urlscan.io logo urlscan.io
SecurityTrails logo

www.kucuui.vip Open in urlscan Pro
2600:9000:211e:d600:1e:6c72:a040:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.kucuui.vip/#/pages/common/service/service?url=https%3A%2F%2Fvm.daneviolda.com%2F0381ud3jd099d0tsygchbqk5o2&...
Effective URL: https://www.kucuui.vip/
Submission: On November 22 via manual from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 30 HTTP transactions. The main IP is 2600:9000:211e:d600:1e:6c72:a040:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.kucuui.vip.
TLS certificate: Issued by Amazon RSA 2048 M01 on June 25th 2023. Valid for: a year.
This is the only time www.kucuui.vip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

10    2600:9000:211e:d600:1e:6c72:a040:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.kucuui.vip
4    2600:9000:223f:4200:2:dff4:3800:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.nwyfht.vip
13    2606:4700:20::ac43:465b (United States)

ASN13335 (CLOUDFLARENET, US)
vm.daneviolda.com
2    2606:4700:20::681a:81d (United States)

ASN13335 (CLOUDFLARENET, US)
chatapi.daneviolda.com
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
15 daneviolda.com
vm.daneviolda.com
chatapi.daneviolda.com
196 KB
10 kucuui.vip
www.kucuui.vip
551 KB
4 nwyfht.vip
www.nwyfht.vip
4 KB
1 gstatic.com
fonts.gstatic.com
19 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
1 KB
30 5
Domain Requested by
13 vm.daneviolda.com 1 redirects www.kucuui.vip
vm.daneviolda.com
10 www.kucuui.vip www.kucuui.vip
4 www.nwyfht.vip www.kucuui.vip
2 chatapi.daneviolda.com vm.daneviolda.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com client
30 6

This site contains no links.

Subject Issuer Validity Valid
kucuui.vip
Amazon RSA 2048 M01		 2023-06-25 -
2024-07-24		 a year crt.sh
nwyfht.vip
Amazon RSA 2048 M02		 2023-02-07 -
2024-03-07		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-08-10 -
2024-08-09		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.kucuui.vip/
Frame ID: D50DF240E854B5103AAFB73E75113D6E
Requests: 16 HTTP requests in this frame

Frame: https://vm.daneviolda.com/0381ud3jd099d0tsygchbqk5o2
Frame ID: D1C99A43B13D2AF064C752483F03A5F3
Requests: 13 HTTP requests in this frame

Frame: https://vm.daneviolda.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Frame ID: 1222A6DF8EA732BB85DC5A5FF1E9DBA7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

__

Page Statistics

30
Requests

97 %
HTTPS

100 %
IPv6

5
Domains

6
Subdomains

7
IPs

2
Countries

773 kB
Transfer

2499 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://vm.daneviolda.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://vm.daneviolda.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.kucuui.vip/ 		780 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.kucuui.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:d600:1e:6c72:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
7ec7a9e76719a323f0c351bee0cdae111a7e861b337c02b8c864e866571ce546

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
content-length
780
content-type
text/html
date
Wed, 22 Nov 2023 22:06:13 GMT
etag
"5355dd86b3fad91:0"
last-modified
Mon, 09 Oct 2023 13:21:35 GMT
server
Microsoft-IIS/8.5
via
1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
x-amz-cf-id
F9SBZRCKk6MtxBg35g87xUa3xKWlINtiHuXXAZ_7j_er99z34RsSNw==
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
x-powered-by
ASP.NET
index.f37b29dd.css
www.kucuui.vip/static/ 		93 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kucuui.vip/static/index.f37b29dd.css
Requested by
Host: www.kucuui.vip
URL: https://www.kucuui.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:d600:1e:6c72:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
479cdc0fac89745e61f8845a9a29fb28917810c258e732ace1e79a81a239d189

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.kucuui.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 22:06:13 GMT
content-encoding
gzip
via
1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
last-modified
Mon, 09 Oct 2023 13:21:35 GMT
server
Microsoft-IIS/8.5
x-amz-cf-pop
FRA56-C2
etag
W/"8bbbdf86b3fad91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
x-amz-cf-id
MsTgPwTG_pnmh0MmBlHKcA9a-f0lNocuatbprzwJFuPJNaHMbEHhIA==
chunk-vendors.cdf9e710.js
www.kucuui.vip/static/js/ 		700 KB
216 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kucuui.vip/static/js/chunk-vendors.cdf9e710.js
Requested by
Host: www.kucuui.vip
URL: https://www.kucuui.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:d600:1e:6c72:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
a3732066e04c1163b185291a7cb6bedb3cd918d44ad596016c4671d62cc57044

