urlscan.io logo urlscan.io
SecurityTrails logo

or3.ssvpn.win Open in urlscan Pro
158.101.132.56  Public Scan

Go To Rescan Add Verdict Report
URL: https://or3.ssvpn.win/
Submission: On July 19 via automatic, source certstream-suspicious — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 5 domains to perform 14 HTTP transactions. The main IP is 158.101.132.56, located in Inzai, Japan and belongs to ORACLE-BMC-31898, US. The main domain is or3.ssvpn.win.
TLS certificate: Issued by E5 on July 17th 2024. Valid for: 3 months.
This is the only time or3.ssvpn.win was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 158.101.132.56 31898 (ORACLE-BM...)
2 3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2404:6800:400... 15169 (GOOGLE)
1 146.190.90.70 14061 (DIGITALOC...)
1 2404:6800:400... 15169 (GOOGLE)
14 5
10    158.101.132.56 (Inzai, Japan)

ASN31898 (ORACLE-BMC-31898, US)
or3.ssvpn.win
3    2606:4700::6811:f7cb (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    2404:6800:400a:80a::200a (Osaka, Japan)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    146.190.90.70 (Singapore, Singapore)

ASN14061 (DIGITALOCEAN-ASN, US)
api.openweathermap.org
1    2404:6800:4004:826::2003 (Australia)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
10 ssvpn.win
or3.ssvpn.win
121 KB
3 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1314
27 KB
1 gstatic.com
fonts.gstatic.com
48 KB
1 openweathermap.org
api.openweathermap.org — Cisco Umbrella Rank: 9491
835 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
2 KB
14 5
Domain Requested by
10 or3.ssvpn.win or3.ssvpn.win
3 unpkg.com 2 redirects or3.ssvpn.win
1 fonts.gstatic.com fonts.googleapis.com
1 api.openweathermap.org or3.ssvpn.win
1 fonts.googleapis.com or3.ssvpn.win
14 5
Subject Issuer Validity Valid
or3.ssvpn.win
E5		 2024-07-17 -
2024-10-15		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.openweathermap.org
Sectigo RSA Domain Validation Secure Server CA		 2023-06-30 -
2024-07-30		 a year crt.sh
*.gstatic.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://or3.ssvpn.win/
Frame ID: CF12877537ED2670E493644CA4570F43
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bento

Page Statistics

14
Requests

93 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

4
Countries

199 kB
Transfer

260 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://unpkg.com/feather-icons HTTP 302
  • https://unpkg.com/feather-icons@4.29.2 HTTP 302
  • https://unpkg.com/feather-icons@4.29.2/dist/feather.min.js

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
or3.ssvpn.win/ 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://or3.ssvpn.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
158.101.132.56 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
Caddy /
Resource Hash
576744b50d9a8fffc3a435af556919f61f004a74d071aa69ba5dbc983d85c820

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000
content-length
5416
content-type
text/html; charset=utf-8
date
Fri, 19 Jul 2024 21:04:24 GMT
etag
"ql7j2v46g"
last-modified
Sat, 12 Dec 2020 03:30:31 GMT
server
Caddy
style.css
or3.ssvpn.win/css/ 		5 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://or3.ssvpn.win/css/style.css
Requested by
Host: or3.ssvpn.win
URL: https://or3.ssvpn.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
158.101.132.56 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
Caddy /
Resource Hash
c6a5db7ac1918f0e224483b1ca72704c2c8735316f10bf4dfa4f072c3ca1e325

