cp1.watersoftenergurus.com Open in urlscan Pro
203.161.38.71 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cp1.watersoftenergurus.com/
Effective URL:
https://cp1.watersoftenergurus.com/7176b3a2/3d3f?ac418b89=bc61147c43a7f87dbefa6728fd2ded3f
Submission Tags: @phish_report
Submission: On April 12 via api (April 12th 2024, 4:18:11 pm UTC) from FI — Scanned from FI

Summary HTTP 23 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 23 HTTP transactions. The main IP is 203.161.38.71, located in United States and belongs to NAMECHEAP-NET, US. The main domain is cp1.watersoftenergurus.com.
TLS certificate: Issued by R3 on April 12th 2024. Valid for: 3 months.

This is the only time cp1.watersoftenergurus.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: USPS (Transportation)

Domain & IP information

	IP Address		AS Autonomous System
1 24	203.161.38.71 203.161.38.71		22612 (NAMECHEAP...) (NAMECHEAP-NET)
23	1

24 203.161.38.71 (United States) 1 redirects

ASN22612 (NAMECHEAP-NET, US)
PTR: unescapably-guillema.vpsrdns.web-hosting.com

cp1.watersoftenergurus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	watersoftenergurus.com 1 redirects cp1.watersoftenergurus.com	287 KB
23	1

	Domain	Requested by
24	cp1.watersoftenergurus.com	1 redirects cp1.watersoftenergurus.com
23	1

This site contains no links.

Subject Issuer	Validity	Valid
cp1.watersoftenergurus.com R3	`2024-04-12` - `2024-07-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://cp1.watersoftenergurus.com/7176b3a2/3d3f?ac418b89=bc61147c43a7f87dbefa6728fd2ded3f
Frame ID: C12C2D65F7AE905FF322E984238AE4DB
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

USPS.com® - Fill Form

Page URL History Show full URLs

https://cp1.watersoftenergurus.com/ HTTP 302
https://cp1.watersoftenergurus.com/b37b Page URL
https://cp1.watersoftenergurus.com/7176b3a2/ Page URL
https://cp1.watersoftenergurus.com/7176b3a2/3d3f?ac418b89=bc61147c43a7f87dbefa6728fd2ded3f Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

23
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

286 kB
Transfer

528 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cp1.watersoftenergurus.com/ HTTP 302
https://cp1.watersoftenergurus.com/b37b Page URL
https://cp1.watersoftenergurus.com/7176b3a2/ Page URL
https://cp1.watersoftenergurus.com/7176b3a2/3d3f?ac418b89=bc61147c43a7f87dbefa6728fd2ded3f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://cp1.watersoftenergurus.com/ HTTP 302
https://cp1.watersoftenergurus.com/b37b