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.kucuui.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 22:06:13 GMT
content-encoding
gzip
via
1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
last-modified
Mon, 09 Oct 2023 13:21:35 GMT
server
Microsoft-IIS/8.5
x-amz-cf-pop
FRA56-C2
etag
W/"3096d486b3fad91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
Lzz2HCSovxnoAUMHRhMTJtY8NS2tIPt1XStAU_zPtSWNwjtneFskiw==
index.e0b1a983.js
www.kucuui.vip/static/js/ 		959 KB
300 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kucuui.vip/static/js/index.e0b1a983.js
Requested by
Host: www.kucuui.vip
URL: https://www.kucuui.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:d600:1e:6c72:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
b1deaf0a5100428675221ac35d6a54264337bffbe6768183473e496507720ab1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.kucuui.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 22:06:13 GMT
content-encoding
gzip
via
1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
last-modified
Mon, 09 Oct 2023 13:21:35 GMT
server
Microsoft-IIS/8.5
x-amz-cf-pop
FRA56-C2
etag
W/"70c7d486b3fad91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
wcw6_QMybiHU60WW9Lck5TCBB3CjJRDYz8R1d-fACFXf2fLS4AUWzw==
pages-common-service-service.4b8990a3.js
www.kucuui.vip/static/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kucuui.vip/static/js/pages-common-service-service.4b8990a3.js
Requested by
Host: www.kucuui.vip
URL: https://www.kucuui.vip/static/js/index.e0b1a983.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:d600:1e:6c72:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
190339eab9efc92ba7829b1ddf898d316a9c82882028de2616d2c714264524cf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.kucuui.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 22:06:16 GMT
content-encoding
gzip
via
1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
last-modified
Mon, 09 Oct 2023 13:21:35 GMT
server
Microsoft-IIS/8.5
x-amz-cf-pop
FRA56-C2
etag
W/"6224d886b3fad91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
BhupPaqMww_DfwelgfE5XWz4Y2tgGFGqT_w0XzrsuF_HVMGQMNs_sw==
truncated
/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
398f21786b9e187ba0bcd85e7447d77416cd5da21c522fd5613c8bb4380ba73f

Request headers

Referer
Origin
https://www.kucuui.vip
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
application/octet-stream
getIssued
www.nwyfht.vip/km.asmx/ 		67 B
482 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.nwyfht.vip/km.asmx/getIssued
Requested by
Host: www.kucuui.vip
URL: https://www.kucuui.vip/static/js/chunk-vendors.cdf9e710.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:4200:2:dff4:3800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
2198bb4ae94911016476591d429b46d99237209690f282d59de56ec9d291a89f

Request headers

Referer
https://www.kucuui.vip/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 22 Nov 2023 22:06:16 GMT
via
1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
server
Microsoft-IIS/8.5
x-aspnet-version
4.0.30319
x-amz-cf-pop
FRA56-P5
x-powered-by
ASP.NET
access-control-allow-methods
POST
content-type
application/Json;charset=utf-8
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
private, max-age=0
access-control-allow-headers
x-requested-with,content-type
content-length
67
x-amz-cf-id
QVJhfVR57Jt_08nO4YZSP5jf5iBehrCLVqiQ5GoNn0N-84668rA17Q==
getPlatParam
www.nwyfht.vip/km.asmx/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.nwyfht.vip/km.asmx/getPlatParam
Requested by
Host: www.kucuui.vip
URL: https://www.kucuui.vip/static/js/chunk-vendors.cdf9e710.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:4200:2:dff4:3800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
65d970681baecff9f30093df94f4b1d1a6aa53199791d44ec36585f56dd3619f

Request headers

Referer
https://www.kucuui.vip/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 22 Nov 2023 22:06:16 GMT
content-encoding
gzip
via
1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
server
Microsoft-IIS/8.5
x-aspnet-version
4.0.30319
x-amz-cf-pop
FRA56-P5
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
POST
content-type
application/Json;charset=utf-8
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
private, max-age=0
access-control-allow-headers
x-requested-with,content-type
x-amz-cf-id
p4ViHF66rj8DzUNpsH0GxlABK_uiHoXu7zQMtyAQR0KtVwga-0FZVw==
2.png
www.kucuui.vip/static/ICON/home/ 		759 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kucuui.vip/static/ICON/home/2.png
Requested by
Host: www.kucuui.vip
URL: https://www.kucuui.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:d600:1e:6c72:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
ece36084a84207ddbc73289c2d53a415fdbf87c6593821c3fd73d9c6d96b00da

