waterx.download Open in urlscan Pro
149.50.219.191  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

• https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
• https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKXGp1OdDw0waiQbCaVLkofwLJJa6xtekxGJ9J1_Cn5RqOaXEspUY0XCoX19Eb3206l1QQ8fkb5Xw

Request Chain 14

• https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
• https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp0lTQYPtWuhGasI0HXqpRPL5UWOrVfFq4wB2AFZf5xgxtlqCalMInKtGQOBuBeDxJPbJ468Bg

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response waterx.download/	3 KB 2 KB	618ms 309ms	Document text/html	149.50.219.191 CDNEXT
General Check archive.org Show headers Download Go to Full URL https://waterx.download/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 149.50.219.191 Frankfurt am Main, Germany, ASN212238 (CDNEXT, GB), Reverse DNS unn-149-50-219-191.datapacket.com Software Nexuspipe.com | DDoS Mitigation Cluster / Resource Hash 6810eff1dcf696177e23bbb0be7f62bc85aa5311e4a8d55f3f56f08e4a753aed Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers cache-control public, max-age: 86400 content-encoding gzip content-type text/html date Sun, 04 Feb 2024 16:19:01 GMT etag W/"64d7d914-d7a" last-modified Sat, 12 Aug 2023 19:10:12 GMT nexus-cache BYPASS nexus-node 93c776c78f2d server Nexuspipe.com | DDoS Mitigation Cluster
GET		/ fonts.nexuspipe.com/	0 0
GET H2	200	style.css waterx.download/	3 KB 1 KB	124ms 123ms	Stylesheet text/css	149.50.219.191 CDNEXT
General Check archive.org Show headers Download Go to Full URL https://waterx.download/style.css Requested by Host: waterx.download URL: https://waterx.download/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 149.50.219.191 Frankfurt am Main, Germany, ASN212238 (CDNEXT, GB), Reverse DNS unn-149-50-219-191.datapacket.com Software Nexuspipe.com | DDoS Mitigation Cluster / Resource Hash 172eb9ce1bb5a26fc5d378b212e41e9dec3b86aeb9b95eab9b5c38c4da4849fe Request headers accept-language fi-FI,fi;q=0.9 Referer https://waterx.download/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 16:19:01 GMT content-encoding gzip last-modified Sun, 02 Apr 2023 14:33:36 GMT server Nexuspipe.com | DDoS Mitigation Cluster nexus-cache HIT etag W/"64299240-bb2" vary Accept-Encoding nexus-node 93c776c78f2d content-type text/css cache-control public, max-age: 86400
GET H2	200	js Show response www.googletagmanager.com/gtag/	278 KB 92 KB	774ms 180ms	Script application/javascript	172.217.18.8 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-E1LJBD7MPZ Requested by Host: waterx.download URL: https://waterx.download/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.8 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f8.1e100.net Software Google Tag Manager / Resource Hash d4472d933f72c6f8b26bccd0575c7acd4f433660495288d6cc3047a70bc7a619 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://waterx.download/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 16:19:03 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 94110 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sun, 04 Feb 2024 16:19:03 GMT
GET H2	200	/ Show response d1lnjzqqshwcwg.cloudfront.net/	164 KB 54 KB	1174ms 455ms	Script text/plain	18.66.121.73 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1lnjzqqshwcwg.cloudfront.net/?zjnld=960975 Requested by Host: waterx.download URL: https://waterx.download/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.121.73 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-121-73.fra60.r.cloudfront.net Software / Resource Hash e6e6161e4011e5d966fafba5281f03672482962c99472c7b4dc6f91bf76b5ee8 Request headers accept-language fi-FI,fi;q=0.9 Referer https://waterx.download/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers pragma no-cache date Sun, 04 Feb 2024 16:19:02 GMT content-encoding gzip via 1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P2 x-cache Miss from cloudfront access-control-allow-origin * cache-control no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform content-length 54727 x-amz-cf-id 5vlzAxw7R3pXVn0T_55PgXgrOcgUQXCSt9uvYxNWY6cUCP2NVhj2Bg==
