secret.eravpn.org
Open in
urlscan Pro
147.45.157.134
Public Scan
URL:
https://secret.eravpn.org/
Submission: On October 12 via automatic, source certstream-suspicious — Scanned from IT
Submission: On October 12 via automatic, source certstream-suspicious — Scanned from IT
Summary
This website contacted 4 IPs
in 3 countries
across 4 domains to perform 9 HTTP transactions.
The main IP is 147.45.157.134, located in
Russian Federation and
belongs to TIMEWEB-AS, RU.
The main domain is secret.eravpn.org.
TLS certificate: Issued by R10 on October 12th 2024. Valid for: 3 months.
This is the only time secret.eravpn.org was scanned on urlscan.io!
TLS certificate: Issued by R10 on October 12th 2024. Valid for: 3 months.
This is the only time secret.eravpn.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 2 | 147.45.157.134 147.45.157.134 | 9123 (TIMEWEB-AS) (TIMEWEB-AS) | |
| 3 | 104.17.24.14 104.17.24.14 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 192.163.208.117 192.163.208.117 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
| 9 | 4 |
2
147.45.157.134
(Russian Federation)
ASN9123 (TIMEWEB-AS, RU)
PTR: 2927537-esmars.twc1.net
ASN9123 (TIMEWEB-AS, RU)
PTR: 2927537-esmars.twc1.net
| secret.eravpn.org |
1
192.163.208.117
(United States)
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: sou.soundjay.com
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: sou.soundjay.com
| www.soundjay.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 3 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220 |
155 KB |
| 2 |
eravpn.org
secret.eravpn.org |
4 KB |
| 1 |
soundjay.com
www.soundjay.com Failed |
|
| 0 |
codepen.io
Failed
assets.codepen.io Failed |
|
| 9 | 4 |
| Domain | Requested by | |
|---|---|---|
| 3 | cdnjs.cloudflare.com |
secret.eravpn.org
cdnjs.cloudflare.com |
| 2 | secret.eravpn.org | |
| 1 | www.soundjay.com |
secret.eravpn.org
|
| 0 | assets.codepen.io Failed |
secret.eravpn.org
|
| 9 | 4 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| secret.eravpn.org R10 |
2024-10-12 - 2025-01-10 |
3 months | crt.sh |
| cdnjs.cloudflare.com WE1 |
2024-09-28 - 2024-12-27 |
3 months | crt.sh |
| soundjay.com R10 |
2024-08-17 - 2024-11-15 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://secret.eravpn.org/
Frame ID: 918BE1CE62F81D1EEA2D592827761024
Requests: 9 HTTP requests in this frame
Screenshot
Page Title
Futuristic Control RoomDetected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
9 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
secret.eravpn.org/ |
11 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/css/ |
82 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/bootstrap/5.1.3/css/ |
160 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
thunder1.mp3
www.soundjay.com/nature/sounds/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
applause-8.mp3
www.soundjay.com/human/sounds/ |
133 KB 0 |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
button-29.mp3
www.soundjay.com/button/sounds/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
fancy-background.svg
assets.codepen.io/3/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta3/webfonts/ |
122 KB 123 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
favicon.ico
secret.eravpn.org/ |
280 B 359 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.soundjay.com
- URL
- https://www.soundjay.com/nature/sounds/thunder1.mp3
- Domain
- www.soundjay.com
- URL
- https://www.soundjay.com/button/sounds/button-29.mp3
- Domain
- assets.codepen.io
- URL
- https://assets.codepen.io/3/fancy-background.svg
Verdicts & Comments Add Verdict or Comment
9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| predictFuture function| animateFuturePrediction function| startBillionEmulator function| activateThunder function| playSound function| startRiddle function| secretInfo function| unlockSecret function| startCountdown1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .codepen.io/ | Name: __cf_bm Value: UOuoOB34jPzBr07XKvYwMpsHYxKnHPL_LFIEsRef0DA-1728742893-1.0.1.1-UHPHf1KToLolRU147LcT0gaaHYzuZ27qrPUKvrxFsLGzC31o1iYYkEAOHCSmJp.0JSRuS6kQjGZxAWUYJOrpmg |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets.codepen.io
cdnjs.cloudflare.com
secret.eravpn.org
www.soundjay.com
assets.codepen.io
www.soundjay.com
104.17.24.14
147.45.157.134
192.163.208.117
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
6f292091c2bf67f65e9e583683cb4f72ee81caa1e41c198004527fa399c575d0
94e1bbc1c2a41ebc73fa5253fd563256c0035b4d69181e48f9aef9e474a11251
a361e7885c36bacb3fd9cb068da207c3b9329962cac022d06e28923939f575e8
eba916d855a774c1355695936472ad17751ff0de64f682ec2fd3a6ee83ce9f6f