wave2.5flow.net Open in urlscan Pro
92.79.87.103 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://wave2.5flow.net/index.php?act=job-apl&src=art&jobid=160232298&_mid=30
Effective URL:
https://wave2.5flow.net/index.php?act=log.in&nact=act%3Djob-apl%26src%3Dart%26jobid%3D160232298%26_mid%3D30
Submission: On August 24 via manual (August 24th 2021, 11:08:08 pm UTC) from SG

Summary HTTP 13 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 13 HTTP transactions. The main IP is 92.79.87.103, located in Düsseldorf, Germany and belongs to VODANET International IP-Backbone of Vodafone, DE. The main domain is wave2.5flow.net.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on April 6th 2020. Valid for: 2 years.

This is the only time wave2.5flow.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
2 15	92.79.87.103 92.79.87.103		3209 (VODANET I...) (VODANET International IP-Backbone of Vodafone)
13	1

15 92.79.87.103 (Düsseldorf, Germany) 2 redirects

ASN3209 (VODANET International IP-Backbone of Vodafone, DE)

wave2.5flow.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	5flow.net 2 redirects wave2.5flow.net	251 KB
13	1

	Domain	Requested by
15	wave2.5flow.net	2 redirects wave2.5flow.net
13	1

This site contains no links.

Subject Issuer	Validity	Valid
*.5flow.net Starfield Secure Certificate Authority - G2	`2020-04-06` - `2022-05-06`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://wave2.5flow.net/index.php?act=log.in&nact=act%3Djob-apl%26src%3Dart%26jobid%3D160232298%26_mid%3D30
Frame ID: 8535F472E14F21924D4C6D4B1E8C74EA
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Wave :: Login

Page URL History Show full URLs

http://wave2.5flow.net/index.php?act=job-apl&src=art&jobid=160232298&_mid=30 HTTP 302
https://wave2.5flow.net/index.php?act=job-apl&src=art&jobid=160232298&_mid=30 HTTP 302
https://wave2.5flow.net/index.php?act=log.in&nact=act%3Djob-apl%26src%3Dart%26jobid%3D160232298%26_m... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Ruxit (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /ruxitagentjs/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery-ui.*\.js/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery-ui.*\.js/i