GET H2	200	WaterXLogo.png waterx.download/	46 KB 46 KB	413ms 412ms	Image image/png	149.50.219.191 CDNEXT
General Check archive.org Show headers Download Go to Show image Full URL https://waterx.download/WaterXLogo.png Requested by Host: waterx.download URL: https://waterx.download/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 149.50.219.191 Frankfurt am Main, Germany, ASN212238 (CDNEXT, GB), Reverse DNS unn-149-50-219-191.datapacket.com Software Nexuspipe.com | DDoS Mitigation Cluster / Resource Hash abe781c82c448847e5e0434bf867f2816f22a3fc06f1a30c8d0814133d0b49c9 Request headers accept-language fi-FI,fi;q=0.9 Referer https://waterx.download/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 16:19:01 GMT last-modified Sun, 07 May 2023 08:00:45 GMT server Nexuspipe.com | DDoS Mitigation Cluster nexus-cache HIT etag "64575aad-b649" nexus-node 93c776c78f2d content-type image/png cache-control public, max-age: 86400 accept-ranges bytes content-length 46665
GET H2	200	phantomforces.png waterx.download/	807 KB 808 KB	424ms 423ms	Image image/png	149.50.219.191 CDNEXT
General Check archive.org Show headers Download Go to Show image Full URL https://waterx.download/phantomforces.png Requested by Host: waterx.download URL: https://waterx.download/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 149.50.219.191 Frankfurt am Main, Germany, ASN212238 (CDNEXT, GB), Reverse DNS unn-149-50-219-191.datapacket.com Software Nexuspipe.com | DDoS Mitigation Cluster / Resource Hash f5c5083ed71741cb979c96af8c3f0f5f5d145504f4961759050093258f37b9c1 Request headers accept-language fi-FI,fi;q=0.9 Referer https://waterx.download/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 16:19:01 GMT last-modified Wed, 31 May 2023 06:43:27 GMT server Nexuspipe.com | DDoS Mitigation Cluster nexus-cache HIT etag "6476ec8f-c9a35" nexus-node 93c776c78f2d content-type image/png cache-control public, max-age: 86400 accept-ranges bytes content-length 825909
GET H2	200	bloxfruits.png waterx.download/	2 MB 2 MB	127ms 126ms	Image image/png	149.50.219.191 CDNEXT
General Check archive.org Show headers Download Go to Show image Full URL https://waterx.download/bloxfruits.png Requested by Host: waterx.download URL: https://waterx.download/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 149.50.219.191 Frankfurt am Main, Germany, ASN212238 (CDNEXT, GB), Reverse DNS unn-149-50-219-191.datapacket.com Software Nexuspipe.com | DDoS Mitigation Cluster / Resource Hash 5446ec7846fa4b8bc1167d253aaa954293ae10d39de67de006767a7223a2716c Request headers accept-language fi-FI,fi;q=0.9 Referer https://waterx.download/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 16:19:01 GMT last-modified Wed, 31 May 2023 06:43:53 GMT server Nexuspipe.com | DDoS Mitigation Cluster nexus-cache HIT etag "6476eca9-1fa5e6" nexus-node 93c776c78f2d content-type image/png cache-control public, max-age: 86400 accept-ranges bytes content-length 2074086
POST H2	204	collect region1.google-analytics.com/g/	0 254 B	703ms 104ms	Ping text/plain	216.239.34.36