Request headers

Referer
https://or3.ssvpn.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 21:04:24 GMT
last-modified
Sat, 12 Dec 2020 03:30:31 GMT
server
Caddy
etag
"ql7j2v4c2"
content-type
text/css; charset=utf-8
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000
content-length
5618
feather.min.js
unpkg.com/feather-icons@4.29.2/dist/
Redirect Chain
  • https://unpkg.com/feather-icons
  • https://unpkg.com/feather-icons@4.29.2
  • https://unpkg.com/feather-icons@4.29.2/dist/feather.min.js
74 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/feather-icons@4.29.2/dist/feather.min.js
Requested by
Host: or3.ssvpn.win
URL: https://or3.ssvpn.win/
Protocol
H2
Server
2606:4700::6811:f7cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea465ac6b69a037dc49fda6ab1c585f95725091eff4515df61db91d9d3c5e54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://or3.ssvpn.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 21:04:24 GMT
content-encoding
br
via
1.1 fly.io
cf-cache-status
HIT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
6881173
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HWSAJ3MAEDDBM5VWZQAGNHS0-nrt
server
cloudflare
etag
"1290f-X/pK4GwdM6kTkoZ77NToWvhCbGg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8a5da9e90fc03bf9-NRT

Redirect headers

date
Fri, 19 Jul 2024 21:04:24 GMT
content-encoding
br
via
1.1 fly.io
cf-cache-status
HIT
fly-request-id
01HWSAJ396ED5CFGNH2YM3NDHD-nrt
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
6881174
server
cloudflare
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/feather-icons@4.29.2/dist/feather.min.js
cache-control
public, max-age=31536000
cf-ray
8a5da9e8ffb03bf9-NRT
unknown.png
or3.ssvpn.win/icons/OneDark/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://or3.ssvpn.win/icons/OneDark/unknown.png
Requested by
Host: or3.ssvpn.win
URL: https://or3.ssvpn.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
158.101.132.56 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
Caddy /
Resource Hash
cc94359eb902b6f5567095bfc4e84edab22881993a26ccba70ba3e7f2fc29d75

Request headers

Referer
https://or3.ssvpn.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 21:04:24 GMT
last-modified
Sat, 12 Dec 2020 03:30:31 GMT
server
Caddy
etag
"ql7j2v1p0"
content-type
image/png
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000
content-length
2196
time.js
or3.ssvpn.win/js/ 		1010 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://or3.ssvpn.win/js/time.js
Requested by
Host: or3.ssvpn.win
URL: https://or3.ssvpn.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
158.101.132.56 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
Caddy /
Resource Hash
54fb23cb41f62e8ed4a147342804c49dcbbd7b45ad3202a8c0f188f72732e4a6

Request headers

Referer
https://or3.ssvpn.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 21:04:24 GMT
last-modified
Sat, 12 Dec 2020 03:30:31 GMT
server
Caddy
etag
"ql7j2vs2"
content-type
text/javascript; charset=utf-8
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000
content-length
1010
theme.js
or3.ssvpn.win/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://or3.ssvpn.win/js/theme.js
Requested by
Host: or3.ssvpn.win
URL: https://or3.ssvpn.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
158.101.132.56 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
Caddy /
Resource Hash
818ac9ae4fb5c74433762d1a76b97972a07473b7195b3472148d05a20512c133

Request headers

Referer
https://or3.ssvpn.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 21:04:24 GMT
last-modified
Sat, 12 Dec 2020 03:30:31 GMT
server
Caddy
etag
"ql7j2vsi"
content-type
text/javascript; charset=utf-8
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000
content-length
1026
greeting.js
or3.ssvpn.win/js/ 		767 B
808 B 		Script
General
Check archive.org
Download Go to
Full URL
https://or3.ssvpn.win/js/greeting.js
Requested by
Host: or3.ssvpn.win
URL: https://or3.ssvpn.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
158.101.132.56 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
Caddy /
Resource Hash
2ea604545e146f715e01cb54bd9d44a1b50c392fce5831a070f8f02721fb2101

Request headers

Referer
https://or3.ssvpn.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 21:04:24 GMT
last-modified
Sat, 12 Dec 2020 03:30:31 GMT
server
Caddy
etag
"ql7j2vlb"
content-type
text/javascript; charset=utf-8
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000
content-length
767
weather.js
or3.ssvpn.win/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://or3.ssvpn.win/js/weather.js
Requested by
Host: or3.ssvpn.win
URL: https://or3.ssvpn.win/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
158.101.132.56 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
Caddy /
Resource Hash
8f0dd7e13aa492f75189f479d7bfc66d319aa05b0b9f9c3a17305999d2304072

