9yjyBHkTLzUIewFnldePf3XUNFKmGwieZ7gLSVSaqo%2BENuCHr1TZiM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
cf-ray: 7ce7bb3f8ee83738-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 / Show response
d1lnjzqqshwcwg.cloudfront.net/ 161 KB
53 KB 10ms
10ms Script
text/plain 2600:9000:2250:5c00:2:bb72:9400:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lnjzqqshwcwg.cloudfront.net/?zjnld=960975
Requested by: Host: waterx.download
URL: https://waterx.download/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5c00:2:bb72:9400:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: faadefb166f38f01ec58a38153fd63e9f722935ccd2dd2c15858942a2ae3e45a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://waterx.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 May 2023 16:04:05 GMT
content-encoding: gzip
via: 1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-cache: Hit from cloudfront
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length: 53822
x-amz-cf-id: 4P66Busaj6x_thtEw4kEE5gpF1ItJGIqqIa0YRwa3FImfiMfNsc07Q==

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
100 KB 24ms
21ms Fetch
binary/octet-stream 172.64.132.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: d1lnjzqqshwcwg.cloudfront.net
URL: https://d1lnjzqqshwcwg.cloudfront.net/?zjnld=960975
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.132.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://waterx.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 16:04:05 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7055
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 28 May 2023 14:06:30 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: https://waterx.download
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GeI9RzUBJKNY7%2Fqasu9bbk5jGApsM%2BQ8TdYscrjI68dZaFjlnon1GBdpdGJBhonTVRbz8Mul6RmD%2FEr%2BzA%2B3SthSYzWiNJqcxw8WEK9EmdEBwGlpHjZYXeST44IDbzUs"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7ce7bb3f5eb7085d-FRA
access-control-allow-headers: X-Requested-With, content-type

GET
H2 200 / Show response
pogothere.xyz/ 26 B
369 B 102ms
99ms Fetch
text/plain 172.64.132.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: d1lnjzqqshwcwg.cloudfront.net
URL: https://d1lnjzqqshwcwg.cloudfront.net/?zjnld=960975
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.132.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4370ac5e7c351e241fd0c7e0ea3e82da0fa59b58cf8e19fd5666d19e89360712

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://waterx.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 16:04:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jhF0YIvDSljLm1gfzoLny4NieFO6QSfakJePipQeXNKxHr2yFwWiyXw5c1t4jIPcmGFker8vUfFk7p5A9mlkrssVqMY%2FHY49KrCGrvysB2OZ%2B%2BpA4YxzC%2Bwim70sYBmM"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: https://waterx.download
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 7ce7bb3f5eb5085d-FRA
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400

GET
H2 204 utx Show response
adthereissome.info/ 0
539 B 100ms
97ms XHR
text/plain 52.222.236.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adthereissome.info/utx?cb=eb9qB4Jjfk4y&top=waterx.download&tid=960975
Requested by: Host: d1lnjzqqshwcwg.cloudfront.net
URL: https://d1lnjzqqshwcwg.cloudfront.net/?zjnld=960975
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-125.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://waterx.download/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 May 2023 16:04:05 GMT
via: 1.1 ade2b5e2170ccd4f394b741b27bb0eec.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: https://waterx.download
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: Tj2_5b_kYCUJpQSL7rH-6fLbPnslJSYGu76XQreVyzNwf0OnfNUkNQ==