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

250 kB
Transfer

686 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://wave2.5flow.net/index.php?act=job-apl&src=art&jobid=160232298&_mid=30 HTTP 302
https://wave2.5flow.net/index.php?act=job-apl&src=art&jobid=160232298&_mid=30 HTTP 302
https://wave2.5flow.net/index.php?act=log.in&nact=act%3Djob-apl%26src%3Dart%26jobid%3D160232298%26_mid%3D30 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request index.php Show response wave2.5flow.net/ Redirect Chain http://wave2.5flow.net/index.php?act=job-apl&src=art&jobid=160232298&_mid=30 https://wave2.5flow.net/index.php?act=job-apl&src=art&jobid=160232298&_mid=30 https://wave2.5flow.net/index.php?act=log.in&nact=act%3Djob-apl%26src%3Dart%26jobid%3D160232298%26_mid%3D30	4 KB 2 KB	31ms 31ms	Document text/html	92.79.87.103 VODANET Internati...
General Check archive.org Show headers Download Go to Full URL https://wave2.5flow.net/index.php?act=log.in&nact=act%3Djob-apl%26src%3Dart%26jobid%3D160232298%26_mid%3D30 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 92.79.87.103 Düsseldorf, Germany, ASN3209 (VODANET International IP-Backbone of Vodafone, DE), Reverse DNS Software Apache/2.4.33 (Ubuntu) / Resource Hash `83f3932336ca417ff6b4c62f7764d8a58ead56742385cbf08f73739d6a58f303` Request headers Host wave2.5flow.net Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Cookie dtCookie=v_4_srv_8_sn_448290918F8B2773386BA54942BDD18C_perc_100000_ol_0_mul_1; PHPSESSID=2hf0vd5qq61b1ao3f1f08ic3s7 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Tue, 24 Aug 2021 23:07:51 GMT Server Apache/2.4.33 (Ubuntu) Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate Pragma no-cache X-OneAgent-JS-Injection true X-ruxit-JS-Agent true Vary Accept-Encoding Content-Encoding gzip Server-Timing dtRpid;desc="1360133247" Content-Length 1605 Keep-Alive timeout=5, max=99 Connection Keep-Alive Content-Type text/html; charset=UTF-8 Redirect headers Date Tue, 24 Aug 2021 23:07:51 GMT Server Apache/2.4.33 (Ubuntu) Set-Cookie PHPSESSID=2hf0vd5qq61b1ao3f1f08ic3s7; path=/; domain=wave2.5flow.net; secure; HttpOnly Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate Pragma no-cache Location index.php?act=log.in&nact=act%3Djob-apl%26src%3Dart%26jobid%3D160232298%26_mid%3D30 X-OneAgent-JS-Injection true X-ruxit-JS-Agent true Server-Timing dtRpid;desc="268554384" Content-Length 0 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	ruxitagentjs_ICA2SVfqru_10221210805073954.js Show response wave2.5flow.net/	186 KB 73 KB	69ms 32ms	Script text/javascript	92.79.87.103 VODANET Internati...
General Check archive.org Show headers Download Go to Full URL https://wave2.5flow.net/ruxitagentjs_ICA2SVfqru_10221210805073954.js Requested by Host: wave2.5flow.net URL: https://wave2.5flow.net/index.php?act=log.in&nact=act%3Djob-apl%26src%3Dart%26jobid%3D160232298%26_mid%3D30 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 92.79.87.103 Düsseldorf, Germany, ASN3209 (VODANET International IP-Backbone of Vodafone, DE), Reverse DNS Software Apache/2.4.33 (Ubuntu) / Resource Hash `dc3a5941c76c744632fc3e352c1a81cec8c6951d617f8e4e9a9430ba9080ec62` Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host wave2.5flow.net Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode no-cors Accept / Cache-Control no-cache Sec-Fetch-Dest script Referer https://wave2.5flow.net/index.php?act=log.in&nact=act%3Djob-apl%26src%3Dart%26jobid%3D160232298%26_mid%3D30 Cookie dtCookie=v_4_srv_8_sn_448290918F8B2773386BA54942BDD18C_perc_100000_ol_0_mul_1; PHPSESSID=2hf0vd5qq61b1ao3f1f08ic3s7 Connection keep-alive Referer https://wave2.5flow.net/index.php?act=log.in&nact=act%3Djob-apl%26src%3Dart%26jobid%3D160232298%26_mid%3D30 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Tue, 24 Aug 2021 23:07:51 GMT Content-Encoding gzip Last-Modified Wed, 03 Mar 2010 07:01:40 GMT Server Apache/2.4.33 (Ubuntu) Content-Type text/javascript; charset=utf-8 Cache-Control public, max-age=31536000, immutable Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 74710 Expires Wed, 24 Aug 2022 23:07:51 GMT
