urlscan.io logo urlscan.io
SecurityTrails logo

cp1.watersoftenergurus.com Open in urlscan Pro
203.161.38.71  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bit.ly/uspsdy1
Effective URL: https://cp1.watersoftenergurus.com/76e117c/
Submission Tags: @phish_report
Submission: On April 13 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 4 domains to perform 5 HTTP transactions. The main IP is 203.161.38.71, located in United States and belongs to NAMECHEAP-NET, US. The main domain is cp1.watersoftenergurus.com.
TLS certificate: Issued by R3 on April 12th 2024. Valid for: 3 months.
This is the only time cp1.watersoftenergurus.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 67.199.248.10 396982 (GOOGLE-CL...)
3 5 203.161.38.71 22612 (NAMECHEAP...)
2 193.243.189.45 56655 (TERRAHOST)
5 3
Apex Domain
Subdomains		 Transfer
3 watersoftenergurus.com
cp1.watersoftenergurus.com
2 KB
2 universalhealing.org
uxz.universalhealing.org
2 KB
2 aculo.in
aculo.in
567 B
2 bit.ly
bit.ly — Cisco Umbrella Rank: 6080
585 B
5 4
Domain Requested by
3 cp1.watersoftenergurus.com 1 redirects cp1.watersoftenergurus.com
2 uxz.universalhealing.org
2 aculo.in 2 redirects
2 bit.ly 2 redirects
5 4

This site contains no links.

Subject Issuer Validity Valid
uxz.universalhealing.org
R3		 2024-03-05 -
2024-06-03		 3 months crt.sh
cp1.watersoftenergurus.com
R3		 2024-04-12 -
2024-07-11		 3 months crt.sh

This page contains 1 frames:

Frame: https://cp1.watersoftenergurus.com/76e117c/3d3f?ac418b89=35b62b613a9f4aff316d00571456f46e
Frame ID: 7DC4456379F8F3A6E05125E41154C2B8
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://bit.ly/uspsdy1 HTTP 307
    https://bit.ly/uspsdy1 HTTP 301
    https://aculo.in/QSihf HTTP 302
    https://uxz.universalhealing.org/MzFl HTTP 307
    http://bit.ly/uspsdy1 HTTP 301
    https://aculo.in/QSihf HTTP 302
    https://uxz.universalhealing.org/MzFl Page URL
  2. https://cp1.watersoftenergurus.com/ HTTP 302
    https://cp1.watersoftenergurus.com/b37b Page URL
  3. https://cp1.watersoftenergurus.com/76e117c/ Page URL

Page Statistics

5
Requests

80 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

1
Countries

3 kB
Transfer

2 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bit.ly/uspsdy1 HTTP 307
    https://bit.ly/uspsdy1 HTTP 301
    https://aculo.in/QSihf HTTP 302
    https://uxz.universalhealing.org/MzFl HTTP 307
    http://bit.ly/uspsdy1 HTTP 301
    https://aculo.in/QSihf HTTP 302
    https://uxz.universalhealing.org/MzFl Page URL
  2. https://cp1.watersoftenergurus.com/ HTTP 302
    https://cp1.watersoftenergurus.com/b37b Page URL
  3. https://cp1.watersoftenergurus.com/76e117c/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://bit.ly/uspsdy1 HTTP 307
  • https://bit.ly/uspsdy1 HTTP 301
  • https://aculo.in/QSihf HTTP 302
  • https://uxz.universalhealing.org/MzFl HTTP 307
  • http://bit.ly/uspsdy1 HTTP 301
  • https://aculo.in/QSihf HTTP 302
  • https://uxz.universalhealing.org/MzFl
Request Chain 1
  • https://cp1.watersoftenergurus.com/ HTTP 302
  • https://cp1.watersoftenergurus.com/b37b

