support.thehatvpn.com Open in urlscan Pro
54.205.28.23  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response support.thehatvpn.com/	11 KB 4 KB	400ms 114ms	Document text/html	54.205.28.23 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://support.thehatvpn.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 54.205.28.23 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-205-28-23.compute-1.amazonaws.com Software openresty / Resource Hash 86d7b0f2af10d45e58daf4b16c3f160496c0130f26f3306024b128345d346d94 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=utf-8 Date Sun, 07 Jul 2024 04:57:12 GMT Server openresty Transfer-Encoding chunked
GET H2	200	launch-1716918054576.css d3eto7onm69fcz.cloudfront.net/assets/stylesheets/	114 KB 115 KB	334ms 7ms	Stylesheet text/css	18.245.62.162 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3eto7onm69fcz.cloudfront.net/assets/stylesheets/launch-1716918054576.css Requested by Host: support.thehatvpn.com URL: https://support.thehatvpn.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.62.162 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-62-162.fra60.r.cloudfront.net Software openresty / Resource Hash 709bef162108b3775c5fb6bf942cbf2aab6df147caf202ce43278f6b05492025 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://support.thehatvpn.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Sun, 07 Jul 2024 04:20:32 GMT via 1.1 ce0a6880f9416cb3a7b5da0d937e47be.cloudfront.net (CloudFront) last-modified Mon, 22 Jan 2024 07:46:42 GMT server openresty x-amz-cf-pop FRA60-P5 age 2237 etag "9b8e550ffc393114031d3f1baadf1907ae21ee1e" x-cache Hit from cloudfront content-type text/css; charset=utf-8 cache-control public, max-age=3600 content-length 117042 x-amz-cf-id IQBKGuP2iOpKP0d2GpyCF9h3USoulWC4fAGvMw6h3P0iKD4iP40F1w==
GET H/1.1	200 OK	docs-css.css s3.amazonaws.com/helpscout.net/docs/assets/6549fa18e4a15f3729e45b51/attachments/6554e5755e0acc59a6407145/	214 B 607 B	371ms 150ms	Stylesheet text/css	52.217.117.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s3.amazonaws.com/helpscout.net/docs/assets/6549fa18e4a15f3729e45b51/attachments/6554e5755e0acc59a6407145/docs-css.css Requested by Host: support.thehatvpn.com URL: https://support.thehatvpn.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 52.217.117.32 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-1.amazonaws.com Software AmazonS3 / Resource Hash ac1c94f6dcb620bb724ac3760397f70a9243fc6eed1ed006eb43405ac00d0c87 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://support.thehatvpn.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 07 Jul 2024 04:57:13 GMT Last-Modified Wed, 15 Nov 2023 15:36:22 GMT Server AmazonS3 x-amz-request-id 52X9BCW7SGW0NVY5 ETag "91f4f8fe5dbfb870d2d50d005ef5af40" x-amz-server-side-encryption AES256 Content-Type text/css Accept-Ranges bytes Content-Length 214 x-amz-id-2 S0rKn+6XQIbrnkSV4pRADpVRLU9uJR38zmkZy0rI5QwH6BNu353iLHew9cXdfkLWPX35PCXwwAM=
GET H2	200	Logo.png d33v4339jhl8k0.cloudfront.net/docs/assets/6549fa18e4a15f3729e45b51/images/662396e2d21f4911eeb0eae2/	4 KB 4 KB	1494ms 425ms	Image image/png	18.244.20.117 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d33v4339jhl8k0.cloudfront.net/docs/assets/6549fa18e4a15f3729e45b51/images/662396e2d21f4911eeb0eae2/Logo.png Requested by Host: support.thehatvpn.com URL: https://support.thehatvpn.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.244.20.117 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-244-20-117.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 72fe2bcedb98518236bcfa6ffe4b338f7818f548ce04e4bad89f7b5340802adb Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://support.thehatvpn.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 07 Jul 2024 04:57:14 GMT via 1.1 9a614f9e49eb2bcefba1d54afaaf7f80.cloudfront.net (CloudFront) last-modified Sat, 20 Apr 2024 10:20:19 GMT server AmazonS3 x-amz-cf-pop FRA56-P11 etag "225bf5ef3d9adfc1a676f8725a7ff30d" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type image/png accept-ranges bytes content-length 3933 x-amz-cf-id dcCEKoDoCu5Oj81Ajq-i4MbLkEzyyt3X239u-UDE8FohVTTj4GcM1g==
GET H2	200	app3.min.js Show response d3eto7onm69fcz.cloudfront.net/assets/javascripts/	116 KB 116 KB	346ms 20ms	Script application/javascript	18.245.62.162 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3eto7onm69fcz.cloudfront.net/assets/javascripts/app3.min.js Requested by Host: support.thehatvpn.com URL: https://support.thehatvpn.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.62.162 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-62-162.fra60.r.cloudfront.net Software openresty / Resource Hash baab907b6e1b57e04d7ec8eaf32de7909abe390f7ff1ed5017cbaaf09dc8bd52 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://support.thehatvpn.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Sun, 07 Jul 2024 04:51:43 GMT via 1.1 ce0a6880f9416cb3a7b5da0d937e47be.cloudfront.net (CloudFront) last-modified Mon, 22 Jan 2024 07:46:42 GMT server openresty x-amz-cf-pop FRA60-P5 age 329 etag "75eb0f806598ee5b3d36d04be8d34524607dd3b6" x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 cache-control public, max-age=3600 content-length 118353 x-amz-cf-id EFTSw6akzlpgnbFzc_a4kQuw9VnHuR609WYXE3AE8JKXU0TnmHh4zQ==
GET DATA	200 OK	truncated /	2 KB 2 KB		Font application/x-font-ttf
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6c5f871741c69e29a0bb4f5273cdd8ccf8a9a03ad9e4043f2505aa188ecf611e Request headers Referer Origin https://support.thehatvpn.com Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type application/x-font-ttf;charset=utf-8
GET H2	200	1111111siteicon2.png d33v4339jhl8k0.cloudfront.net/docs/assets/6549fa18e4a15f3729e45b51/images/654b5d6738fda741c74d58fd/	2 KB 2 KB	389ms 385ms	Other image/png	18.244.20.117 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d33v4339jhl8k0.cloudfront.net/docs/assets/6549fa18e4a15f3729e45b51/images/654b5d6738fda741c74d58fd/1111111siteicon2.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.244.20.117 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-244-20-117.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash ae6ad886ee89a7a9efde6923516d5a50f260babacb54b85e8d9b0a0cad435b27 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://support.thehatvpn.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 07 Jul 2024 04:57:15 GMT via 1.1 9a614f9e49eb2bcefba1d54afaaf7f80.cloudfront.net (CloudFront) last-modified Wed, 08 Nov 2023 10:05:28 GMT server AmazonS3 x-amz-cf-pop FRA56-P11 x-amz-server-side-encryption AES256 etag "fbe84c1f75c65cee657dd8badc00d5bd" x-cache RefreshHit from cloudfront content-type image/png accept-ranges bytes content-length 2021 x-amz-cf-id Ot8vctIQ628579vrlkyxYP-4IwpRxwuNL2_zRHA19BZ5sGEC_fvaAA==

