authentication.thehatvpn.com Open in urlscan Pro
2606:4700:20::ac43:4a7e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://authentication.thehatvpn.com/
Effective URL:
https://authentication.thehatvpn.com/login
Submission: On February 12 via automatic, source certstream-suspicious (February 12th 2024, 8:54:07 am UTC) — Scanned from DE

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 14 HTTP transactions. The main IP is 2606:4700:20::ac43:4a7e, located in United States and belongs to CLOUDFLARENET, US. The main domain is authentication.thehatvpn.com.
TLS certificate: Issued by E1 on February 12th 2024. Valid for: 3 months.

This is the only time authentication.thehatvpn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 9	2606:4700:20:... 2606:4700:20::ac43:4a7e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3033::6815:487c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42::649 2a04:4e42::649	54113 (FASTLY) (FASTLY)
14	4

9 2606:4700:20::ac43:4a7e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

authentication.thehatvpn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:487c (United States)

ASN13335 (CLOUDFLARENET, US)

fonts.cdnfonts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	thehatvpn.com 1 redirects authentication.thehatvpn.com	140 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	216 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 761	30 KB
1	cdnfonts.com fonts.cdnfonts.com — Cisco Umbrella Rank: 7580	805 B
14	4

	Domain	Requested by
9	authentication.thehatvpn.com	1 redirects authentication.thehatvpn.com cdnjs.cloudflare.com
4	cdnjs.cloudflare.com	authentication.thehatvpn.com cdnjs.cloudflare.com
1	code.jquery.com	authentication.thehatvpn.com
1	fonts.cdnfonts.com	authentication.thehatvpn.com
14	4

This site contains no links.

Subject Issuer	Validity	Valid
authentication.thehatvpn.com E1	`2024-02-12` - `2024-05-12`	3 months	crt.sh
cdnfonts.com GTS CA 1P5	`2024-01-28` - `2024-04-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://authentication.thehatvpn.com/login
Frame ID: A4A7FDC9304BE692A562C2C54BFD87D1
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TheHatVPNAuthentication

Page URL History Show full URLs

https://authentication.thehatvpn.com/ HTTP 302
https://authentication.thehatvpn.com/login Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

100 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

385 kB
Transfer

1144 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://authentication.thehatvpn.com/ HTTP 302
https://authentication.thehatvpn.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
authentication.thehatvpn.com/
Redirect Chain

https://authentication.thehatvpn.com/
https://authentication.thehatvpn.com/login

6 KB
4 KB

501ms
500ms

Document
text/html

2606:4700:20::ac43:4a7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://authentication.thehatvpn.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a7e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.33

Resource Hash

e351f27fdb86f469b54b4ac61b5c883eb5a85b7b1e6fb20900fc89b8cb93b138

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-apo-via: origin,host
cf-cache-status: DYNAMIC
cf-ray: 85439ac27ef31e60-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 12 Feb 2024 08:54:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cAOu5rPf19iVaPYG2wYKW7Cn%2FHsYcZxpwYZRHoFEoJ3%2Fyw%2B7%2BfCbDmx3CRPyD9HfUUhj6bbX02N8g%2F4H1hQ%2BjW4UZvaNLrlLk7PJ952p8VMFCuxAUrHq8%2FKUm84qAvmeSV2TSMv%2FvnU4Bf0zI8bSGCrNYojJEYk4008%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-apo-via: origin,host
cf-cache-status: DYNAMIC
cf-ray: 85439abf7b4c1e60-FRA
content-type: text/html; charset=UTF-8
date: Mon, 12 Feb 2024 08:54:01 GMT
location: https://authentication.thehatvpn.com/login
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X6Q7%2BbGyGQ6fWWAX9sMCz4oZ%2BF2%2BPl%2Bfc%2BQAO06M5xIgPoVf5xCeQuSMwBaWM%2Bjz%2B3ZQLsS4WclKNz%2FIAuW6YWfxynl4xSDMdyW04gi9wquGUXsMNMP7ThnILCh7AcE2wD21VFBC3SkIPJXLKgrUcA%2Bi1UBcyJFJTHU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 roboto
fonts.cdnfonts.com/css/ 2 KB
805 B 66ms
41ms Stylesheet
text/css 2606:4700:3033::6815:487c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.cdnfonts.com/css/roboto
Requested by: Host: authentication.thehatvpn.com
URL: https://authentication.thehatvpn.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:487c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c88270fded5c2d3184e3d65eb91d2d45b43a2a5e378b0fb31e4738aac9232b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://authentication.thehatvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 08:54:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7885439
cf-polished: origSize=2409
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 13 Nov 2023 02:30:02 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oJ8XsmNRRJbo8oVZCGz7ojLO0G0mjpJmsOt%2BwgaabqSEbJMKAegcX%2F4y%2F24lZRieIpWIBJiH3G4QDU4k%2BJFAUp5JVXZlQTWtgJxST7m7TCTuziBrIQ9DK%2FtDtvoBaR4Ry1OJEt8mUIq%2Fjpm2KJTlKhg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 85439ac5c9823a70-FRA

