everprime.pro Open in urlscan Pro
104.196.232.237 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://everprime.pro/
Effective URL:
https://everprime.pro/signin
Submission: On April 16 via api (April 16th 2024, 1:46:17 am UTC) from US — Scanned from DE

Summary HTTP 21 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 21 HTTP transactions. The main IP is 104.196.232.237, located in The Dalles, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is everprime.pro.
TLS certificate: Issued by R3 on April 15th 2024. Valid for: 3 months.

This is the only time everprime.pro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
2 19	104.196.232.237 104.196.232.237		396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	104.17.24.14 104.17.24.14		13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.16.88.20 104.16.88.20		13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	3

19 104.196.232.237 (The Dalles, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 237.232.196.104.bc.googleusercontent.com

everprime.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.88.20 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	everprime.pro 2 redirects everprime.pro	861 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 315	51 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 239	173 KB
21	3

	Domain	Requested by
19	everprime.pro	2 redirects everprime.pro
2	cdn.jsdelivr.net	everprime.pro
2	cdnjs.cloudflare.com	everprime.pro cdnjs.cloudflare.com
21	3

This site contains no links.

Subject Issuer	Validity	Valid
everprime.pro R3	`2024-04-15` - `2024-07-14`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://everprime.pro/signin
Frame ID: 647F3657B48519CFF094C61E985EC564
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

EverPrime - Home

Page URL History Show full URLs

https://everprime.pro/ HTTP 302
https://everprime.pro/signin Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

21
Requests

95 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

1084 kB
Transfer

1410 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://everprime.pro/ HTTP 302
https://everprime.pro/signin Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://everprime.pro/images/bg.webp HTTP 302
https://everprime.pro/signin

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request signin Show response
everprime.pro/
Redirect Chain

https://everprime.pro/
https://everprime.pro/signin

6 KB
6 KB

148ms
148ms

Document
text/html

104.196.232.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://everprime.pro/signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.196.232.237 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 237.232.196.104.bc.googleusercontent.com
Software: railway / Express
Resource Hash: f38503ecff0b29e8d8846f23d59122bfe4746cb673f39c1da16e480fff88ff91

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-length: 6326
content-type: text/html; charset=utf-8
date: Tue, 16 Apr 2024 01:46:12 GMT
etag: W/"18b6-YWM6Z6N07r69b3FYzzNjHDQ2fbM"
server: railway
x-powered-by: Express

Redirect headers

content-length: 58
content-type: text/html; charset=utf-8
date: Tue, 16 Apr 2024 01:46:12 GMT
location: /signin
server: railway
vary: Accept
x-powered-by: Express

GET
H3 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/ 100 KB
19 KB 33ms
16ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css

Requested by

Host: everprime.pro
URL: https://everprime.pro/signin

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Origin: https://everprime.pro
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 01:46:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 332691
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 18861
last-modified: Fri, 01 Dec 2023 00:32:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "65692999-49ad"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rieGv1n1IlQPlGtcFGR0kHEdzC9T2fxAqW5Efz4mQ%2BJx2vk2%2BY%2Bv4DwAfp%2FZrzgEQ40QoLv0wk1rAYNPJK%2BYLhtJbWzrV%2F6sXKfMl4b5FfWMkS72z1Z%2FZSdbot1alGlldElrGKnz"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 875080134dbd085a-FRA
expires: Sun, 06 Apr 2025 01:46:12 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/ 227 KB
33 KB 37ms
26ms Stylesheet
text/css 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css

Requested by

Host: everprime.pro
URL: https://everprime.pro/signin

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3017df4a76db5f01c2b99b603d88b03106df13bcfe18e67b7c13c2341d3a67df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://everprime.pro/
Origin: https://everprime.pro
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 01:46:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2887989
x-jsd-version: 5.3.2
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220083-FRA, cache-lga21980-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"38df4-HxOZgbm0enZu+gphu3ito1HxbEs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6pTiTaX2pKxj9XnF5lEfT1jyDcEQax6z6c26m4Fc21BoCseqCAEpr0vlhR0xs9Qx0od3nDN993pHIjB8qOd0SM70JpZqImycSlOBO%2FBEHy%2FPaE7riorMYlnmxz3LZC3shi0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 875080134aba8f2d-FRA