GET H/1.1	200 OK	util.css wave2.5flow.net/htm/default/css/	4 KB 2 KB	20ms 19ms	Stylesheet text/css	92.79.87.103 VODANET Internati...
General Check archive.org Show headers Download Go to Full URL https://wave2.5flow.net/htm/default/css/util.css?1591445337 Requested by Host: wave2.5flow.net URL: https://wave2.5flow.net/index.php?act=log.in&nact=act%3Djob-apl%26src%3Dart%26jobid%3D160232298%26_mid%3D30 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 92.79.87.103 Düsseldorf, Germany, ASN3209 (VODANET International IP-Backbone of Vodafone, DE), Reverse DNS Software Apache/2.4.33 (Ubuntu) / Resource Hash `e9c7b29396f42d5c30a694198a4261d52d64119fe3bdfdfef21351dd92b3537c` Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host wave2.5flow.net Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,/;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://wave2.5flow.net/index.php?act=log.in&nact=act%3Djob-apl%26src%3Dart%26jobid%3D160232298%26_mid%3D30 Cookie dtCookie=v_4_srv_8_sn_448290918F8B2773386BA54942BDD18C_perc_100000_ol_0_mul_1; PHPSESSID=2hf0vd5qq61b1ao3f1f08ic3s7 Connection keep-alive Referer https://wave2.5flow.net/index.php?act=log.in&nact=act%3Djob-apl%26src%3Dart%26jobid%3D160232298%26_mid%3D30 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Tue, 24 Aug 2021 23:07:51 GMT Content-Encoding gzip Last-Modified Sat, 06 Jun 2020 12:08:57 GMT Server Apache/2.4.33 (Ubuntu) ETag "10d9-5a7693e0d0702-gzip" Vary Accept-Encoding Content-Type text/css Server-Timing dtRpid;desc="-2064541075" Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 1374
GET H/1.1	200 OK	style.css wave2.5flow.net/htm/default/css/	53 KB 9 KB	42ms 21ms	Stylesheet text/css	92.79.87.103 VODANET Internati...
General Check archive.org Show headers Download Go to Full URL https://wave2.5flow.net/htm/default/css/style.css?1614333562 Requested by Host: wave2.5flow.net URL: https://wave2.5flow.net/index.php?act=log.in&nact=act%3Djob-apl%26src%3Dart%26jobid%3D160232298%26_mid%3D30 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 92.79.87.103 Düsseldorf, Germany, ASN3209 (VODANET International IP-Backbone of Vodafone, DE), Reverse DNS Software Apache/2.4.33 (Ubuntu) / Resource Hash `de3a1b62564b50769810d2a7e2925488f3286e31525e5cd71fcb30980e4bfa99` Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host wave2.5flow.net Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,/;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://wave2.5flow.net/index.php?act=log.in&nact=act%3Djob-apl%26src%3Dart%26jobid%3D160232298%26_mid%3D30 Cookie dtCookie=v_4_srv_8_sn_448290918F8B2773386BA54942BDD18C_perc_100000_ol_0_mul_1; PHPSESSID=2hf0vd5qq61b1ao3f1f08ic3s7 Connection keep-alive Referer https://wave2.5flow.net/index.php?act=log.in&nact=act%3Djob-apl%26src%3Dart%26jobid%3D160232298%26_mid%3D30 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Tue, 24 Aug 2021 23:07:51 GMT Content-Encoding gzip Last-Modified Fri, 26 Feb 2021 09:59:22 GMT Server Apache/2.4.33 (Ubuntu) ETag "d3b1-5bc3a5291d360-gzip" Vary Accept-Encoding Content-Type text/css Server-Timing dtRpid;desc="-1777264622" Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 9212
GET H/1.1	200 OK	jquery-ui.min.css wave2.5flow.net/js/jquery/	31 KB 8 KB	60ms 25ms	Stylesheet text/css	92.79.87.103 VODANET Internati...
