www.red-wood.vip Open in urlscan Pro
46.3.112.49 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.red-wood.vip/
Effective URL:
https://www.red-wood.vip/login/index
Submission Tags: @phish_report
Submission: On April 22 via api (April 22nd 2024, 6:48:06 am UTC) from FI — Scanned from FI

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 9 HTTP transactions. The main IP is 46.3.112.49, located in Los Angeles, United States and belongs to NETLAB-SDN, US. The main domain is www.red-wood.vip.
TLS certificate: Issued by R3 on April 13th 2024. Valid for: 3 months.

This is the only time www.red-wood.vip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 10	46.3.112.49 46.3.112.49		979 (NETLAB-SDN) (NETLAB-SDN)
9	1

10 46.3.112.49 (Los Angeles, United States) 1 redirects

ASN979 (NETLAB-SDN, US)

www.red-wood.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	red-wood.vip 1 redirects www.red-wood.vip	180 KB
9	1

	Domain	Requested by
10	www.red-wood.vip	1 redirects www.red-wood.vip
9	1

This site contains no links.

Subject Issuer	Validity	Valid
red-wood.vip R3	`2024-04-13` - `2024-07-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.red-wood.vip/login/index
Frame ID: 28C97C4501165A4A7CDFFCBE7A27BBA2
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Redwood

Page URL History Show full URLs

https://www.red-wood.vip/ HTTP 302
https://www.red-wood.vip/login/index Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

180 kB
Transfer

450 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.red-wood.vip/ HTTP 302
https://www.red-wood.vip/login/index Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request index Show response
www.red-wood.vip/login/
Redirect Chain

https://www.red-wood.vip/
https://www.red-wood.vip/login/index

15 KB
5 KB

316ms
316ms

Document
text/html

46.3.112.49
NETLAB-SDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.red-wood.vip/login/index

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.3.112.49 Los Angeles, United States, ASN979 (NETLAB-SDN, US),

Reverse DNS

Software

nginx /

Resource Hash

b58c9f25e8b8730490cc310a6458aa66ea0c807003c8fb25c697684eaa00c475

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 22 Apr 2024 06:47:58 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

Redirect headers

cache-control: no-cache, private
content-type: text/html; charset=UTF-8
date: Mon, 22 Apr 2024 06:47:57 GMT
location: https://www.red-wood.vip/login/index
server: nginx
strict-transport-security: max-age=31536000

GET
H2 200 framework7.ios.min.css
www.red-wood.vip/static/home/css/ 165 KB
28 KB 373ms
372ms Stylesheet
text/css 46.3.112.49
NETLAB-SDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.red-wood.vip/static/home/css/framework7.ios.min.css

Requested by

Host: www.red-wood.vip
URL: https://www.red-wood.vip/login/index

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.3.112.49 Los Angeles, United States, ASN979 (NETLAB-SDN, US),

Reverse DNS

Software

nginx /

Resource Hash

b9c035f80cb823ac85db49e3602a9b74f23830db9230f082bf856fd5a134bd2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.red-wood.vip/login/index
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 06:47:58 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 02:06:34 GMT
server: nginx
etag: W/"61b6aaaa-29422"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Mon, 22 Apr 2024 18:47:58 GMT

GET
H2 200 app.css
www.red-wood.vip/static/home/css/ 74 KB
15 KB 742ms
741ms Stylesheet
text/css 46.3.112.49
NETLAB-SDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.red-wood.vip/static/home/css/app.css?v=5.8

Requested by

Host: www.red-wood.vip
URL: https://www.red-wood.vip/login/index

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.3.112.49 Los Angeles, United States, ASN979 (NETLAB-SDN, US),

Reverse DNS

Software

nginx /

Resource Hash

e05a79e4ce445679e6f562bbd5d2eed74bf0ad91f5f5c89208eacd0ef3e7555d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.red-wood.vip/login/index
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 06:47:58 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 17 Feb 2024 20:37:22 GMT
server: nginx
etag: W/"65d11902-12736"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Mon, 22 Apr 2024 18:47:58 GMT

GET
H2 200 iconfont.css
www.red-wood.vip/static/home/css/ 8 KB
6 KB 743ms
742ms Stylesheet
text/css 46.3.112.49
NETLAB-SDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.red-wood.vip/static/home/css/iconfont.css

Requested by

Host: www.red-wood.vip
URL: https://www.red-wood.vip/login/index

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.3.112.49 Los Angeles, United States, ASN979 (NETLAB-SDN, US),

Reverse DNS

Software

nginx /

Resource Hash

7cacd438aa0c20dc37f54d304140d49306a321a838316a9229384f1ce659ba73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.red-wood.vip/login/index
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 06:47:58 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 02:06:34 GMT
server: nginx
etag: W/"61b6aaaa-1fab"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Mon, 22 Apr 2024 18:47:58 GMT

GET
H2 200 lg.png
www.red-wood.vip/static/home/img/ 81 KB
82 KB 929ms
928ms Image
image/png 46.3.112.49
NETLAB-SDN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.red-wood.vip/static/home/img/lg.png

Requested by

Host: www.red-wood.vip
URL: https://www.red-wood.vip/login/index

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.3.112.49 Los Angeles, United States, ASN979 (NETLAB-SDN, US),