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.kucuui.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 22:06:16 GMT
via
1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
last-modified
Mon, 09 Oct 2023 13:21:35 GMT
server
Microsoft-IIS/8.5
x-amz-cf-pop
FRA56-C2
etag
"173be286b3fad91:0"
x-powered-by
ASP.NET
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
759
x-amz-cf-id
Phxvx9Sxw8UoCYR-MEPwuZGI8fMBPuVSGNQ25OaOTPuuF_WrO3bMKA==
3.png
www.kucuui.vip/static/ICON/home/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kucuui.vip/static/ICON/home/3.png
Requested by
Host: www.kucuui.vip
URL: https://www.kucuui.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:d600:1e:6c72:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
9ee92822c648eeb5028b2c24805d9eeb5c06bb8c35439ad5b9d5526f75d07ee7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.kucuui.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 22:06:16 GMT
via
1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
last-modified
Mon, 09 Oct 2023 13:21:35 GMT
server
Microsoft-IIS/8.5
x-amz-cf-pop
FRA56-C2
etag
"173be286b3fad91:0"
x-powered-by
ASP.NET
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1132
x-amz-cf-id
Js-hrJvxJ6J25UE-ijpEhfytdtqCxVjQT4_ui08NyJV-QdlZp1qxEg==
5.png
www.kucuui.vip/static/ICON/home/ 		647 B
978 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kucuui.vip/static/ICON/home/5.png
Requested by
Host: www.kucuui.vip
URL: https://www.kucuui.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:d600:1e:6c72:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
12c3d99b6d2159bf512044c1c36041b66f67bed3c900bc9d65218b8b3460529c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.kucuui.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 22:06:16 GMT
via
1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
last-modified
Mon, 09 Oct 2023 13:21:35 GMT
server
Microsoft-IIS/8.5
x-amz-cf-pop
FRA56-C2
etag
"173be286b3fad91:0"
x-powered-by
ASP.NET
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
647
x-amz-cf-id
5tYt3gDlA2SEgPrpqtxraCyqaMbAF8Kvik2IgTNxcNN3Uq3eyS21nw==
7.png
www.kucuui.vip/static/ICON/home/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kucuui.vip/static/ICON/home/7.png
Requested by
Host: www.kucuui.vip
URL: https://www.kucuui.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:d600:1e:6c72:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
229378bb37f02ff6c1637e9e8a04d54f99c5a7f5762d7ba4a9313654053c8e9e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.kucuui.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 22:06:16 GMT
via
1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
last-modified
Mon, 09 Oct 2023 13:21:35 GMT
server
Microsoft-IIS/8.5
x-amz-cf-pop
FRA56-C2
etag
"173be286b3fad91:0"
x-powered-by
ASP.NET
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1053
x-amz-cf-id
BYDYxuME5evIUlQBZLzAHOHeaiKXH2qiZ0ULLoCWTfo9--nMIWpTvg==
9.png
www.kucuui.vip/static/ICON/home/ 		975 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kucuui.vip/static/ICON/home/9.png
Requested by
Host: www.kucuui.vip
URL: https://www.kucuui.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:d600:1e:6c72:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
dcfc0326445e0325214c37c90321db785db92d20ca4d6058e2ebfe886dae1bdd

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.kucuui.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 22:06:16 GMT
via
1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
last-modified
Mon, 09 Oct 2023 13:21:35 GMT
server
Microsoft-IIS/8.5
x-amz-cf-pop
FRA56-C2
etag
"173be286b3fad91:0"
x-powered-by
ASP.NET
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
975
x-amz-cf-id
TwStlP3Ir8xQaxkhzcO5ZEVAUyQ54gVsDUaedfqbuJFpZpVdLWll_w==
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ccf8dd29c61715a6364ea9ec36d32c295e82ca837488590130c51cee298b7d3

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
getPlatBankIssuedList
www.nwyfht.vip/km.asmx/ 		1 KB
765 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.nwyfht.vip/km.asmx/getPlatBankIssuedList
Requested by
Host: www.kucuui.vip
URL: https://www.kucuui.vip/static/js/chunk-vendors.cdf9e710.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:4200:2:dff4:3800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
c182ae8d09293efc9357b62bcac2f13402240c45ec02422f108666d6ed005a57

