auth-api.watershed.com Open in urlscan Pro
2606:4700:4400::ac40:9817  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	403	Primary Request confirm Show response auth-api.watershed.com/passwordless/klqATNH11KeDkvHmlrdczzRVb/	809 KB 604 KB	370ms 280ms	Document text/html	2606:4700:4400::ac40:9817 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://auth-api.watershed.com/passwordless/klqATNH11KeDkvHmlrdczzRVb/confirm?c=78128941a465a27c7e6e01852c9dedd8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9817 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c415ea8e1d53af20a74b4ee07b5d6a15cd1719e5712ddad54be0db5741040020 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-chl-out H1UixIXfyv0dqfwftW8tMbWUpW7zAS2Ae5V1l18JXurA7/yz7ySmH6AZRA8nI5MHPpUttx+oVbFUmx7l+7lwzQpKW6bUHqR8NX42NgGe6iyQDzySApA5BvmM4U1WL65QLH0MdTIklpimUY4XkRRCaw==$n9y42Y1rcz2/BtC89K81/w== cf-mitigated challenge cf-ray 8e8c57085cb1dcbe-FRA content-encoding gzip content-type text/html; charset=UTF-8 critical-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy same-origin date Tue, 26 Nov 2024 19:38:39 GMT expires Thu, 01 Jan 1970 00:00:01 GMT origin-agent-cluster ?1 permissions-policy accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy same-origin server cloudflare vary Accept-Encoding x-content-options nosniff x-frame-options SAMEORIGIN
GET H2	200	v1 Show response auth-api.watershed.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/	96 KB 36 KB	26ms 26ms	Script application/javascript	2606:4700:4400::ac40:9817 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://auth-api.watershed.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8e8c57085cb1dcbe Requested by Host: auth-api.watershed.com URL: https://auth-api.watershed.com/passwordless/klqATNH11KeDkvHmlrdczzRVb/confirm?c=78128941a465a27c7e6e01852c9dedd8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9817 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3012cc5243ff33bfa85d233f00e6303e44e04b1bcdb213d12eaf1bdb9318c7be Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://auth-api.watershed.com/passwordless/klqATNH11KeDkvHmlrdczzRVb/confirm?c=78128941a465a27c7e6e01852c9dedd8&__cf_chl_rt_tk=mFkiHrW7mE0NvZUgGePeIkERUBdI0LPW.YzxYwKPHDk-1732649918-1.0.1.1-rI.nFG5T4A0cV4_GjXor7.bpJhzSDvy.L5Tw2mFZEFw Response headers cf-ray 8e8c570a9b7edcbe-FRA cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-encoding gzip date Tue, 26 Nov 2024 19:38:39 GMT content-type application/javascript; charset=UTF-8 server cloudflare
GET		92a079bd-c7f2-4b8e-8761-fbb1bb6e8a17 https://auth-api.watershed.com/ Frame	0 0
GET H3	200	api.js Show response challenges.cloudflare.com/turnstile/v0/b/a6e12e96a2d5/	47 KB 16 KB	26ms 15ms	Script application/javascript	104.18.94.41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/turnstile/v0/b/a6e12e96a2d5/api.js?onload=sLNwD4&render=explicit Requested by Host: auth-api.watershed.com URL: https://auth-api.watershed.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8e8c57085cb1dcbe Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c61e2e1347b9aca3d8f0c9725490470651a1f6c02841ff71f90305ea391ca6d2 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://auth-api.watershed.com Referer Response headers cache-control max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public content-encoding br cross-origin-resource-policy cross-origin cf-ray 8e8c570aeb3c3635-FRA access-control-allow-origin * alt-svc h3=":443"; ma=86400 date Tue, 26 Nov 2024 19:38:39 GMT content-type application/javascript; charset=UTF-8 last-modified Thu, 21 Nov 2024 17:58:42 GMT server cloudflare vary Accept-Encoding
GET H2	404	favicon.ico auth-api.watershed.com/	57 B 1 KB	399ms 399ms	Other application/json	2606:4700:4400::ac40:9817 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://auth-api.watershed.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9817 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2880cc1388b021be511f61596e31d2bf0b8f981f59f107e55c7a9f4381d4d105 Security Headers Name Value Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://auth-api.watershed.com/passwordless/klqATNH11KeDkvHmlrdczzRVb/confirm?c=78128941a465a27c7e6e01852c9dedd8 Response headers x-request-id 68e430a2-a58f-4429-8837-c3cec5f001d2 content-encoding gzip cf-cache-status EXPIRED etag W/"39-dnD7AHS8KGzdoYgvQ/HlHFBPtp8" expect-ct max-age=0 x-permitted-cross-domain-policies none x-content-type-options nosniff expires Tue, 26 Nov 2024 23:38:39 GMT date Tue, 26 Nov 2024 19:38:39 GMT content-type application/json; charset=utf-8 vary Origin, Accept-Encoding x-frame-options SAMEORIGIN strict-transport-security max-age=15552000; includeSubDomains content-security-policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests cache-control public, max-age=14400 x-dns-prefetch-control off access-control-allow-credentials true referrer-policy no-referrer x-download-options noopen cf-ray 8e8c570b1cd2dcbe-FRA x-xss-protection 0 server cloudflare
POST H2	200	U4oQ26eEDZprL5HAUm1aKOXHqIWUOfmEiiVpMMPQ8mo-1732649918-1.2.1.1-7yapnEh5CH6qbKmF6UlEjLVluvPqt4HmzCPH46XYWPvj7JdOgalSqilNB35k8L_v Show response auth-api.watershed.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1289086309:1732648404:coQR2ypoCydvTroHvM2MvEFNTiFHC4T4JoXtMoxnulU/8e8c57085cb1dcbe/	13 KB 9 KB	36ms 35ms	XHR text/plain	2606:4700:4400::ac40:9817 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://auth-api.watershed.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1289086309:1732648404:coQR2ypoCydvTroHvM2MvEFNTiFHC4T4JoXtMoxnulU/8e8c57085cb1dcbe/U4oQ26eEDZprL5HAUm1aKOXHqIWUOfmEiiVpMMPQ8mo-1732649918-1.2.1.1-7yapnEh5CH6qbKmF6UlEjLVluvPqt4HmzCPH46XYWPvj7JdOgalSqilNB35k8L_v Requested by Host: auth-api.watershed.com URL: https://auth-api.watershed.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8e8c57085cb1dcbe Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:9817 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 11fda8505cd80d1024349f840f6e5a7ede9256f6e8769b77be94ea7b720f6538 Request headers Referer https://auth-api.watershed.com/passwordless/klqATNH11KeDkvHmlrdczzRVb/confirm?c=78128941a465a27c7e6e01852c9dedd8 CF-Chl-RetryAttempt 0 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded CF-Challenge U4oQ26eEDZprL5HAUm1aKOXHqIWUOfmEiiVpMMPQ8mo-1732649918-1.2.1.1-7yapnEh5CH6qbKmF6UlEjLVluvPqt4HmzCPH46XYWPvj7JdOgalSqilNB35k8L_v Response headers cf-ray 8e8c570b8e4ddcbe-FRA content-encoding gzip date Tue, 26 Nov 2024 19:38:39 GMT content-type text/plain; charset=UTF-8 cf-chl-gen pcJ5CCQyauTsr518JjHkkEsZfi39MsBh3X5VvIFcogvYO8nZ5yS/d8VrMG4YcfGXhEpF0Avy4Ms=$4fsk109ZqMR8qUc1 server cloudflare
GET		5e830dd3-c114-4c34-b088-d8272e5ab350 https://auth-api.watershed.com/ Frame	0 0
GET H3	200	/ challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/6r3ci/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/ Frame 590C	0 0	24ms 17ms	Document text/html	104.18.95.41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/6r3ci/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/ Requested by Host: challenges.cloudflare.com URL: https://challenges.cloudflare.com/turnstile/v0/b/a6e12e96a2d5/api.js?onload=sLNwD4&render=explicit Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.95.41 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self' Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA alt-svc h3=":443"; ma=86400 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 8e8c570befd8d2db-FRA content-encoding br content-security-policy frame-src https://challenges.cloudflare.com/; base-uri 'self' content-type text/html; charset=UTF-8 critical-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy cross-origin date Tue, 26 Nov 2024 19:38:39 GMT document-policy js-profiling origin-agent-cluster ?1 permissions-policy accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy same-origin server cloudflare
GET DATA	200 OK	truncated /	37 KB 37 KB		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 799c2b76f617ebe6cf5c90e376212faa5fd523abb39325cf4fbd848c3c9c930b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://auth-api.watershed.com Referer Response headers Content-Type font/woff2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