23 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	b37b Show response cp1.watersoftenergurus.com/ Redirect Chain https://cp1.watersoftenergurus.com/ https://cp1.watersoftenergurus.com/b37b	313 B 524 B	909ms 909ms	Document text/html	203.161.38.71 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://cp1.watersoftenergurus.com/b37b Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 203.161.38.71 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS unescapably-guillema.vpsrdns.web-hosting.com Software Apache / Resource Hash `d7473232aa901c40ceffb421b4b453255d5acab1fe9aa457e7e99a0a0738b5fa` Request headers Accept-Language fi-FI,fi;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Content-Encoding br Content-Length 181 Content-Type text/html; charset=UTF-8 Date Fri, 12 Apr 2024 16:18:03 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=99 Pragma no-cache Server Apache Vary Accept-Encoding Redirect headers Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Content-Encoding br Content-Length 1 Content-Type text/html; charset=UTF-8 Date Fri, 12 Apr 2024 16:18:01 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=100 Pragma no-cache Server Apache Vary Accept-Encoding location b37b
GET H/1.1	200 OK	/ Show response cp1.watersoftenergurus.com/7176b3a2/	157 B 441 B	406ms 406ms	Document text/html	203.161.38.71 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://cp1.watersoftenergurus.com/7176b3a2/ Requested by Host: cp1.watersoftenergurus.com URL: https://cp1.watersoftenergurus.com/b37b Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 203.161.38.71 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS unescapably-guillema.vpsrdns.web-hosting.com Software Apache / Resource Hash `e3bd3c5859d8a286b0a8ee6a4eba52ac0d651ece817b7d2d336fb3f90b246c74` Request headers Accept-Language fi-FI,fi;q=0.9;q=0.9 Referer https://cp1.watersoftenergurus.com/b37b Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Content-Encoding br Content-Length 99 Content-Type text/html; charset=UTF-8 Date Fri, 12 Apr 2024 16:18:04 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=98 Pragma no-cache Server Apache Vary Accept-Encoding
GET H/1.1	200 OK	Primary Request 3d3f Show response cp1.watersoftenergurus.com/7176b3a2/	13 KB 3 KB	419ms 418ms	Document text/html	203.161.38.71 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://cp1.watersoftenergurus.com/7176b3a2/3d3f?ac418b89=bc61147c43a7f87dbefa6728fd2ded3f Requested by Host: cp1.watersoftenergurus.com URL: https://cp1.watersoftenergurus.com/7176b3a2/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 203.161.38.71 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS unescapably-guillema.vpsrdns.web-hosting.com Software Apache / Resource Hash `38ce4495f291d01e60f8004e49c6143f03ab4f4cd43a6589da389eefa001bff2` Request headers Accept-Language fi-FI,fi;q=0.9;q=0.9 Referer https://cp1.watersoftenergurus.com/7176b3a2/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Content-Encoding br Content-Length 3164 Content-Type text/html; charset=UTF-8 Date Fri, 12 Apr 2024 16:18:05 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=97 Pragma no-cache Server Apache Vary Accept-Encoding
GET H/1.1	200 OK	usps-fonts.css cp1.watersoftenergurus.com/7176b3a2/03c4ea152b03/	2 KB 1 KB	234ms 232ms	Stylesheet text/css	203.161.38.71 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://cp1.watersoftenergurus.com/7176b3a2/03c4ea152b03/usps-fonts.css Requested by Host: cp1.watersoftenergurus.com URL: https://cp1.watersoftenergurus.com/7176b3a2/3d3f?ac418b89=bc61147c43a7f87dbefa6728fd2ded3f Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 203.161.38.71 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS unescapably-guillema.vpsrdns.web-hosting.com Software Apache / Resource Hash `9b8e23028af1530e972f1bb37325ed8e92ba68a877b955feb5e45b682c960f39` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://cp1.watersoftenergurus.com/7176b3a2/3d3f?ac418b89=bc61147c43a7f87dbefa6728fd2ded3f Accept-Language fi-FI,fi;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 12 Apr 2024 16:18:05 GMT Content-Encoding br Last-Modified Tue, 30 Aug 2022 21:45:44 GMT Server Apache Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 795
