app.app-valley.vip Open in urlscan Pro
2606:4700:20::681a:f0c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://app.app-valley.vip/install_pages/install.php?id=91
Effective URL:
https://app.app-valley.vip/install_pages/install.php?id=91
Submission: On February 03 via manual (February 3rd 2022, 3:21:31 am UTC) from US — Scanned from DE

Summary HTTP 14 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 14 HTTP transactions. The main IP is 2606:4700:20::681a:f0c, located in United States and belongs to CLOUDFLARENET, US. The main domain is app.app-valley.vip.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 11th 2021. Valid for: a year.

This is the only time app.app-valley.vip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	2606:4700:20:... 2606:4700:20::681a:f0c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5e41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	18.66.248.5 18.66.248.5	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.27 18.66.112.27	16509 (AMAZON-02) (AMAZON-02)
1	3.132.120.215 3.132.120.215	16509 (AMAZON-02) (AMAZON-02)
14	7

8 2606:4700:20::681a:f0c (United States)

ASN13335 (CLOUDFLARENET, US)

app.app-valley.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.app-valley.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5e41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-5.dus51.r.cloudfront.net

certify-js.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-27.fra56.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.132.120.215 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-132-120-215.us-east-2.compute.amazonaws.com

redirect.prod.experiment.routing.cloudfront.aws.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	app-valley.vip app.app-valley.vip img.app-valley.vip	30 KB
2	alexametrics.com certify-js.alexametrics.com — Cisco Umbrella Rank: 6427 certify.alexametrics.com — Cisco Umbrella Rank: 3682	3 KB
1	a2z.com redirect.prod.experiment.routing.cloudfront.aws.a2z.com	48 B
1	gstatic.com fonts.gstatic.com	11 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1366	5 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	868 B
14	6

	Domain	Requested by
7	app.app-valley.vip	app.app-valley.vip static.cloudflareinsights.com
1	redirect.prod.experiment.routing.cloudfront.aws.a2z.com
1	certify.alexametrics.com
1	certify-js.alexametrics.com	app.app-valley.vip
1	fonts.gstatic.com	fonts.googleapis.com
1	static.cloudflareinsights.com	app.app-valley.vip
1	img.app-valley.vip	app.app-valley.vip
1	fonts.googleapis.com	app.app-valley.vip
14	8

This site contains links to these domains. Also see Links.

Domain
app-valley.vip

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
certify-js.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
certify.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com Amazon	`2021-10-12` - `2022-11-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://app.app-valley.vip/install_pages/install.php?id=91
Frame ID: A1D64D4094EAA6EBA0A9FF0BB01C0082
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FLStudio Mobile on iOS with Appvalley

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

14
Requests

100 %
HTTPS

57 %
IPv6

6
Domains

8
Subdomains

7
IPs

2
Countries

50 kB
Transfer

94 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://app-valley.vip/AppValley.mobileconfig
Title: Install Appvalley

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request install.php Show response
app.app-valley.vip/install_pages/ 3 KB
2 KB 212ms
129ms Document
text/html 2606:4700:20::681a:f0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.app-valley.vip/install_pages/install.php?id=91
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d26a9c0aa1eb0fa005cb76374345cb7983dad340746083b17f99008797a514f7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 03 Feb 2022 03:21:26 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cQtuEcR426%2BREtdFfETazIuZv7TFGWFNTt4jXVwHplniboPNnpHO3%2BALY7ph6KqreVnDy1FpaAnRZzNecXZg%2BuQTWN2u37a8GHGhf%2BULaySY1Y3E%2FQCPaFJ60UpdHfHbSNXkjTmjRzXPpru%2F83ryjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d7887759ef79277-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 e7fpxs73m0h9ua0WLXdssAqPFjU.js Show response
app.app-valley.vip/cdn-cgi/apps/head/ 4 KB
2 KB 31ms
30ms Script
application/javascript 2606:4700:20::681a:f0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.app-valley.vip/cdn-cgi/apps/head/e7fpxs73m0h9ua0WLXdssAqPFjU.js
Requested by: Host: app.app-valley.vip
URL: https://app.app-valley.vip/install_pages/install.php?id=91
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0649eb07f75d538e904d999dad660e48f5534c5a5810c206be05f36648d86c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.app-valley.vip/install_pages/install.php?id=91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 03:21:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 754577
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: V2VAQEWZVX1AVV5P
x-amz-id-2: EfBtScn458pYx3ePfKR3P3dXVMWM1Jm3ymAQ1d8YNhCeSTOBl1S0JJcmYCa7z4rQuInkA1itNw4=
last-modified: Mon, 17 Feb 2020 18:21:10 GMT
server: cloudflare
etag: W/"2b4bb0a8f164d81a9e83049584ee4f3c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z4b%2FKN55N64yZKqEo7Qor6QhoqGaBRVYZSZbXWGJdKQh3O%2BwhXL40sug35P2zJHCSo4xaBb%2B4qeAerswq2J9NLSDftc7obCeRVYxWnmU0MFifiwVSXyoBmUxGFFwXaaYXb%2FeOTCYDjPpMQKTtCUiQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: 7FTOf01O9uLmKr.1PrX03Xzn5M5MBaXY
cf-ray: 6d7887769fdd9277-FRA

