gwaher.com Open in urlscan Pro
2606:4700:3035::ac43:870f Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gwaher.com/
Effective URL:
https://gwaher.com/login
Submission: On January 25 via api (January 25th 2024, 12:50:41 am UTC) from US — Scanned from DE

Summary HTTP 15 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 15 HTTP transactions. The main IP is 2606:4700:3035::ac43:870f, located in United States and belongs to CLOUDFLARENET, US. The main domain is gwaher.com.
TLS certificate: Issued by GTS CA 1P5 on January 2nd 2024. Valid for: 3 months.

This is the only time gwaher.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3034::6815:6ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 10	2606:4700:303... 2606:4700:3035::ac43:870f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6811:3b8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	3

1 2606:4700:3034::6815:6ab (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

gwaher.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:3035::ac43:870f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

gwaher.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:3b8 (United States)

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	gwaher.com 2 redirects gwaher.com	157 KB
4	cloudflare.com challenges.cloudflare.com — Cisco Umbrella Rank: 5168	26 KB
15	2

	Domain	Requested by
11	gwaher.com	2 redirects gwaher.com
4	challenges.cloudflare.com	gwaher.com challenges.cloudflare.com
15	2

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com

Subject Issuer	Validity	Valid
gwaher.com GTS CA 1P5	`2024-01-02` - `2024-04-01`	3 months	crt.sh
challenges.cloudflare.com Cloudflare Inc ECC CA-3	`2023-08-18` - `2024-08-17`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://gwaher.com/login
Frame ID: A8944E946726DF092B693226D159DEB8
Requests: 13 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/n72hq/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
Frame ID: 061268FB2AC7BBC37F3FC16377EC66AA
Requests: 1 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/d6h59/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
Frame ID: FD0F10189770C4587903AFBD0B235515
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Just a moment...

Page URL History Show full URLs

http://gwaher.com/ HTTP 301
https://gwaher.com/ HTTP 301
https://gwaher.com/login Page URL
https://gwaher.com/login Page URL

Page Statistics

15
Requests

87 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

182 kB
Transfer

473 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cloudflare.com/?utm_source=challenge&utm_campaign=j
Title: Cloudflare

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gwaher.com/ HTTP 301
https://gwaher.com/ HTTP 301
https://gwaher.com/login Page URL
https://gwaher.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://gwaher.com/ HTTP 301
https://gwaher.com/ HTTP 301
https://gwaher.com/login

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

403

http://gwaher.com/
https://gwaher.com/
https://gwaher.com/login

12 KB
7 KB

12ms
11ms

Document
text/html

2606:4700:3035::ac43:870f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gwaher.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:870f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06d5295736cd88c33042a5f8b13d8f6525bf8b62ab633398a7969207041b5b19

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated: challenge
cf-ray: 84ac85e5dbdb2bf6-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Thu, 25 Jan 2024 00:50:37 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KFmdfabkEgKLPU0uBNvClmsnWnH2xfp7qa4m4dYDQx2g%2BVqUhZkELWfUtwUiGompO015hy5XgeOVZJJEN4JJIW5Ff17dRkfPZpFAFCgWMHqAP3lVesAVKgxEEaSps%2F3hCruqDQtQ0KqT"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84ac85e3dac22bf6-FRA
content-type: text/html; charset=iso-8859-1
date: Thu, 25 Jan 2024 00:50:37 GMT
location: https://gwaher.com/login
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K3wa1Zh9r9PgF6fP7D%2FqOgcQAE%2BHCv9zLBacOCeGXTZbPv0vRV9a68PV2nI3cA9oBMXJRxAFXhK5kIjuirfwsYLPvxwhnlw0s2rx84t5lXr3t8jXpM4NgrLPw%2FiwwXg39%2BVvV8ZX4zHC"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 v1 Show response
gwaher.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/ 177 KB
60 KB 16ms
16ms Script
application/javascript 2606:4700:3035::ac43:870f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gwaher.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=84ac85e5dbdb2bf6
Requested by: Host: gwaher.com
URL: https://gwaher.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:870f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd9ed3d338aa5ccfb40d2ec18383b7fd11d3eba8a31832a1190c462db8b0f9fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gwaher.com/login?__cf_chl_rt_tk=IU0DL8447v6ntqzgdLoNOy0Xp5MBL05Kq.yBQkSz3zE-1706143837-0-gaNycGzNCZA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 00:50:37 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VsU1aJJ%2B9hHq%2BqR8vDHYCKa1t5DaHjwClOhU2WciiNi%2BJSKSoVK49pUeZB%2BtM95Y4vX6H9Ex96JlXTfQ7LUMfOlLUxDC1%2FA%2BMND1118LFsSA5pMX0UDIlHzJOnZiMU1iuYi62AxLm2Rs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 84ac85e60c062bf6-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 api.js Show response
challenges.cloudflare.com/turnstile/v0/g/ea25f566/ 37 KB
13 KB 48ms
31ms Script
application/javascript 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/g/ea25f566/api.js?onload=xZNcr9&render=explicit
Requested by: Host: gwaher.com
URL: https://gwaher.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=84ac85e5dbdb2bf6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18cbe0edc0b01c71a6c3ffe704550a8bb1cfe7e02839b7dbdc9c44288bf8b59c

