landing.waterflow.vip Open in urlscan Pro
2600:9000:225f:3400:1:49dc:1ec0:93a1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://landing.waterflow.vip/api/dst/view?u=LeY0Av&t=4539127&c=5
Submission: On February 18 via api (February 18th 2023, 7:02:26 pm UTC) from CH — Scanned from DE

Summary HTTP 18 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 18 HTTP transactions. The main IP is 2600:9000:225f:3400:1:49dc:1ec0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is landing.waterflow.vip.
TLS certificate: Issued by Amazon RSA 2048 M02 on December 12th 2022. Valid for: a year.

This is the only time landing.waterflow.vip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2600:9000:225... 2600:9000:225f:3400:1:49dc:1ec0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.219.124.199 52.219.124.199	16509 (AMAZON-02) (AMAZON-02)
13	16.162.9.38 16.162.9.38	16509 (AMAZON-02) (AMAZON-02)
2	108.138.17.36 108.138.17.36	16509 (AMAZON-02) (AMAZON-02)
18	4

2 2600:9000:225f:3400:1:49dc:1ec0:93a1 (United States)

ASN16509 (AMAZON-02, US)

landing.waterflow.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.219.124.199 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: s3-ap-southeast-1-r-w.amazonaws.com

m-utility.s3-ap-southeast-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 16.162.9.38 (Hong Kong)

ASN16509 (AMAZON-02, US)
PTR: ec2-16-162-9-38.ap-east-1.compute.amazonaws.com

multiable.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.17.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-36.fra56.r.cloudfront.net

ikdjekpj4d.execute-api.ap-southeast-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	multiable.com multiable.com	832 KB
3	amazonaws.com m-utility.s3-ap-southeast-1.amazonaws.com ikdjekpj4d.execute-api.ap-southeast-1.amazonaws.com	76 KB
2	waterflow.vip landing.waterflow.vip	47 KB
18	3

	Domain	Requested by
13	multiable.com	landing.waterflow.vip
2	ikdjekpj4d.execute-api.ap-southeast-1.amazonaws.com	m-utility.s3-ap-southeast-1.amazonaws.com
2	landing.waterflow.vip	landing.waterflow.vip
1	m-utility.s3-ap-southeast-1.amazonaws.com	landing.waterflow.vip
18	4

This site contains no links.

Subject Issuer	Validity	Valid
*.missionground.com Amazon RSA 2048 M02	`2022-12-12` - `2024-01-10`	a year	crt.sh
*.s3-ap-southeast-1.amazonaws.com Amazon	`2022-09-21` - `2023-08-25`	a year	crt.sh
multiable.com Starfield Secure Certificate Authority - G2	`2022-06-28` - `2023-07-30`	a year	crt.sh
*.execute-api.ap-southeast-1.amazonaws.com Amazon	`2022-11-05` - `2023-12-03`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://landing.waterflow.vip/api/dst/view?u=LeY0Av&t=4539127&c=5
Frame ID: 80BFE18C210F88FA9C6EAD42E2AB7B0F
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

18
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

4
IPs

3
Countries

955 kB
Transfer

949 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request view Show response
landing.waterflow.vip/api/dst/ 46 KB
46 KB 442ms
395ms Document
text/html 2600:9000:225f:3400:1:49dc:1ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://landing.waterflow.vip/api/dst/view?u=LeY0Av&t=4539127&c=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225f:3400:1:49dc:1ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7e9c119e992e1522f0d67c4055acf5ccd86125ced7256f38127db7ab12647409

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=utf-8
date: Sat, 18 Feb 2023 19:02:18 GMT
via: 1.1 e8b7a57aa46fb1a9d8006f334bd5efd0.cloudfront.net (CloudFront)
x-amz-cf-id: tAtKRrPCLVDcdvp3L1BHt1cd0D5DNQPTSUl4DRjTtTdRFoNwlWmf7A==
x-amz-cf-pop: TXL50-P2
x-cache: Miss from cloudfront