Request headers

Referer
https://www.kucuui.vip/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 22 Nov 2023 22:06:16 GMT
content-encoding
gzip
via
1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
server
Microsoft-IIS/8.5
x-aspnet-version
4.0.30319
x-amz-cf-pop
FRA56-P5
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
POST
content-type
application/Json;charset=utf-8
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
private, max-age=0
access-control-allow-headers
x-requested-with,content-type
x-amz-cf-id
RMyZEpRgsyRekWhyGHe8hZstXRFf4WGT18rfBQt4HrKyPlgRJWi1lA==
0381ud3jd099d0tsygchbqk5o2
vm.daneviolda.com/ Frame D1C9 		70 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vm.daneviolda.com/0381ud3jd099d0tsygchbqk5o2
Requested by
Host: www.kucuui.vip
URL: https://www.kucuui.vip/static/js/chunk-vendors.cdf9e710.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:465b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92cb4986dde162c3593cca4b5313e33f244fe28706c20b9763f75f5bb1c28d4c

Request headers

Referer
https://www.kucuui.vip/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=3600 public
cf-cache-status
DYNAMIC
cf-ray
82a47a5718ef7768-LHR
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 22 Nov 2023 22:06:08 GMT
expires
Wed, 22 Nov 2023 23:06:08 GMT
last-modified
Wed, 22 Nov 2023 22:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4DI3eejjxwsn0P0aasdyyihATYu%2FM1oMLy7fzlNuCHHbYXiCPndn1WTsdj3GYX3n0JIa16v%2BL%2BZbssQnpKyQdQZNxO4dqvj2HRWh1UnsgrMBGGFHuef7wcRXK8Enlf6YemJZuMJ1qCfrbWIqd8g7"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-psserverid
js12i, 2023-11-22T17:06:08-05:00
getPlatBankIssuedList
www.nwyfht.vip/km.asmx/ 		517 B
935 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.nwyfht.vip/km.asmx/getPlatBankIssuedList
Requested by
Host: www.kucuui.vip
URL: https://www.kucuui.vip/static/js/chunk-vendors.cdf9e710.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:4200:2:dff4:3800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
8d366c482522a3671faa81c03a6324632e1bb35e257b5c81efab3861c1cbf98a

Request headers

Referer
https://www.kucuui.vip/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 22 Nov 2023 22:06:17 GMT
via
1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
server
Microsoft-IIS/8.5
x-aspnet-version
4.0.30319
x-amz-cf-pop
FRA56-P5
x-powered-by
ASP.NET
access-control-allow-methods
POST
content-type
application/Json;charset=utf-8
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
private, max-age=0
access-control-allow-headers
x-requested-with,content-type
content-length
517
x-amz-cf-id
3kx3gDAdURs4SSFqZfY5GvVPQAsmMh3UZd2LZMNbYqQVFcyUDzIQ3w==
loader.gif
vm.daneviolda.com/images/common/ Frame D1C9 		750 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vm.daneviolda.com/images/common/loader.gif
Requested by
Host: vm.daneviolda.com
URL: https://vm.daneviolda.com/0381ud3jd099d0tsygchbqk5o2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:465b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2e652d9293a6e9ec19ef88bb405968aef8c488ad0602332d6a6ac21ee2fa7ac