GET H/1.1	200 OK	bootstrap.min.css cp1.watersoftenergurus.com/7176b3a2/03c4ea152b03/	119 KB 18 KB	486ms 251ms	Stylesheet text/css	203.161.38.71 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://cp1.watersoftenergurus.com/7176b3a2/03c4ea152b03/bootstrap.min.css Requested by Host: cp1.watersoftenergurus.com URL: https://cp1.watersoftenergurus.com/7176b3a2/3d3f?ac418b89=bc61147c43a7f87dbefa6728fd2ded3f Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 203.161.38.71 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS unescapably-guillema.vpsrdns.web-hosting.com Software Apache / Resource Hash `221de01c9d18b2cbf8c21d3e3a05d1fe0d63eaeac62541375d5394e31f7b0d5d` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://cp1.watersoftenergurus.com/7176b3a2/3d3f?ac418b89=bc61147c43a7f87dbefa6728fd2ded3f Accept-Language fi-FI,fi;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 12 Apr 2024 16:18:05 GMT Content-Encoding br Last-Modified Tue, 30 Aug 2022 21:44:42 GMT Server Apache Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 18548
GET H/1.1	200 OK	bootstrap-sticky-footer.css cp1.watersoftenergurus.com/7176b3a2/03c4ea152b03f/	137 B 364 B	1473ms 1013ms	Stylesheet text/css	203.161.38.71 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://cp1.watersoftenergurus.com/7176b3a2/03c4ea152b03f/bootstrap-sticky-footer.css Requested by Host: cp1.watersoftenergurus.com URL: https://cp1.watersoftenergurus.com/7176b3a2/3d3f?ac418b89=bc61147c43a7f87dbefa6728fd2ded3f Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 203.161.38.71 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS unescapably-guillema.vpsrdns.web-hosting.com Software Apache / Resource Hash `bb0e5cffa99e8c888c9acd59e3f6e929ff885f7e255b1af639f5d49dc61e2b32` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://cp1.watersoftenergurus.com/7176b3a2/3d3f?ac418b89=bc61147c43a7f87dbefa6728fd2ded3f Accept-Language fi-FI,fi;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 12 Apr 2024 16:18:06 GMT Content-Encoding br Last-Modified Tue, 30 Aug 2022 21:40:26 GMT Server Apache Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 79
GET H/1.1	200 OK	theme.css cp1.watersoftenergurus.com/7176b3a2/03c4ea152b03fd/	42 KB 9 KB	1476ms 1012ms	Stylesheet text/css	203.161.38.71 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://cp1.watersoftenergurus.com/7176b3a2/03c4ea152b03fd/theme.css Requested by Host: cp1.watersoftenergurus.com URL: https://cp1.watersoftenergurus.com/7176b3a2/3d3f?ac418b89=bc61147c43a7f87dbefa6728fd2ded3f Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 203.161.38.71 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS unescapably-guillema.vpsrdns.web-hosting.com Software Apache / Resource Hash `51472067be6a3c01dfdcd41f72c33bac0aaf5acf932210baea7d8fe11c5056b1` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://cp1.watersoftenergurus.com/7176b3a2/3d3f?ac418b89=bc61147c43a7f87dbefa6728fd2ded3f Accept-Language fi-FI,fi;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 12 Apr 2024 16:18:05 GMT Content-Encoding br Last-Modified Fri, 02 Sep 2022 14:38:02 GMT Server Apache Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 8894
GET H/1.1	200 OK	des_brd_2color_logo_274x79.png cp1.watersoftenergurus.com/7176b3a2/03c4ea152b03fdf/	7 KB 7 KB	1473ms 997ms	Image image/png	203.161.38.71 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://cp1.watersoftenergurus.com/7176b3a2/03c4ea152b03fdf/des_brd_2color_logo_274x79.png Requested by Host: cp1.watersoftenergurus.com URL: https://cp1.watersoftenergurus.com/7176b3a2/3d3f?ac418b89=bc61147c43a7f87dbefa6728fd2ded3f Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 203.161.38.71 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS unescapably-guillema.vpsrdns.web-hosting.com Software Apache / Resource Hash `194aeec3c0a28672905ad28fc88a464c2db67ab4277b1d29c3e5275013f2c638` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://cp1.watersoftenergurus.com/7176b3a2/3d3f?ac418b89=bc61147c43a7f87dbefa6728fd2ded3f Accept-Language fi-FI,fi;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 12 Apr 2024 16:18:06 GMT Last-Modified Tue, 30 Aug 2022 21:40:28 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 7177