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
MzFl
uxz.universalhealing.org/
Redirect Chain
  • http://bit.ly/uspsdy1
  • https://bit.ly/uspsdy1
  • https://aculo.in/QSihf
  • https://uxz.universalhealing.org/MzFl
  • http://bit.ly/uspsdy1
  • https://aculo.in/QSihf
  • https://uxz.universalhealing.org/MzFl
117 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://uxz.universalhealing.org/MzFl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.243.189.45 Kansas City, United States, ASN56655 (TERRAHOST, NO),
Reverse DNS
alpha.kc.dedicatedserverwebhosting.com
Software
LiteSpeed /
Resource Hash
d11a2ac0eece33a5142d54c1e1985e18c7ce6203f598aabdea5752da5c441af1

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
91
content-type
text/html; charset=UTF-8
date
Sat, 13 Apr 2024 06:55:04 GMT
server
LiteSpeed
vary
Accept-Encoding

Redirect headers

Connection
Keep-Alive
Content-Encoding
br
Content-Length
1
Content-Type
text/html; charset=UTF-8
Date
Sat, 13 Apr 2024 06:55:03 GMT
Keep-Alive
timeout=5, max=99
Location
https://uxz.universalhealing.org/MzFl
Server
Apache
Vary
Accept-Encoding
b37b
cp1.watersoftenergurus.com/
Redirect Chain
  • https://cp1.watersoftenergurus.com/
  • https://cp1.watersoftenergurus.com/b37b
312 B
523 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cp1.watersoftenergurus.com/b37b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
203.161.38.71 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
unescapably-guillema.vpsrdns.web-hosting.com
Software
Apache /
Resource Hash

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://uxz.universalhealing.org/MzFl
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Encoding
br
Content-Length
180
Content-Type
text/html; charset=UTF-8
Date
Sat, 13 Apr 2024 06:55:08 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=99
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Encoding
br
Content-Length
1
Content-Type
text/html; charset=UTF-8
Date
Sat, 13 Apr 2024 06:55:06 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
location
b37b
favicon.ico
uxz.universalhealing.org/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://uxz.universalhealing.org/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.243.189.45 Kansas City, United States, ASN56655 (TERRAHOST, NO),
Reverse DNS
alpha.kc.dedicatedserverwebhosting.com
Software
LiteSpeed /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 13 Apr 2024 06:55:05 GMT
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
server
LiteSpeed
content-length
1238
content-type
text/html
Primary Request /
cp1.watersoftenergurus.com/76e117c/ 		157 B
441 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cp1.watersoftenergurus.com/76e117c/
Requested by
Host: cp1.watersoftenergurus.com
URL: https://cp1.watersoftenergurus.com/b37b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
203.161.38.71 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
unescapably-guillema.vpsrdns.web-hosting.com
Software
Apache /
Resource Hash

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://cp1.watersoftenergurus.com/b37b
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Encoding
br
Content-Length
99
Content-Type
text/html; charset=UTF-8
Date
Sat, 13 Apr 2024 06:55:09 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=98
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
3d3f
cp1.watersoftenergurus.com/76e117c/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cp1.watersoftenergurus.com
URL
https://cp1.watersoftenergurus.com/76e117c/3d3f?ac418b89=35b62b613a9f4aff316d00571456f46e

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Domain/Path Name / Value
.bit.ly/ Name: _bit
Value: o3d6T0-175b65c2528c06cc26-005
cp1.watersoftenergurus.com/ Name: PHPSESSID
Value: f74a41d45082fee4ed024a6ab497e06a
cp1.watersoftenergurus.com/ Name: 45eb6ba7adc362ac0fe09f37a1b61dea012a40c2
Value: 20f4bd26efe4b96cae621ff117faa0ae214e255f
cp1.watersoftenergurus.com/ Name: c9d0a267331b8fa0088d159bf621b59e0073323a
Value: 1712991308
cp1.watersoftenergurus.com/ Name: 795e6
Value: 1600
cp1.watersoftenergurus.com/ Name: 8b6ab
Value: 1200

1 Console Messages

Source Level URL
Text
network error URL: https://uxz.universalhealing.org/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aculo.in
bit.ly
cp1.watersoftenergurus.com
uxz.universalhealing.org
cp1.watersoftenergurus.com
193.243.189.45
203.161.38.71
67.199.248.10
d11a2ac0eece33a5142d54c1e1985e18c7ce6203f598aabdea5752da5c441af1