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/css/ 98 KB
17 KB 30ms
14ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/css/all.min.css

Requested by

Host: authentication.thehatvpn.com
URL: https://authentication.thehatvpn.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0df5a33710e433de1f5415b1d47e4130ca7466aee5b81955f1045c4844bbb3ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://authentication.thehatvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 08:54:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 8131794
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 17041
last-modified: Tue, 22 Mar 2022 17:32:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "623a082a-4291"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y5RRoKg20TdCeXq0TRxg66HZahO5dJllKJaUHmBx2EXbE16wiA11Y4o%2BabeCl2WtjAdjLup1XWcbByTJ8vfLBheYYjOsltep%2B%2BWIhsnFzj%2F%2F5yjztOjFtubwsn%2F03JNykP4Qb7iHd83GDlbp80X5d1Uu"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85439ac5b91e5be5-FRA
expires: Sat, 01 Feb 2025 08:54:01 GMT

GET
H3 200 main.css
authentication.thehatvpn.com/build/css/ 152 KB
24 KB 779ms
778ms Stylesheet
text/css 2606:4700:20::ac43:4a7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://authentication.thehatvpn.com/build/css/main.css?v=7

Requested by

Host: authentication.thehatvpn.com
URL: https://authentication.thehatvpn.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a7e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29acec37ba9b79293c5d83dc134524b8d11227eea3363a214c5c8d497e2fd7a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://authentication.thehatvpn.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 08:54:02 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 23 Jan 2024 17:07:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"26098-60f9ffcfb8c6e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y7yXErcbJGqhkTT%2Fwn7wcNvAqBqIgwM2D84%2FUNJtFFprTcan8KQb23gsLJL7dI8%2B%2BipPkD0dSYgdWekZoHAHIsMrR5vhQXlS%2B%2FuQpinzdmOVkaDG4dkxHmKjKYrHF1mJaEz2mn9cFDIa7JDZKkWr8LqaT4q%2FomA45MU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 85439ac5ac4bbbfd-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 style.less
authentication.thehatvpn.com/build/css/ 9 KB
3 KB 139ms
139ms Stylesheet
text/plain 2606:4700:20::ac43:4a7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://authentication.thehatvpn.com/build/css/style.less

Requested by

Host: authentication.thehatvpn.com
URL: https://authentication.thehatvpn.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a7e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75d571eaa964d87ada317c0265bc8c80510eaf502ec820df47f2d62d3b6d241f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://authentication.thehatvpn.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 08:54:01 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 23 Jan 2024 17:04:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"25f0-60f9ff0b18701"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZG3Ihq2UlUCsDMlS0%2B63W%2Fmd5YD66J3us9qaJmjlJNVPby5dv8ZDOdvzuBdoxLfHvenq6tTXlZy8tenJPFMNn8XU7wIjzvJt%2BEzQi0%2BxDkvXD0VKBn2eBvkIB9dAaPVqdLJmByS0Mo3NKhfQMMzJqUlH3PvUrNe2ryY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-apo-via: origin,host
cf-ray: 85439ac5ac4dbbfd-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 rocket-loader.min.js Show response
authentication.thehatvpn.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 12ms
11ms Script
application/javascript 2606:4700:20::ac43:4a7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://authentication.thehatvpn.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: authentication.thehatvpn.com
URL: https://authentication.thehatvpn.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a7e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://authentication.thehatvpn.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 08:54:01 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
last-modified: Fri, 02 Feb 2024 15:36:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: gzip
etag: W/"65bd0be2-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OehLOvGHek0ZLizM9MK8zfW84HN%2FB5meC8xcXlnE8Jfy7AroPCGuJ8bdxYAIyErg%2Br3RsOFHaXV6Dx77%2BDr0iddnYz2m%2FzM8vC%2FzdWBaORFedfmXHw%2B6LVzxrScmHywVAh8W0HhkR6wzGp14gQ%2BDS%2FTBtq6oQjN45w8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 85439ac5ac4fbbfd-FRA
expires: Wed, 14 Feb 2024 08:54:01 GMT

