urlscan.io logo urlscan.io
SecurityTrails logo

gui1hem.net Open in urlscan Pro
172.67.131.185  Public Scan

Go To Rescan Add Verdict Report
URL: https://gui1hem.net/
Submission: On December 17 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 8 HTTP transactions. The main IP is 172.67.131.185, located in United States and belongs to CLOUDFLARENET, US. The main domain is gui1hem.net.
TLS certificate: Issued by WE1 on December 16th 2024. Valid for: 3 months.
This is the only time gui1hem.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 172.67.131.185 13335 (CLOUDFLAR...)
1 2a05:d014:58f... 16509 (AMAZON-02)
1 2a01:4f9:3a:1... 24940 (HETZNER-A...)
8 3
Apex Domain
Subdomains		 Transfer
6 gui1hem.net
gui1hem.net
472 KB
1 goatcounter.com
gui1hem.goatcounter.com
828 B
1 zgo.at
gc.zgo.at — Cisco Umbrella Rank: 211045
3 KB
8 3
Domain Requested by
6 gui1hem.net gui1hem.net
1 gui1hem.goatcounter.com gc.zgo.at
1 gc.zgo.at gui1hem.net
8 3

This site contains links to these domains. Also see Links.

Domain
signal.me
Subject Issuer Validity Valid
gui1hem.net
WE1		 2024-12-16 -
2025-03-16		 3 months crt.sh
gc.zgo.at
E6		 2024-11-03 -
2025-02-01		 3 months crt.sh
*.goatcounter.com
ZeroSSL ECC Domain Secure Site CA		 2024-10-07 -
2025-01-05		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://gui1hem.net/
Frame ID: CF315CEC6C0E86CADAC4FDC39010B9C6
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

π”Ύπ•¦π•šπŸ™π•™π•–π•ž

Page Statistics

8
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

476 kB
Transfer

479 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
gui1hem.net/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gui1hem.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.131.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8eb4d23cd31632fbabcc91f6c909d85b5e53d9e9d74f4b5bedabcd774434934e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f3831db5b039b58-FRA
content-encoding
zstd
content-type
text/html
date
Tue, 17 Dec 2024 16:12:26 GMT
last-modified
Tue, 17 Dec 2024 05:26:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sXlBkr298ki0Uesv16eJ65Bwlq0vnIK2tKi3Mxdb5hsXonWdgchOAd0zPDuUO34NSuKRHbXMqrUFeMgiF5A06a9AAEYnIW3HMDdwdjewCYuuxp4AozF7LkrsI4tscA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=10047&min_rtt=8723&rtt_var=2404&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4148&recv_bytes=4480&delivery_rate=757&cwnd=12000&unsent_bytes=0&cid=3a4bcf734718d677&ts=108&x=1" cfExtPri cfHdrFlush;dur=0
count.js
gc.zgo.at/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gc.zgo.at/count.js
Requested by
Host: gui1hem.net
URL: https://gui1hem.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:58f:6201::65 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
890e434e6b824ca8dd9abc5f53fc81401a4a5cb315b215ea20da39eb52819028
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gui1hem.net/

Response headers

strict-transport-security
max-age=31536000
cache-control
public,max-age=604800
content-encoding
br
etag
"60a8bc5f5ce6b8127eab061b56e78359-ssl-df"
age
90782
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
3079
x-nf-request-id
01JFAP8SK4MKVWH09RMZZ5NP98
cache-status
"Netlify Edge"; hit
date
Tue, 17 Dec 2024 16:12:27 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Netlify
hal9000.png
gui1hem.net/images/ 		192 KB
192 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gui1hem.net/images/hal9000.png
Requested by
Host: gui1hem.net
URL: https://gui1hem.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.131.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56aa50066af4b6e86c80214010fac7f05867ad788bef67433898bafcafb031e3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gui1hem.net/