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-E1LJBD7MPZ&gtm=45je41v0v9112837248za200&_p=1707063572370&gcd=11l1l1l1l1&npa=0&dma_cps=sypham&dma=1&cid=1695948494.1707063572&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1707063572&sct=1&seg=0&dl=https%3A%2F%2Fwaterx.download%2F&dt=Water%20X&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=31652 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-E1LJBD7MPZ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.239.34.36 -, , ASN (), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fi-FI,fi;q=0.9 Referer https://waterx.download/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers pragma no-cache date Sun, 04 Feb 2024 16:19:33 GMT server Golfe2 content-type text/plain access-control-allow-origin https://waterx.download cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	asd100.bin Show response pogothere.xyz/	100 KB 100 KB	726ms 477ms	Fetch binary/octet-stream	188.114.96.3
General Check archive.org Show headers Download Go to Full URL https://pogothere.xyz/asd100.bin Requested by Host: d1lnjzqqshwcwg.cloudfront.net URL: https://d1lnjzqqshwcwg.cloudfront.net/?zjnld=960975 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16 Request headers accept-language fi-FI,fi;q=0.9 Referer https://waterx.download/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 16:19:33 GMT cf-cache-status EXPIRED last-modified Sun, 04 Feb 2024 10:11:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding access-control-allow-methods GET content-type binary/octet-stream access-control-allow-origin https://waterx.download report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rp1P8vxoO9v%2BNmS7N9WfCiIADA9oOtwNVMdeJJ%2FrQQjgt8KugkE5F02fxtjv6l1Sk%2Bx7wH1dFj3hbhbd6JlCl2lPX%2FXiOrIEfN2hfrPI9ko0iLbLrAgBbqM0YzlcKGGg"}],"group":"cf-nel","max_age":604800} cache-control max-age=14400 access-control-allow-credentials true cf-ray 85043c61de6756b4-OSL access-control-allow-headers X-Requested-With, content-type alt-svc h3=":443"; ma=86400
GET H2	200	/ Show response pogothere.xyz/	27 B 347 B	507ms 260ms	Fetch text/plain	188.114.96.3
General Check archive.org Show headers Download Go to Full URL https://pogothere.xyz/ Requested by Host: d1lnjzqqshwcwg.cloudfront.net URL: https://d1lnjzqqshwcwg.cloudfront.net/?zjnld=960975 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash d7e71374005922e483b27df2e5f4400bd09c95ffebd2f9c6f8f2800798b4a7f1 Request headers accept-language fi-FI,fi;q=0.9 Referer https://waterx.download/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 16:19:32 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JCLX8715sP3NuZwHHTybD6K4HTNPZsj4hPf8l%2FUKklnwElLw9MIJRaEMUesKgXaNU9Wd7K2bfSsLD9%2F2xczTc75ewh3Y0knTNkb2PF80an6oWnrroyxYHk5QitFBojYj"}],"group":"cf-nel","max_age":604800} access-control-allow-methods GET access-control-allow-origin https://waterx.download content-type text/plain access-control-allow-credentials true cf-ray 85043c61de6956b4-OSL access-control-allow-headers X-Requested-With, content-type alt-svc h3=":443"; ma=86400
GET H2	204	utx Show response angelsaidthe.info/	0 537 B	543ms 262ms	XHR text/plain	18.65.39.66
General Check archive.org Show headers Download Go to Full URL https://angelsaidthe.info/utx?cb=jcHjV3ZsvsSk&top=waterx.download&tid=960975 Requested by Host: d1lnjzqqshwcwg.cloudfront.net URL: https://d1lnjzqqshwcwg.cloudfront.net/?zjnld=960975 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.39.66 -, , ASN (), Reverse DNS Software openresty/1.17.8.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fi-FI,fi;q=0.9 Referer https://waterx.download/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers pragma no-cache date Sun, 04 Feb 2024 16:19:32 GMT via 1.1 18c617ef1621da46798c2b8cbc1c808c.cloudfront.net (CloudFront) server openresty/1.17.8.2 accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List x-amz-cf-pop AMS1-P1 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin https://waterx.download cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true x-amz-cf-id UB7uVYXPGIAauqlJQ_R70r9Yg2sbypt3KIoJllX9dYtpK3XR59V9lA==