GET
H3 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/ 59 KB
17 KB 30ms
19ms Script
application/javascript 104.16.88.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/bootstrap.min.js

Requested by

Host: everprime.pro
URL: https://everprime.pro/signin

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60c6bec0033a424572cfdf7da1d5fb94f4719286006a7f2cb9e76ee24d99babf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://everprime.pro/
Origin: https://everprime.pro
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 01:46:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2879171
x-jsd-version: 5.3.2
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230044-FRA, cache-lga21958-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"eca1-s8rO+fzPpCquvWHwRvISPspZiXM"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KJ10h2yhX6iDuqDtfwc5bIRSMDosHoQJ3XayyBsBEnGf%2FHBSmKaeRSS0Log3gF6k5ffbVzRW623fqvgXyoAkSKK3zFO4n7Ydz8QEA8hCzd%2BmijKOHd3eGtdObeEKjm3siAw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 875080134ab98f2d-FRA

GET
H2 200 app.css
everprime.pro/eva/css/ 47 KB
47 KB 296ms
294ms Stylesheet
text/css 104.196.232.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://everprime.pro/eva/css/app.css
Requested by: Host: everprime.pro
URL: https://everprime.pro/signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.196.232.237 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 237.232.196.104.bc.googleusercontent.com
Software: railway / Express
Resource Hash: f9cab6c2d6de4aa688be97f30e2ccb01cc84a133c2e18d876c9f1763b5922f24

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://everprime.pro/signin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 01:46:12 GMT
last-modified: Mon, 15 Apr 2024 18:33:17 GMT
server: railway
x-powered-by: Express
etag: W/"ba09-18ee308edc8"
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 47625

GET
H2 200 iconfont.css
everprime.pro/eva/css/ 8 KB
8 KB 443ms
442ms Stylesheet
text/css 104.196.232.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://everprime.pro/eva/css/iconfont.css
Requested by: Host: everprime.pro
URL: https://everprime.pro/signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.196.232.237 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 237.232.196.104.bc.googleusercontent.com
Software: railway / Express
Resource Hash: dcde99c540953a3fd8c5f0aec36239d83ed428c10ef3c5d3c691cd2ad7ded677

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://everprime.pro/signin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 01:46:12 GMT
last-modified: Mon, 15 Apr 2024 18:33:17 GMT
server: railway
x-powered-by: Express
etag: W/"1ff2-18ee308edc8"
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 8178

GET
H2 200 login.css
everprime.pro/eva/css/ 3 KB
3 KB 447ms
445ms Stylesheet
text/css 104.196.232.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://everprime.pro/eva/css/login.css
Requested by: Host: everprime.pro
URL: https://everprime.pro/signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.196.232.237 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 237.232.196.104.bc.googleusercontent.com
Software: railway / Express
Resource Hash: dd635e39dc4fbcbc1611e690c221affea91cdf5d016768575a149bc01c497b19

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://everprime.pro/signin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 01:46:12 GMT
last-modified: Mon, 15 Apr 2024 18:33:17 GMT
server: railway
x-powered-by: Express
etag: W/"d85-18ee308edc8"
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 3461

GET
H2 200 layui.js Show response
everprime.pro/eva/js/ 7 KB
7 KB 444ms
443ms Script
application/javascript 104.196.232.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://everprime.pro/eva/js/layui.js
Requested by: Host: everprime.pro
URL: https://everprime.pro/signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.196.232.237 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 237.232.196.104.bc.googleusercontent.com
Software: railway / Express
Resource Hash: 91ffac1a9d64f3dae4e8091b4feea25981e750d279cb71491b25dc24b33ecaf2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://everprime.pro/signin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 01:46:12 GMT
last-modified: Mon, 15 Apr 2024 18:33:17 GMT
server: railway
x-powered-by: Express
etag: W/"1ce3-18ee308edc8"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 7395