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vm.daneviolda.com/0381ud3jd099d0tsygchbqk5o2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 22:06:08 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
449
x-psserverid
js14i, 2023-11-22T16:58:39-05:00
content-length
750
last-modified
Wed, 22 Nov 2023 21:45:02 GMT
server
cloudflare
etag
"655e765e-2ee"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tq45npHRCkksSdDqxnai7nv%2BF%2FNCZjHPaJaPebfd%2FTlz0dCVL0eSk1GpTGmdN7E%2Fi4I55hkmSuqAD2iT7nPM8BmDsLSOfWxTAncaCcIeCK7q3N3jjIMqLzaD8xtI5BPd4Vbz0wYTe6VAju30fTR7"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
82a47a598cc27768-LHR
expires
Wed, 22 Nov 2023 22:58:39 GMT
bundle1.js
vm.daneviolda.com/js/ Frame D1C9 		115 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vm.daneviolda.com/js/bundle1.js
Requested by
Host: vm.daneviolda.com
URL: https://vm.daneviolda.com/0381ud3jd099d0tsygchbqk5o2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:465b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7eeb401b380ad77cd2773cd2bec27a6c9752bcf819c713255fac5d29b1072e2e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vm.daneviolda.com/0381ud3jd099d0tsygchbqk5o2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 22:06:08 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 22 Nov 2023 21:45:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
449
etag
W/"655e765e-1cd94"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CUnXFjnM1vCSvXhnryDlIOUig68RfM0IVuXgPy6wDCEid55ty3KgCOAWFb2cWLpZcVRKOsMnFFQOkoKk7MhFOv6voh99HQRgnujGaQ9W%2Bxu3yuJy5I7OK6I0JQaVYKlbPpE8WUsILNsQv5MbeiXt"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=14400
cf-ray
82a47a59acd97768-LHR
x-psserverid
js14i, 2023-11-22T16:58:39-05:00
expires
Wed, 22 Nov 2023 22:58:39 GMT
bundle2.js
vm.daneviolda.com/js/ Frame D1C9 		114 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vm.daneviolda.com/js/bundle2.js
Requested by
Host: vm.daneviolda.com
URL: https://vm.daneviolda.com/0381ud3jd099d0tsygchbqk5o2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:465b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbbfa672ef4b18ea754b55acf1617a403d786635bfdbbe203144f31a94b119e2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vm.daneviolda.com/0381ud3jd099d0tsygchbqk5o2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 22:06:08 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 22 Nov 2023 21:45:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
449
etag
W/"655e765e-1c7bf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s9KzNAIq%2BCyciL8NvPPYhvGJLMe%2FVn9BqnyTU%2FIfjndXCBxHgTaaY0Y7cwP9I2QKaqjEILUJ62qKpW3fmNonnYQGmaoLwPZtJlJh6OB6wA8rmq7a%2F%2FivX%2B4yoyeT2VwWzZos0Qy5SgIej8GVbZqB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=14400
cf-ray
82a47a59acda7768-LHR
x-psserverid
js14i, 2023-11-22T16:58:39-05:00
expires
Wed, 22 Nov 2023 22:58:39 GMT
bundle3.js
vm.daneviolda.com/js/ Frame D1C9 		114 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vm.daneviolda.com/js/bundle3.js
Requested by
Host: vm.daneviolda.com
URL: https://vm.daneviolda.com/0381ud3jd099d0tsygchbqk5o2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:465b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab7582414c9aa5ba3a9945ace2a687910435f8be3740e3679f0add966c7d7eae

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vm.daneviolda.com/0381ud3jd099d0tsygchbqk5o2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 22:06:08 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 22 Nov 2023 21:45:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
449
etag
W/"655e765e-1c9d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pRilv0UaWXWgx594%2FXRL5SAmjjqsXDb3D7dS4%2Fy2W%2Fhj%2FuNq47zq6SXp5EpUyPHdBEiCSCcNc9j%2BM6Eofp1FdU11le8En4ZbyPfCoLWx6jFTMiU3xQrRWmvfYxFUD9okSy3uIlAtVv%2B54zOH7IW0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=14400
cf-ray
82a47a59acdc7768-LHR
x-psserverid
js14i, 2023-11-22T16:58:39-05:00
expires
Wed, 22 Nov 2023 22:58:39 GMT
bundle4.js
vm.daneviolda.com/js/ Frame D1C9 		116 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vm.daneviolda.com/js/bundle4.js
Requested by
Host: vm.daneviolda.com
URL: https://vm.daneviolda.com/0381ud3jd099d0tsygchbqk5o2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:465b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f3bb6d98f3d5f0e127911f5563ca8159d6c33de7e8dc8ede17c7a0b1d41d047

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vm.daneviolda.com/0381ud3jd099d0tsygchbqk5o2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 22:06:08 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 22 Nov 2023 21:45:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
449
etag
W/"655e765e-1cf5c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FbNsiMcmR1fU4Y98Jii16h1YTvOYP4cVOPpMA8DkNQ8pu8jhWUixgjMv6S%2B%2Fi3UZTI5OXLwwMPBAWNxNXRwaGTTvCJrmGLySe4isYpSqyTakjTtxlflxhBa55NQ3zF9gyXkrl%2FxlLk%2Fw9U0JZleO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=14400
cf-ray
82a47a59acdf7768-LHR
x-psserverid
js14i, 2023-11-22T16:58:39-05:00
expires
Wed, 22 Nov 2023 22:58:39 GMT
0381ud3jd099d0tsygchbqk5o2
chatapi.daneviolda.com/v1/visitor/sids/ Frame D1C9 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://chatapi.daneviolda.com/v1/visitor/sids/0381ud3jd099d0tsygchbqk5o2
Requested by
Host: vm.daneviolda.com
URL: https://vm.daneviolda.com/0381ud3jd099d0tsygchbqk5o2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:81d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0e38ad2936fcfdcee53dca773a587b185dbd1c059880656b9bc1aefb5424fe5

Request headers

Referer
https://vm.daneviolda.com/
x-requestid
crid_60ryMuCZ3PE5
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type
application/json

