urlscan.io logo urlscan.io
SecurityTrails logo

account.evergainltd.com Open in urlscan Pro
61.238.211.252  Public Scan

Go To Rescan Add Verdict Report
URL: https://account.evergainltd.com/
Submission: On October 18 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 11 HTTP transactions. The main IP is 61.238.211.252, located in Central, Hong Kong and belongs to HKBN-AS-AP Hong Kong Broadband Network Ltd., HK. The main domain is account.evergainltd.com.
TLS certificate: Issued by R3 on October 18th 2023. Valid for: 3 months.
This is the only time account.evergainltd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 61.238.211.252 9269 (HKBN-AS-A...)
3 142.250.184.202 15169 (GOOGLE)
2 142.250.186.99 15169 (GOOGLE)
11 3
Apex Domain
Subdomains		 Transfer
6 evergainltd.com
account.evergainltd.com
1 MB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
2 KB
2 gstatic.com
fonts.gstatic.com
30 KB
11 3
Domain Requested by
6 account.evergainltd.com account.evergainltd.com
3 fonts.googleapis.com account.evergainltd.com
2 fonts.gstatic.com fonts.googleapis.com
11 3

This site contains no links.

Subject Issuer Validity Valid
account.evergainltd.com
R3		 2023-10-18 -
2024-01-16		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://account.evergainltd.com/
Frame ID: 462C21CCE867D387C5896CBB2BA9ECEB
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

