vpn.itflex.cloud Open in urlscan Pro
143.0.120.226 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://vpn.itflex.cloud/
Submission: On November 15 via api (November 15th 2024, 9:01:47 pm UTC) from US — Scanned from DE

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 11 HTTP transactions. The main IP is 143.0.120.226, located in Sao Pedro da Aldeia, Brazil and belongs to Centro de Tecnologia Armazem Datacenter Ltda., BR. The main domain is vpn.itflex.cloud.
TLS certificate: Issued by E5 on November 14th 2024. Valid for: 3 months.

This is the only time vpn.itflex.cloud was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	143.0.120.226 143.0.120.226	262978 (Centro de...) (Centro de Tecnologia Armazem Datacenter Ltda.)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	142.250.185.227 142.250.185.227	15169 (GOOGLE) (GOOGLE)
11	3

8 143.0.120.226 (Sao Pedro da Aldeia, Brazil)

ASN262978 (Centro de Tecnologia Armazem Datacenter Ltda., BR)

vpn.itflex.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	itflex.cloud vpn.itflex.cloud	29 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
1	gstatic.com fonts.gstatic.com	18 KB
11	3

	Domain	Requested by
8	vpn.itflex.cloud	vpn.itflex.cloud
2	fonts.googleapis.com	vpn.itflex.cloud
1	fonts.gstatic.com	fonts.googleapis.com
11	3

This site contains no links.

Subject Issuer	Validity	Valid
vpn.itflex.cloud E5	`2024-11-14` - `2025-02-12`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://vpn.itflex.cloud/
Frame ID: 8BE6A8BFAA02B7A15B9E5DFCD9268614
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FWFLEX | OpenVPN MFA

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

11
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

49 kB
Transfer

74 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
vpn.itflex.cloud/ 10 KB
3 KB 845ms
244ms Document
text/html 143.0.120.226
Centro de Tecnolo...

General

Check archive.org

Show headers Download Go to

Full URL: https://vpn.itflex.cloud/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.0.120.226 Sao Pedro da Aldeia, Brazil, ASN262978 (Centro de Tecnologia Armazem Datacenter Ltda., BR),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 7f4f66bab1aaa4e3badfcaf3996a311cf410819cea3c10315f3bd8303bd3a627

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Fri, 15 Nov 2024 21:01:41 GMT
etag: W/"67169a53-2869"
last-modified: Mon, 21 Oct 2024 18:15:47 GMT
server: nginx/1.20.1

GET
H2 200 css2
fonts.googleapis.com/ 12 KB
926 B 217ms
52ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700;900&display=swap

Requested by

Host: vpn.itflex.cloud
URL: https://vpn.itflex.cloud/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

41b8e4e3780edc3faba1e862c17c1163e92787a7326a60984278c32be0670f9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://vpn.itflex.cloud/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 15 Nov 2024 21:01:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 15 Nov 2024 21:01:41 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 15 Nov 2024 20:33:02 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 icon
fonts.googleapis.com/ 569 B
811 B 211ms
51ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: vpn.itflex.cloud
URL: https://vpn.itflex.cloud/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://vpn.itflex.cloud/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 15 Nov 2024 21:01:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 15 Nov 2024 21:01:41 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 15 Nov 2024 21:01:41 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 404 logo.svg
vpn.itflex.cloud/whitelabel/ 555 B
555 B 255ms
254ms Image
text/html 143.0.120.226
Centro de Tecnolo...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vpn.itflex.cloud/whitelabel/logo.svg
Requested by: Host: vpn.itflex.cloud
URL: https://vpn.itflex.cloud/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.0.120.226 Sao Pedro da Aldeia, Brazil, ASN262978 (Centro de Tecnologia Armazem Datacenter Ltda., BR),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 922a7a005a299daab272ef3b0c7106716572ece666c54c187ce6836b32474973

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://vpn.itflex.cloud/

Response headers

content-encoding: gzip
date: Fri, 15 Nov 2024 21:01:41 GMT
content-type: text/html
server: nginx/1.20.1

GET
H2 404 warning.svg
vpn.itflex.cloud/ 555 B
555 B 255ms
254ms Image
text/html 143.0.120.226
Centro de Tecnolo...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vpn.itflex.cloud/warning.svg
Requested by: Host: vpn.itflex.cloud
URL: https://vpn.itflex.cloud/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.0.120.226 Sao Pedro da Aldeia, Brazil, ASN262978 (Centro de Tecnologia Armazem Datacenter Ltda., BR),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 922a7a005a299daab272ef3b0c7106716572ece666c54c187ce6836b32474973

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://vpn.itflex.cloud/

Response headers

content-encoding: gzip
date: Fri, 15 Nov 2024 21:01:41 GMT
content-type: text/html
server: nginx/1.20.1

GET
H2 404 eye.svg
vpn.itflex.cloud/ 555 B
555 B 255ms
255ms Image
text/html 143.0.120.226
Centro de Tecnolo...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vpn.itflex.cloud/eye.svg
Requested by: Host: vpn.itflex.cloud
URL: https://vpn.itflex.cloud/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.0.120.226 Sao Pedro da Aldeia, Brazil, ASN262978 (Centro de Tecnologia Armazem Datacenter Ltda., BR),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 922a7a005a299daab272ef3b0c7106716572ece666c54c187ce6836b32474973

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://vpn.itflex.cloud/

Response headers

content-encoding: gzip
date: Fri, 15 Nov 2024 21:01:41 GMT
content-type: text/html
server: nginx/1.20.1

GET
H2 200 main.js Show response
vpn.itflex.cloud/ 9 KB
2 KB 255ms
255ms Script
application/javascript 143.0.120.226
Centro de Tecnolo...