Response headers

date
Wed, 22 Nov 2023 22:06:09 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-instanceid
ca1c3b-0_#655f8e93_crid_60ryMuCZ3PE5
x-psserverid
ca13b, 2023-11-22T17:06:09-05:00
pragma
no-cache
server
cloudflare
vary
Origin, Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CksrrV5%2B9e94bNLmItcjHVJIa9o4cmui7%2BBN4Dbh9XXz9UcGKgifHuXb2Km6fVXY8oS%2FRFCLba5MA1YrGDEVccNoIgAPmjUI5m26wy0J7WTvm77WgIFqPKQGIzwV%2FLpPKvmgiWBvlWEXuXebtn3cuUeRjPE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=utf-8
access-control-allow-origin
https://vm.daneviolda.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
82a47a5cee6d6395-LHR
expires
Thu, 01 Jan 1970 00:00:00 GMT
0381ud3jd099d0tsygchbqk5o2
chatapi.daneviolda.com/v1/visitor/sids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://chatapi.daneviolda.com/v1/visitor/sids/0381ud3jd099d0tsygchbqk5o2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:81d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-requestid
Access-Control-Request-Method
POST
Origin
https://vm.daneviolda.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-requestid
access-control-allow-methods
GET,POST
access-control-allow-origin
https://vm.daneviolda.com
access-control-max-age
1800
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
82a47a5ac9fd6395-LHR
date
Wed, 22 Nov 2023 22:06:09 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JR5OXT7eOSMD%2BwaZzBQL4l6ynx1Wy%2FKkcnWMrqBoe0t18lrxHAvgE6MQcxzrAzrfSG%2BWHnVnlfm6%2F3pgWoJJoqFvY2tvKf9yPO0VyfC%2FDHLxaUDlByXlAO6vfDVMtYPodm3DDb6abURabbdPhYK5XHEREPo%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
x-instanceid
ca1c4b-0_#6562f6b9_null
x-psserverid
ca14b, 2023-11-22T17:06:09-05:00
main.js
vm.daneviolda.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/ Frame 1222
Redirect Chain
  • https://vm.daneviolda.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://vm.daneviolda.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vm.daneviolda.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Requested by
Host: vm.daneviolda.com
URL: https://vm.daneviolda.com/0381ud3jd099d0tsygchbqk5o2
Protocol
H2
Server
2606:4700:20::ac43:465b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f3ec7d5823663e43302c5d069ff55ab8642c4c07e523c949e67c2033ac5b7be
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 22:06:08 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BQ897mCvXUkG4Byc7Ea7Up3lxtOzCR1b2V7aMm6sMpch44TgN52h0hnvg2cy0Dp1voV3xeWIRMPZl8lF6eeEnLTYe06JNAdYkA3Ahvd0LuOXAv41aBJlIx9rzkNlNTPEJvKzcr4duPCzlZV6nq5X"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
82a47a59fd567768-LHR

Redirect headers

date
Wed, 22 Nov 2023 22:06:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=avABq5oKwAbFzRc8wH9rv9v4E088gxaZFGneNOl9qwW2UJf9BXcKGxTLXSwXChiMrLRLMRllBm0GPiIeqd5%2BzHH9jpF0cuKJzsmr9fnUqTxX65i5um6JguNuCzmu36Rqt3UPx9RayQqaneIkfetg"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
cache-control
max-age=300, public
cf-ray
82a47a59ace17768-LHR
82a47a5718ef7768
vm.daneviolda.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 1222 		0
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vm.daneviolda.com/cdn-cgi/challenge-platform/h/g/jsd/r/82a47a5718ef7768
Requested by
Host: vm.daneviolda.com
URL: https://vm.daneviolda.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:465b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 22 Nov 2023 22:06:09 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
82a47a5b2ebd7768-LHR
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PeWKqNGHLew%2BkEvsn4nIR7ALvB8gnV5O%2B6K5JYpOaabPDaltthrZ6LmQnk7H%2B%2BUQYQK%2Bzg%2F97lXw7NnX7jw7k%2BfHtCGDsFkdEan6eg3Ez5n%2BgH2uTM7oEx42VpgO7TQJ4V8BUU61E8TK37Zk3KJZ"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
en.js
vm.daneviolda.com/languages/ Frame D1C9 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vm.daneviolda.com/languages/en.js
Requested by
Host: vm.daneviolda.com
URL: https://vm.daneviolda.com/0381ud3jd099d0tsygchbqk5o2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:465b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38f6a2a5961b5e445d7ebaebe94045fd437430f3dca88caeb8988b03b6202939