GET
H/1.1 200
OK utils.min.js Show response
m-utility.s3-ap-southeast-1.amazonaws.com/ 75 KB
75 KB 701ms
259ms Script
application/javascript 52.219.124.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://m-utility.s3-ap-southeast-1.amazonaws.com/utils.min.js
Requested by: Host: landing.waterflow.vip
URL: https://landing.waterflow.vip/api/dst/view?u=LeY0Av&t=4539127&c=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.124.199 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: f4eaa8caed2f34a02e5d246fd944083ce09e9189d9691b153c2cda704fcf96d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing.waterflow.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sat, 18 Feb 2023 19:02:20 GMT
x-amz-version-id: ADOhHdqooFIDx7sNAdXgA8urw0yau.6I
Last-Modified: Thu, 17 Feb 2022 08:35:01 GMT
Server: AmazonS3
x-amz-request-id: MRG5JVMQAGSCNY58
ETag: "816171fc88c3798140123f82496477f1"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 76477
x-amz-id-2: 0JyghaGj0b5kifqFZwa8KCCBLyO1D0OUgQzk/EJrtnAtubINtmd0M4/dkuqwKuiZa+Km4BkdcMM=

GET
H/1.1 200
OK logo.jpg
multiable.com/case/HCM-OLT-001_files/ 17 KB
17 KB 655ms
218ms Image
image/jpeg 16.162.9.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://multiable.com/case/HCM-OLT-001_files/logo.jpg

Requested by

Host: landing.waterflow.vip
URL: https://landing.waterflow.vip/api/dst/view?u=LeY0Av&t=4539127&c=5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

16.162.9.38 , Hong Kong, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-16-162-9-38.ap-east-1.compute.amazonaws.com

Software

Apache /

Resource Hash

a407a05eaf0fa3b9d304f7ddee2ec8f7f8947cf6a885484a7d7a8073b07a4bb0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing.waterflow.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sat, 18 Feb 2023 19:02:19 GMT
Last-Modified: Thu, 29 Sep 2022 04:54:21 GMT
Server: Apache
ETag: "440d-5e9c9abac9e2e"
X-Frame-Options: SAMEORIGIN
Vary: Cookie
Content-Type: image/jpeg
Cache-Control: s-maxage=10
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 17421

GET
H/1.1 200
OK title1A.jpg
multiable.com/case/HCM-OLT-001_files/ 195 KB
196 KB 216ms
216ms Image
image/jpeg 16.162.9.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://multiable.com/case/HCM-OLT-001_files/title1A.jpg

Requested by

Host: landing.waterflow.vip
URL: https://landing.waterflow.vip/api/dst/view?u=LeY0Av&t=4539127&c=5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

16.162.9.38 , Hong Kong, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-16-162-9-38.ap-east-1.compute.amazonaws.com

Software

Apache /

Resource Hash

6ddc3e8cd319d07de32ec663fa700fe1fe163a61db11a9e0baaaf60a4169cd50

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing.waterflow.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sat, 18 Feb 2023 19:02:19 GMT
Last-Modified: Thu, 29 Sep 2022 04:54:21 GMT
Server: Apache
ETag: "30cf2-5e9c9abaae8ae"
X-Frame-Options: SAMEORIGIN
Vary: Cookie
Content-Type: image/jpeg
Cache-Control: s-maxage=10
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 199922

GET
H/1.1 200
OK c1.jpg
multiable.com/case/HCM-OLT-001_files/ 126 KB
126 KB 1203ms
799ms Image
image/jpeg 16.162.9.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://multiable.com/case/HCM-OLT-001_files/c1.jpg

Requested by

Host: landing.waterflow.vip
URL: https://landing.waterflow.vip/api/dst/view?u=LeY0Av&t=4539127&c=5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

16.162.9.38 , Hong Kong, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-16-162-9-38.ap-east-1.compute.amazonaws.com

Software

Apache /

Resource Hash

262bd32fe65625a9898db064599ec81924b34a1d047fd8bba776add0c2682d68

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing.waterflow.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sat, 18 Feb 2023 19:02:21 GMT
Last-Modified: Thu, 29 Sep 2022 04:54:21 GMT
Server: Apache
ETag: "1f664-5e9c9abae922e"
X-Frame-Options: SAMEORIGIN
Vary: Cookie
Content-Type: image/jpeg
Cache-Control: s-maxage=10
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 128612

GET
H/1.1 200
OK manager.jpg
multiable.com/case/HCM-OLT-001_files/ 17 KB
17 KB 611ms
205ms Image
image/jpeg 16.162.9.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://multiable.com/case/HCM-OLT-001_files/manager.jpg