Request headers

Referer
https://or3.ssvpn.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 21:04:24 GMT
last-modified
Sat, 12 Dec 2020 03:30:31 GMT
server
Caddy
etag
"ql7j2v1dv"
content-type
text/javascript; charset=utf-8
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000
content-length
1795
css2
fonts.googleapis.com/ 		17 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;700&display=swap
Requested by
Host: or3.ssvpn.win
URL: https://or3.ssvpn.win/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:80a::200a Osaka, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3797b52b6841f7f9ff3b749dde37e768c622bd2fcd0b32c0dd94409652f85e25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://or3.ssvpn.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 19 Jul 2024 21:04:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 19 Jul 2024 21:04:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 19 Jul 2024 21:04:24 GMT
weather
api.openweathermap.org/data/2.5/ 		502 B
835 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.openweathermap.org/data/2.5/weather?lat=31.217674&lon=121.54425&appid=549b9dcbf802d5dc8dbc830d01ed17bf
Requested by
Host: or3.ssvpn.win
URL: https://or3.ssvpn.win/js/weather.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
146.190.90.70 Singapore, Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
openresty /
Resource Hash
f8dc37fd91075f6f3950ba7cf0e392d41cfcf5d9966f4e5b93ea08aafd495f9c

Request headers

Referer
https://or3.ssvpn.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Fri, 19 Jul 2024 21:04:24 GMT
Server
openresty
X-Cache-Key
/data/2.5/weather?lat=31.22&lon=121.54
Access-Control-Allow-Methods
GET, POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
502
wal.jpg
or3.ssvpn.win/img/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://or3.ssvpn.win/img/wal.jpg
Requested by
Host: or3.ssvpn.win
URL: https://or3.ssvpn.win/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
158.101.132.56 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
Caddy /
Resource Hash
1928b614ed6d47eb18429be307a8565ff4bb63d1faee2ea0914b41640abd9721

Request headers

Referer
https://or3.ssvpn.win/css/style.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 21:04:24 GMT
last-modified
Sat, 12 Dec 2020 03:30:31 GMT
server
Caddy
etag
"ql7j2v1mq5"
content-type
image/jpeg
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000
content-length
76109
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://or3.ssvpn.win
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 11:37:11 GMT
x-content-type-options
nosniff
age
206833
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Jul 2025 11:37:11 GMT
favicon.png
or3.ssvpn.win/icons/ 		27 KB
27 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://or3.ssvpn.win/icons/favicon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
158.101.132.56 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
Caddy /
Resource Hash
336483cb1dab94241b14223329f8ccba293991e5404885b64bb99fdc25e996ee

Request headers

Referer
https://or3.ssvpn.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 21:04:24 GMT
last-modified
Sat, 12 Dec 2020 03:30:31 GMT
server
Caddy
etag
"ql7j2vl4u"
content-type
image/png
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000
content-length
27390
01d.png
or3.ssvpn.win/icons/OneDark/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://or3.ssvpn.win/icons/OneDark/01d.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
158.101.132.56 Inzai, Japan, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
Caddy /
Resource Hash
2df4c02af5333bf86c6434d4584311e994c318e1e4e2041a38834abf548da136

Request headers

Referer
https://or3.ssvpn.win/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Fri, 19 Jul 2024 21:04:24 GMT
last-modified
Sat, 12 Dec 2020 03:30:31 GMT
server
Caddy
etag
"ql7j2v1uk"
content-type
image/png
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000
content-length
2396

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| feather function| displayClock string| mins object| today number| hour string| gree1 string| gree2 string| gree3 string| gree4 string| gree5 string| gree6 string| tempUnit function| setPosition function| getWeather function| displayWeather

0 Cookies