Request headers

Referer
Origin: https://gwaher.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 00:50:37 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 84ac85e6586f1c42-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 favicon.ico
gwaher.com/ 2 KB
2 KB 361ms
361ms Image
text/html 2606:4700:3035::ac43:870f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gwaher.com/favicon.ico
Requested by: Host: gwaher.com
URL: https://gwaher.com/login
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:870f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 845c67fced6c30bcda475ad33ed000d34f04b9e5a71657c27ea76a9f74e47eca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gwaher.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 00:50:37 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8bUYDQctjkC%2FYkrCaqlZ4rNTTqQ%2BnRE6YECVMsfGmOg0EeKoWemHkQIjB%2Fd8FJbXP61KhZEyAO00yDc93CRKoOd5z3oo8wfcv7IwBz%2BRwt51q0RNu%2Bi7QfX%2FNmjq8Jvkx9XZp9bwOk8W"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 84ac85e65f240e14-AMS
alt-svc: h3=":443"; ma=86400

GET
BLOB 200
OK 564daf9e-5b9f-4ca4-93e7-f06b7ee8ba10
https://gwaher.com/ 13 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://gwaher.com/564daf9e-5b9f-4ca4-93e7-f06b7ee8ba10
Requested by: Host: gwaher.com
URL: https://gwaher.com/login
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gwaher.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 13
Content-Type: text/javascript

POST
H3 200 db2f6c5cb359eea Show response
gwaher.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1436056544:1706141188:zu02UjBxnvqBCym9ltdgR-0HqMbX2BTSVhpkKgI8Bns/84ac85e5dbdb2bf6/ 13 KB
10 KB 35ms
35ms XHR
text/plain 2606:4700:3035::ac43:870f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gwaher.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1436056544:1706141188:zu02UjBxnvqBCym9ltdgR-0HqMbX2BTSVhpkKgI8Bns/84ac85e5dbdb2bf6/db2f6c5cb359eea
Requested by: Host: gwaher.com
URL: https://gwaher.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=84ac85e5dbdb2bf6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:870f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0511d2d410c2d75f3547a2f6bb2f73eadc77c34414452f315aab9c7363eda7e4

Request headers

Referer: https://gwaher.com/login
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
CF-Challenge: db2f6c5cb359eea
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 25 Jan 2024 00:50:37 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=24ERK7UCvwDMhihvj3Nftzhi0Tw1D7YqWa0djD0eI%2BJj5Cyzd3WhauacXmm0rjqWkwUGLplusH3N7eHLwVIcUAKCjwdypUvm5mH6b2JaibUG05b%2FFnPJNFjRRERVn5owqYZoYsZf%2BxlE"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 84ac85e6ffa90e14-AMS
alt-svc: h3=":443"; ma=86400
cf-chl-gen: liTOP5aydTPYlOtqe+qNNF67Orq6sL1HM8QrVjTYUBOB7mVrEDgorxUWw4i5buAw$mSFjN96i4ET7PbWTQq7FEw==

GET
H3 200 normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/n72hq/0x4AAAAAAADnOjc0PNeA8qVm/light/ Frame 0612 0
0 25ms
16ms Document
text/html 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/n72hq/0x4AAAAAAADnOjc0PNeA8qVm/light/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/ea25f566/api.js?onload=xZNcr9&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 84ac85e74b212bdc-FRA
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 00:50:37 GMT
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

POST
H3 200 db2f6c5cb359eea Show response
gwaher.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1436056544:1706141188:zu02UjBxnvqBCym9ltdgR-0HqMbX2BTSVhpkKgI8Bns/84ac85e5dbdb2bf6/ 2 KB
2 KB 30ms
30ms XHR
text/html 2606:4700:3035::ac43:870f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gwaher.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1436056544:1706141188:zu02UjBxnvqBCym9ltdgR-0HqMbX2BTSVhpkKgI8Bns/84ac85e5dbdb2bf6/db2f6c5cb359eea
Requested by: Host: gwaher.com
URL: https://gwaher.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=84ac85e5dbdb2bf6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:870f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c501ffc12a9d190716a7cb53dc0d1e45c1d300f9f1b4c735e8e7528655698e1