Requested by

Host: landing.waterflow.vip
URL: https://landing.waterflow.vip/api/dst/view?u=LeY0Av&t=4539127&c=5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

16.162.9.38 , Hong Kong, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-16-162-9-38.ap-east-1.compute.amazonaws.com

Software

Apache /

Resource Hash

4238e622caf03895785166e3e3a5b6919b6864243684bb9bd0e6ce65c037a3d4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing.waterflow.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sat, 18 Feb 2023 19:02:20 GMT
Last-Modified: Thu, 29 Sep 2022 04:54:21 GMT
Server: Apache
ETag: "4418-5e9c9abac5fae"
X-Frame-Options: SAMEORIGIN
Vary: Cookie
Content-Type: image/jpeg
Cache-Control: s-maxage=10
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 17432

GET
H/1.1 200
OK employees.jpg
multiable.com/case/HCM-OLT-001_files/ 18 KB
19 KB 615ms
207ms Image
image/jpeg 16.162.9.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://multiable.com/case/HCM-OLT-001_files/employees.jpg

Requested by

Host: landing.waterflow.vip
URL: https://landing.waterflow.vip/api/dst/view?u=LeY0Av&t=4539127&c=5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

16.162.9.38 , Hong Kong, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-16-162-9-38.ap-east-1.compute.amazonaws.com

Software

Apache /

Resource Hash

b90bdb45eeb55b1aa575b789233601ca18e8849a3a7f3b01ec52939af7a6bf20

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing.waterflow.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sat, 18 Feb 2023 19:02:20 GMT
Last-Modified: Thu, 29 Sep 2022 04:54:21 GMT
Server: Apache
ETag: "499c-5e9c9abad59ae"
X-Frame-Options: SAMEORIGIN
Vary: Cookie
Content-Type: image/jpeg
Cache-Control: s-maxage=10
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 18844

GET
H/1.1 200
OK trainer.jpg
multiable.com/case/HCM-OLT-001_files/ 18 KB
18 KB 632ms
212ms Image
image/jpeg 16.162.9.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://multiable.com/case/HCM-OLT-001_files/trainer.jpg

Requested by

Host: landing.waterflow.vip
URL: https://landing.waterflow.vip/api/dst/view?u=LeY0Av&t=4539127&c=5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

16.162.9.38 , Hong Kong, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-16-162-9-38.ap-east-1.compute.amazonaws.com

Software

Apache /

Resource Hash

ddd687861c829a612d3140286efb71085855cb0d43cac792b87cd9ab1e0f28f6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing.waterflow.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sat, 18 Feb 2023 19:02:20 GMT
Last-Modified: Thu, 29 Sep 2022 04:54:21 GMT
Server: Apache
ETag: "469b-5e9c9abaa7b4e"
X-Frame-Options: SAMEORIGIN
Vary: Cookie
Content-Type: image/jpeg
Cache-Control: s-maxage=10
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 18075

GET
H/1.1 200
OK c2.jpg
multiable.com/case/HCM-OLT-001_files/ 108 KB
108 KB 656ms
224ms Image
image/jpeg 16.162.9.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://multiable.com/case/HCM-OLT-001_files/c2.jpg

Requested by

Host: landing.waterflow.vip
URL: https://landing.waterflow.vip/api/dst/view?u=LeY0Av&t=4539127&c=5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

16.162.9.38 , Hong Kong, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-16-162-9-38.ap-east-1.compute.amazonaws.com

Software

Apache /

Resource Hash

cfcafe5378de7bb134b2357c8baf256199088484b436037eafdea42327c47197

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing.waterflow.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sat, 18 Feb 2023 19:02:20 GMT
Last-Modified: Thu, 29 Sep 2022 04:54:21 GMT
Server: Apache
ETag: "1aefc-5e9c9abae440e"
X-Frame-Options: SAMEORIGIN
Vary: Cookie
Content-Type: image/jpeg
Cache-Control: s-maxage=10
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 110332

GET
H/1.1 200
OK manager02.jpg
multiable.com/case/HCM-OLT-001_files/ 17 KB
17 KB 249ms
218ms Image
image/jpeg 16.162.9.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://multiable.com/case/HCM-OLT-001_files/manager02.jpg

