gemwin.doctor Open in urlscan Pro
172.67.160.179 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://gemwin.doctor/
Effective URL:
https://gemwin.doctor/?password-protected=login&redirect_to=https%3A%2F%2Fgemwin.doctor%2F
Submission: On July 20 via api (July 20th 2024, 3:05:38 pm UTC) from US — Scanned from CA

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 8 HTTP transactions. The main IP is 172.67.160.179, located in United States and belongs to CLOUDFLARENET, US. The main domain is gemwin.doctor.
TLS certificate: Issued by WE1 on July 18th 2024. Valid for: 3 months.

This is the only time gemwin.doctor was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 9	172.67.160.179 172.67.160.179		13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	1

9 172.67.160.179 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

gemwin.doctor	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	gemwin.doctor 1 redirects gemwin.doctor	53 KB
8	1

	Domain	Requested by
9	gemwin.doctor	1 redirects gemwin.doctor
8	1

This site contains no links.

Subject Issuer	Validity	Valid
gemwin.doctor WE1	`2024-07-18` - `2024-10-16`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://gemwin.doctor/?password-protected=login&redirect_to=https%3A%2F%2Fgemwin.doctor%2F
Frame ID: 719AECC6CE9F2C3FCB0E033B92A737A7
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

flatsome-init

Page URL History Show full URLs

https://gemwin.doctor/ HTTP 302
https://gemwin.doctor/?password-protected=login&redirect_to=https%3A%2F%2Fgemwin.doctor%2F Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