General Check archive.org Show headers Download Go to Full URL https://wave2.5flow.net/js/jquery/jquery-ui.min.css?1591445348 Requested by Host: wave2.5flow.net URL: https://wave2.5flow.net/index.php?act=log.in&nact=act%3Djob-apl%26src%3Dart%26jobid%3D160232298%26_mid%3D30 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 92.79.87.103 Düsseldorf, Germany, ASN3209 (VODANET International IP-Backbone of Vodafone, DE), Reverse DNS Software Apache/2.4.33 (Ubuntu) / Resource Hash `ac1c8f94750b39b12327a5d0c56fdf946dabfb6d91e5d2a202879ff9a5d67e29` Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host wave2.5flow.net Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,/;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://wave2.5flow.net/index.php?act=log.in&nact=act%3Djob-apl%26src%3Dart%26jobid%3D160232298%26_mid%3D30 Cookie dtCookie=v_4_srv_8_sn_448290918F8B2773386BA54942BDD18C_perc_100000_ol_0_mul_1; PHPSESSID=2hf0vd5qq61b1ao3f1f08ic3s7 Connection keep-alive Referer https://wave2.5flow.net/index.php?act=log.in&nact=act%3Djob-apl%26src%3Dart%26jobid%3D160232298%26_mid%3D30 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Tue, 24 Aug 2021 23:07:51 GMT Content-Encoding gzip Last-Modified Sat, 06 Jun 2020 12:09:08 GMT Server Apache/2.4.33 (Ubuntu) ETag "7d4c-5a7693eb3c654-gzip" Vary Accept-Encoding Content-Type text/css Server-Timing dtRpid;desc="-90461483" Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 7893
GET H/1.1	200 OK	jquery-ui.theme.min.css wave2.5flow.net/js/jquery/	14 KB 3 KB	60ms 24ms	Stylesheet text/css	92.79.87.103 VODANET Internati...
General Check archive.org Show headers Download Go to Full URL https://wave2.5flow.net/js/jquery/jquery-ui.theme.min.css?1591445348 Requested by Host: wave2.5flow.net URL: https://wave2.5flow.net/index.php?act=log.in&nact=act%3Djob-apl%26src%3Dart%26jobid%3D160232298%26_mid%3D30 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 92.79.87.103 Düsseldorf, Germany, ASN3209 (VODANET International IP-Backbone of Vodafone, DE), Reverse DNS Software Apache/2.4.33 (Ubuntu) / Resource Hash `023ca8c9a46d9c6553cb0287fc8b31c6ee4f5c8d2ce02704d01ccf017f373e97` Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host wave2.5flow.net Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,/;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://wave2.5flow.net/index.php?act=log.in&nact=act%3Djob-apl%26src%3Dart%26jobid%3D160232298%26_mid%3D30 Cookie dtCookie=v_4_srv_8_sn_448290918F8B2773386BA54942BDD18C_perc_100000_ol_0_mul_1; PHPSESSID=2hf0vd5qq61b1ao3f1f08ic3s7 Connection keep-alive Referer https://wave2.5flow.net/index.php?act=log.in&nact=act%3Djob-apl%26src%3Dart%26jobid%3D160232298%26_mid%3D30 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Tue, 24 Aug 2021 23:07:51 GMT Content-Encoding gzip Last-Modified Sat, 06 Jun 2020 12:09:08 GMT Server Apache/2.4.33 (Ubuntu) ETag "3619-5a7693eb37834-gzip" Vary Accept-Encoding Content-Type text/css Server-Timing dtRpid;desc="1020600286" Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 2356
GET H/1.1	200 OK	jquery.min.js Show response wave2.5flow.net/js/jquery/	95 KB 33 KB	67ms 23ms	Script application/javascript	92.79.87.103 VODANET Internati...
General Check archive.org Show headers Download Go to Full URL https://wave2.5flow.net/js/jquery/jquery.min.js?1591445348 Requested by Host: wave2.5flow.net URL: https://wave2.5flow.net/index.php?act=log.in&nact=act%3Djob-apl%26src%3Dart%26jobid%3D160232298%26_mid%3D30 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 92.79.87.103 Düsseldorf, Germany, ASN3209 (VODANET International IP-Backbone of Vodafone, DE), Reverse DNS Software Apache/2.4.33 (Ubuntu) / Resource Hash `668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404` Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host wave2.5flow.net Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode