auth.vpn.red Open in urlscan Pro
163.5.198.200 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://auth.vpn.red/
Submission: On July 31 via automatic, source certstream-suspicious (July 31st 2024, 7:40:05 pm UTC) — Scanned from DE

Summary HTTP 17 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 2 domains to perform 17 HTTP transactions. The main IP is 163.5.198.200, located in San Francisco, United States and belongs to CYPHERPUNK-NET, US. The main domain is auth.vpn.red.
TLS certificate: Issued by E6 on July 31st 2024. Valid for: 3 months.

This is the only time auth.vpn.red was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	163.5.198.200 163.5.198.200	395517 (CYPHERPUN...) (CYPHERPUNK-NET)
7	2606:4700::68... 2606:4700::6812:b6c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:5049	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	4

7 163.5.198.200 (San Francisco, United States)

ASN395517 (CYPHERPUNK-NET, US)

auth.vpn.red	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6812:b6c (United States)

ASN13335 (CLOUDFLARENET, US)

vpn.red	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)

cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	vpn.red auth.vpn.red vpn.red	520 KB
3	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1223 cloudflareinsights.com — Cisco Umbrella Rank: 1204	7 KB
17	2

	Domain	Requested by
7	vpn.red	auth.vpn.red vpn.red
7	auth.vpn.red	auth.vpn.red
2	cloudflareinsights.com	static.cloudflareinsights.com
1	static.cloudflareinsights.com	auth.vpn.red
17	4

This site contains links to these domains. Also see Links.

Domain
www.apple.com
play.google.com
twitter.com
www.instagram.com

Subject Issuer	Validity	Valid
x4.sfa02.services.1e-100.net E6	`2024-07-31` - `2024-10-29`	3 months	crt.sh
vpn.red WE1	`2024-07-27` - `2024-10-25`	3 months	crt.sh
cloudflareinsights.com WE1	`2024-07-06` - `2024-10-04`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://auth.vpn.red/
Frame ID: BB7408179C0AD641C822C74DFFFB912E
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

RedVPN

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Page Statistics

17
Requests

100 %
HTTPS

75 %
IPv6

2
Domains

4
Subdomains

4
IPs

1
Countries

527 kB
Transfer

715 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.apple.com/app-store/
Title: Download for Apple (coming soon)

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.redvpn.android
Title: Download for Android

Search URL Search Domain Scan URL

URL: https://twitter.com/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/redvpn.app

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
auth.vpn.red/ 44 KB
19 KB 956ms
297ms Document
text/html 163.5.198.200
CYPHERPUNK-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.vpn.red/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 163.5.198.200 San Francisco, United States, ASN395517 (CYPHERPUNK-NET, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: e6e319833c38109f3dac4b585f60c80afe9eda51d7d436d875a399749d68f101

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Wed, 31 Jul 2024 19:39:56 GMT
ETag: W/"6595fee4-b18d"
Last-Modified: Thu, 04 Jan 2024 00:42:12 GMT
Server: nginx/1.22.1
Transfer-Encoding: chunked

GET
H/1.1 200
OK open-sans.woff2
auth.vpn.red/ 44 KB
44 KB 149ms
148ms Font
font/woff2 163.5.198.200
CYPHERPUNK-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.vpn.red/open-sans.woff2
Requested by: Host: auth.vpn.red
URL: https://auth.vpn.red/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 163.5.198.200 San Francisco, United States, ASN395517 (CYPHERPUNK-NET, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Request headers

Referer
Origin: https://auth.vpn.red
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 19:39:57 GMT
Last-Modified: Wed, 03 Jan 2024 17:35:18 GMT
Server: nginx/1.22.1
ETag: "65959ad6-ae70"
Content-Type: font/woff2
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 44656

GET
H/1.1 200
OK e8d9ce3b645247fc0ac6498fbcab7e88b508e580.css
auth.vpn.red/ 16 KB
17 KB 310ms
309ms Stylesheet
text/css 163.5.198.200
CYPHERPUNK-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.vpn.red/e8d9ce3b645247fc0ac6498fbcab7e88b508e580.css
Requested by: Host: auth.vpn.red
URL: https://auth.vpn.red/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 163.5.198.200 San Francisco, United States, ASN395517 (CYPHERPUNK-NET, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 23346681f70e30e7513f2fc03c2e4d907ffb9c8f6feff3e7b5bf8bb84b7d4535