GET H2	204	UkVGbk19eiUdcDF3NhsbOTUCOXxnKyVeGzQdATQ3ASkyDBQKdWAaJDZ4f1h9a3JzSD07IXtfayExJxo4IXh3SCQ8IylTayR4d0B+Zmt1WmNiYzNTfHQxNg8qb3RgHjkmKXtfemJydlh+Z3J0Wn5n hoatebilaterdea.info/	0 264 B	825ms 259ms	Image text/plain	188.114.96.3
General Check archive.org Show headers Download Go to Show image Full URL https://hoatebilaterdea.info/UkVGbk19eiUdcDF3NhsbOTUCOXxnKyVeGzQdATQ3ASkyDBQKdWAaJDZ4f1h9a3JzSD07IXtfayExJxo4IXh3SCQ8IylTayR4d0B+Zmt1WmNiYzNTfHQxNg8qb3RgHjkmKXtfemJydlh+Z3J0Wn5n Requested by Host: waterx.download URL: https://waterx.download/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fi-FI,fi;q=0.9 Referer https://waterx.download/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 16:19:33 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xVFg8P%2FEDWIwnkoBRcYk%2BR2nrHF%2FpIQjPFuvmZfjs1o89BiG60yYWo3ESqmvobJojgS3Id9EwnBOEZNprCL%2Ba1TMf7gWvDIqf0PHN0R9Npngr6Pbm3NpHmljwwymsTkzlKz73FVa4w%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 85043c63dcd06566-AMS alt-svc h3=":443"; ma=86400
GET H2	200	login.php www.facebook.com/	0 0	990ms 424ms	Image text/html	157.240.253.35
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp Requested by Host: waterx.download URL: https://waterx.download/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.253.35 -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fi-FI,fi;q=0.9 Referer https://waterx.download/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers
GET		InteractiveLogin accounts.google.com/ Redirect Chain https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKXGp1OdDw0waiQbCaVLkofwLJJa6xtekxGJ9J1_Cn5RqOaXEspUY0XCoX19Eb...	0 0
GET		InteractiveLogin accounts.google.com/ Redirect Chain https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp0lTQYPtWuhGasI0HXqpRPL5UWOrVfFq4wB2AFZf5xgxtlqCalMInK...	0 0
GET H2	200	popunder.gif hoatebilaterdea.info/	35 B 539 B	579ms 177ms	Image image/gif	188.114.96.3
General Check archive.org Show headers Download Go to Show image Full URL https://hoatebilaterdea.info/popunder.gif Requested by Host: waterx.download URL: https://waterx.download/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Request headers accept-language fi-FI,fi;q=0.9 Referer https://waterx.download/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers pragma public date Sun, 04 Feb 2024 16:19:33 GMT cf-cache-status HIT last-modified Sun, 04 Feb 2024 12:53:03 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 12390 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UORt6QRZA%2FunuOzVdc8%2BbKndkHUBWp00TVmZ4z9YFBXvh9MxCIcDkBcDZj230rHMFj3wM7lIeRLBsVZodfrMaUD4pco%2FY77cDddkIK%2FfVHaJ2T8JquJbf8qk0iND1Wepi5PVIxJnJQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif access-control-allow-origin * cache-control public, max-age=604800, immutable cf-ray 85043c63dcd76566-AMS alt-svc h3=":443"; ma=86400
GET H2	200	/ Show response d1lnjzqqshwcwg.cloudfront.net/	164 KB 54 KB	142ms 142ms	Script text/plain	18.66.121.73 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1lnjzqqshwcwg.cloudfront.net/?zjnld=960975 Requested by Host: waterx.download URL: https://waterx.download/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.121.73 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-121-73.fra60.r.cloudfront.net Software / Resource Hash e6e6161e4011e5d966fafba5281f03672482962c99472c7b4dc6f91bf76b5ee8 Request headers accept-language fi-FI,fi;q=0.9 Referer https://waterx.download/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers pragma no-cache date Sun, 04 Feb 2024 16:19:02 GMT content-encoding gzip via 1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P2 age 30 x-cache Hit from cloudfront access-control-allow-origin * cache-control no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform content-length 54727 x-amz-cf-id 2K31G3W-GQgvCiqBR5u_Va1kVRXz1hKLzRHzLQofeKEkQAqSWgkrNw==