HKAI

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

11
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

1280 kB
Transfer

1283 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
account.evergainltd.com/ 		785 B
676 B 		Document
General
Check archive.org
Download Go to
Full URL
https://account.evergainltd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
61.238.211.252 Central, Hong Kong, ASN9269 (HKBN-AS-AP Hong Kong Broadband Network Ltd., HK),
Reverse DNS
061238211252.ctinets.com
Software
openresty /
Resource Hash
c222ecf53b9ba9accb9bfc323918381afa6ae0592799e51bad0f0d81af14fc02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 18 Oct 2023 03:07:36 GMT
etag
W/"652f4964-311"
last-modified
Wed, 18 Oct 2023 02:56:36 GMT
server
openresty
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-served-by
account.evergainltd.com
x-xss-protection
1; mode=block
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700
Requested by
Host: account.evergainltd.com
URL: https://account.evergainltd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f10.1e100.net
Software
ESF /
Resource Hash
cbd72c9f40a8903d4eb22dd875d21dcb4e604b01c9b57c5847cd9c5ee1ee6af9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.evergainltd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 18 Oct 2023 03:07:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 01:19:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 18 Oct 2023 03:07:37 GMT
css
fonts.googleapis.com/ 		2 KB
664 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Code+Pro:400
Requested by
Host: account.evergainltd.com
URL: https://account.evergainltd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f10.1e100.net
Software
ESF /
Resource Hash
3a3ae2de0e9313200b899d444ea99781e0c4577e613cb158d42bf591516ed47f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.evergainltd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 18 Oct 2023 03:07:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 03:07:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 18 Oct 2023 03:07:37 GMT
icon
fonts.googleapis.com/ 		569 B
439 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: account.evergainltd.com
URL: https://account.evergainltd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f10.1e100.net
Software
ESF /
Resource Hash
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.evergainltd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 18 Oct 2023 03:07:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 03:07:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 18 Oct 2023 03:07:37 GMT
index.99236b6f.js
account.evergainltd.com/assets/ 		809 KB
810 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://account.evergainltd.com/assets/index.99236b6f.js
Requested by
Host: account.evergainltd.com
URL: https://account.evergainltd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
61.238.211.252 Central, Hong Kong, ASN9269 (HKBN-AS-AP Hong Kong Broadband Network Ltd., HK),
Reverse DNS
061238211252.ctinets.com
Software
openresty /
Resource Hash
f83b33a4cf00ebbb253b2faf0238b100c5931e9edc6cacff70b106cb31556ff7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://account.evergainltd.com/
Origin
https://account.evergainltd.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 03:07:37 GMT
x-content-type-options
nosniff
last-modified
Wed, 18 Oct 2023 02:56:36 GMT
server
openresty
etag
"652f4964-ca2af"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
accept-ranges
bytes
content-length
828079
x-xss-protection
1; mode=block
x-served-by
account.evergainltd.com
index.0eefc17c.css
account.evergainltd.com/assets/ 		416 KB
416 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://account.evergainltd.com/assets/index.0eefc17c.css
Requested by
Host: account.evergainltd.com
URL: https://account.evergainltd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
61.238.211.252 Central, Hong Kong, ASN9269 (HKBN-AS-AP Hong Kong Broadband Network Ltd., HK),
Reverse DNS
061238211252.ctinets.com
Software
openresty /
Resource Hash
8692d8bd921719ac3dc8884a58bfe2669d307028c052eca36334dd888a1af422
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.evergainltd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 03:07:37 GMT
x-content-type-options
nosniff
last-modified
Wed, 18 Oct 2023 02:56:36 GMT
server
openresty
etag
"652f4964-67efc"
x-frame-options
SAMEORIGIN
content-type
text/css
access-control-allow-origin
*
accept-ranges
bytes
content-length
425724
x-xss-protection
1; mode=block
x-served-by
account.evergainltd.com
Login.8c0a7a5f.js
account.evergainltd.com/assets/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://account.evergainltd.com/assets/Login.8c0a7a5f.js
Requested by
Host: account.evergainltd.com
URL: https://account.evergainltd.com/assets/index.99236b6f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
61.238.211.252 Central, Hong Kong, ASN9269 (HKBN-AS-AP Hong Kong Broadband Network Ltd., HK),
Reverse DNS
061238211252.ctinets.com
Software
openresty /
Resource Hash
d9075b61133b7bd00ce991493093cd515ec347667d1c3d3c4c9fd66c234e1023
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://account.evergainltd.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 03:07:38 GMT
x-content-type-options
nosniff
last-modified
Wed, 18 Oct 2023 02:56:36 GMT
server
openresty
etag
"652f4964-6ab"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
accept-ranges
bytes
content-length
1707
x-xss-protection
1; mode=block
x-served-by
account.evergainltd.com
api.570d4685.js
account.evergainltd.com/assets/ 		19 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://account.evergainltd.com/assets/api.570d4685.js
Requested by
Host: account.evergainltd.com
URL: https://account.evergainltd.com/assets/index.99236b6f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
61.238.211.252 Central, Hong Kong, ASN9269 (HKBN-AS-AP Hong Kong Broadband Network Ltd., HK),
Reverse DNS
061238211252.ctinets.com
Software
openresty /
Resource Hash
8e0f1ddf5471601a75d7b43736a6d3dcc0d2bf8eaf6fee504bbda5854e03e1cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Origin
https://account.evergainltd.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 03:07:38 GMT
x-content-type-options
nosniff
last-modified
Wed, 18 Oct 2023 02:56:36 GMT
server
openresty
etag
"652f4964-4c24"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
accept-ranges
bytes
content-length
19492
x-xss-protection
1; mode=block
x-served-by
account.evergainltd.com
logo.90229117.svg
account.evergainltd.com/assets/ 		293 B
554 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://account.evergainltd.com/assets/logo.90229117.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
61.238.211.252 Central, Hong Kong, ASN9269 (HKBN-AS-AP Hong Kong Broadband Network Ltd., HK),
Reverse DNS
061238211252.ctinets.com
Software
openresty /
Resource Hash
9022911777501fbf09b8e2b477ecc81e02e06623f65cc43c99365cc4635f9c99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://account.evergainltd.com/auth/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 03:07:39 GMT
x-content-type-options
nosniff
last-modified
Wed, 18 Oct 2023 02:56:36 GMT
server
openresty
etag
"652f4964-125"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
content-length
293
x-xss-protection
1; mode=block
x-served-by
account.evergainltd.com
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://account.evergainltd.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Mon, 16 Oct 2023 07:39:59 GMT
x-content-type-options
nosniff
age
156460
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14712
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Oct 2024 07:39:59 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://account.evergainltd.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 09:02:57 GMT
x-content-type-options
nosniff
age
410682
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Oct 2024 09:02:57 GMT

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| __INTLIFY_PROD_DEVTOOLS__ object| vaToastInstances function| Cleave boolean| __VUE__

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block