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 19:39:57 GMT
Last-Modified: Wed, 03 Jan 2024 17:35:18 GMT
Server: nginx/1.22.1
ETag: "65959ad6-411e"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16670

GET
H3 200 styles.css
vpn.red/res/css/dist/ 13 KB
4 KB 140ms
95ms Stylesheet
text/css 2606:4700::6812:b6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vpn.red/res/css/dist/styles.css

Requested by

Host: auth.vpn.red
URL: https://auth.vpn.red/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:b6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38dc84a8aca1f9107cff2e352bd1bd3adfa9792c2683d5ad7cdf85fb166b8344

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 19:39:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"b80aeba9046ea7c0282c4246e963870d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gXzn%2BiXiCBDXrrN%2FRx4PHROf5qA2b9CKomz6mrWe9NybdhMZBL%2FcKljTE2Lz00rGmG%2BqeCEAOQ%2B0UBnjuj2OzpMZ7qmnqY8YnOEmoOjMUpvv7Yx3YdjMD9Zl%2B3hXE%2BDyPo6PeOOX"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 8ac00eb18de36643-AMS
expires: Wed, 31 Jul 2024 23:39:57 GMT

GET
H3 200 _typography.css
vpn.red/res/css/ 3 KB
974 B 178ms
134ms Stylesheet
text/css 2606:4700::6812:b6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vpn.red/res/css/_typography.css

Requested by

Host: auth.vpn.red
URL: https://auth.vpn.red/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:b6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84b1fb306e8a2ce41b2064b78a4064d179d5a5e4c108e1cedb56cc7d03945b63

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 19:39:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"f4f6ea34298074b84dcfdbe4b96a84c8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d0C2LhLtF5gyoapPQnSDDSmYeuGnISW%2F1%2BrETeAR%2FWphe2iFw89Ix2WcevCift56pDTMh4OoAWOv8J%2F6daZpfOr3TpW46kE9XJtiwMcy%2BIsay8TeUIZOuSd5RB%2Bmq0EID%2BM5cu6z"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 8ac00eb18dde6643-AMS
expires: Wed, 31 Jul 2024 23:39:57 GMT

GET
H/1.1 200
OK phone.png
auth.vpn.red/ 75 KB
75 KB 589ms
149ms Image
image/png 163.5.198.200
CYPHERPUNK-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://auth.vpn.red/phone.png
Requested by: Host: auth.vpn.red
URL: https://auth.vpn.red/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 163.5.198.200 San Francisco, United States, ASN395517 (CYPHERPUNK-NET, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 38116adc20afa9f25d0c08920b174d16a5f4d545ccf78b368e51fc45d8ea636f

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 19:39:57 GMT
Last-Modified: Wed, 03 Jan 2024 17:35:18 GMT
Server: nginx/1.22.1
ETag: "65959ad6-12ad0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 76496

GET
H/1.1 200
OK usage.png
auth.vpn.red/ 108 KB
108 KB 606ms
155ms Image
image/png 163.5.198.200
CYPHERPUNK-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://auth.vpn.red/usage.png
Requested by: Host: auth.vpn.red
URL: https://auth.vpn.red/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 163.5.198.200 San Francisco, United States, ASN395517 (CYPHERPUNK-NET, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 38b6a088717f3e40e914152c2fcef35c8cc59bb9cbf20738f61b7b118ce0d477

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 19:39:57 GMT
Last-Modified: Wed, 03 Jan 2024 17:35:18 GMT
Server: nginx/1.22.1
ETag: "65959ad6-1b02a"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 110634

GET
H/1.1 200
OK gmail.svg
auth.vpn.red/assets/ 18 KB
18 KB 452ms
148ms Image
image/svg+xml 163.5.198.200
CYPHERPUNK-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://auth.vpn.red/assets/gmail.svg
Requested by: Host: auth.vpn.red
URL: https://auth.vpn.red/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 163.5.198.200 San Francisco, United States, ASN395517 (CYPHERPUNK-NET, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 96bcf1e87633455e9e5d78bcd11eb92d65e1b907c8351e4050fdf7a0a4d3f0f5

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 19:39:57 GMT
Last-Modified: Wed, 03 Jan 2024 18:49:55 GMT
Server: nginx/1.22.1
ETag: "6595ac53-47f2"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18418