GET H2	200	asd100.bin Show response pogothere.xyz/	100 KB 100 KB	538ms 463ms	Fetch binary/octet-stream	188.114.96.3
General Check archive.org Show headers Download Go to Full URL https://pogothere.xyz/asd100.bin Requested by Host: d1lnjzqqshwcwg.cloudfront.net URL: https://d1lnjzqqshwcwg.cloudfront.net/?zjnld=960975 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16 Request headers accept-language fi-FI,fi;q=0.9 Referer https://waterx.download/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 16:19:33 GMT cf-cache-status EXPIRED last-modified Sun, 04 Feb 2024 10:11:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding access-control-allow-methods GET content-type binary/octet-stream access-control-allow-origin https://waterx.download report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uVSio1VUW5kXBq1CKBdURQbJIAqunhbvbPfASfjPoLSsFzA161kvK9vbQJ9iHLp0k7enEq502qi%2FgOVJ9mQVv8FYSiP6G3904kzgjVHWhKFY25D9IC7WeN6bUKVGwURh"}],"group":"cf-nel","max_age":604800} cache-control max-age=14400 access-control-allow-credentials true cf-ray 85043c61de6b56b4-OSL access-control-allow-headers X-Requested-With, content-type alt-svc h3=":443"; ma=86400
GET H2	200	/ Show response pogothere.xyz/	26 B 620 B	328ms 253ms	Fetch text/plain	188.114.96.3
General Check archive.org Show headers Download Go to Full URL https://pogothere.xyz/ Requested by Host: d1lnjzqqshwcwg.cloudfront.net URL: https://d1lnjzqqshwcwg.cloudfront.net/?zjnld=960975 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash eec1f55de290adb0b5d148ab4393b1726eb83e75d09a51df3226dccf28516f41 Request headers accept-language fi-FI,fi;q=0.9 Referer https://waterx.download/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 16:19:32 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jzvMSwV4JNfqdGs3nE5ZDR%2B%2B3VPCQHQw5HJaqMcwbG0QKyvIaV0uV2sWN%2FPqztQKznnNHw%2FOGqwLhgHUNMo82LazukGOZuQ7a5cKWem3qdAGJutIhnwNjKm%2FLj1c2KGs"}],"group":"cf-nel","max_age":604800} access-control-allow-methods GET access-control-allow-origin https://waterx.download content-type text/plain access-control-allow-credentials true cf-ray 85043c61de6c56b4-OSL access-control-allow-headers X-Requested-With, content-type alt-svc h3=":443"; ma=86400
GET H2	204	utx Show response angelsaidthe.info/	0 536 B	383ms 273ms	XHR text/plain	18.65.39.66
General Check archive.org Show headers Download Go to Full URL https://angelsaidthe.info/utx?cb=NX1bBr3loNvv&top=waterx.download&tid=960975 Requested by Host: d1lnjzqqshwcwg.cloudfront.net URL: https://d1lnjzqqshwcwg.cloudfront.net/?zjnld=960975 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.39.66 -, , ASN (), Reverse DNS Software openresty/1.17.8.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language fi-FI,fi;q=0.9 Referer https://waterx.download/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers pragma no-cache date Sun, 04 Feb 2024 16:19:32 GMT via 1.1 18c617ef1621da46798c2b8cbc1c808c.cloudfront.net (CloudFront) server openresty/1.17.8.2 accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List x-amz-cf-pop AMS1-P1 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin https://waterx.download cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true x-amz-cf-id 23ndhAsrq77AczxBxDPKF9IQBBDfYNB8WhS2EsW9U4okpuPUUp9Pfg==
GET H2	200	K1wTMyAdABoTLkgPMToJHlgMNzYvCwosXjY Show response angelsaidthe.info/ZUJVZ24EIDYKUQR/N0EbFy5oQlwjZ2chClQuOw0UFDMmDxkGNTJJDQktIAMIFy07E0ALJyFCXCMGDFceKyNnIi8vERgpNg0hPyw4PxsDPx5VGhM1KCwGYSIqHQxmJhkONRwOPyMHOQBZBwY+NSwzd2EGGQYDETRfEhYENiAuGhcGPBILICt... Frame F485	3 KB 2 KB	365ms 272ms	Document text/html	18.65.39.66