GET
H3 200 app.js Show response
authentication.thehatvpn.com/js/ 120 KB
44 KB 771ms
770ms Script
application/javascript 2606:4700:20::ac43:4a7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://authentication.thehatvpn.com/js/app.js

Requested by

Host: authentication.thehatvpn.com
URL: https://authentication.thehatvpn.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a7e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7354c47f841b0fcd0ea1ef2d88ac4d6c6e1d4c948ece7c05fd68f655bef9e9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://authentication.thehatvpn.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 08:54:03 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 23 Jan 2024 17:07:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1e0b9-60f9ffcf2aedf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DwTZBoDNY4vWioWkAkkiQL0Aitn98tvi9MioMLnkE1oRfwNkNL1CB6SUrzeVvfwoALeGOcTUvQFbfYX48We0wy4K3PdV7VNnsteUvdZJldcM6nlfw1UtRbzyi5xVUxlcftCtDNrfvyD2hp5iR0LaaCVaDPpUBEORO78%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 85439aca9a36bbfd-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 less.min.js Show response
cdnjs.cloudflare.com/ajax/libs/less.js/4.2.0/ 146 KB
40 KB 99ms
98ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/less.js/4.2.0/less.min.js

Requested by

Host: authentication.thehatvpn.com
URL: https://authentication.thehatvpn.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

951249e49e58872df12c7201ccd1b85111c6e5bdc96b7bd68cd7982654d6d028

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://authentication.thehatvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 08:54:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 40322
last-modified: Sun, 06 Aug 2023 07:03:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64cf45b8-9d82"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E0xGe5T0g8BHWzbx0YRvreSPYXNxcVyTPI0a2IfetxjDbW1oCgf9Gg7eTHHdJC1D7O1VUNo4z75pcXqwpAq0Q4CElRQEAG1bP%2FUkqu5ko0nUIWgYXuojR5fwFA4n1bHh9G9bj234I7PTNJg2%2FzGD02TQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85439aca9acd5be5-FRA
expires: Sat, 01 Feb 2025 08:54:02 GMT

GET
H2 200 jquery.validate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.0/ 24 KB
7 KB 14ms
13ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.0/jquery.validate.min.js

Requested by

Host: authentication.thehatvpn.com
URL: https://authentication.thehatvpn.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6eefc13f4d9832e74173dea423bca495ceb7f4cbb888a19434d71a9bc0f69cb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://authentication.thehatvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 08:54:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5143505
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6955
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-5f30"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g7jSTCzRMH%2F7mOaAFY38ZFL68%2FaWH%2FbSU5I%2BURI64o3qKXjo37xW0oKREkkUb%2BHWFHMtpRo7ZXvozShTKU7YBc0TYlrn%2Bmk2kAidPD2kmVApYOGXGw1AmmvC98OdFD9AEGr2VVTw5lMzd5odiGQA1nO1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85439aca9acf5be5-FRA
expires: Sat, 01 Feb 2025 08:54:02 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 31ms
6ms Script
application/javascript 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: authentication.thehatvpn.com
URL: https://authentication.thehatvpn.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://authentication.thehatvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 08:54:02 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 9273355
x-cache: HIT, HIT
content-length: 30879
x-served-by: cache-lga13628-LGA, cache-fra-eddf8230066-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1707728043.678800,VS0,VE0
etag: W/"28feccc0-15d84"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 31, 1185425

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/webfonts/ 151 KB
151 KB 22ms
14ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d76fb4e841748a3f6bc63efa23156e02631c283bf41f84efcbdaf339ea3e1b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/css/all.min.css
Origin: https://authentication.thehatvpn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 08:54:02 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1603681
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 154228
last-modified: Tue, 22 Mar 2022 17:32:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "623a082a-25a74"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ajswayKCosnx4lgMKLtEZIvHvz2f8%2BAnJHru9EOsehmNCdXALEdaGEr2s1yL7ub1fl3dFklK4wk6S68XVXsEslm8LKgb96JR7bj%2FvW6P8Hack%2F2CmygdIj7XiCXwV98yFcGB4P08nGPmUtUQGjBzy5g8"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85439acaa917373e-FRA
expires: Sat, 01 Feb 2025 08:54:02 GMT