52 kB
Transfer

107 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://gemwin.doctor/ HTTP 302
https://gemwin.doctor/?password-protected=login&redirect_to=https%3A%2F%2Fgemwin.doctor%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response gemwin.doctor/ Redirect Chain https://gemwin.doctor/ https://gemwin.doctor/?password-protected=login&redirect_to=https%3A%2F%2Fgemwin.doctor%2F	3 KB 1 KB	523ms 522ms	Document text/html	172.67.160.179 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gemwin.doctor/?password-protected=login&redirect_to=https%3A%2F%2Fgemwin.doctor%2F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.160.179 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.1.28 Resource Hash `0f732871b5fe72bac58385387be4fbf5d63273ca7a0605e7345a31d8f5b68c17` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cache-control no-cache, must-revalidate, max-age=0 cf-cache-status DYNAMIC cf-ray 8a63d99d4d12ab60-YYZ content-encoding br content-type text/html; charset=UTF-8 date Sat, 20 Jul 2024 15:05:33 GMT expires Wed, 11 Jan 1984 05:00:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} platform hostinger report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jRZR9ShedDWLkD9yrnsQrrJ0UWbx%2Bt%2BJHJEtjkHAMoVpvu3u%2BIY3%2BYyeru32iVK4wc2s5bTgxcbOt5v5D2MYBOxkkpBYSeO3tY7WD5dnjBRbOeiUyuymXHs%2FwUi8RCSr"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/8.1.28 x-turbo-charged-by LiteSpeed Redirect headers alt-svc h3=":443"; ma=86400 cache-control no-cache, no-store, must-revalidate, max-age=0 cf-cache-status DYNAMIC cf-ray 8a63d997c8d8ab60-YYZ content-type text/html; charset=UTF-8 date Sat, 20 Jul 2024 15:05:32 GMT expires Wed, 11 Jan 1984 05:00:00 GMT location https://gemwin.doctor/?password-protected=login&redirect_to=https%3A%2F%2Fgemwin.doctor%2F nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} platform hostinger report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5EtQkC83hEELKb6aUqS5T23IfVEmiT30VVEDtcTE%2B1%2Br4Ogq16bZi5uZGRXLX73%2B42iXtRjxSOzgnua0BkEWhT871NkeTzxALTNpWSxA4P9XT8tPc6B4NcGFCv2rdW1i"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/8.1.28 x-redirect-by WordPress x-turbo-charged-by LiteSpeed
GET H3	200	dashicons.min.css gemwin.doctor/wp-includes/css/	58 KB 35 KB	815ms 801ms	Stylesheet text/css	172.67.160.179 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gemwin.doctor/wp-includes/css/dashicons.min.css?ver=6.6 Requested by Host: gemwin.doctor URL: https://gemwin.doctor/?password-protected=login&redirect_to=https%3A%2F%2Fgemwin.doctor%2F Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.160.179 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e` Request headers Referer https://gemwin.doctor/?password-protected=login&redirect_to=https%3A%2F%2Fgemwin.doctor%2F User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 15:05:34 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 last-modified Fri, 19 Jul 2024 04:57:59 GMT server cloudflare etag W/"e688-6699f257-c919c1a2d7456d2f;br" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wt6B5%2Bveu8Ihjkq6ERXZQAVV3yra0zFWVXwvFKFA46rx5iQslbUuOR73P%2Bq%2Bf0gbxDFVbRkyXqo7o3dUzataEJm919ERsVhPRS4uwa7Qw2tXtrNXNs2TyC0MqVt5xT%2FB"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed platform hostinger cf-ray 8a63d9a0d918ab3c-YYZ expires Sat, 27 Jul 2024 15:05:33 GMT
GET H3	200	buttons.min.css gemwin.doctor/wp-includes/css/	6 KB 2 KB	589ms 575ms	Stylesheet text/css	172.67.160.179 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gemwin.doctor/wp-includes/css/buttons.min.css?ver=6.6 Requested by Host: gemwin.doctor URL: https://gemwin.doctor/?password-protected=login&redirect_to=https%3A%2F%2Fgemwin.doctor%2F Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.160.179 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d5a5fea14a12ec9ee91f044a7ff810602662c97d3fad8728497ea4e8c5aef0eb` Request headers Referer https://gemwin.doctor/?password-protected=login&redirect_to=https%3A%2F%2Fgemwin.doctor%2F User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 15:05:34 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 last-modified Fri, 19 Jul 2024 04:57:59 GMT server cloudflare etag W/"17ad-6699f257-5360ef5c6fc1c41d;br" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PMk6XCWo1L34XL8sH3rIZHK0yR2ag7EVZgaEWKZtUyCxCsIyW81o%2FavywL0Sj0xIZHVSuM%2BXrDU8FH0hh1A4bmujrI5twqJG8PjT0PHNyQX3uR1NXX6x8QE%2FPfu7bnGv"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed platform hostinger cf-ray 8a63d9a0d919ab3c-YYZ expires Sat, 27 Jul 2024 15:05:33 GMT
GET H3	200	forms.min.css gemwin.doctor/wp-admin/css/	28 KB 7 KB	563ms 549ms	Stylesheet text/css	172.67.160.179 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gemwin.doctor/wp-admin/css/forms.min.css?ver=6.6 Requested by Host: gemwin.doctor URL: https://gemwin.doctor/?password-protected=login&redirect_to=https%3A%2F%2Fgemwin.doctor%2F Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.160.179 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `87340ff69f885cba81092ed2401a4f82e6a9ed37ed7fde4a8e4cbcad79887195` Request headers Referer https://gemwin.doctor/?password-protected=login&redirect_to=https%3A%2F%2Fgemwin.doctor%2F User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 15:05:34 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 last-modified Fri, 19 Jul 2024 04:58:00 GMT server cloudflare etag W/"6f8f-6699f258-3bba91d426cc39e6;br" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q%2FhCN6uA0vOePg5MLB1nXCni2euJwSQVpl63XxjMQ9O7Bt5pIPV2corr7UwoEMhZOa5iKrwu3RYRjXZqSd1F0BMb3Yfc%2BM18w3lJBAKOZldAuSlZcqCJ%2B1%2F6iMq7Er%2FW"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed platform hostinger cf-ray 8a63d9a0d91aab3c-YYZ expires Sat, 27 Jul 2024 15:05:33 GMT