Request headers

Referer: https://gwaher.com/login
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
CF-Challenge: db2f6c5cb359eea
Content-type: application/x-www-form-urlencoded

Response headers

cf-chl-out: eWY1fMo2pBUxOnvgLyurB8CuSQCxcTgZ5vz4elYcGlmaOL2MtvPwBeiqcouOwvX2N3+jNKyiGYi8XAyqt69OLr5iLjffDCz3M83PC0Cbdqs=$1gqhTk9RpXhsK/VUYq81bw==
cf-chl-out-s: uN8CLM+/qaCu+MA/WVi95F0ZkPpfRnF1W0HYmWaHpmzOQyS7TQEtt6LeP1mvH5ya8dgI6SSFcp0snWpuriiEwvrY1JO3e1qr9lenvgUuQHQ=$/R6cR7GnyYJhrN/IHFqu1A==
date: Thu, 25 Jan 2024 00:50:38 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RgTX6KnsnefpbqZnmn75BWXFJAL90S0SHT9X%2B7nzUR65r8ef9inQ8uqkCqFcxt6iQocfO4riVZDg8cJb9e61HR3wLat9PZ1R5a5Fg3bwLwzndZoSQwNbx6t%2BgBapwPaGBVYfwmNrmwoq"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 84ac85ecac5d0e14-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 403 Primary Request login Show response
gwaher.com/ 12 KB
7 KB 21ms
21ms Document
text/html 2606:4700:3035::ac43:870f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gwaher.com/login

Requested by

Host: gwaher.com
URL: https://gwaher.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=84ac85e5dbdb2bf6

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:870f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4d8dfc73a9a0490055faccf1d2913eb23c391eb1a49b60eef8f7a0de73544be

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://gwaher.com/login
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated: challenge
cf-ray: 84ac85f95ece0e14-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Thu, 25 Jan 2024 00:50:40 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lv0bLEKcr17RPHvfYT0zak6sqxzlzaFPAC7MUkXG1podEYi8aFefbplPpwFx8db03YindzA0diEkdKPGTpUY8rG1fbmaKPntVd%2FTzeonpX6NSW08I2FKlZIiHGwJvvRnSO1k1BzDaEwj"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H3 200 v1 Show response
gwaher.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/ 168 KB
57 KB 27ms
27ms Script
application/javascript 2606:4700:3035::ac43:870f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gwaher.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=84ac85f95ece0e14
Requested by: Host: gwaher.com
URL: https://gwaher.com/login
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:870f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d992c9eae42c4618c480094c3ec55e00ba3c277d0c953b00563dd632d228cdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gwaher.com/login?__cf_chl_rt_tk=Ol86SKeTTYRsVLuWj83X24ccRlc6q7JL_XK.PJ6tVdQ-1706143840-0-gaNycGzNCZA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 00:50:40 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ezGCP9xQLXzNrGktyyEamh5eyZ34dtVWW54fY%2FtSDkhlIA%2BLdtSvldN0ncZJdoI%2B8yW63IHrG9%2BXCge8awy0jbwtPiSPCIx2TbEShslJSnN8L5APsf%2FWlY4YZQ3sMtWGBYSBjqZogoMF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 84ac85f99efa0e14-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 api.js Show response
challenges.cloudflare.com/turnstile/v0/g/ea25f566/ 37 KB
13 KB 27ms
26ms Script
application/javascript 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/g/ea25f566/api.js?onload=xZNcr9&render=explicit
Requested by: Host: gwaher.com
URL: https://gwaher.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=84ac85f95ece0e14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18cbe0edc0b01c71a6c3ffe704550a8bb1cfe7e02839b7dbdc9c44288bf8b59c

Request headers

Referer
Origin: https://gwaher.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 00:50:40 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 84ac85f9fdf51c42-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 favicon.ico
gwaher.com/ 2 KB
2 KB 197ms
197ms Image
text/html 2606:4700:3035::ac43:870f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gwaher.com/favicon.ico
Requested by: Host: gwaher.com
URL: https://gwaher.com/login
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:870f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 845c67fced6c30bcda475ad33ed000d34f04b9e5a71657c27ea76a9f74e47eca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gwaher.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 00:50:40 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zXTXcbQdWOVAPuDb63BWiJbW6bS44Q8UpKiIbmG42uxfNslkOp%2BgydoS%2Bn27Oh%2FzNAa3gUis7R5b%2BUOr8eEp6UAEI2iUql3ZhSBM4KVhGd1%2Fz1V0Xe3cpMmCCnnV0FUXHrrjjZr1rllS"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 84ac85fa0f6c0e14-AMS
alt-svc: h3=":443"; ma=86400