General

Check archive.org

Show headers Download Go to

Full URL: https://vpn.itflex.cloud/main.js
Requested by: Host: vpn.itflex.cloud
URL: https://vpn.itflex.cloud/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.0.120.226 Sao Pedro da Aldeia, Brazil, ASN262978 (Centro de Tecnologia Armazem Datacenter Ltda., BR),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 5fe14c42dc056fd39f187af1127bbc8e441ea7b0c3f1105c4c8c54f0e53d033e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://vpn.itflex.cloud/

Response headers

cache-control: max-age=31536000, public
content-encoding: gzip
etag: W/"67169a53-23fd"
expires: Sat, 15 Nov 2025 21:01:41 GMT
date: Fri, 15 Nov 2024 21:01:41 GMT
content-type: application/javascript
last-modified: Mon, 21 Oct 2024 18:15:47 GMT
server: nginx/1.20.1

GET
H2 404 undefined Show response
vpn.itflex.cloud/api/vpn-mfa/ 207 B
264 B 241ms
241ms Fetch
text/html 143.0.120.226
Centro de Tecnolo...

General

Check archive.org

Show headers Download Go to

Full URL: https://vpn.itflex.cloud/api/vpn-mfa/undefined
Requested by: Host: vpn.itflex.cloud
URL: https://vpn.itflex.cloud/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.0.120.226 Sao Pedro da Aldeia, Brazil, ASN262978 (Centro de Tecnologia Armazem Datacenter Ltda., BR),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e9639e3c4681ce85f852fbac48e2eeee5ba51296dbfec57c200d59b76237ab80

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://vpn.itflex.cloud/

Response headers

content-encoding: gzip
date: Fri, 15 Nov 2024 21:01:42 GMT
content-type: text/html; charset=utf-8
server: nginx/1.20.1

GET
H2 404 favicon.ico
vpn.itflex.cloud/ 555 B
257 B 233ms
232ms Other
text/html 143.0.120.226
Centro de Tecnolo...

General

Check archive.org

Show headers Download Go to

Full URL: https://vpn.itflex.cloud/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.0.120.226 Sao Pedro da Aldeia, Brazil, ASN262978 (Centro de Tecnologia Armazem Datacenter Ltda., BR),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 922a7a005a299daab272ef3b0c7106716572ece666c54c187ce6836b32474973

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://vpn.itflex.cloud/

Response headers

content-encoding: gzip
date: Fri, 15 Nov 2024 21:01:42 GMT
content-type: text/html
server: nginx/1.20.1

GET
H2 200 error.svg
vpn.itflex.cloud/vpn-mfa/ 22 KB
22 KB 312ms
309ms Image
image/svg+xml 143.0.120.226
Centro de Tecnolo...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vpn.itflex.cloud/vpn-mfa/error.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.0.120.226 Sao Pedro da Aldeia, Brazil, ASN262978 (Centro de Tecnologia Armazem Datacenter Ltda., BR),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 7080a803d5760bd135e5a8028f090f98bfa8ae0b13c0ede7850bec961d18355f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://vpn.itflex.cloud/

Response headers

cache-control: max-age=31536000, public
etag: "67169a53-56d3"
expires: Sat, 15 Nov 2025 21:01:42 GMT
accept-ranges: bytes
content-length: 22227
date: Fri, 15 Nov 2024 21:01:42 GMT
content-type: image/svg+xml
last-modified: Mon, 21 Oct 2024 18:15:47 GMT
server: nginx/1.20.1

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 361ms
51ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700;900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://vpn.itflex.cloud
Referer: https://fonts.googleapis.com/

Response headers

age: 328737
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 12 Nov 2025 01:42:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 12 Nov 2024 01:42:45 GMT
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18596
x-xss-protection: 0
server: sffe

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| validatePasswordRequirements function| get_client

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://vpn.itflex.cloud/whitelabel/logo.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://vpn.itflex.cloud/warning.svg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://vpn.itflex.cloud/eye.svg Message: Failed to load resource: the server responded with a status of 404 ()
recommendation	verbose	URL: https://vpn.itflex.cloud/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation	verbose	URL: https://vpn.itflex.cloud/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://vpn.itflex.cloud/api/vpn-mfa/undefined Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://vpn.itflex.cloud/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
vpn.itflex.cloud
142.250.185.227
143.0.120.226
2a00:1450:4001:828::200a
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
41b8e4e3780edc3faba1e862c17c1163e92787a7326a60984278c32be0670f9b
5fe14c42dc056fd39f187af1127bbc8e441ea7b0c3f1105c4c8c54f0e53d033e
7080a803d5760bd135e5a8028f090f98bfa8ae0b13c0ede7850bec961d18355f
7f4f66bab1aaa4e3badfcaf3996a311cf410819cea3c10315f3bd8303bd3a627
922a7a005a299daab272ef3b0c7106716572ece666c54c187ce6836b32474973
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
e9639e3c4681ce85f852fbac48e2eeee5ba51296dbfec57c200d59b76237ab80

vpn.itflex.cloud Open in urlscan Pro 143.0.120.226 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

49 kBTransfer

74 kBSize

0 Cookies

0 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

7 Console Messages

Indicators

vpn.itflex.cloud Open in urlscan Pro
143.0.120.226 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

49 kB
Transfer

74 kB
Size

0
Cookies

11 HTTP transactions
0 data transactions