GET H/1.1	200 OK	info-help15x15.png cp1.watersoftenergurus.com/7176b3a2/03c4ea152b/	1 KB 1 KB	244ms 243ms	Image image/png	203.161.38.71 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://cp1.watersoftenergurus.com/7176b3a2/03c4ea152b/info-help15x15.png Requested by Host: cp1.watersoftenergurus.com URL: https://cp1.watersoftenergurus.com/7176b3a2/3d3f?ac418b89=bc61147c43a7f87dbefa6728fd2ded3f Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 203.161.38.71 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS unescapably-guillema.vpsrdns.web-hosting.com Software Apache / Resource Hash `8ad6e9b6cf4e440ea128653a10923efb54c618983c131c20d1a6753e8895248e` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://cp1.watersoftenergurus.com/7176b3a2/3d3f?ac418b89=bc61147c43a7f87dbefa6728fd2ded3f Accept-Language fi-FI,fi;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 12 Apr 2024 16:18:07 GMT Last-Modified Tue, 30 Aug 2022 21:40:28 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 1283
GET H/1.1	200 OK	logo-mini-sb.png cp1.watersoftenergurus.com/7176b3a2/03c4ea152b03f/	23 KB 23 KB	708ms 231ms	Image image/png	203.161.38.71 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://cp1.watersoftenergurus.com/7176b3a2/03c4ea152b03f/logo-mini-sb.png Requested by Host: cp1.watersoftenergurus.com URL: https://cp1.watersoftenergurus.com/7176b3a2/3d3f?ac418b89=bc61147c43a7f87dbefa6728fd2ded3f Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 203.161.38.71 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS unescapably-guillema.vpsrdns.web-hosting.com Software Apache / Resource Hash `585262db6911000f59795831f9db7bb41477bcafb135c82b51b0473363134fcf` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://cp1.watersoftenergurus.com/7176b3a2/3d3f?ac418b89=bc61147c43a7f87dbefa6728fd2ded3f Accept-Language fi-FI,fi;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 12 Apr 2024 16:18:06 GMT Last-Modified Tue, 30 Aug 2022 21:40:28 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 23625
GET H/1.1	200 OK	facebook48x49.png cp1.watersoftenergurus.com/7176b3a2/03c4ea152b0/	1 KB 2 KB	236ms 236ms	Image image/png	203.161.38.71 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://cp1.watersoftenergurus.com/7176b3a2/03c4ea152b0/facebook48x49.png Requested by Host: cp1.watersoftenergurus.com URL: https://cp1.watersoftenergurus.com/7176b3a2/3d3f?ac418b89=bc61147c43a7f87dbefa6728fd2ded3f Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 203.161.38.71 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS unescapably-guillema.vpsrdns.web-hosting.com Software Apache / Resource Hash `a701a4fd9e20d0562398d2b44f95c084aa07ab31ef0ca321260a8dbe53c8e949` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://cp1.watersoftenergurus.com/7176b3a2/3d3f?ac418b89=bc61147c43a7f87dbefa6728fd2ded3f Accept-Language fi-FI,fi;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 12 Apr 2024 16:18:06 GMT Last-Modified Tue, 30 Aug 2022 21:40:28 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=94 Content-Length 1375
GET H/1.1	200 OK	twitter48x48.png cp1.watersoftenergurus.com/7176b3a2/03c4ea152b0/	1 KB 2 KB	567ms 567ms	Image image/png	203.161.38.71 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://cp1.watersoftenergurus.com/7176b3a2/03c4ea152b0/twitter48x48.png Requested by Host: cp1.watersoftenergurus.com URL: https://cp1.watersoftenergurus.com/7176b3a2/3d3f?ac418b89=bc61147c43a7f87dbefa6728fd2ded3f Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 203.161.38.71 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS unescapably-guillema.vpsrdns.web-hosting.com Software Apache / Resource Hash `425a82462746dcfb9a7d37c280e886854f4e4978e75c2c33a16faea430c29a92` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://cp1.watersoftenergurus.com/7176b3a2/3d3f?ac418b89=bc61147c43a7f87dbefa6728fd2ded3f Accept-Language fi-FI,fi;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 12 Apr 2024 16:18:06 GMT Last-Modified Tue, 30 Aug 2022 21:40:30 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 1395