GET
BLOB 200
OK 9ad29b52-7050-4ce0-a79a-2008f9ee0a3d
https://gwaher.com/ 13 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://gwaher.com/9ad29b52-7050-4ce0-a79a-2008f9ee0a3d
Requested by: Host: gwaher.com
URL: https://gwaher.com/login
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gwaher.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 13
Content-Type: text/javascript

POST
H3 200 6b5dea56cc795e8 Show response
gwaher.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1243576403:1706141237:4PiQPMNFlO7nNew7ham0X9asGrC7mR9UckXsx7HuSVg/84ac85f95ece0e14/ 13 KB
10 KB 36ms
36ms XHR
text/plain 2606:4700:3035::ac43:870f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gwaher.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1243576403:1706141237:4PiQPMNFlO7nNew7ham0X9asGrC7mR9UckXsx7HuSVg/84ac85f95ece0e14/6b5dea56cc795e8
Requested by: Host: gwaher.com
URL: https://gwaher.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=84ac85f95ece0e14
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:870f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f8238cdb64f1f20b52158090c5b49222bc821a5c6b7f98b21cb01d101cde733

Request headers

Referer: https://gwaher.com/login
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
CF-Challenge: 6b5dea56cc795e8
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 25 Jan 2024 00:50:40 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2qEyA%2BFq88hwGHtVU%2FPMrB0MJEfiQMgWDkV7WpwPKDoqHdP0sFShC6OjbSRt92%2B3YdODeNzd9o6bhSI7uS1KhBeRkVV33dH%2FmRRPZSQb%2BpLIRfjaTBkGbdAJ5HeyqpnmBv7sLvCb06sg"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 84ac85fab8320e14-AMS
alt-svc: h3=":443"; ma=86400
cf-chl-gen: 1FnTLC8kxhtZSFsz0iHH2Z7zbRW7UZCkD9LItQ0zd0nyYHCpX9mvCeZxGZllQcC2$xvF6O/ksS7YiCw6R+JuG6A==

GET
H3 200 normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/d6h59/0x4AAAAAAADnOjc0PNeA8qVm/light/ Frame FD0F 0
0 20ms
19ms Document
text/html 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/d6h59/0x4AAAAAAADnOjc0PNeA8qVm/light/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/ea25f566/api.js?onload=xZNcr9&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 84ac85fafe2d2bdc-FRA
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 00:50:40 GMT
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			gwaher.com/	1970-01-20 17:55:51	Name: csrf_cookie_name Value: 4a5a68c702cf1a065a5e11bb0903f58c
			gwaher.com/	1970-01-20 17:55:47	Name: cf_chl_rc_ni Value: 1

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'browsing-topics'.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://gwaher.com/login Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://gwaher.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'browsing-topics'.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://gwaher.com/login Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://gwaher.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
gwaher.com
2606:4700:3034::6815:6ab
2606:4700:3035::ac43:870f
2606:4700::6811:3b8
0511d2d410c2d75f3547a2f6bb2f73eadc77c34414452f315aab9c7363eda7e4
06d5295736cd88c33042a5f8b13d8f6525bf8b62ab633398a7969207041b5b19
18cbe0edc0b01c71a6c3ffe704550a8bb1cfe7e02839b7dbdc9c44288bf8b59c
3f8238cdb64f1f20b52158090c5b49222bc821a5c6b7f98b21cb01d101cde733
7d992c9eae42c4618c480094c3ec55e00ba3c277d0c953b00563dd632d228cdc
845c67fced6c30bcda475ad33ed000d34f04b9e5a71657c27ea76a9f74e47eca
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04
9c501ffc12a9d190716a7cb53dc0d1e45c1d300f9f1b4c735e8e7528655698e1
dd9ed3d338aa5ccfb40d2ec18383b7fd11d3eba8a31832a1190c462db8b0f9fc
f4d8dfc73a9a0490055faccf1d2913eb23c391eb1a49b60eef8f7a0de73544be

gwaher.com Open in urlscan Pro 2606:4700:3035::ac43:870f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

15 Requests

87 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

3 IPs

1 Countries

182 kBTransfer

473 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

2 Cookies

8 Console Messages

Security Headers

Indicators

gwaher.com Open in urlscan Pro
2606:4700:3035::ac43:870f Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

87 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

182 kB
Transfer

473 kB
Size

2
Cookies

15 HTTP transactions
0 data transactions