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vm.daneviolda.com/0381ud3jd099d0tsygchbqk5o2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 22:06:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 22 Nov 2023 21:45:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
449
etag
W/"655e765e-cb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2BBML2H21rC4F%2B%2B5phpoaoUYkV4L7FkRWTL5eKpLwxKI1ddDahS2OGCRWAmSPhNVyuMy3ZvmOl1PpUbyNIxt69BaNQ%2F%2BEn5bJVbLbwWEy9hnUBlRF3vhiJIJfkNupoQZ04vg9URMy0JybAWgD50%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=14400
cf-ray
82a47a5f0bef7768-LHR
x-psserverid
js14i, 2023-11-22T16:58:40-05:00
expires
Wed, 22 Nov 2023 22:58:40 GMT
styles.js
vm.daneviolda.com/defres/company/messenger/css-js/weightless/298dd3/ Frame D1C9 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vm.daneviolda.com/defres/company/messenger/css-js/weightless/298dd3/styles.js
Requested by
Host: vm.daneviolda.com
URL: https://vm.daneviolda.com/0381ud3jd099d0tsygchbqk5o2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:465b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5992a4bf0751c0b59ccd114848e1760beff43a1d640cdafa1704daf665314132

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vm.daneviolda.com/0381ud3jd099d0tsygchbqk5o2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 22:06:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 22 Nov 2023 21:45:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
449
etag
W/"655e765e-39ed"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lvjZGYFDLFTooOL5GG8SSzlMlS2zK0l1Dab8a6imlKGVKqjUxkh0Gf%2FMieSL5ceQvRVZkAopvUgNPz0vUeBQBV8Bz1tG5cg5fmlRTGMBXjyUvf1Z54qUK%2BVP8%2BLT%2BQmTrhs3jbUfrfqkN1OTuhwK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=14400
cf-ray
82a47a5f0bf37768-LHR
x-psserverid
js14i, 2023-11-22T16:58:40-05:00
expires
Wed, 22 Nov 2023 22:58:40 GMT
css
fonts.googleapis.com/ Frame D1C9 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fa1af1cbf201b91b7b02cc4531ded17078f035ca5daec87e9767ca7edb4b3328
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vm.daneviolda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 22 Nov 2023 22:06:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 22 Nov 2023 21:51:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 22 Nov 2023 22:06:09 GMT
net.js
vm.daneviolda.com/js/ Frame D1C9 		146 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vm.daneviolda.com/js/net.js
Requested by
Host: vm.daneviolda.com
URL: https://vm.daneviolda.com/0381ud3jd099d0tsygchbqk5o2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:465b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab4a0c21b37b6538353cbb7a76409f2fcb67a99538a2a0966a7f410551ddd27e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vm.daneviolda.com/0381ud3jd099d0tsygchbqk5o2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 22:06:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 22 Nov 2023 21:45:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
449
etag
W/"655e765e-2471e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pb0ZQulr4G8V6piAubX9aW7wxCcQXqZC7BsWwRVublrHzsDV4nuSINfGA3fyOdO%2Bs9LGC4ohGblGQOAvbhkwAu5lRvR1NgkdS0WkRx8oc6YDXS3gVM5z8zGKYrKrDNFHq6f2L%2FEk4YALMpkgpcbC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=14400
cf-ray
82a47a5f5c507768-LHR
x-psserverid
js14i, 2023-11-22T16:58:40-05:00
expires
Wed, 22 Nov 2023 22:58:40 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v36/ Frame D1C9 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v36/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://vm.daneviolda.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 01:43:43 GMT
x-content-type-options
nosniff
age
418947
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18664
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 01:36:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Nov 2024 01:43:43 GMT
company-header-modern-01-298dd3-en.svg
vm.daneviolda.com/defres/company/image/header/modern/01/ Frame D1C9 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vm.daneviolda.com/defres/company/image/header/modern/01/company-header-modern-01-298dd3-en.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:465b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b7604f32c52ff59a3710e3a02cfc386644ccfc9d8401a3367867544aade18bb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://vm.daneviolda.com/0381ud3jd099d0tsygchbqk5o2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 22:06:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 22 Nov 2023 21:45:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
449
etag
W/"655e765e-d01"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a1VWjIDui5Hebt%2BWkqxxqzSo%2Byx7Dz8my%2FYir6cMRxL%2FzHLKIRZDmNAMZs%2BlN2c4ea1aFJx%2F0CSmTm3F5eri4PEPL1YYK1kD64LdzcvNkBdLCVbgaY3srDzQKPz0vv5Tog3X2vfulSZrI3KM71%2B6"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
82a47a62b90f7768-LHR
x-psserverid
js14i, 2023-11-22T16:58:40-05:00
expires
Wed, 22 Nov 2023 22:58:40 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture boolean| coverSupport object| webpackJsonp object| __uniConfig object| __uniRoutes function| UniApp object| UniViewJSBridge object| UniServiceJSBridge object| uni object| wx function| getApp function| getCurrentPages object| regeneratorRuntime function| lrz