GET H/1.1	200 OK	pinterest48x48.png cp1.watersoftenergurus.com/7176b3a2/03c4ea152b/	2 KB 2 KB	567ms 566ms	Image image/png	203.161.38.71 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://cp1.watersoftenergurus.com/7176b3a2/03c4ea152b/pinterest48x48.png Requested by Host: cp1.watersoftenergurus.com URL: https://cp1.watersoftenergurus.com/7176b3a2/3d3f?ac418b89=bc61147c43a7f87dbefa6728fd2ded3f Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 203.161.38.71 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS unescapably-guillema.vpsrdns.web-hosting.com Software Apache / Resource Hash `6fd2af5507a1df9cd3c999db9194edc98039847c67180805ab0029fb4598a047` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://cp1.watersoftenergurus.com/7176b3a2/3d3f?ac418b89=bc61147c43a7f87dbefa6728fd2ded3f Accept-Language fi-FI,fi;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 12 Apr 2024 16:18:06 GMT Last-Modified Tue, 30 Aug 2022 21:40:30 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=93 Content-Length 1996
GET H/1.1	200 OK	youtube48x49.png cp1.watersoftenergurus.com/7176b3a2/03c4ea152b03fdf/	2 KB 2 KB	244ms 243ms	Image image/png	203.161.38.71 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://cp1.watersoftenergurus.com/7176b3a2/03c4ea152b03fdf/youtube48x49.png Requested by Host: cp1.watersoftenergurus.com URL: https://cp1.watersoftenergurus.com/7176b3a2/3d3f?ac418b89=bc61147c43a7f87dbefa6728fd2ded3f Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 203.161.38.71 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS unescapably-guillema.vpsrdns.web-hosting.com Software Apache / Resource Hash `4786e97fe2669de027de568671d81dcbf85af8dee7aadf8da607d07d2f9f3d36` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://cp1.watersoftenergurus.com/7176b3a2/3d3f?ac418b89=bc61147c43a7f87dbefa6728fd2ded3f Accept-Language fi-FI,fi;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 12 Apr 2024 16:18:07 GMT Last-Modified Tue, 30 Aug 2022 21:40:30 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=92 Content-Length 1633
GET H/1.1	200 OK	jquery-3.4.1.min.js Show response cp1.watersoftenergurus.com/7176b3a2/03c4ea152b03fd/	86 KB 30 KB	900ms 433ms	Script text/javascript	203.161.38.71 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://cp1.watersoftenergurus.com/7176b3a2/03c4ea152b03fd/jquery-3.4.1.min.js Requested by Host: cp1.watersoftenergurus.com URL: https://cp1.watersoftenergurus.com/7176b3a2/3d3f?ac418b89=bc61147c43a7f87dbefa6728fd2ded3f Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 203.161.38.71 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS unescapably-guillema.vpsrdns.web-hosting.com Software Apache / Resource Hash `0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://cp1.watersoftenergurus.com/7176b3a2/3d3f?ac418b89=bc61147c43a7f87dbefa6728fd2ded3f Accept-Language fi-FI,fi;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 12 Apr 2024 16:18:06 GMT Content-Encoding br Last-Modified Tue, 30 Aug 2022 21:40:36 GMT Server Apache Vary Accept-Encoding Content-Type text/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 30089