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| css_browser_selector string| url undefined| rewrittenUrl function| containsAuthQueryParam function| rewriteUrl function| $ function| jQuery string| c function| initArticleRatings function| initDocsWebSearch undefined| noddy undefined| remotes

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			support.thehatvpn.com/	1970-01-21 06:37:44	Name: PLAY_SESSION Value: "386a1bfcd6ab2147e9b3d1fd47db3386f177d3cd-siteId=6549fa18e4a15f3729e45b52&hs.session.id=VK5RrMdHnXq6f539klLJSHqAYTwzrs4EvUtcoqR8gcrso7tOszVyRXVOCv7FZ917&hs.session.exp=1720414632248"

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d33v4339jhl8k0.cloudfront.net
d3eto7onm69fcz.cloudfront.net
s3.amazonaws.com
support.thehatvpn.com
18.244.20.117
18.245.62.162
52.217.117.32
54.205.28.23
6c5f871741c69e29a0bb4f5273cdd8ccf8a9a03ad9e4043f2505aa188ecf611e
709bef162108b3775c5fb6bf942cbf2aab6df147caf202ce43278f6b05492025
72fe2bcedb98518236bcfa6ffe4b338f7818f548ce04e4bad89f7b5340802adb
86d7b0f2af10d45e58daf4b16c3f160496c0130f26f3306024b128345d346d94
ac1c94f6dcb620bb724ac3760397f70a9243fc6eed1ed006eb43405ac00d0c87
ae6ad886ee89a7a9efde6923516d5a50f260babacb54b85e8d9b0a0cad435b27
baab907b6e1b57e04d7ec8eaf32de7909abe390f7ff1ed5017cbaaf09dc8bd52