GET
H3 200 phone.png
vpn.red/res/img/ 75 KB
75 KB 313ms
269ms Image
image/png 2606:4700::6812:b6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vpn.red/res/img/phone.png

Requested by

Host: auth.vpn.red
URL: https://auth.vpn.red/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:b6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38116adc20afa9f25d0c08920b174d16a5f4d545ccf78b368e51fc45d8ea636f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 19:39:57 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 76496
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "2583be8131e164e74279288f37293a85"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cw6JpjjGvhh3o%2FbvHDssM%2Fei9VEub47wSqsmiTQ6xBOSHrFTFQGfXrsR9hT3c%2BLPQd1vCMK%2F7RH3Xcg2W0T1recsMPda8jwU5VeF56xsOIJTgkmWZK7ZXllwNpX4YxfI%2F1zIPbl3"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8ac00eb18ddf6643-AMS
expires: Wed, 31 Jul 2024 23:39:57 GMT

GET
H3 200 usage.png
vpn.red/res/img/ 108 KB
109 KB 130ms
103ms Image
image/png 2606:4700::6812:b6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vpn.red/res/img/usage.png

Requested by

Host: auth.vpn.red
URL: https://auth.vpn.red/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:b6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38b6a088717f3e40e914152c2fcef35c8cc59bb9cbf20738f61b7b118ce0d477

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 19:39:57 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 110634
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "9f8b0fc6d07e8f767bf2eb3c99c2e72a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ov6J91peTRD8ottVaJgmHNNp1uVhnBp%2Btisau1KsPv5QPcPOs7SxANpPgXc8wulAloTodHUo9d4K7DT8AWtj3FG1Ftd6k%2FzMhMRnqjLmvyFaMN7FS1QTanf5yWphlzn%2BceJcDOaO"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8ac00eb18de46643-AMS
expires: Wed, 31 Jul 2024 23:39:57 GMT

GET
H/1.1 404
Not Found email-decode.min.js
auth.vpn.red/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 0
0 450ms
154ms Script
text/html 163.5.198.200
CYPHERPUNK-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.vpn.red/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by: Host: auth.vpn.red
URL: https://auth.vpn.red/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 163.5.198.200 San Francisco, United States, ASN395517 (CYPHERPUNK-NET, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 31 Jul 2024 19:39:57 GMT
Content-Encoding: gzip
Server: nginx/1.22.1
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 19 KB
7 KB 91ms
61ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: auth.vpn.red
URL: https://auth.vpn.red/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 19:39:57 GMT
content-encoding: gzip
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
server: cloudflare
etag: W/"2024.6.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8ac00eb19832b984-AMS

GET
H3 206 intro.mp4
vpn.red/res/ 133 KB
0 190ms
168ms Media
video/mp4 2606:4700::6812:b6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vpn.red/res/intro.mp4

Requested by

Host: auth.vpn.red
URL: https://auth.vpn.red/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:b6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 31 Jul 2024 19:39:57 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Range: bytes 0-3060620/3060621
alt-svc: h3=":443"; ma=86400
Content-Length: 3060621
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "b2392870a43112b183866ead43ecb503"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hxjjMwYt8hwRtnuLLd3cL1NY96IQm%2BMuGjPaf1U1i6aoQMfVGIH1NapN1nmtYZ0ZzZCJXqjYR8GzBRu3MSEaqhQ3tpuWln%2FF6qDmuzfSfx6OTTu5jVArAtJjOs6HrFkYjd1qBzvN"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 8ac00eb18de16643-AMS
expires: Wed, 31 Jul 2024 23:39:57 GMT

GET
H3 200 open-sans.woff2
vpn.red/res/fonts/ 44 KB
44 KB 126ms
106ms Font
font/woff2 2606:4700::6812:b6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vpn.red/res/fonts/open-sans.woff2

Requested by

Host: vpn.red
URL: https://vpn.red/res/css/_typography.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:b6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://vpn.red/res/css/_typography.css
Origin: https://auth.vpn.red
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 19:39:57 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 44656
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "611dca84a9787acf7e6e0658f9a67cf6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M8mE5piOJjwQ95bAZS1LlKgMyLXvQIFQLNQqvKuqwWNoxzCnnx%2FDwuVoLdIVBMQy7xFlPJ43PBs0VX7vzWK02diu7wDZBwPeBh7qAk3KYHdZbr0YUk8Dta7eYb%2FhRY4%2Bnj4ugG%2FO"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 8ac00eb34e00b8c0-AMS
expires: Wed, 31 Jul 2024 23:39:57 GMT