GET H3	200	l10n.min.css gemwin.doctor/wp-admin/css/	3 KB 1 KB	562ms 549ms	Stylesheet text/css	172.67.160.179 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gemwin.doctor/wp-admin/css/l10n.min.css?ver=6.6 Requested by Host: gemwin.doctor URL: https://gemwin.doctor/?password-protected=login&redirect_to=https%3A%2F%2Fgemwin.doctor%2F Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.160.179 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8a77610fd0190ea9ecb57063433a619486dec13a59b1c2ce3b502b5c7cad7454` Request headers Referer https://gemwin.doctor/?password-protected=login&redirect_to=https%3A%2F%2Fgemwin.doctor%2F User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 15:05:34 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 last-modified Fri, 19 Jul 2024 04:58:00 GMT server cloudflare etag W/"c80-6699f258-c6653cea329e20c2;br" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oAw5Uab2I2m2g6NlAmiIN9D7zh5EYhWFi6tBhBw1IJQbnFT%2BgsX1rMKDJqHSk7XFDYqWLceG6jVTE8%2BNdT5Xd%2Bkalry3xpYj%2FdLUd0Hxca0kREwVs7V4qWbZTkgaANlX"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed platform hostinger cf-ray 8a63d9a0d91bab3c-YYZ expires Sat, 27 Jul 2024 15:05:33 GMT
GET H3	200	login.min.css gemwin.doctor/wp-admin/css/	6 KB 3 KB	574ms 562ms	Stylesheet text/css	172.67.160.179 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gemwin.doctor/wp-admin/css/login.min.css?ver=6.6 Requested by Host: gemwin.doctor URL: https://gemwin.doctor/?password-protected=login&redirect_to=https%3A%2F%2Fgemwin.doctor%2F Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.160.179 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8e973191f0db85e0427b674b7c187b1e0f2e3b6b2c4e2ca52bab4fd5a20d873e` Request headers Referer https://gemwin.doctor/?password-protected=login&redirect_to=https%3A%2F%2Fgemwin.doctor%2F User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 15:05:34 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 last-modified Fri, 19 Jul 2024 04:58:00 GMT server cloudflare etag W/"191a-6699f258-b7694590a6ba7a65;br" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g6Tw0p4ptoQku193ZFJMji79hDwO2X4pgTYoIw3N3xnvt3vocHj65kjM%2FUW%2BQ%2FhV1ijLGmdIr6wbTtRlmNgnGPKFN9e7aVB4bRCeef%2FIFchSM%2FUOMvo3%2FhCXDTKEXhV8"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed platform hostinger cf-ray 8a63d9a0d91cab3c-YYZ expires Sat, 27 Jul 2024 15:05:33 GMT
GET H3	200	wordpress-logo.svg gemwin.doctor/wp-admin/images/	1 KB 1 KB	571ms 571ms	Image image/svg+xml	172.67.160.179 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gemwin.doctor/wp-admin/images/wordpress-logo.svg?ver=20131107 Requested by Host: gemwin.doctor URL: https://gemwin.doctor/wp-admin/css/login.min.css?ver=6.6 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.160.179 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a0bbefd626f1e76f9245ec6c6101b679ba27412b71b32fc43eccda9db40f394b` Request headers Referer https://gemwin.doctor/wp-admin/css/login.min.css?ver=6.6 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 15:05:34 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 last-modified Fri, 19 Jul 2024 04:58:00 GMT server cloudflare etag W/"5f1-6699f258-931cbe85e85a5652;br" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WVli25k6I5fQAM%2Ba1%2BA%2FcxydO4fnETdEmT7xYlhzbzENh%2BXj5TOyUzdGxvA7jXuO5LlhPZ4pJnc5ryt333d9a7Q3%2FLD%2F5qpV8J%2Bm2%2FdYAQlcFCGyqq0hHND55yKjr2gx"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed platform hostinger cf-ray 8a63d9a64dd7ab3c-YYZ expires Sat, 27 Jul 2024 15:05:34 GMT
GET H3	404	favicon.ico gemwin.doctor/	2 KB 1 KB	555ms 554ms	Other text/html	172.67.160.179 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://gemwin.doctor/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.160.179 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e` Request headers Referer https://gemwin.doctor/?password-protected=login&redirect_to=https%3A%2F%2Fgemwin.doctor%2F User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 15:05:35 GMT content-encoding br cf-cache-status MISS last-modified Wed, 11 Jan 2023 12:29:40 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xkCpqhYhUw5wnYbM%2FHKzfpu5x7AdVeCmneqzZ%2BfCBoZsA6PShjyktiA8ersfUAYuGoEZLUXHeDtm5hkgcuP8u%2FgaRTQxYW1VOBMaT%2FUokqibFhJy9P2h3ND%2Fx0EWvjhR"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=14400 x-turbo-charged-by LiteSpeed platform hostinger cf-ray 8a63d9a9f8b7ab3c-YYZ alt-svc h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			gemwin.doctor/	1969-12-31 23:59:59	Name: wordpress_test_cookie Value: WP%20Cookie%20check

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://gemwin.doctor/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

gemwin.doctor
172.67.160.179
0f732871b5fe72bac58385387be4fbf5d63273ca7a0605e7345a31d8f5b68c17
3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e
87340ff69f885cba81092ed2401a4f82e6a9ed37ed7fde4a8e4cbcad79887195
8a77610fd0190ea9ecb57063433a619486dec13a59b1c2ce3b502b5c7cad7454
8e973191f0db85e0427b674b7c187b1e0f2e3b6b2c4e2ca52bab4fd5a20d873e
a0bbefd626f1e76f9245ec6c6101b679ba27412b71b32fc43eccda9db40f394b
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
d5a5fea14a12ec9ee91f044a7ff810602662c97d3fad8728497ea4e8c5aef0eb

gemwin.doctor Open in urlscan Pro 172.67.160.179 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

8 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

52 kBTransfer

107 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

gemwin.doctor Open in urlscan Pro
172.67.160.179 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

52 kB
Transfer

107 kB
Size

1
Cookies

8 HTTP transactions
0 data transactions