Requested by

Host: landing.waterflow.vip
URL: https://landing.waterflow.vip/api/dst/view?u=LeY0Av&t=4539127&c=5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

16.162.9.38 , Hong Kong, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-16-162-9-38.ap-east-1.compute.amazonaws.com

Software

Apache /

Resource Hash

fae9dd59cd49e0622dfdb3f66df8bfc4d11e05e4f37b47510053dad86d238e47

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing.waterflow.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sat, 18 Feb 2023 19:02:20 GMT
Last-Modified: Thu, 29 Sep 2022 04:54:21 GMT
Server: Apache
ETag: "4260-5e9c9abac01ee"
X-Frame-Options: SAMEORIGIN
Vary: Cookie
Content-Type: image/jpeg
Cache-Control: s-maxage=10
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 16992

GET
H/1.1 200
OK employees02.jpg
multiable.com/case/HCM-OLT-001_files/ 18 KB
18 KB 203ms
203ms Image
image/jpeg 16.162.9.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://multiable.com/case/HCM-OLT-001_files/employees02.jpg

Requested by

Host: landing.waterflow.vip
URL: https://landing.waterflow.vip/api/dst/view?u=LeY0Av&t=4539127&c=5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

16.162.9.38 , Hong Kong, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-16-162-9-38.ap-east-1.compute.amazonaws.com

Software

Apache /

Resource Hash

8dbcec34ba08839fb6cc03ae6f64cab6403a7cffa7c1e03e06e8b54d216115b3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing.waterflow.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sat, 18 Feb 2023 19:02:20 GMT
Last-Modified: Thu, 29 Sep 2022 04:54:21 GMT
Server: Apache
ETag: "47db-5e9c9abacfbee"
X-Frame-Options: SAMEORIGIN
Vary: Cookie
Content-Type: image/jpeg
Cache-Control: s-maxage=10
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 18395

GET
H/1.1 200
OK marker.jpg
multiable.com/case/HCM-OLT-001_files/ 18 KB
18 KB 205ms
205ms Image
image/jpeg 16.162.9.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://multiable.com/case/HCM-OLT-001_files/marker.jpg

Requested by

Host: landing.waterflow.vip
URL: https://landing.waterflow.vip/api/dst/view?u=LeY0Av&t=4539127&c=5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

16.162.9.38 , Hong Kong, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-16-162-9-38.ap-east-1.compute.amazonaws.com

Software

Apache /

Resource Hash

9febcaa4cb68fc68c485b7e6ca6506598a80fff7f1c8bfc438071ed8f8b9b108

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing.waterflow.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sat, 18 Feb 2023 19:02:20 GMT
Last-Modified: Thu, 29 Sep 2022 04:54:21 GMT
Server: Apache
ETag: "4703-5e9c9ababa42e"
X-Frame-Options: SAMEORIGIN
Vary: Cookie
Content-Type: image/jpeg
Cache-Control: s-maxage=10
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 18179

GET
H/1.1 200
OK c3.jpg
multiable.com/case/HCM-OLT-001_files/ 122 KB
123 KB 211ms
211ms Image
image/jpeg 16.162.9.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://multiable.com/case/HCM-OLT-001_files/c3.jpg

Requested by

Host: landing.waterflow.vip
URL: https://landing.waterflow.vip/api/dst/view?u=LeY0Av&t=4539127&c=5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

16.162.9.38 , Hong Kong, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-16-162-9-38.ap-east-1.compute.amazonaws.com

Software

Apache /

Resource Hash

acbbbcb99b5bc2df666d6c1503433ccfe8ef68eecfd74b12b2261c45e6d10984

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing.waterflow.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sat, 18 Feb 2023 19:02:20 GMT
Last-Modified: Thu, 29 Sep 2022 04:54:21 GMT
Server: Apache
ETag: "1e8c0-5e9c9abae058e"
X-Frame-Options: SAMEORIGIN
Vary: Cookie
Content-Type: image/jpeg
Cache-Control: s-maxage=10
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 125120

GET
H/1.1 200
OK c4.jpg
multiable.com/case/HCM-OLT-001_files/ 143 KB
144 KB 217ms
216ms Image
image/jpeg 16.162.9.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://multiable.com/case/HCM-OLT-001_files/c4.jpg