3 Cookies

Domain/Path Name / Value
.daneviolda.com/ Name: cf_clearance
Value: rjia3y2R9hDsffTnLe4duM0r9GiT6woOv2uaBWw4Kp8-1700690769-0-1-f384e02b.f82cb052.a485bfcb-0.2.1700690769
vm.daneviolda.com/ Name: 0381ud3jd099d0tsygchbqk5o2_screenType
Value: start-chat-form
vm.daneviolda.com/ Name: 0381ud3jd099d0tsygchbqk5o2_lifeTime
Value: 1700690769761

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

chatapi.daneviolda.com
fonts.googleapis.com
fonts.gstatic.com
vm.daneviolda.com
www.kucuui.vip
www.nwyfht.vip
2600:9000:211e:d600:1e:6c72:a040:93a1
2600:9000:223f:4200:2:dff4:3800:93a1
2606:4700:20::681a:81d
2606:4700:20::ac43:465b
2a00:1450:4001:811::2003
2a00:1450:4001:827::200a
0ccf8dd29c61715a6364ea9ec36d32c295e82ca837488590130c51cee298b7d3
12c3d99b6d2159bf512044c1c36041b66f67bed3c900bc9d65218b8b3460529c
190339eab9efc92ba7829b1ddf898d316a9c82882028de2616d2c714264524cf
2198bb4ae94911016476591d429b46d99237209690f282d59de56ec9d291a89f
229378bb37f02ff6c1637e9e8a04d54f99c5a7f5762d7ba4a9313654053c8e9e
38f6a2a5961b5e445d7ebaebe94045fd437430f3dca88caeb8988b03b6202939
398f21786b9e187ba0bcd85e7447d77416cd5da21c522fd5613c8bb4380ba73f
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
479cdc0fac89745e61f8845a9a29fb28917810c258e732ace1e79a81a239d189
5992a4bf0751c0b59ccd114848e1760beff43a1d640cdafa1704daf665314132
65d970681baecff9f30093df94f4b1d1a6aa53199791d44ec36585f56dd3619f
7ec7a9e76719a323f0c351bee0cdae111a7e861b337c02b8c864e866571ce546
7eeb401b380ad77cd2773cd2bec27a6c9752bcf819c713255fac5d29b1072e2e
7f3bb6d98f3d5f0e127911f5563ca8159d6c33de7e8dc8ede17c7a0b1d41d047
8d366c482522a3671faa81c03a6324632e1bb35e257b5c81efab3861c1cbf98a
92cb4986dde162c3593cca4b5313e33f244fe28706c20b9763f75f5bb1c28d4c
9b7604f32c52ff59a3710e3a02cfc386644ccfc9d8401a3367867544aade18bb
9ee92822c648eeb5028b2c24805d9eeb5c06bb8c35439ad5b9d5526f75d07ee7
9f3ec7d5823663e43302c5d069ff55ab8642c4c07e523c949e67c2033ac5b7be
a0e38ad2936fcfdcee53dca773a587b185dbd1c059880656b9bc1aefb5424fe5
a2e652d9293a6e9ec19ef88bb405968aef8c488ad0602332d6a6ac21ee2fa7ac
a3732066e04c1163b185291a7cb6bedb3cd918d44ad596016c4671d62cc57044
ab4a0c21b37b6538353cbb7a76409f2fcb67a99538a2a0966a7f410551ddd27e
ab7582414c9aa5ba3a9945ace2a687910435f8be3740e3679f0add966c7d7eae
b1deaf0a5100428675221ac35d6a54264337bffbe6768183473e496507720ab1
c182ae8d09293efc9357b62bcac2f13402240c45ec02422f108666d6ed005a57
dbbfa672ef4b18ea754b55acf1617a403d786635bfdbbe203144f31a94b119e2
dcfc0326445e0325214c37c90321db785db92d20ca4d6058e2ebfe886dae1bdd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ece36084a84207ddbc73289c2d53a415fdbf87c6593821c3fd73d9c6d96b00da
fa1af1cbf201b91b7b02cc4531ded17078f035ca5daec87e9767ca7edb4b3328