GET H/1.1	200 OK	bootstrap.min.js Show response cp1.watersoftenergurus.com/7176b3a2/03c4ea152b0/	36 KB 10 KB	241ms 240ms	Script text/javascript	203.161.38.71 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://cp1.watersoftenergurus.com/7176b3a2/03c4ea152b0/bootstrap.min.js Requested by Host: cp1.watersoftenergurus.com URL: https://cp1.watersoftenergurus.com/7176b3a2/3d3f?ac418b89=bc61147c43a7f87dbefa6728fd2ded3f Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 203.161.38.71 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS unescapably-guillema.vpsrdns.web-hosting.com Software Apache / Resource Hash `b74f3607fed740eb63f0e6a651c4830b1ce196abdcd8b1f65e2cf94a79439fff` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://cp1.watersoftenergurus.com/7176b3a2/3d3f?ac418b89=bc61147c43a7f87dbefa6728fd2ded3f Accept-Language fi-FI,fi;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 12 Apr 2024 16:18:07 GMT Content-Encoding br Last-Modified Tue, 30 Aug 2022 21:40:36 GMT Server Apache Vary Accept-Encoding Content-Type text/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 9516
GET H/1.1	200 OK	global.js Show response cp1.watersoftenergurus.com/7176b3a2/03c4ea152b03fdf/	18 KB 4 KB	239ms 238ms	Script text/javascript	203.161.38.71 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://cp1.watersoftenergurus.com/7176b3a2/03c4ea152b03fdf/global.js Requested by Host: cp1.watersoftenergurus.com URL: https://cp1.watersoftenergurus.com/7176b3a2/3d3f?ac418b89=bc61147c43a7f87dbefa6728fd2ded3f Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 203.161.38.71 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS unescapably-guillema.vpsrdns.web-hosting.com Software Apache / Resource Hash `d0e2a97d2d6293ea10c291f1f1e3b3f3f2301bc0e1ea8f2f30e9d29a667df9b5` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://cp1.watersoftenergurus.com/7176b3a2/3d3f?ac418b89=bc61147c43a7f87dbefa6728fd2ded3f Accept-Language fi-FI,fi;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 12 Apr 2024 16:18:07 GMT Content-Encoding br Last-Modified Tue, 30 Aug 2022 21:40:36 GMT Server Apache Vary Accept-Encoding Content-Type text/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 4212
GET H/1.1	200 OK	sm-pipe-boot.gif cp1.watersoftenergurus.com/7176b3a2/03c4ea152b03fd/	55 B 295 B	238ms 238ms	Image image/gif	203.161.38.71 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://cp1.watersoftenergurus.com/7176b3a2/03c4ea152b03fd/sm-pipe-boot.gif Requested by Host: cp1.watersoftenergurus.com URL: https://cp1.watersoftenergurus.com/7176b3a2/03c4ea152b03fd/theme.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 203.161.38.71 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS unescapably-guillema.vpsrdns.web-hosting.com Software Apache / Resource Hash `773fe7dbbf445151cc0e063b43d492ba30ef916ee866651ddae69bb4023d5a27` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://cp1.watersoftenergurus.com/7176b3a2/03c4ea152b03fd/theme.css Accept-Language fi-FI,fi;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 12 Apr 2024 16:18:07 GMT Last-Modified Fri, 02 Sep 2022 14:34:54 GMT Server Apache Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 55
GET H/1.1	200 OK	glyphicons-halflings-regular.woff2 cp1.watersoftenergurus.com/7176b3a2/03c4ea152b03/	18 KB 18 KB	244ms 243ms	Font font/woff2	203.161.38.71 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://cp1.watersoftenergurus.com/7176b3a2/03c4ea152b03/glyphicons-halflings-regular.woff2 Requested by Host: cp1.watersoftenergurus.com URL: https://cp1.watersoftenergurus.com/7176b3a2/03c4ea152b03/bootstrap.min.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 203.161.38.71 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS unescapably-guillema.vpsrdns.web-hosting.com Software Apache / Resource Hash `fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://cp1.watersoftenergurus.com/7176b3a2/03c4ea152b03/bootstrap.min.css Origin https://cp1.watersoftenergurus.com Accept-Language fi-FI,fi;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 12 Apr 2024 16:18:07 GMT Content-Encoding br Last-Modified Tue, 30 Aug 2022 21:43:38 GMT Server Apache Vary Accept-Encoding Content-Type font/woff2 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 18015