GET
H2 200 I38vEjsWX34QOyR6GTQkEGB6YD0XbDwLKgJiIQM7d3EKHQZxbXsxOx5sEgohME9zFC9+XgEOKyxrHhc9IQoJFD4rfm5rLx19Izs7KnYnGjgwfgYaChNrDRwxHn0nOD0QciEBKy9dEhhPLUskNxl6XxsoKA8PB2pQBQ0 Show response
adthereissome.info/aUc4S1kIJVsmZgh6Wm0sGysFbmsvYgoNPVgrViEjGDZLIy4KMF9lOgUoTS8/GyhWP3cHIkxuay9yWhwXOxFgJBYtAwAxCzsscwUOAQNvehcGHlNyFSoUcX0fK3ZdBT48C3QILQQAbScMIBBqMR0BJHApHj8keRoQTHV+BjINC3ohYVsVCT... Frame ABCC 3 KB
2 KB 98ms
98ms Document
text/html 52.222.236.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adthereissome.info/aUc4S1kIJVsmZgh6Wm0sGysFbmsvYgoNPVgrViEjGDZLIy4KMF9lOgUoTS8/GyhWP3cHIkxuay9yWhwXOxFgJBYtAwAxCzsscwUOAQNvehcGHlNyFSoUcX0fK3ZdBT48C3QILQQAbScMIBBqMR0BJHApHj8keRoQTHV+BjINC3ohYVsVCTMfJAN9EgwvIwsCCAYEewwuAQB6cxEkAwgbGA4sACguUQpgIS5fBnkaCTkTai0BEBFTLmkZDm0cH1ADaRoXJxNXBRECHVIRCzgdaiYXBRQJehcwH3oBFVkdUhEIWQJ8HD0BHwl/MQ0AXAAfPxFULR9QIW0xdCgreywcLg1SCgArIFcnOiwgSh00Iy5uDWw/I38vEjsWX34QOyR6GTQkEGB6YD0XbDwLKgJiIQM7d3EKHQZxbXsxOx5sEgohME9zFC9+XgEOKyxrHhc9IQoJFD4rfm5rLx19Izs7KnYnGjgwfgYaChNrDRwxHn0nOD0QciEBKy9dEhhPLUskNxl6XxsoKA8PB2pQBQ0
Requested by: Host: d1lnjzqqshwcwg.cloudfront.net
URL: https://d1lnjzqqshwcwg.cloudfront.net/?zjnld=960975
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-125.fra56.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 56ca28d85bfd72c1c2bb3875e7d30b05b759f2d3882963eb5a7efacbcd32cba4

Request headers

Referer: https://waterx.download/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip
content-length: 1238
content-type: text/html
date: Sun, 28 May 2023 16:04:05 GMT
p3p: CP="NID DSP ALL COR"
pragma: no-cache
server: openresty/1.17.8.2
via: 1.1 ade2b5e2170ccd4f394b741b27bb0eec.cloudfront.net (CloudFront)
x-amz-cf-id: B5fldkzHt066bGF0iQsxV9tPZICAeLI4SA-Wl71pqKo6-V3ZGRMPUQ==
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront

GET
H2 200 ZEhbRmNlCQwFMCcTSFEXYElaTWJjXBheYA Show response
d1lnjzqqshwcwg.cloudfront.net/5bWNRVXoODD8zRRkKNWhDW1NoYk9LCSI6FB1eNgULLCtmGUlUIWRzDhcHbGVcAQI/MkdLBj82R1xFMDEYUFd3IQoCCGwhGB8HMD0PAgk8cw8MXjw6AAQPPTRfXyVke0pIUWF9DQQNNToNHkZjZRQZRmNlS11NYXBJL0ZjZQ... Frame ABCC 779 B
833 B 151ms
151ms Script
text/plain 2600:9000:2250:5c00:2:bb72:9400:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1lnjzqqshwcwg.cloudfront.net/5bWNRVXoODD8zRRkKNWhDW1NoYk9LCSI6FB1eNgULLCtmGUlUIWRzDhcHbGVcAQI/MkdLBj82R1xFMDEYUFd3IQoCCGwhGB8HMD0PAgk8cw8MXjw6AAQPPTRfXyVke0pIUWF9DQQNNToNHkZjZRQZRmNlS11NYXBJL0ZjZQ0EDWdhX14hdGdKFVVlfF9fUz-AlCgEGJjAYBgolcEgrVmJiVF5VdGdKRQg5IRcBRmMWX19TPTwRCEZjZR0IADo6U0hRYTYSHww8MF9fJWBkSUNTf2BMWlF/ZEhbRmNlCQwFMCcTSFEXYElaTWJjXBheYA
Requested by: Host: adthereissome.info
URL: https://adthereissome.info/aUc4S1kIJVsmZgh6Wm0sGysFbmsvYgoNPVgrViEjGDZLIy4KMF9lOgUoTS8/GyhWP3cHIkxuay9yWhwXOxFgJBYtAwAxCzsscwUOAQNvehcGHlNyFSoUcX0fK3ZdBT48C3QILQQAbScMIBBqMR0BJHApHj8keRoQTHV+BjINC3ohYVsVCTMfJAN9EgwvIwsCCAYEewwuAQB6cxEkAwgbGA4sACguUQpgIS5fBnkaCTkTai0BEBFTLmkZDm0cH1ADaRoXJxNXBRECHVIRCzgdaiYXBRQJehcwH3oBFVkdUhEIWQJ8HD0BHwl/MQ0AXAAfPxFULR9QIW0xdCgreywcLg1SCgArIFcnOiwgSh00Iy5uDWw/I38vEjsWX34QOyR6GTQkEGB6YD0XbDwLKgJiIQM7d3EKHQZxbXsxOx5sEgohME9zFC9+XgEOKyxrHhc9IQoJFD4rfm5rLx19Izs7KnYnGjgwfgYaChNrDRwxHn0nOD0QciEBKy9dEhhPLUskNxl6XxsoKA8PB2pQBQ0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5c00:2:bb72:9400:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 32516d54787cde1eb8b5d180d8a71991369dc9113c1ace6d6d4ab679c2ec7442