auth-api.watershed.com

URL

blob:https://auth-api.watershed.com/92a079bd-c7f2-4b8e-8761-fbb1bb6e8a17

Domain

auth-api.watershed.com

URL

blob:https://auth-api.watershed.com/5e830dd3-c114-4c34-b088-d8272e5ab350

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _cf_chl_opt function| sLNwD4 boolean| YlpT0 function| tfuh3 function| UguGN4 function| LnvX8 function| dYcI7 function| Hccvv8 function| LCNDU2 object| TpWxk7 object| unnYa3 function| NxVm3 object| EwpyK3 number| iDah3 object| angular object| uQyOK5 object| turnstile boolean| fTUn6 function| _ string| IXFVy3 boolean| QkNZe0

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.auth-api.watershed.com/	1970-01-21 01:17:31	Name: __cf_bm Value: lgY73lKLjJb7voyM3APScK.x.6.xKLTffihpSjD6zVQ-1732649918-1.0.1.1-tuL7pldN42ndeswL9WSaybdWZBpwv2SpyMnYMwQ0MF2uOhLuPoabGazr4wAwbz3qnKH8rvBOoLoT._DP54zFDA
			.auth-api.watershed.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 2ngpwhhMoL0Le9SgBFcGn1i4LFci5xUwwQVfS6aGqK8-1732649919602-0.0.1.1-604800000

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://auth-api.watershed.com/passwordless/klqATNH11KeDkvHmlrdczzRVb/confirm?c=78128941a465a27c7e6e01852c9dedd8 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://auth-api.watershed.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth-api.watershed.com
challenges.cloudflare.com
auth-api.watershed.com
104.18.94.41
104.18.95.41
2606:4700:4400::ac40:9817
11fda8505cd80d1024349f840f6e5a7ede9256f6e8769b77be94ea7b720f6538
2880cc1388b021be511f61596e31d2bf0b8f981f59f107e55c7a9f4381d4d105
3012cc5243ff33bfa85d233f00e6303e44e04b1bcdb213d12eaf1bdb9318c7be
799c2b76f617ebe6cf5c90e376212faa5fd523abb39325cf4fbd848c3c9c930b
c415ea8e1d53af20a74b4ee07b5d6a15cd1719e5712ddad54be0db5741040020
c61e2e1347b9aca3d8f0c9725490470651a1f6c02841ff71f90305ea391ca6d2