no-cors Accept / Cache-Control no-cache Sec-Fetch-Dest script Referer https://wave2.5flow.net/index.php?act=log.in&nact=act%3Djob-apl%26src%3Dart%26jobid%3D160232298%26_mid%3D30 Cookie dtCookie=v_4_srv_8_sn_448290918F8B2773386BA54942BDD18C_perc_100000_ol_0_mul_1; PHPSESSID=2hf0vd5qq61b1ao3f1f08ic3s7 Connection keep-alive Referer https://wave2.5flow.net/index.php?act=log.in&nact=act%3Djob-apl%26src%3Dart%26jobid%3D160232298%26_mid%3D30 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Tue, 24 Aug 2021 23:07:51 GMT Content-Encoding gzip Last-Modified Sat, 06 Jun 2020 12:09:08 GMT Server Apache/2.4.33 (Ubuntu) ETag "17b8b-5a7693eb3c654-gzip" Vary Accept-Encoding Content-Type application/javascript Server-Timing dtRpid;desc="1081000826" Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 33760
GET H/1.1	200 OK	jquery-ui.min.js Show response wave2.5flow.net/js/jquery/	248 KB 67 KB	75ms 30ms	Script application/javascript	92.79.87.103 VODANET Internati...
General Check archive.org Show headers Download Go to Full URL https://wave2.5flow.net/js/jquery/jquery-ui.min.js?1591445348 Requested by Host: wave2.5flow.net URL: https://wave2.5flow.net/index.php?act=log.in&nact=act%3Djob-apl%26src%3Dart%26jobid%3D160232298%26_mid%3D30 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 92.79.87.103 Düsseldorf, Germany, ASN3209 (VODANET International IP-Backbone of Vodafone, DE), Reverse DNS Software Apache/2.4.33 (Ubuntu) / Resource Hash `28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3` Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host wave2.5flow.net Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode no-cors Accept / Cache-Control no-cache Sec-Fetch-Dest script Referer https://wave2.5flow.net/index.php?act=log.in&nact=act%3Djob-apl%26src%3Dart%26jobid%3D160232298%26_mid%3D30 Cookie dtCookie=v_4_srv_8_sn_448290918F8B2773386BA54942BDD18C_perc_100000_ol_0_mul_1; PHPSESSID=2hf0vd5qq61b1ao3f1f08ic3s7 Connection keep-alive Referer https://wave2.5flow.net/index.php?act=log.in&nact=act%3Djob-apl%26src%3Dart%26jobid%3D160232298%26_mid%3D30 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Tue, 24 Aug 2021 23:07:51 GMT Content-Encoding gzip Last-Modified Sat, 06 Jun 2020 12:09:08 GMT Server Apache/2.4.33 (Ubuntu) ETag "3dee5-5a7693eb3c654-gzip" Vary Accept-Encoding Content-Type application/javascript Transfer-Encoding chunked Server-Timing dtRpid;desc="1964235440" Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100
GET H/1.1	200 OK	wave.png wave2.5flow.net/img/login/	9 KB 10 KB	19ms 19ms	Image image/png	92.79.87.103 VODANET Internati...
General Check archive.org Show headers Download Go to Show image Full URL https://wave2.5flow.net/img/login/wave.png Requested by Host: wave2.5flow.net URL: https://wave2.5flow.net/index.php?act=log.in&nact=act%3Djob-apl%26src%3Dart%26jobid%3D160232298%26_mid%3D30 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 92.79.87.103 Düsseldorf, Germany, ASN3209 (VODANET International IP-Backbone of Vodafone, DE), Reverse DNS Software Apache/2.4.33 (Ubuntu) / Resource Hash `9b2498294039b933a3e82cb5e80340543a93a84ecb37001b3474418c205460bf` Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host wave2.5flow.net Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 Cache-Control* no-cache Sec-Fetch-Dest image Referer https://wave2.5flow.net/index.php?act=log.in&nact=act%3Djob-apl%26src%3Dart%26jobid%3D160232298%26_mid%3D30 Cookie dtCookie=v_4_srv_8_sn_448290918F8B2773386BA54942BDD18C_perc_100000_ol_0_mul_1; PHPSESSID=2hf0vd5qq61b1ao3f1f08ic3s7 Connection keep-alive Referer https://wave2.5flow.net/index.php?act=log.in&nact=act%3Djob-apl%26src%3Dart%26jobid%3D160232298%26_mid%3D30 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Tue, 24 Aug 2021 23:07:51 GMT Last-Modified Sat, 06 Jun 2020 12:09:01 GMT Server Apache/2.4.33 (Ubuntu) ETag "251a-5a7693e469552" Content-Type image/png Server-Timing dtRpid;desc="-403315288" Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 9498