GET
H2 200 everprime.png
everprime.pro/images/ 11 KB
11 KB 442ms
440ms Image
image/png 104.196.232.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://everprime.pro/images/everprime.png
Requested by: Host: everprime.pro
URL: https://everprime.pro/signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.196.232.237 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 237.232.196.104.bc.googleusercontent.com
Software: railway / Express
Resource Hash: 8bbe5cd0f6d5dd89953fd1b0ca71fbd0a9cfed2bb7840bb378e38d775c20d179

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://everprime.pro/signin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 01:46:12 GMT
last-modified: Mon, 15 Apr 2024 18:33:17 GMT
server: railway
x-powered-by: Express
etag: W/"2b04-18ee308edc8"
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 11012

GET
H2 200 from_2.png
everprime.pro/eva/images/ 959 B
1018 B 446ms
446ms Image
image/png 104.196.232.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://everprime.pro/eva/images/from_2.png
Requested by: Host: everprime.pro
URL: https://everprime.pro/signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.196.232.237 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 237.232.196.104.bc.googleusercontent.com
Software: railway / Express
Resource Hash: 15e4289b155004a37c53b427bffe3b28f7972544d4d094480ea18ddef8e0bcd0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://everprime.pro/signin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 01:46:12 GMT
last-modified: Mon, 15 Apr 2024 18:33:17 GMT
server: railway
x-powered-by: Express
etag: W/"3bf-18ee308edc8"
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 959

GET
H2 200 jquery-3.6.0.min.js Show response
everprime.pro/eva/js/ 87 KB
88 KB 395ms
394ms Script
application/javascript 104.196.232.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://everprime.pro/eva/js/jquery-3.6.0.min.js
Requested by: Host: everprime.pro
URL: https://everprime.pro/signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.196.232.237 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 237.232.196.104.bc.googleusercontent.com
Software: railway / Express
Resource Hash: 80f04717f32ea0320c5e8618fbacedd1fee3a8775ad8292140a6113551d4b5b0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://everprime.pro/signin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 01:46:12 GMT
last-modified: Mon, 15 Apr 2024 18:33:17 GMT
server: railway
x-powered-by: Express
etag: W/"15d9c-18ee308edc8"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 89500

GET
H2 200 bootstrap.bundle.min.js Show response
everprime.pro/eva/js/ 76 KB
76 KB 535ms
534ms Script
application/javascript 104.196.232.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://everprime.pro/eva/js/bootstrap.bundle.min.js
Requested by: Host: everprime.pro
URL: https://everprime.pro/signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.196.232.237 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 237.232.196.104.bc.googleusercontent.com
Software: railway / Express
Resource Hash: 286fc75be1e7b08b6e8f8c70b4b6f69bf77fcd9bec929694d122b44ecbb4858d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://everprime.pro/signin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 01:46:12 GMT
last-modified: Mon, 15 Apr 2024 18:33:17 GMT
server: railway
x-powered-by: Express
etag: W/"13100-18ee308edc8"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 78080

GET
H2 200 slick.min.js Show response
everprime.pro/eva/js/ 42 KB
42 KB 678ms
677ms Script
application/javascript 104.196.232.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://everprime.pro/eva/js/slick.min.js
Requested by: Host: everprime.pro
URL: https://everprime.pro/signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.196.232.237 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 237.232.196.104.bc.googleusercontent.com
Software: railway / Express
Resource Hash: 0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://everprime.pro/signin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 01:46:12 GMT
last-modified: Mon, 15 Apr 2024 18:33:17 GMT
server: railway
x-powered-by: Express
etag: W/"a76f-18ee308edc8"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 42863