General Check archive.org Show headers Download Go to Full URL https://angelsaidthe.info/ZUJVZ24EIDYKUQR/N0EbFy5oQlwjZ2chClQuOw0UFDMmDxkGNTJJDQktIAMIFy07E0ALJyFCXCMGDFceKyNnIi8vERgpNg0hPyw4PxsDPx5VGhM1KCwGYSIqHQxmJhkONRwOPyMHOQBZBwY+NSwzd2EGGQYDETRfEhYENiAuGhcGPBILICtfPxQHM1pcABQXCy44PiotEgc8KC8CBhIwGVEBORAhLxY2JCo0eicGKA4sAwo8XBY5KTo8KDokKhIhOSgGDQcAPwEPCmU1PAAsLQU6VAwjAQcJBwA/AVMDMl44Ay89PidVGGEBPCsaA1UgChUDIi0qKHhXJicABBEiEgMcIVxcZ2chIjMQBAE5KxsDVzRRJAAqJSY4YQAsVRAHJDkNGAA2Vg8IMlIrMBo6FioCCxwtOTcNAFYjFQgHDCEhK2wIOTYmBgImHQQAMl9dJBNWOTEaIUJcJxc+NTwAKGEsLBILYS0rUBYfP1dAcBc/K1wTMyAdABoTLkgPMToJHlgMNzYvCwosXjY Requested by Host: d1lnjzqqshwcwg.cloudfront.net URL: https://d1lnjzqqshwcwg.cloudfront.net/?zjnld=960975 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.39.66 -, , ASN (), Reverse DNS Software openresty/1.17.8.2 / Resource Hash 9b844146c06bbbb58e1a2c4745ff1ba005a92f2efb0ff698fbb0646ff48828ce Request headers Referer https://waterx.download/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers accept-ch DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List cache-control no-store, no-cache, must-revalidate, no-transform content-encoding gzip content-length 1236 content-type text/html date Sun, 04 Feb 2024 16:19:32 GMT p3p CP="NID DSP ALL COR" pragma no-cache server openresty/1.17.8.2 via 1.1 18c617ef1621da46798c2b8cbc1c808c.cloudfront.net (CloudFront) x-amz-cf-id m_MN-9rdqvCyEWXg_kq43mxNvvgnzyQMvFAoU_QFg7JGxx6hUXq99g== x-amz-cf-pop AMS1-P1 x-cache Miss from cloudfront
GET H2	200	LVRQfWNYV0Z4fUMKCz4gB0RRCWhZUQ8jJg5EUXoqDgIIJWROU1MpJRkODi9oWSdSeHxFUU18fF1WTXt+UkRRej4KBwI4JE5TJX9+XE9QfGseXFI Show response d1lnjzqqshwcwg.cloudfront.net/DY0pNa2EAJSMNXhcjKVZYVXp0XFRFID4EDxN3AwkwIiQFElg7bDkRBV54awcADS1wTQQNKXBaRwIuL1ZVRT49BApeKzkMCwEiOAgDGWw4ClwOJTcCDQ8raFknVmR9TlNTYjoCDwclOhhEUXojH0RRenxbT1NvfilEUXo6Ag... Frame F485	757 B 820 B	316ms 316ms	Script text/plain	18.66.121.73 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1lnjzqqshwcwg.cloudfront.net/DY0pNa2EAJSMNXhcjKVZYVXp0XFRFID4EDxN3AwkwIiQFElg7bDkRBV54awcADS1wTQQNKXBaRwIuL1ZVRT49BApeKzkMCwEiOAgDGWw4ClwOJTcCDQ8raFknVmR9TlNTYjoCDwclOhhEUXojH0RRenxbT1NvfilEUXo6Ag9VfmhYI0Z4fRNXV2NoWVECOj-0HBBQvLwAIF29/LVRQfWNYV0Z4fUMKCz4gB0RRCWhZUQ8jJg5EUXoqDgIIJWROU1MpJRkODi9oWSdSeHxFUU18fF1WTXt+UkRRej4KBwI4JE5TJX9+XE9QfGseXFI Requested by Host: angelsaidthe.info URL: https://angelsaidthe.info/ZUJVZ24EIDYKUQR/N0EbFy5oQlwjZ2chClQuOw0UFDMmDxkGNTJJDQktIAMIFy07E0ALJyFCXCMGDFceKyNnIi8vERgpNg0hPyw4PxsDPx5VGhM1KCwGYSIqHQxmJhkONRwOPyMHOQBZBwY+NSwzd2EGGQYDETRfEhYENiAuGhcGPBILICtfPxQHM1pcABQXCy44PiotEgc8KC8CBhIwGVEBORAhLxY2JCo0eicGKA4sAwo8XBY5KTo8KDokKhIhOSgGDQcAPwEPCmU1PAAsLQU6VAwjAQcJBwA/AVMDMl44Ay89PidVGGEBPCsaA1UgChUDIi0qKHhXJicABBEiEgMcIVxcZ2chIjMQBAE5KxsDVzRRJAAqJSY4YQAsVRAHJDkNGAA2Vg8IMlIrMBo6FioCCxwtOTcNAFYjFQgHDCEhK2wIOTYmBgImHQQAMl9dJBNWOTEaIUJcJxc+NTwAKGEsLBILYS0rUBYfP1dAcBc/K1wTMyAdABoTLkgPMToJHlgMNzYvCwosXjY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.121.73 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-121-73.fra60.r.cloudfront.net Software / Resource Hash fbe9682524cf0fa4cb72713bb64b3c1757214f9fcff40b137ac8fc773c7413ab Request headers accept-language fi-FI,fi;q=0.9 Referer https://angelsaidthe.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Sun, 04 Feb 2024 16:19:33 GMT content-encoding gzip via 1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P2 x-cache Miss from cloudfront access-control-allow-origin * cache-control max-age=31556926 content-length 542 x-amz-cf-id F5ZeSMyqDmj6bm0zzBQIGbJkVJGklA6-0T6d656Zim5eZQx-8EFqUQ==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