GET
H3 200 style.less Show response
authentication.thehatvpn.com/build/css/ 9 KB
3 KB 132ms
131ms XHR
text/plain 2606:4700:20::ac43:4a7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://authentication.thehatvpn.com/build/css/style.less

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/less.js/4.2.0/less.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a7e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75d571eaa964d87ada317c0265bc8c80510eaf502ec820df47f2d62d3b6d241f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept: text/x-less, text/css; q=0.9, */*; q=0.5
Referer: https://authentication.thehatvpn.com/login
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 08:54:02 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 23 Jan 2024 17:04:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"25f0-60f9ff0b18701"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gygivGeP8zFLq6TYSCqFdyxjdurTHtlY3wk3E7aFRukxjISTYg7oMybpWdHinZqQZxM7RjQcS0lPJ1xM0nsumay6leqtO1RiGOZpLLzlwlLz%2FJNwCTG1nQM2zx%2B3P4OILs5INI6y6l2Kd3eGJBBfY4E%2FJtzkR5cwa7Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-apo-via: origin,host
cf-ray: 85439acb3af9bbfd-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 logo.svg
authentication.thehatvpn.com/img/ 234 KB
15 KB 889ms
889ms Image
image/svg+xml 2606:4700:20::ac43:4a7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://authentication.thehatvpn.com/img/logo.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a7e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa4d4efcea526dd86af9b8662afe2fec1e9a126b30767ac519b4697c58432021

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://authentication.thehatvpn.com/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 08:54:03 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 23 Jan 2024 17:04:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3a795-60f9ff0b19a89"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VCV1VUc0A%2FW84Pd9fXlDrcuW68yTQgFExP0ALMLdkRU6XAcn8fCt4LwqmkPV7z8e1oqpcBDcY2tY0fuVt5t1bNksdftDT4HrKomSR9NMYqU4QGubjHO76YO3jTwK%2Fi%2FDvpzEZh66IWvBwWsGT%2FLiIp6ZkJgdpPdBclM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 85439acc2bfdbbfd-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 PlusJakartaSans-Regular.ttf
authentication.thehatvpn.com/fonts/ 92 KB
41 KB 668ms
668ms Font
application/font-sfnt 2606:4700:20::ac43:4a7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://authentication.thehatvpn.com/fonts/PlusJakartaSans-Regular.ttf

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a7e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