GET
H2 200 magnific-popup.min.js Show response
everprime.pro/eva/js/ 20 KB
20 KB 683ms
683ms Script
application/javascript 104.196.232.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://everprime.pro/eva/js/magnific-popup.min.js
Requested by: Host: everprime.pro
URL: https://everprime.pro/signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.196.232.237 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 237.232.196.104.bc.googleusercontent.com
Software: railway / Express
Resource Hash: 3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://everprime.pro/signin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 01:46:12 GMT
last-modified: Mon, 15 Apr 2024 18:33:17 GMT
server: railway
x-powered-by: Express
etag: W/"4ef8-18ee308edc8"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 20216

GET
H2 200 apexcharts.min.js Show response
everprime.pro/eva/js/ 482 KB
482 KB 700ms
700ms Script
application/javascript 104.196.232.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://everprime.pro/eva/js/apexcharts.min.js
Requested by: Host: everprime.pro
URL: https://everprime.pro/signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.196.232.237 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 237.232.196.104.bc.googleusercontent.com
Software: railway / Express
Resource Hash: 373edbcb546e27b3ee53196ed06ea0ca23e19a956cbaed5086b3777b224c8b47

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://everprime.pro/signin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 01:46:12 GMT
last-modified: Mon, 15 Apr 2024 18:33:17 GMT
server: railway
x-powered-by: Express
etag: W/"787ff-18ee308edc8"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 493567

GET
H2 200 main.js Show response
everprime.pro/eva/js/ 4 KB
4 KB 700ms
699ms Script
application/javascript 104.196.232.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://everprime.pro/eva/js/main.js
Requested by: Host: everprime.pro
URL: https://everprime.pro/signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.196.232.237 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 237.232.196.104.bc.googleusercontent.com
Software: railway / Express
Resource Hash: 743369f6d28a3d2940e2c2c7b9f2e8c0b1d5149c31dcc6f80ef89879135894fd

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://everprime.pro/signin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 01:46:12 GMT
last-modified: Mon, 15 Apr 2024 18:33:17 GMT
server: railway
x-powered-by: Express
etag: W/"114f-18ee308edc8"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 4431

GET
H2 200 iziToast.min.css
everprime.pro/eva/css/ 41 KB
41 KB 714ms
713ms Stylesheet
text/css 104.196.232.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://everprime.pro/eva/css/iziToast.min.css
Requested by: Host: everprime.pro
URL: https://everprime.pro/signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.196.232.237 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 237.232.196.104.bc.googleusercontent.com
Software: railway / Express
Resource Hash: 20b2776eaee552defc7c9b25bfef14a891f0dd4a12ac7320d689d749e1ca0fa7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://everprime.pro/signin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 01:46:12 GMT
last-modified: Mon, 15 Apr 2024 18:33:17 GMT
server: railway
x-powered-by: Express
etag: W/"a21c-18ee308edc8"
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 41500

GET
H2 200 iziToast.min.js Show response
everprime.pro/eva/js/ 18 KB
18 KB 710ms
710ms Script
application/javascript 104.196.232.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://everprime.pro/eva/js/iziToast.min.js
Requested by: Host: everprime.pro
URL: https://everprime.pro/signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.196.232.237 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 237.232.196.104.bc.googleusercontent.com
Software: railway / Express
Resource Hash: ac860be79a4cfe434ea68f002638f79371d9a85a3b045a1aaf10dc98df551497

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://everprime.pro/signin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 01:46:12 GMT
last-modified: Mon, 15 Apr 2024 18:33:17 GMT
server: railway
x-powered-by: Express
etag: W/"4831-18ee308edc8"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 18481

GET
H2

200

signin
everprime.pro/
Redirect Chain

https://everprime.pro/images/bg.webp
https://everprime.pro/signin

6 KB
6 KB

271ms
270ms

Image
text/html

104.196.232.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://everprime.pro/signin
Requested by: Host: everprime.pro
URL: https://everprime.pro/signin
Protocol: H2
Server: 104.196.232.237 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 237.232.196.104.bc.googleusercontent.com
Software: railway / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://everprime.pro/signin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Apr 2024 01:46:13 GMT
server: railway
x-powered-by: Express
content-length: 6326
etag: W/"18b6-YWM6Z6N07r69b3FYzzNjHDQ2fbM"
content-type: text/html; charset=utf-8

