urlscan.io logo urlscan.io
SecurityTrails logo

everestburo.com Open in urlscan Pro
46.20.7.162  Public Scan

Go To Rescan Add Verdict Report
URL: https://everestburo.com/
Submission: On July 13 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 7 domains to perform 9 HTTP transactions. The main IP is 46.20.7.162, located in Bursa, Turkey and belongs to AS43260, TR. The main domain is everestburo.com.
TLS certificate: Issued by R11 on June 30th 2024. Valid for: 3 months.
This is the only time everestburo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 46.20.7.162 43260 (AS43260)
1 2a00:1450:400... 15169 (GOOGLE)
1 96.43.128.66 19969 (JOESDATAC...)
2 2606:50c0:800... 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 162.19.58.156 16276 (OVH)
9 7
2    46.20.7.162 (Bursa, Turkey)

ASN43260 (AS43260, TR)
PTR: host4.birhost.net
everestburo.com
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    96.43.128.66 (United States)

ASN19969 (JOESDATACENTER, US)
cur.cursors-4u.net
2    2606:50c0:8002::154 (United States)

ASN54113 (FASTLY, US)
raw.githubusercontent.com
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
media.tenor.com
1    162.19.58.156 (France)

ASN16276 (OVH, FR)
PTR: ns3096358.ip-162-19-58.eu
i.ibb.co
Apex Domain
Subdomains		 Transfer
2 githubusercontent.com
raw.githubusercontent.com — Cisco Umbrella Rank: 4469
2 MB
2 everestburo.com
everestburo.com
3 KB
1 ibb.co
i.ibb.co — Cisco Umbrella Rank: 11629
539 KB
1 tenor.com
media.tenor.com — Cisco Umbrella Rank: 7533
4 MB
1 cursors-4u.net
cur.cursors-4u.net — Cisco Umbrella Rank: 806807
4 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 428
34 KB
0 unud.ac.id Failed
www.unud.ac.id Failed
9 7
Domain Requested by
2 raw.githubusercontent.com everestburo.com
2 everestburo.com everestburo.com
1 i.ibb.co
1 media.tenor.com everestburo.com
1 cur.cursors-4u.net everestburo.com
1 ajax.googleapis.com everestburo.com
0 www.unud.ac.id Failed everestburo.com
9 7

This site contains links to these domains. Also see Links.

Domain
www.zone-h.org
Subject Issuer Validity Valid
*.everestburo.com
R11		 2024-06-30 -
2024-09-28		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
ani.cursors-4u.net
R10		 2024-07-08 -
2024-10-06		 3 months crt.sh
*.github.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-03-15 -
2025-03-14		 a year crt.sh
c.tenor.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
ibb.co
R10		 2024-06-21 -
2024-09-19		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://everestburo.com/
Frame ID: D55A7047381893C43507F9E73F2676EF
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hacked by L0C4LR00T

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

9
Requests

89 %
HTTPS

50 %
IPv6

7
Domains

7
Subdomains

7
IPs

4
Countries

6530 kB
Transfer

6598 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://bit.ly/2UGCIC5 HTTP 301
  • https://www.unud.ac.id/ac-admin/js/plugins/ckeditor/samples/sample.css

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
everestburo.com/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://everestburo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.20.7.162 Bursa, Turkey, ASN43260 (AS43260, TR),
Reverse DNS
host4.birhost.net
Software
Apache /
Resource Hash
494ca738365ba17ebb60181043ed1f9e02657998bc95683240cfe7130c590497
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 13 Jul 2024 21:51:43 GMT
server
Apache
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.0/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.0/jquery.min.js
Requested by
Host: everestburo.com
URL: https://everestburo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://everestburo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 09:41:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
389416
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34044
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Jul 2025 09:41:27 GMT
sample.css
www.unud.ac.id/ac-admin/js/plugins/ckeditor/samples/
Redirect Chain
  • https://bit.ly/2UGCIC5
  • https://www.unud.ac.id/ac-admin/js/plugins/ckeditor/samples/sample.css
0
0
email-decode.min.js
everestburo.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://everestburo.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: everestburo.com
URL: https://everestburo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.20.7.162 Bursa, Turkey, ASN43260 (AS43260, TR),
Reverse DNS
host4.birhost.net
Software
Apache /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://everestburo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 21:51:43 GMT
server
Apache
content-length
315
x-frame-options
SAMEORIGIN
content-type
text/html; charset=iso-8859-1
sym46.cur
cur.cursors-4u.net/symbols/sym-1/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cur.cursors-4u.net/symbols/sym-1/sym46.cur
Requested by
Host: everestburo.com
URL: https://everestburo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
96.43.128.66 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
cc451aa50cb9f48a52bcf89ae2f2ad26f4f75ab5cad6de73174e9016b79079f7