856ac8f8014b97ec80c73ac48dd91c4ec99f436b2862511c8dfdcab190a6579d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://authentication.thehatvpn.com/login
Origin: https://authentication.thehatvpn.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 08:54:03 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 23 Jan 2024 17:04:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"17168-60f9ff0b196a1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CBm6WGw5JW52ENK54JEuLTOmlB5B7Dy2%2FqyqqV57xg6oC%2BTTtlkhrd2iOF%2FaMUuA9SDjsjGhYSgnzWdjwZMk5%2BntwS6x13j66cOg%2FDcyNAJhXj%2FkP2UUeZpRm3518Pc4k1IB%2Bc1IDdK2vGHPE6IPqQUFzoiMx6sHmqc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-sfnt
cache-control: max-age=14400
cf-ray: 85439acc2c00bbfd-FRA
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
authentication.thehatvpn.com/	1970-01-20 18:22:15	Name: XSRF-TOKEN Value: eyJpdiI6InRqQ0JrekFxSjdlVXRxQzhaUFJWNmc9PSIsInZhbHVlIjoiOUJXVGZxcFg5OW5WTHZVVXNxMTdiOWtvYWFJYkswWHdKRHVGS3JodmZYL1ZqdEV3bnhVcmRDQ2RFdlFoUzlsYU9zWTBvZlN1enIreHJ3Q3dNY3hseitlSnBkQ2p3N3o5MHFlM0duenBTZmp6eUpJdm1Uc0xsMHFpNjB5RVlxaDQiLCJtYWMiOiI4MWE5MGYyOWJjZmFiYWQzM2EwZjYxNWI4NDA5OWI5YWRkZjIyZDJhZDMzYmYzMTRlODYwNThlYTkyMTQ2MjdjIiwidGFnIjoiIn0%3D
authentication.thehatvpn.com/	1969-12-31 23:59:59	Name: thehatvpnauthentication_session Value: eyJpdiI6InJ0bXlFalBNMUQ0NDFKVEhwZnVMd0E9PSIsInZhbHVlIjoiV0x6N0tWU2QxbUdHa1VGTHF3bXhSYmlILzdEeS9iRXhoVDVXU3UzamQzUjJZYi8vWmdINEJsVldVaEVRc3EvcyttRUorT1phVWsyWEVZa0t3TzdDZFRSMHlxL1R0R0dFUm5rYXZGSlFROGZ2M0RBb1I0bVYyKzB6ZjlNdmszVCsiLCJtYWMiOiIxNWM3NGVhYTJlOWY2MTY0ZDRlZTZmOTAyMzg2NGU2YzkwMWZhYTg4N2MxOTg2ZWRhOWY3ZWM4OTU0MmFjOWJmIiwidGFnIjoiIn0%3D
authentication.thehatvpn.com/	1970-01-20 18:22:15	Name: zoksfG2b5uy6iOO1FvON72Z8rvDabXhyi713wktB Value: eyJpdiI6IllVRkJWaGNwUm92Y0tyS2dha2NhbFE9PSIsInZhbHVlIjoiU0w4em5kNzNtbU1EaTJoUHRGa0NhZUFtaHplRi9haXE0d0lFZzlRcUdDYUFRM0drci95ZDdOdkxoS1cyTWJxTnNNVHBsNFE1NkNYeG54akNPUWdMNFFsaEVTdWp6TDNHRm1TUmlFZ1lBdEhTWjNjQmQ4Tng2WDdEVDBiL2hGckR3aDFxYUd2bmg3TDNocGx0WlJzNW5zRzBTbEo1NzNWNTc5UXdQK3hlZjhQTFU1YlJqRTc0eHFzQnQyZGcwQUZaSjhVSWNBNXZPK0ZwOHg3UGRnRW4vTG9BM2p1anY1T0tONzBzWW5LWGxqUnFqdG56V3A2dWtBMEs4a3BjMTBHc2svUWJLcWZMUXlTVEhZUGh0eDRlRTFlMXFaVVdHTTIreGgzNVgzb1lOVjNkWFAzYXlLaVA4VGRtVmFiTVB6SjVHR1NMNDZtRGJ5bytOTjEyQmlRWlhjTy9GdkMzcWdaTTVONmUwS052d0RjcDBUWmZxZUpTb1ZEZFZQNG42WXlOUG96cUhwT3ZoYlMrUnRqVW9ranRDQT09IiwibWFjIjoiMTAyZDFmNTVlMDRkM2ZmNzUxYzc3YWM4MmQzOTRmNzkyOTMzNjNmZjg0YTgxMDEwZTVlZTQ1YmRlNDUyYzU5MyIsInRhZyI6IiJ9

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

authentication.thehatvpn.com
cdnjs.cloudflare.com
code.jquery.com
fonts.cdnfonts.com
2606:4700:20::ac43:4a7e
2606:4700:3033::6815:487c
2606:4700::6811:180e
2a04:4e42::649
0df5a33710e433de1f5415b1d47e4130ca7466aee5b81955f1045c4844bbb3ed
29acec37ba9b79293c5d83dc134524b8d11227eea3363a214c5c8d497e2fd7a7
6eefc13f4d9832e74173dea423bca495ceb7f4cbb888a19434d71a9bc0f69cb7
75d571eaa964d87ada317c0265bc8c80510eaf502ec820df47f2d62d3b6d241f
856ac8f8014b97ec80c73ac48dd91c4ec99f436b2862511c8dfdcab190a6579d
951249e49e58872df12c7201ccd1b85111c6e5bdc96b7bd68cd7982654d6d028
9c88270fded5c2d3184e3d65eb91d2d45b43a2a5e378b0fb31e4738aac9232b9
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d7354c47f841b0fcd0ea1ef2d88ac4d6c6e1d4c948ece7c05fd68f655bef9e9b
d76fb4e841748a3f6bc63efa23156e02631c283bf41f84efcbdaf339ea3e1b73
e351f27fdb86f469b54b4ac61b5c883eb5a85b7b1e6fb20900fc89b8cb93b138
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fa4d4efcea526dd86af9b8662afe2fec1e9a126b30767ac519b4697c58432021

authentication.thehatvpn.com Open in urlscan Pro 2606:4700:20::ac43:4a7e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

100 %IPv6

4 Domains

4 Subdomains

4 IPs

1 Countries

385 kBTransfer

1144 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

3 Cookies

Security Headers

Indicators

authentication.thehatvpn.com Open in urlscan Pro
2606:4700:20::ac43:4a7e Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

385 kB
Transfer

1144 kB
Size

3
Cookies

14 HTTP transactions
0 data transactions