OPTIONS
H2 200 rum
cloudflareinsights.com/cdn-cgi/ 0
0 58ms
17ms Preflight
text/plain 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflareinsights.com/cdn-cgi/rum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://auth.vpn.red
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://auth.vpn.red
access-control-max-age: 86400
cf-ray: 8ac00eb48b53b890-AMS
content-encoding: gzip
content-type: text/plain
date: Wed, 31 Jul 2024 19:39:57 GMT
server: cloudflare
vary: Origin
x-content-type-options: nosniff
x-frame-options: DENY

POST
H2 204 rum Show response
cloudflareinsights.com/cdn-cgi/ 0
37 B 20ms
18ms XHR
text/plain 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflareinsights.com/cdn-cgi/rum

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Wed, 31 Jul 2024 19:39:57 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://auth.vpn.red
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 8ac00eb49b73b890-AMS

GET
H3 200 favicon.ico
vpn.red/res/meta/ 15 KB
6 KB 93ms
93ms Other
image/vnd.microsoft.icon 2606:4700::6812:b6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vpn.red/res/meta/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:b6c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efde6f5ca6b1c11824587ba7f4a22d134a4e7996e3b2a7c3c45c31b287d47afa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 31 Jul 2024 19:39:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"f838bb36048d509ee768e683c8ce96c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UziaMHOU44aPwnrHzLAEshdkQ7vKsZVLeA4aNSCnDeOhAEvhMFP2bfWtQJulWbDR0TmEZso8VoxeFVZVf3quvEj5c7QRYd7MXsshjGive5R8leCulLOaywkN%2F0Oq4p3ys5Cqe4yT"}],"group":"cf-nel","max_age":604800}
content-type: image/vnd.microsoft.icon
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 8ac00eb4493b6643-AMS
expires: Wed, 31 Jul 2024 23:39:57 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| togglePlay object| __cfBeacon

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://auth.vpn.red/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	warning	URL: https://auth.vpn.red/ Message: The resource https://auth.vpn.red/usage.png was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://auth.vpn.red/ Message: The resource https://auth.vpn.red/open-sans.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://auth.vpn.red/ Message: The resource https://auth.vpn.red/phone.png was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://auth.vpn.red/ Message: The resource https://auth.vpn.red/e8d9ce3b645247fc0ac6498fbcab7e88b508e580.css was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.vpn.red
cloudflareinsights.com
static.cloudflareinsights.com
vpn.red
163.5.198.200
2606:4700::6810:4f49
2606:4700::6810:5049
2606:4700::6812:b6c
23346681f70e30e7513f2fc03c2e4d907ffb9c8f6feff3e7b5bf8bb84b7d4535
38116adc20afa9f25d0c08920b174d16a5f4d545ccf78b368e51fc45d8ea636f
38b6a088717f3e40e914152c2fcef35c8cc59bb9cbf20738f61b7b118ce0d477
38dc84a8aca1f9107cff2e352bd1bd3adfa9792c2683d5ad7cdf85fb166b8344
84b1fb306e8a2ce41b2064b78a4064d179d5a5e4c108e1cedb56cc7d03945b63
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
96bcf1e87633455e9e5d78bcd11eb92d65e1b907c8351e4050fdf7a0a4d3f0f5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e319833c38109f3dac4b585f60c80afe9eda51d7d436d875a399749d68f101
efde6f5ca6b1c11824587ba7f4a22d134a4e7996e3b2a7c3c45c31b287d47afa

auth.vpn.red Open in urlscan Pro 163.5.198.200 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

17 Requests

100 %HTTPS

75 %IPv6

2 Domains

4 Subdomains

4 IPs

1 Countries

527 kBTransfer

715 kBSize

0 Cookies

4 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

5 Console Messages

Indicators

auth.vpn.red Open in urlscan Pro
163.5.198.200 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

75 %
IPv6

2
Domains

4
Subdomains

4
IPs

1
Countries

527 kB
Transfer

715 kB
Size

0
Cookies

17 HTTP transactions
0 data transactions