Request headers

Referer
https://everestburo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sat, 13 Jul 2024 21:51:46 GMT
Last-Modified
Wed, 27 Feb 2013 18:46:54 GMT
Server
nginx/1.16.1
ETag
"512e549e-10be"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4286
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
431ced6916a2a21a156e38701afe55bbd7f88969fbbfc56d7fe099d47f265460

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
benim%20bisiklet.mp4
raw.githubusercontent.com/tlhkpln/hacksss/main/ 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://raw.githubusercontent.com/tlhkpln/hacksss/main/benim%20bisiklet.mp4
Requested by
Host: everestburo.com
URL: https://everestburo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8002::154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
178dc4ba390a330e627f6de8b8dae99fc35b7f63ed896e561f07dedf29225664
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://everestburo.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

x-fastly-request-id
d8de9c55271f5a0bf1b85e765667bb839b47a78c
content-security-policy
default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Sat, 13 Jul 2024 21:51:46 GMT
via
1.1 varnish
x-cache-hits
0
x-cache
MISS
Content-Range
bytes 0-1876891/1876892
cross-origin-resource-policy
cross-origin
Content-Length
1876892
x-xss-protection
1; mode=block
x-served-by
cache-mxp6951-MXP
x-github-request-id
1692:23F1F2:89FDEC:92307F:6692F6F1
x-timer
S1720907506.205371,VS0,VE201
etag
"693298076c7798f09459815e22cb9273b74dd05fae33c6c46598858227d77859"
source-age
0
x-frame-options
deny
vary
Authorization,Accept-Encoding,Origin
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
expires
Sat, 13 Jul 2024 21:56:46 GMT
benim%20bisiklet.mp4
raw.githubusercontent.com/tlhkpln/hacksss/main/ 		7 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://raw.githubusercontent.com/tlhkpln/hacksss/main/benim%20bisiklet.mp4
Requested by
Host: everestburo.com
URL: https://everestburo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8002::154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://everestburo.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

x-fastly-request-id
d8d23c167549d23f4b0208d2727c7e324a435b21
content-security-policy
default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Sat, 13 Jul 2024 21:51:46 GMT
via
1.1 varnish
x-cache-hits
0
x-cache
HIT
Content-Range
bytes 0-1876891/1876892
cross-origin-resource-policy
cross-origin
Content-Length
1876892
x-xss-protection
1; mode=block
x-served-by
cache-mxp6951-MXP
x-github-request-id
1692:23F1F2:89FDEC:92307F:6692F6F1
x-timer
S1720907506.456774,VS0,VE1
etag
"693298076c7798f09459815e22cb9273b74dd05fae33c6c46598858227d77859"
source-age
0
x-frame-options
deny
vary
Authorization,Accept-Encoding,Origin
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
expires
Sat, 13 Jul 2024 21:56:46 GMT
nurican-tolun-canbequit.gif
media.tenor.com/TF1dO23NzfAAAAAd/ 		4 MB
4 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.tenor.com/TF1dO23NzfAAAAAd/nurican-tolun-canbequit.gif
Requested by
Host: everestburo.com
URL: https://everestburo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80fc6c94a38adf96857d449eb2186a695fd99d8284c8c8e0caa69eb3eac6c753
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://everestburo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 10:18:14 GMT
x-content-type-options
nosniff
age
41612
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-tenor-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4211403
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 02:07:24 GMT
server
sffe
report-to
{"group":"media-tenor-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-tenor-team"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="media-tenor-team"
expires
Sun, 14 Jul 2024 10:18:14 GMT
Picsart-23-08-05-16-46-12-318.jpg
i.ibb.co/590Z6S4/ 		538 KB
539 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://i.ibb.co/590Z6S4/Picsart-23-08-05-16-46-12-318.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.156 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096358.ip-162-19-58.eu
Software
nginx /
Resource Hash
3c684e5311d80febf245a2833b6465a04c2f855159cff3bdc8a38f545150503c

Request headers

Referer
https://everestburo.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 21:51:47 GMT
last-modified
Sat, 05 Aug 2023 09:23:07 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
550717
expires
Thu, 31 Dec 2037 23:55:55 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.unud.ac.id
URL
https://www.unud.ac.id/ac-admin/js/plugins/ckeditor/samples/sample.css

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| confirmExit function| fs

0 Cookies

2 Console Messages

Source Level URL
Text
network error URL: https://everestburo.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning URL: https://everestburo.com/(Line 166)
Message:
Mixed Content: The page at 'https://everestburo.com/' was loaded over HTTPS, but requested an insecure element 'http://cur.cursors-4u.net/symbols/sym-1/sym46.cur'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block