GET H/1.1	200 OK	d5af76d8-a90b-4527-b3a3-182207cc3250.woff cp1.watersoftenergurus.com/7176b3a2/03c4ea152b03/	57 KB 57 KB	458ms 244ms	Font font/woff	203.161.38.71 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://cp1.watersoftenergurus.com/7176b3a2/03c4ea152b03/d5af76d8-a90b-4527-b3a3-182207cc3250.woff Requested by Host: cp1.watersoftenergurus.com URL: https://cp1.watersoftenergurus.com/7176b3a2/03c4ea152b03/usps-fonts.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 203.161.38.71 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS unescapably-guillema.vpsrdns.web-hosting.com Software Apache / Resource Hash `f2e2ef638dd9aac863f0f6027ceb784cd4c5a14a676bed909c8f2ac4b088d510` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://cp1.watersoftenergurus.com/7176b3a2/03c4ea152b03/usps-fonts.css Origin https://cp1.watersoftenergurus.com Accept-Language fi-FI,fi;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 12 Apr 2024 16:18:07 GMT Content-Encoding br Last-Modified Tue, 30 Aug 2022 21:45:58 GMT Server Apache Vary Accept-Encoding Content-Type font/woff Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 57672
GET H/1.1	200 OK	4a9c62ab-b359-4081-8383-a0d1cdebd111.woff cp1.watersoftenergurus.com/7176b3a2/03c4ea152b03/	46 KB 45 KB	450ms 237ms	Font font/woff	203.161.38.71 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://cp1.watersoftenergurus.com/7176b3a2/03c4ea152b03/4a9c62ab-b359-4081-8383-a0d1cdebd111.woff Requested by Host: cp1.watersoftenergurus.com URL: https://cp1.watersoftenergurus.com/7176b3a2/03c4ea152b03/usps-fonts.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 203.161.38.71 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS unescapably-guillema.vpsrdns.web-hosting.com Software Apache / Resource Hash `ffd7af6177837790e2620c429dce0da6dc7d18bbdcf87a7ed2c033a03513e947` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://cp1.watersoftenergurus.com/7176b3a2/03c4ea152b03/usps-fonts.css Origin https://cp1.watersoftenergurus.com Accept-Language fi-FI,fi;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 12 Apr 2024 16:18:07 GMT Content-Encoding br Last-Modified Tue, 30 Aug 2022 21:46:10 GMT Server Apache Vary Accept-Encoding Content-Type font/woff Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 45554
GET H/1.1	200 OK	5b4a262e-3342-44e2-8ad7-719998a68134.woff cp1.watersoftenergurus.com/7176b3a2/03c4ea152b03/	50 KB 50 KB	464ms 246ms	Font font/woff	203.161.38.71 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://cp1.watersoftenergurus.com/7176b3a2/03c4ea152b03/5b4a262e-3342-44e2-8ad7-719998a68134.woff Requested by Host: cp1.watersoftenergurus.com URL: https://cp1.watersoftenergurus.com/7176b3a2/03c4ea152b03/usps-fonts.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 203.161.38.71 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS unescapably-guillema.vpsrdns.web-hosting.com Software Apache / Resource Hash `cc469406025b7ce0913cdefc664007cd0fc46bc66a740dc7aff67cc041bccde0` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://cp1.watersoftenergurus.com/7176b3a2/03c4ea152b03/usps-fonts.css Origin https://cp1.watersoftenergurus.com Accept-Language fi-FI,fi;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 12 Apr 2024 16:18:07 GMT Content-Encoding br Last-Modified Tue, 30 Aug 2022 21:46:20 GMT Server Apache Vary Accept-Encoding Content-Type font/woff Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 50543
GET H/1.1	200 OK	favicon.ico cp1.watersoftenergurus.com/7176b3a2/03c4ea152b03/	1 KB 1 KB	231ms 231ms	Other image/x-icon	203.161.38.71 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://cp1.watersoftenergurus.com/7176b3a2/03c4ea152b03/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 203.161.38.71 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS unescapably-guillema.vpsrdns.web-hosting.com Software Apache / Resource Hash `8565aaa87282f585b8a021ee0e693f662eb179df62890d01e086cc9f23dec1d2` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://cp1.watersoftenergurus.com/7176b3a2/3d3f?ac418b89=bc61147c43a7f87dbefa6728fd2ded3f Accept-Language fi-FI,fi;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 12 Apr 2024 16:18:09 GMT Content-Encoding br Last-Modified Fri, 02 Sep 2022 14:31:08 GMT Server Apache Vary Accept-Encoding Content-Type image/x-icon Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 780