Reverse DNS

Software

nginx /

Resource Hash

e2007019c3371c92223483e29fea2b6245d3e20290a822adb7dc976d36f9f953

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.red-wood.vip/login/index
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 06:47:58 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 09 Apr 2024 08:11:01 GMT
server: nginx
etag: "6614f815-14530"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 83248
expires: Wed, 22 May 2024 06:47:58 GMT

GET
H2 200 jquery-1.11.3.min.js Show response
www.red-wood.vip/static/home/js/ 94 KB
37 KB 929ms
929ms Script
application/javascript 46.3.112.49
NETLAB-SDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.red-wood.vip/static/home/js/jquery-1.11.3.min.js

Requested by

Host: www.red-wood.vip
URL: https://www.red-wood.vip/login/index

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.3.112.49 Los Angeles, United States, ASN979 (NETLAB-SDN, US),

Reverse DNS

Software

nginx /

Resource Hash

ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.red-wood.vip/login/index
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 06:47:58 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 02:06:34 GMT
server: nginx
etag: W/"61b6aaaa-176d5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Mon, 22 Apr 2024 18:47:58 GMT

GET
H2 200 layer.js Show response
www.red-wood.vip/static/home/js/ 3 KB
2 KB 921ms
920ms Script
application/javascript 46.3.112.49
NETLAB-SDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.red-wood.vip/static/home/js/layer.js

Requested by

Host: www.red-wood.vip
URL: https://www.red-wood.vip/login/index

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.3.112.49 Los Angeles, United States, ASN979 (NETLAB-SDN, US),

Reverse DNS

Software

nginx /

Resource Hash

772e7cd4bcdb897178cadf50cd8a97f99fcfc39027c02fb4ff20b7fe053d2af3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.red-wood.vip/login/index
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 06:47:58 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 02:06:34 GMT
server: nginx
etag: W/"61b6aaaa-cc3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Mon, 22 Apr 2024 18:47:58 GMT

GET
H2 200 layer.css
www.red-wood.vip/static/home/js/need/ 5 KB
2 KB 185ms
185ms Stylesheet
text/css 46.3.112.49
NETLAB-SDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.red-wood.vip/static/home/js/need/layer.css?2.0

Requested by

Host: www.red-wood.vip
URL: https://www.red-wood.vip/static/home/js/layer.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.3.112.49 Los Angeles, United States, ASN979 (NETLAB-SDN, US),

Reverse DNS

Software

nginx /

Resource Hash

ffc0323fb190f484a19ef1f2d5c6479d8efbfd8a9f115d953758a7ff4a7939c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.red-wood.vip/login/index
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 06:48:00 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 21 Feb 2024 12:10:33 GMT
server: nginx
etag: W/"65d5e839-14d6"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Mon, 22 Apr 2024 18:48:00 GMT

GET
H2 200 favicon.ico
www.red-wood.vip/ 4 KB
4 KB 185ms
185ms Other
image/x-icon 46.3.112.49
NETLAB-SDN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.red-wood.vip/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.3.112.49 Los Angeles, United States, ASN979 (NETLAB-SDN, US),

Reverse DNS

Software

nginx /

Resource Hash

706ebe47c6ea81fdd6916b8371024a310f9e5719b691a15ffc575bce0c5b7486

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.red-wood.vip/login/index
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 06:48:00 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 09 Apr 2024 08:09:59 GMT
server: nginx
etag: "6614f7d7-10be"
content-type: image/x-icon
accept-ranges: bytes
content-length: 4286

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.red-wood.vip/	1970-01-20 20:02:55	Name: sec_session Value: eyJpdiI6IlJoK1dGT3lPb2hwZVwvb1hEMk5mdmNnPT0iLCJ2YWx1ZSI6IjFTdncxS0dGQXBteUF4c2FwbVBOS0FBbERLbGJvb1BcLzY2V01xcGZmZFlscHRZMTU2Vk5iNVwvNXZ1TEFxNmFhUCIsIm1hYyI6IjE3NTgwMTZhOTRjNTE5ZWExNjgxZTc2ZWRkMmQyMDE4MTQ4MDg4NTNmNDk1MzM5Njk5MDU2NjI3ZGI5MzMyZjgifQ%3D%3D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://www.red-wood.vip/login/index Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.red-wood.vip
46.3.112.49
706ebe47c6ea81fdd6916b8371024a310f9e5719b691a15ffc575bce0c5b7486
772e7cd4bcdb897178cadf50cd8a97f99fcfc39027c02fb4ff20b7fe053d2af3
7cacd438aa0c20dc37f54d304140d49306a321a838316a9229384f1ce659ba73
b58c9f25e8b8730490cc310a6458aa66ea0c807003c8fb25c697684eaa00c475
b9c035f80cb823ac85db49e3602a9b74f23830db9230f082bf856fd5a134bd2e
e05a79e4ce445679e6f562bbd5d2eed74bf0ad91f5f5c89208eacd0ef3e7555d
e2007019c3371c92223483e29fea2b6245d3e20290a822adb7dc976d36f9f953
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ffc0323fb190f484a19ef1f2d5c6479d8efbfd8a9f115d953758a7ff4a7939c4

www.red-wood.vip Open in urlscan Pro 46.3.112.49 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

180 kBTransfer

450 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

1 Cookies

1 Console Messages

Security Headers

Indicators

www.red-wood.vip Open in urlscan Pro
46.3.112.49 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

180 kB
Transfer

450 kB
Size

1
Cookies

9 HTTP transactions
0 data transactions