Redirect headers

location: /signin
date: Tue, 16 Apr 2024 01:46:12 GMT
server: railway
x-powered-by: Express
content-length: 29
vary: Accept
content-type: text/plain; charset=utf-8

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/ 153 KB
153 KB 17ms
17ms Font
application/octet-stream 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css
Origin: https://everprime.pro
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 01:46:12 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2876531
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 156496
last-modified: Fri, 01 Dec 2023 00:32:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "65692999-26350"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n1VJ%2B9mvk4GD50%2FTyWUYleTsWGISr5cOruTVc5RzlZnFnGFwqACXzHZJLog201vt1iORbyiY0enoBnnzWlqmGKRafQPkmCUK4nRKx2iAQdE8Y16qPhYhCqQ%2F8u10u8ySY8LVn9sw"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 875080161eac085a-FRA
expires: Sun, 06 Apr 2025 01:46:12 GMT

GET
H2 200 everprime.png
everprime.pro/images/ 11 KB
35 B 148ms
148ms Other
image/png 104.196.232.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://everprime.pro/images/everprime.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.196.232.237 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 237.232.196.104.bc.googleusercontent.com
Software: railway / Express
Resource Hash: 8bbe5cd0f6d5dd89953fd1b0ca71fbd0a9cfed2bb7840bb378e38d775c20d179

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://everprime.pro/signin
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 16 Apr 2024 01:46:13 GMT
last-modified: Mon, 15 Apr 2024 18:33:17 GMT
server: railway
x-powered-by: Express
etag: W/"2b04-18ee308edc8"
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 11012

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| uidEvent object| bootstrap object| layui function| $ function| jQuery object| TreemapSquared function| SVG object| Apex function| ApexCharts object| headerTrigger object| over object| header function| openFullscreen function| closeFullscreen function| copyText object| iziToast function| notify

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://everprime.pro/signin Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
everprime.pro
104.16.88.20
104.17.24.14
104.196.232.237
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
15e4289b155004a37c53b427bffe3b28f7972544d4d094480ea18ddef8e0bcd0
20b2776eaee552defc7c9b25bfef14a891f0dd4a12ac7320d689d749e1ca0fa7
286fc75be1e7b08b6e8f8c70b4b6f69bf77fcd9bec929694d122b44ecbb4858d
3017df4a76db5f01c2b99b603d88b03106df13bcfe18e67b7c13c2341d3a67df
373edbcb546e27b3ee53196ed06ea0ca23e19a956cbaed5086b3777b224c8b47
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
60c6bec0033a424572cfdf7da1d5fb94f4719286006a7f2cb9e76ee24d99babf
743369f6d28a3d2940e2c2c7b9f2e8c0b1d5149c31dcc6f80ef89879135894fd
80f04717f32ea0320c5e8618fbacedd1fee3a8775ad8292140a6113551d4b5b0
8bbe5cd0f6d5dd89953fd1b0ca71fbd0a9cfed2bb7840bb378e38d775c20d179
91ffac1a9d64f3dae4e8091b4feea25981e750d279cb71491b25dc24b33ecaf2
9fc85f3a4544ab0d570c7f8f9bbb88db8d92c359b2707580ea8b07c75673eae2
ac860be79a4cfe434ea68f002638f79371d9a85a3b045a1aaf10dc98df551497
c22cfb6520a7fdbb738632834019acf47c78b1279462c0eb4cb83bae83ecb5a7
dcde99c540953a3fd8c5f0aec36239d83ed428c10ef3c5d3c691cd2ad7ded677
dd635e39dc4fbcbc1611e690c221affea91cdf5d016768575a149bc01c497b19
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f38503ecff0b29e8d8846f23d59122bfe4746cb673f39c1da16e480fff88ff91
f9cab6c2d6de4aa688be97f30e2ccb01cc84a133c2e18d876c9f1763b5922f24