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adthereissome.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 28 May 2023 16:04:06 GMT
content-encoding: gzip
via: 1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: max-age=31556926
content-length: 557
x-amz-cf-id: ypyo8QH_PnK6AtfIXeln7-FEfXU0MdWL-q48HenIuOXImvxnGSjl2w==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.nexuspipe.com
URL: https://fonts.nexuspipe.com/

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.waterx.download/	1970-01-20 21:44:09	Name: _ga Value: GA1.1.1157981038.1685289846
.waterx.download/	1970-01-20 21:44:09	Name: _ga_E1LJBD7MPZ Value: GS1.1.1685289845.1.0.1685289845.0.0.0
pogothere.xyz/	1970-01-20 20:46:33	Name: csu Value: 831804057534146@1@1685289845

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://waterx.download/ Message: Access to CSS stylesheet at 'https://fonts.nexuspipe.com/' from origin 'https://waterx.download' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://fonts.nexuspipe.com/ Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://waterx.download/phantomforces.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://waterx.download/bloxfruits.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://accounts.google.com/v3/signin/identifier?dsh=S-1090178536%3A1685289845780003&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=Af_xneGDwdpJA0FBNhJzJUZbDxDYabb-tdAZ5P5A6106JlNEwNgG4qdfS4708MGfrqSkc-x9dgiURw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://accounts.google.com/v3/signin/identifier?dsh=S701277%3A1685289845782001&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=Af_xneEm2wT1VOqCCoQdv-t7eQYrqcTATsfI-L4rkCUgTJNpNFrAxfcKltjbHrk-HdOUeN50Bh2qEQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
adthereissome.info
d1lnjzqqshwcwg.cloudfront.net
fonts.nexuspipe.com
gforanythingamgl.info
pogothere.xyz
region1.google-analytics.com
waterx.download
www.facebook.com
www.googletagmanager.com
fonts.nexuspipe.com
104.21.93.237
170.187.189.97
172.64.132.29
2001:4860:4802:34::36
2600:9000:2250:5c00:2:bb72:9400:21
2a00:1450:4001:828::200d
2a00:1450:4001:82f::2008
2a03:2880:f176:181:face:b00c:0:25de
52.222.236.125
172eb9ce1bb5a26fc5d378b212e41e9dec3b86aeb9b95eab9b5c38c4da4849fe
32516d54787cde1eb8b5d180d8a71991369dc9113c1ace6d6d4ab679c2ec7442
3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f
4370ac5e7c351e241fd0c7e0ea3e82da0fa59b58cf8e19fd5666d19e89360712
56ca28d85bfd72c1c2bb3875e7d30b05b759f2d3882963eb5a7efacbcd32cba4
73e683f04e561015cb341a7995e575154ed76edf99d292f44f4d3be642a4c4c0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
abe781c82c448847e5e0434bf867f2816f22a3fc06f1a30c8d0814133d0b49c9
d7b4e5e109042cfd07f56345780d2db32cd82a90546f7df4c8a061413c38fc71
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea0a02d42ae8a5a4631917ec7a290886582aefa318bc05151d40a87e46562a72
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
faadefb166f38f01ec58a38153fd63e9f722935ccd2dd2c15858942a2ae3e45a

waterx.download Open in urlscan Pro 170.187.189.97 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

23 Requests

87 %HTTPS

56 %IPv6

10 Domains

10 Subdomains

10 IPs

3 Countries

452 kBTransfer

833 kBSize

3 Cookies

2 Outgoing links

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

3 Cookies

6 Console Messages

Indicators

waterx.download Open in urlscan Pro
170.187.189.97 Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

87 %
HTTPS

56 %
IPv6

10
Domains

10
Subdomains

10
IPs

3
Countries

452 kB
Transfer

833 kB
Size

3
Cookies

23 HTTP transactions
0 data transactions