Response headers

cf-cache-status
REVALIDATED
etag
"665c2948-2fe07"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rkKQglPja%2FqBbUfnuoasyVKAF2MCC3mYyBVDi0nCFk4jj39zVy4ZJHQAQk%2Fm8thZF8gjvvLupNM7MGmXGBKS7e02Rg5zM9i94aSEYWgK95JJuVeXtRVb%2BHtHwAYreQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=11893&min_rtt=8723&rtt_var=4934&sent=18&recv=16&lost=0&retrans=1&sent_bytes=8499&recv_bytes=5924&delivery_rate=18102&cwnd=12000&unsent_bytes=0&cid=3a4bcf734718d677&ts=228&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 17 Dec 2024 16:12:26 GMT
content-type
image/png
last-modified
Sun, 02 Jun 2024 08:11:52 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f3831dc1bb19b58-FRA
accept-ranges
bytes
content-length
196103
server
cloudflare
ico.mail.red.png
gui1hem.net/images/ 		119 KB
119 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gui1hem.net/images/ico.mail.red.png
Requested by
Host: gui1hem.net
URL: https://gui1hem.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.131.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c91e3cb69a2d8bf804f049dcf604e1bddc77e7eb80bc596dcea9f815096aaf6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gui1hem.net/

Response headers

cf-cache-status
REVALIDATED
etag
"675776cf-1dab0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UQY5%2Brf%2Bg1z5%2BPbtJaG%2Bcw9R1CBKcB0GfAsO810yr74jKImyqK9Q%2FfIYsYqEdtzb8JF2qoJOfuU6cH1N6zc%2Bj0a8XcXkYCqRCtqrMsrCQVL07fFEeAZXmrLWwKMGrg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=11893&min_rtt=8723&rtt_var=4934&sent=28&recv=16&lost=0&retrans=1&sent_bytes=19360&recv_bytes=5924&delivery_rate=18102&cwnd=12000&unsent_bytes=0&cid=3a4bcf734718d677&ts=232&x=1", cfExtPri, cfHdrFlush;dur=14
date
Tue, 17 Dec 2024 16:12:26 GMT
content-type
image/png
last-modified
Mon, 09 Dec 2024 23:01:35 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f3831dc1bb49b58-FRA
accept-ranges
bytes
content-length
121520
server
cloudflare
ico.signal.red.png
gui1hem.net/images/ 		152 KB
153 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gui1hem.net/images/ico.signal.red.png
Requested by
Host: gui1hem.net
URL: https://gui1hem.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.131.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7a9562dd08a0555b233f4afca7c50cce1f264020a2c6fbcf0e4fcb787d21538

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gui1hem.net/

Response headers

cf-cache-status
REVALIDATED
etag
"675776e4-25f5c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fwIpvvIFojD5hAJWCbh6t1eMBnt%2FTSBZuMt%2BiMykt%2BsUB5HtMF5KNd5gQCfHFuqVnjfz8ZEEXj9qaaE4p27pjZPGfIkGxsJgfBPt0YGyXIWZ%2BRvsDvVUnNgDe2Wewg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=12684&min_rtt=8723&rtt_var=5282&sent=30&recv=17&lost=0&retrans=1&sent_bytes=20499&recv_bytes=5968&delivery_rate=36301&cwnd=12000&unsent_bytes=0&cid=3a4bcf734718d677&ts=250&x=1", cfExtPri, cfHdrFlush;dur=1
date
Tue, 17 Dec 2024 16:12:27 GMT
content-type
image/png
last-modified
Mon, 09 Dec 2024 23:01:56 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f3831dc2bc39b58-FRA
accept-ranges
bytes
content-length
155484
server
cloudflare
email-decode.min.js
gui1hem.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gui1hem.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: gui1hem.net
URL: https://gui1hem.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.131.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gui1hem.net/