fonts.nexuspipe.com

URL

https://fonts.nexuspipe.com/

Domain

accounts.google.com

URL

https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKXGp1OdDw0waiQbCaVLkofwLJJa6xtekxGJ9J1_Cn5RqOaXEspUY0XCoX19Eb3206l1QQ8fkb5Xw

Domain

accounts.google.com

URL

https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp0lTQYPtWuhGasI0HXqpRPL5UWOrVfFq4wB2AFZf5xgxtlqCalMInKtGQOBuBeDxJPbJ468Bg

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| google_tag_manager object| google_tag_data object| dataLayer

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://waterx.download/ Message: Access to CSS stylesheet at 'https://fonts.nexuspipe.com/' from origin 'https://waterx.download' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://fonts.nexuspipe.com/ Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://waterx.download/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://waterx.download/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
angelsaidthe.info
d1lnjzqqshwcwg.cloudfront.net
fonts.nexuspipe.com
hoatebilaterdea.info
pogothere.xyz
region1.google-analytics.com
waterx.download
www.facebook.com
www.googletagmanager.com
accounts.google.com
fonts.nexuspipe.com
149.50.219.191
157.240.253.35
172.217.18.8
18.65.39.66
18.66.121.73
188.114.96.3
216.239.34.36
172eb9ce1bb5a26fc5d378b212e41e9dec3b86aeb9b95eab9b5c38c4da4849fe
5446ec7846fa4b8bc1167d253aaa954293ae10d39de67de006767a7223a2716c
6810eff1dcf696177e23bbb0be7f62bc85aa5311e4a8d55f3f56f08e4a753aed
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9b844146c06bbbb58e1a2c4745ff1ba005a92f2efb0ff698fbb0646ff48828ce
abe781c82c448847e5e0434bf867f2816f22a3fc06f1a30c8d0814133d0b49c9
d4472d933f72c6f8b26bccd0575c7acd4f433660495288d6cc3047a70bc7a619
d7e71374005922e483b27df2e5f4400bd09c95ffebd2f9c6f8f2800798b4a7f1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e6161e4011e5d966fafba5281f03672482962c99472c7b4dc6f91bf76b5ee8
eec1f55de290adb0b5d148ab4393b1726eb83e75d09a51df3226dccf28516f41
f5c5083ed71741cb979c96af8c3f0f5f5d145504f4961759050093258f37b9c1
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
fbe9682524cf0fa4cb72713bb64b3c1757214f9fcff40b137ac8fc773c7413ab