GET H/1.1	200 OK	btn-login.gif wave2.5flow.net/cust/img/login/	1 KB 2 KB	19ms 19ms	Image image/gif	92.79.87.103 VODANET Internati...
General Check archive.org Show headers Download Go to Show image Full URL https://wave2.5flow.net/cust/img/login/btn-login.gif Requested by Host: wave2.5flow.net URL: https://wave2.5flow.net/index.php?act=log.in&nact=act%3Djob-apl%26src%3Dart%26jobid%3D160232298%26_mid%3D30 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 92.79.87.103 Düsseldorf, Germany, ASN3209 (VODANET International IP-Backbone of Vodafone, DE), Reverse DNS Software Apache/2.4.33 (Ubuntu) / Resource Hash `4763599aedc788784ba1a6b0f38c3ff914b9db14d1bf0855cc3b712285c6f29f` Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host wave2.5flow.net Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 Cache-Control* no-cache Sec-Fetch-Dest image Referer https://wave2.5flow.net/index.php?act=log.in&nact=act%3Djob-apl%26src%3Dart%26jobid%3D160232298%26_mid%3D30 Cookie dtCookie=v_4_srv_8_sn_448290918F8B2773386BA54942BDD18C_perc_100000_ol_0_mul_1; PHPSESSID=2hf0vd5qq61b1ao3f1f08ic3s7; rxVisitor=16298464713949DVOTB29V7FFUNMO22M55KGLE4QGJQCV; dtSa=-; dtLatC=67; rxvt=1629848271401\|1629846471395; dtPC=8$246471391_895h1vPHHUHOCHHWKPRRBRBSPABOAMMOVPKAWV-0e1 Connection keep-alive Referer https://wave2.5flow.net/index.php?act=log.in&nact=act%3Djob-apl%26src%3Dart%26jobid%3D160232298%26_mid%3D30 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Tue, 24 Aug 2021 23:07:51 GMT Last-Modified Sat, 06 Jun 2020 12:08:57 GMT Server Apache/2.4.33 (Ubuntu) ETag "533-5a7693e009385" Content-Type image/gif Server-Timing dtRpid;desc="1936507473" Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 1331
GET H/1.1	200 OK	cust.png wave2.5flow.net/cust/img/login/	5 KB 6 KB	22ms 21ms	Image image/png	92.79.87.103 VODANET Internati...
General Check archive.org Show headers Download Go to Show image Full URL https://wave2.5flow.net/cust/img/login/cust.png Requested by Host: wave2.5flow.net URL: https://wave2.5flow.net/index.php?act=log.in&nact=act%3Djob-apl%26src%3Dart%26jobid%3D160232298%26_mid%3D30 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 92.79.87.103 Düsseldorf, Germany, ASN3209 (VODANET International IP-Backbone of Vodafone, DE), Reverse DNS Software Apache/2.4.33 (Ubuntu) / Resource Hash `ba967bb1818f430f698044a0bb2b7db3632f99809a366a64e62d0e9d966b8efb` Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host wave2.5flow.net Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 Cache-Control* no-cache Sec-Fetch-Dest image Referer https://wave2.5flow.net/index.php?act=log.in&nact=act%3Djob-apl%26src%3Dart%26jobid%3D160232298%26_mid%3D30 Cookie dtCookie=v_4_srv_8_sn_448290918F8B2773386BA54942BDD18C_perc_100000_ol_0_mul_1; PHPSESSID=2hf0vd5qq61b1ao3f1f08ic3s7; rxVisitor=16298464713949DVOTB29V7FFUNMO22M55KGLE4QGJQCV; dtSa=-; dtLatC=67; rxvt=1629848271401\|1629846471395; dtPC=8$246471391_895h1vPHHUHOCHHWKPRRBRBSPABOAMMOVPKAWV-0e1 Connection keep-alive Referer https://wave2.5flow.net/index.php?act=log.in&nact=act%3Djob-apl%26src%3Dart%26jobid%3D160232298%26_mid%3D30 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Tue, 24 Aug 2021 23:07:51 GMT Last-Modified Sat, 06 Jun 2020 12:08:57 GMT Server Apache/2.4.33 (Ubuntu) ETag "15a5-5a7693e007445" Content-Type image/png Server-Timing dtRpid;desc="-832411868" Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 5541
GET H/1.1	200 OK	sprite.png wave2.5flow.net/img/ico/16/	35 KB 35 KB	19ms 18ms	Image image/png	92.79.87.103 VODANET Internati...