Requested by

Host: landing.waterflow.vip
URL: https://landing.waterflow.vip/api/dst/view?u=LeY0Av&t=4539127&c=5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

16.162.9.38 , Hong Kong, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-16-162-9-38.ap-east-1.compute.amazonaws.com

Software

Apache /

Resource Hash

b517459da61cb60938b3802c31368b5065f268779505d544d47d84209df18f14

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing.waterflow.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sat, 18 Feb 2023 19:02:20 GMT
Last-Modified: Thu, 29 Sep 2022 04:54:21 GMT
Server: Apache
ETag: "23ddd-5e9c9abadb76e"
X-Frame-Options: SAMEORIGIN
Vary: Cookie
Content-Type: image/jpeg
Cache-Control: s-maxage=10
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 146909

GET
H/1.1 200
OK website.jpg
multiable.com/case/HCM-OLT-001_files/ 11 KB
12 KB 204ms
204ms Image
image/jpeg 16.162.9.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://multiable.com/case/HCM-OLT-001_files/website.jpg

Requested by

Host: landing.waterflow.vip
URL: https://landing.waterflow.vip/api/dst/view?u=LeY0Av&t=4539127&c=5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

16.162.9.38 , Hong Kong, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-16-162-9-38.ap-east-1.compute.amazonaws.com

Software

Apache /

Resource Hash

1905e4523a1040877ce61f99f115891823e097992f5fa547048e1bade4a53af5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing.waterflow.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sat, 18 Feb 2023 19:02:21 GMT
Last-Modified: Thu, 29 Sep 2022 04:54:21 GMT
Server: Apache
ETag: "2dc2-5e9c9abaa0dee"
X-Frame-Options: SAMEORIGIN
Vary: Cookie
Content-Type: image/jpeg
Cache-Control: s-maxage=10
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 11714

GET
H2 200 pt.jpg
landing.waterflow.vip/api/dst/ 597 B
820 B 369ms
368ms Image
image/jpeg 2600:9000:225f:3400:1:49dc:1ec0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://landing.waterflow.vip/api/dst/pt.jpg?u=LeY0Av&t=4539127&c=5
Requested by: Host: landing.waterflow.vip
URL: https://landing.waterflow.vip/api/dst/view?u=LeY0Av&t=4539127&c=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225f:3400:1:49dc:1ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d6bf3bb906c89a0bca40255bb73c79e61868d1f852d5156c1c7c66173878838f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://landing.waterflow.vip/api/dst/view?u=LeY0Av&t=4539127&c=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 19:02:20 GMT
via: 1.1 e8b7a57aa46fb1a9d8006f334bd5efd0.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P2
content-length: 597
x-amz-cf-id: 29rR76wWWoiEC_ujX385tMlknWWir9PilZLV_9SK3CR2H4OHNN8djg==
x-cache: Miss from cloudfront
content-type: image/jpeg

POST
H2 200 init Show response
ikdjekpj4d.execute-api.ap-southeast-1.amazonaws.com/Prod/api/ 35 B
420 B 196ms
196ms XHR
application/json 108.138.17.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ikdjekpj4d.execute-api.ap-southeast-1.amazonaws.com/Prod/api/init
Requested by: Host: m-utility.s3-ap-southeast-1.amazonaws.com
URL: https://m-utility.s3-ap-southeast-1.amazonaws.com/utils.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-36.fra56.r.cloudfront.net
Software: /
Resource Hash: ac9f5a651211d732608ad8c0cd82765e5c9a0f58acf80c9c70e4ea53aa5b1472

Request headers

X-Resource-Id: FTBINTERNAL001_PROD
Referer: https://landing.waterflow.vip/
X-Session-Id
accept-language: de-DE,de;q=0.9
X-Location: https://landing.waterflow.vip/api/dst/view?u=LeY0Av&t=4539127&c=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 18 Feb 2023 19:02:22 GMT
via: 1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
x-amzn-trace-id: Root=1-63f120be-381ea08a4e43b41e5ea4b4c2;Sampled=1
x-amzn-requestid: 7808b74d-3a8b-4214-96f7-4e4f0b154028
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://landing.waterflow.vip
x-amz-apigw-id: AjINwFnlyQ0FSbw=
content-length: 35
x-amz-cf-id: fmTtpK4UsUqexJ_8WGsKidNlATt_Gi6wYKjfuH_WefKomTIol0HH9Q==