Response headers

x-frame-options
DENY
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"675318bd-4d7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TLMXGVDsuHVM3tEgpKO9SMaWWazlWEkyl5DQcl6H%2FtO84CXf9m72t8RhhQFDRMBKEozDrWEn0d2LmHwX5Bp6%2BbB7MA2WTb9cxH%2F%2BVZ56Waphloa%2Fg%2F5ZT8zij14JaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8f3831dc2bc49b58-FRA
expires
Thu, 19 Dec 2024 16:12:26 GMT
date
Tue, 17 Dec 2024 16:12:26 GMT
content-type
application/javascript
last-modified
Fri, 06 Dec 2024 15:31:09 GMT
server
cloudflare
vary
Accept-Encoding
count
gui1hem.goatcounter.com/ 		43 B
828 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://gui1hem.goatcounter.com/count?p=%2F&t=%F0%9D%94%BE%F0%9D%95%A6%F0%9D%95%9A%F0%9D%9F%99%F0%9D%95%99%F0%9D%95%96%F0%9D%95%9E&s=1600%2C1200%2C1&b=0&rnd=chgk9
Requested by
Host: gc.zgo.at
URL: https://gc.zgo.at/count.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f9:3a:13e0::2 , Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
Software
/
Resource Hash
42cb846e07917f6731406e500f24aeb2e88c42cda124eaa59e08c5331cad8bcb
Security Headers
Name Value
Content-Security-Policy frame-src 'self'; default-src 'none'; script-src 'self' https://gc.zgo.at static.zgo.at; font-src 'self' https://gc.zgo.at static.zgo.at; connect-src 'self' wss:; frame-ancestors 'none'; img-src 'self' https://gc.zgo.at static.zgo.at data:; style-src 'self' https://gc.zgo.at static.zgo.at 'unsafe-inline'; form-action 'self'; manifest-src 'self' https://gc.zgo.at static.zgo.at
Strict-Transport-Security max-age=7776000
X-Content-Type-Options nosniff
X-Frame-Options deny

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gui1hem.net/

Response headers

content-encoding
gzip
x-rate-limit-limit
4
age
0
x-content-type-options
nosniff
x-varnish
26988285993
date
Tue, 17 Dec 2024 16:12:27 GMT
content-type
image/gif
x-rate-limit-remaining
3
vary
Accept-Encoding
x-frame-options
deny
strict-transport-security
max-age=7776000
content-security-policy
frame-src 'self'; default-src 'none'; script-src 'self' https://gc.zgo.at static.zgo.at; font-src 'self' https://gc.zgo.at static.zgo.at; connect-src 'self' wss:; frame-ancestors 'none'; img-src 'self' https://gc.zgo.at static.zgo.at data:; style-src 'self' https://gc.zgo.at static.zgo.at 'unsafe-inline'; form-action 'self'; manifest-src 'self' https://gc.zgo.at static.zgo.at
cache-control
no-store,no-cache
x-rate-limit-reset
1
cross-origin-resource-policy
cross-origin
via
1.1 www (Varnish/7.5)
access-control-allow-origin
*
favicon.png
gui1hem.net/images/ 		4 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://gui1hem.net/images/favicon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.131.185 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30f0d67708e741c370dd200fff43984bfc097ecea73222803be52aab9dfb4c74

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://gui1hem.net/

Response headers

cf-cache-status
REVALIDATED
etag
"6471c372-1004"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wmCD%2BwGwIlm4NbiIBQ2Q180of9ywRy0zwULbV1j0XalUBw7C3giU1m6ES8B55VxpKyM2a7P3hsKP%2FoIRc1c1XBLdgzyTNvJEwaoQknbD2b%2BtCHer%2FqM2FlYlFb7%2B8g%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=19380&min_rtt=8243&rtt_var=4799&sent=440&recv=98&lost=0&retrans=1&sent_bytes=494706&recv_bytes=9868&delivery_rate=8263190&cwnd=209400&unsent_bytes=0&cid=3a4bcf734718d677&ts=470&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 17 Dec 2024 16:12:27 GMT
content-type
image/png
last-modified
Sat, 27 May 2023 08:46:42 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f3831dd9d5e9b58-FRA
accept-ranges
bytes
content-length
4100
server
cloudflare

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| goatcounter

0 Cookies