General Check archive.org Show headers Download Go to Show image Full URL https://wave2.5flow.net/img/ico/16/sprite.png Requested by Host: wave2.5flow.net URL: https://wave2.5flow.net/htm/default/css/style.css?1614333562 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 92.79.87.103 Düsseldorf, Germany, ASN3209 (VODANET International IP-Backbone of Vodafone, DE), Reverse DNS Software Apache/2.4.33 (Ubuntu) / Resource Hash `112578a0f2ebdfbcf285e07be574142000904c76eab58e3c9a80b47621ffc2eb` Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host wave2.5flow.net Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 Cache-Control* no-cache Sec-Fetch-Dest image Referer https://wave2.5flow.net/htm/default/css/style.css?1614333562 Cookie dtCookie=v_4_srv_8_sn_448290918F8B2773386BA54942BDD18C_perc_100000_ol_0_mul_1; PHPSESSID=2hf0vd5qq61b1ao3f1f08ic3s7; rxVisitor=16298464713949DVOTB29V7FFUNMO22M55KGLE4QGJQCV; dtSa=-; dtLatC=67; rxvt=1629848271401\|1629846471395; dtPC=8$246471391_895h1vPHHUHOCHHWKPRRBRBSPABOAMMOVPKAWV-0e1 Connection keep-alive Referer https://wave2.5flow.net/htm/default/css/style.css?1614333562 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Tue, 24 Aug 2021 23:07:51 GMT Last-Modified Sat, 06 Jun 2020 12:09:01 GMT Server Apache/2.4.33 (Ubuntu) ETag "8cb0-5a7693e4a0051" Content-Type image/png Server-Timing dtRpid;desc="-1534538972" Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 36016
POST H/1.1	200 OK	Cookie set rb_bf55107ctp Show response wave2.5flow.net/	146 B 545 B	20ms 19ms	XHR text/plain	92.79.87.103 VODANET Internati...
General Check archive.org Show headers Download Go to Full URL https://wave2.5flow.net/rb_bf55107ctp?type=js3&sn=v_4_srv_8_sn_448290918F8B2773386BA54942BDD18C_perc_100000_ol_0_mul_1&svrid=8&flavor=post&vi=PHHUHOCHHWKPRRBRBSPABOAMMOVPKAWV-0&modifiedSince=1628615828829&rf=https%3A%2F%2Fwave2.5flow.net%2Findex.php%3Fact%3Dlog.in%26nact%3Dact%253Djob-apl%2526src%253Dart%2526jobid%253D160232298%2526_mid%253D30&bp=3&app=7d0f8f336a5db459&crc=3044672676&en=a97d9bxs&end=1 Requested by Host: wave2.5flow.net URL: https://wave2.5flow.net/ruxitagentjs_ICA2SVfqru_10221210805073954.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 92.79.87.103 Düsseldorf, Germany, ASN3209 (VODANET International IP-Backbone of Vodafone, DE), Reverse DNS Software Apache/2.4.33 (Ubuntu) / Resource Hash `211c0d3cec6bbe91d4d56a7b86378af3cb659541130011059f6a6c3eb51bd576` Request headers Sec-Fetch-Mode cors Origin https://wave2.5flow.net Accept-Encoding gzip, deflate, br Accept-Language en-US Sec-Fetch-Dest empty Cookie dtCookie=v_4_srv_8_sn_448290918F8B2773386BA54942BDD18C_perc_100000_ol_0_mul_1; PHPSESSID=2hf0vd5qq61b1ao3f1f08ic3s7; rxVisitor=16298464713949DVOTB29V7FFUNMO22M55KGLE4QGJQCV; dtSa=-; dtLatC=67; rxvt=1629848271452\|1629846471395; dtPC=8$246471391_895h-vPHHUHOCHHWKPRRBRBSPABOAMMOVPKAWV-0e1 Connection keep-alive Content-Length 1441 Pragma no-cache Host wave2.5flow.net User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type text/plain;charset=UTF-8 Accept / Cache-Control no-cache Referer https://wave2.5flow.net/index.php?act=log.in&nact=act%3Djob-apl%26src%3Dart%26jobid%3D160232298%26_mid%3D30 Sec-Fetch-Site same-origin Referer https://wave2.5flow.net/index.php?act=log.in&nact=act%3Djob-apl%26src%3Dart%26jobid%3D160232298%26_mid%3D30 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Tue, 24 Aug 2021 23:07:52 GMT Content-Encoding gzip Server Apache/2.4.33 (Ubuntu) Vary Accept-Encoding Content-Type text/plain; charset=utf-8 Set-Cookie dtCookie=v_4_srv_8_sn_448290918F8B2773386BA54942BDD18C_perc_100000_ol_0_mul_1_app-3A7d0f8f336a5db459_0; Path=/; Domain=.5flow.net Connection Keep-Alive Keep-Alive timeout=5, max=94 Content-Length 150