OPTIONS
H2 200 init
ikdjekpj4d.execute-api.ap-southeast-1.amazonaws.com/Prod/api/ 0
0 472ms
167ms Preflight
application/json 108.138.17.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ikdjekpj4d.execute-api.ap-southeast-1.amazonaws.com/Prod/api/init
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-36.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-location,x-resource-id,x-session-id
Access-Control-Request-Method: POST
Origin: https://landing.waterflow.vip
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-headers: X-Forwarded-For, X-Resource-Id, X-Location, X-Session-Id, Content-Type, DNT, Referer, User-Agent, Accept, Origin
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: *
access-control-max-age: 600
content-length: 3
content-type: application/json
date: Sat, 18 Feb 2023 19:02:22 GMT
via: 1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
x-amz-apigw-id: AjINvEPPyQ0FkkQ=
x-amz-cf-id: 8Mg5Ueqor8RzlSRBvsCaztRXyBHfNeqLunHTTuVN3KJbyDdf1UOsQg==
x-amz-cf-pop: FRA56-P7
x-amzn-requestid: 52babea2-43e8-4b0e-8f52-1bb1e7362299
x-cache: Miss from cloudfront

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange object| MA object| _MA

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			landing.waterflow.vip/	1970-01-20 09:47:13	Name: sessionId Value: n5uz3ezmgf8u3bc5iowpr45jyr

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ikdjekpj4d.execute-api.ap-southeast-1.amazonaws.com
landing.waterflow.vip
m-utility.s3-ap-southeast-1.amazonaws.com
multiable.com
108.138.17.36
16.162.9.38
2600:9000:225f:3400:1:49dc:1ec0:93a1
52.219.124.199
1905e4523a1040877ce61f99f115891823e097992f5fa547048e1bade4a53af5
262bd32fe65625a9898db064599ec81924b34a1d047fd8bba776add0c2682d68
4238e622caf03895785166e3e3a5b6919b6864243684bb9bd0e6ce65c037a3d4
6ddc3e8cd319d07de32ec663fa700fe1fe163a61db11a9e0baaaf60a4169cd50
7e9c119e992e1522f0d67c4055acf5ccd86125ced7256f38127db7ab12647409
8dbcec34ba08839fb6cc03ae6f64cab6403a7cffa7c1e03e06e8b54d216115b3
9febcaa4cb68fc68c485b7e6ca6506598a80fff7f1c8bfc438071ed8f8b9b108
a407a05eaf0fa3b9d304f7ddee2ec8f7f8947cf6a885484a7d7a8073b07a4bb0
ac9f5a651211d732608ad8c0cd82765e5c9a0f58acf80c9c70e4ea53aa5b1472
acbbbcb99b5bc2df666d6c1503433ccfe8ef68eecfd74b12b2261c45e6d10984
b517459da61cb60938b3802c31368b5065f268779505d544d47d84209df18f14
b90bdb45eeb55b1aa575b789233601ca18e8849a3a7f3b01ec52939af7a6bf20
cfcafe5378de7bb134b2357c8baf256199088484b436037eafdea42327c47197
d6bf3bb906c89a0bca40255bb73c79e61868d1f852d5156c1c7c66173878838f
ddd687861c829a612d3140286efb71085855cb0d43cac792b87cd9ab1e0f28f6
f4eaa8caed2f34a02e5d246fd944083ce09e9189d9691b153c2cda704fcf96d3
fae9dd59cd49e0622dfdb3f66df8bfc4d11e05e4f37b47510053dad86d238e47

landing.waterflow.vip Open in urlscan Pro 2600:9000:225f:3400:1:49dc:1ec0:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

18 Requests

100 %HTTPS

25 %IPv6

3 Domains

4 Subdomains

4 IPs

3 Countries

955 kBTransfer

949 kBSize

1 Cookies

0 Outgoing links

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

1 Cookies

Indicators

landing.waterflow.vip Open in urlscan Pro
2600:9000:225f:3400:1:49dc:1ec0:93a1 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

4
IPs

3
Countries

955 kB
Transfer

949 kB
Size

1
Cookies

18 HTTP transactions
0 data transactions