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: USPS (Transportation)

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
cp1.watersoftenergurus.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 2d24fd03da80a7d6e6c39643a5a1a8cf
cp1.watersoftenergurus.com/	1970-01-20 20:32:10	Name: 45eb6ba7adc362ac0fe09f37a1b61dea012a40c2 Value: 20f4bd26efe4b96cae621ff117faa0ae214e255f
cp1.watersoftenergurus.com/	1970-01-20 20:32:10	Name: c9d0a267331b8fa0088d159bf621b59e0073323a Value: 1712938683
cp1.watersoftenergurus.com/	1969-12-31 23:59:59	Name: 65d76 Value: 1600
cp1.watersoftenergurus.com/	1969-12-31 23:59:59	Name: 838e3 Value: 1200

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cp1.watersoftenergurus.com
203.161.38.71
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
194aeec3c0a28672905ad28fc88a464c2db67ab4277b1d29c3e5275013f2c638
221de01c9d18b2cbf8c21d3e3a05d1fe0d63eaeac62541375d5394e31f7b0d5d
38ce4495f291d01e60f8004e49c6143f03ab4f4cd43a6589da389eefa001bff2
425a82462746dcfb9a7d37c280e886854f4e4978e75c2c33a16faea430c29a92
4786e97fe2669de027de568671d81dcbf85af8dee7aadf8da607d07d2f9f3d36
51472067be6a3c01dfdcd41f72c33bac0aaf5acf932210baea7d8fe11c5056b1
585262db6911000f59795831f9db7bb41477bcafb135c82b51b0473363134fcf
6fd2af5507a1df9cd3c999db9194edc98039847c67180805ab0029fb4598a047
773fe7dbbf445151cc0e063b43d492ba30ef916ee866651ddae69bb4023d5a27
8565aaa87282f585b8a021ee0e693f662eb179df62890d01e086cc9f23dec1d2
8ad6e9b6cf4e440ea128653a10923efb54c618983c131c20d1a6753e8895248e
9b8e23028af1530e972f1bb37325ed8e92ba68a877b955feb5e45b682c960f39
a701a4fd9e20d0562398d2b44f95c084aa07ab31ef0ca321260a8dbe53c8e949
b74f3607fed740eb63f0e6a651c4830b1ce196abdcd8b1f65e2cf94a79439fff
bb0e5cffa99e8c888c9acd59e3f6e929ff885f7e255b1af639f5d49dc61e2b32
cc469406025b7ce0913cdefc664007cd0fc46bc66a740dc7aff67cc041bccde0
d0e2a97d2d6293ea10c291f1f1e3b3f3f2301bc0e1ea8f2f30e9d29a667df9b5
d7473232aa901c40ceffb421b4b453255d5acab1fe9aa457e7e99a0a0738b5fa
e3bd3c5859d8a286b0a8ee6a4eba52ac0d651ece817b7d2d336fb3f90b246c74
f2e2ef638dd9aac863f0f6027ceb784cd4c5a14a676bed909c8f2ac4b088d510
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
ffd7af6177837790e2620c429dce0da6dc7d18bbdcf87a7ed2c033a03513e947

cp1.watersoftenergurus.com Open in urlscan Pro 203.161.38.71 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

286 kBTransfer

528 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

40 JavaScript Global Variables

5 Cookies

Indicators

cp1.watersoftenergurus.com Open in urlscan Pro
203.161.38.71 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

286 kB
Transfer

528 kB
Size

5
Cookies

23 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!