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| dT_ object| dtrum undefined| $ function| jQuery

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.5flow.net/	1969-12-31 23:59:59	Name: dtPC Value: 8$246471391_895h2vPHHUHOCHHWKPRRBRBSPABOAMMOVPKAWV-0e1
			.5flow.net/	1969-12-31 23:59:59	Name: rxvt Value: 1629848271452\|1629846471395
			.5flow.net/	1969-12-31 23:59:59	Name: dtLatC Value: 67
			.5flow.net/	1969-12-31 23:59:59	Name: dtSa Value: -
			.5flow.net/	1969-12-31 23:59:59	Name: rxVisitor Value: 16298464713949DVOTB29V7FFUNMO22M55KGLE4QGJQCV
			.wave2.5flow.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: 2hf0vd5qq61b1ao3f1f08ic3s7
			.5flow.net/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_8_sn_448290918F8B2773386BA54942BDD18C_perc_100000_ol_0_mul_1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

wave2.5flow.net
92.79.87.103
023ca8c9a46d9c6553cb0287fc8b31c6ee4f5c8d2ce02704d01ccf017f373e97
112578a0f2ebdfbcf285e07be574142000904c76eab58e3c9a80b47621ffc2eb
211c0d3cec6bbe91d4d56a7b86378af3cb659541130011059f6a6c3eb51bd576
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
4763599aedc788784ba1a6b0f38c3ff914b9db14d1bf0855cc3b712285c6f29f
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
83f3932336ca417ff6b4c62f7764d8a58ead56742385cbf08f73739d6a58f303
9b2498294039b933a3e82cb5e80340543a93a84ecb37001b3474418c205460bf
ac1c8f94750b39b12327a5d0c56fdf946dabfb6d91e5d2a202879ff9a5d67e29
ba967bb1818f430f698044a0bb2b7db3632f99809a366a64e62d0e9d966b8efb
dc3a5941c76c744632fc3e352c1a81cec8c6951d617f8e4e9a9430ba9080ec62
de3a1b62564b50769810d2a7e2925488f3286e31525e5cd71fcb30980e4bfa99
e9c7b29396f42d5c30a694198a4261d52d64119fe3bdfdfef21351dd92b3537c