GET
H2 200 easy.css
app.app-valley.vip/install_pages/ 892 B
732 B 122ms
121ms Stylesheet
text/css 2606:4700:20::681a:f0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.app-valley.vip/install_pages/easy.css
Requested by: Host: app.app-valley.vip
URL: https://app.app-valley.vip/install_pages/install.php?id=91
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 359940feb0cf3d99d4804a8d6e33cc2ad7992e420740d648be3095262facc849

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.app-valley.vip/install_pages/install.php?id=91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 03:21:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 06 Apr 2019 18:39:15 GMT
server: cloudflare
etag: W/"5ca8f253-37c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Jb3IWZbosM6T7q6HGDEdTx4FFEnJcyq%2BWVJ4t5pP%2BEehlEDOXmEyOuyL7wCxL%2FGvXm8jgAglNUJ5nNTKOfGFonCvPiL8LwthPySp9%2F4gfwRsS0J2NSvcl%2BtD6A3bZhcqXL%2B1MJsbPMUdIQ%2BnXwH9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=57600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d7887769fde9277-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 702 B
868 B 75ms
27ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Bree%20Serif

Requested by

Host: app.app-valley.vip
URL: https://app.app-valley.vip/install_pages/install.php?id=91

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ea2eacb5f47d394b480c940fdfa4c6e554c7846eb9aa0e6ed570be78a440311d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.app-valley.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 02:30:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 03 Feb 2022 03:21:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 03 Feb 2022 03:21:26 GMT

GET
H3 200 api.js Show response
app.app-valley.vip/cdn-cgi/bm/cv/669835187/ 35 KB
10 KB 32ms
31ms Script
text/javascript 2606:4700:20::681a:f0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.app-valley.vip/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: app.app-valley.vip
URL: https://app.app-valley.vip/install_pages/install.php?id=91

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:f0c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.app-valley.vip/install_pages/install.php?id=91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 03:21:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=weIMC0XN%2B7sHXAvigJgxtp%2Feh%2FoRxkmCPBMK5WUV06ZhmMVTw21NDIqUIsSC0SYAZoiY0wyycbu%2FAGqaZwmHKToeLMhQeBXpS8lxDs8fu5O0%2BQb%2Bh4BYlP4KOvn9JaOgjfkn2ehG1RmFFx4Dq2Oh5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 6d788776dcbf5c20-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 91.png
img.app-valley.vip/icon/ 10 KB
11 KB 477ms
457ms Image
image/png 2606:4700:20::681a:f0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.app-valley.vip/icon/91.png
Requested by: Host: app.app-valley.vip
URL: https://app.app-valley.vip/install_pages/install.php?id=91
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 490b949b53da0901629957366b3d51e2e30bba5cda9c7582fc69f2d3c525934a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.app-valley.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 03:21:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10687
last-modified: Tue, 30 Jan 2018 04:54:27 GMT
server: cloudflare
etag: "5a6ffa83-29bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6N0FiY6t6bXlDnRnqMX5obcmdW150KCteh8ZSSRDfJFbk6WzI73qErcP1ySlhe3zIBz7WDekTS6vggCC8J9CAR91hTHlb7Ne%2Bmoj8Lgv%2Fs2Tj3aIpB%2BfN9tdMkhUj1S694A55Lg0YKja2cypOCf6pw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6d788776e8329277-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 rocket-loader.min.js Show response
app.app-valley.vip/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 32ms
32ms Script
application/javascript 2606:4700:20::681a:f0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.app-valley.vip/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: app.app-valley.vip
URL: https://app.app-valley.vip/install_pages/install.php?id=91

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:f0c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.app-valley.vip/install_pages/install.php?id=91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 03:21:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 26 Jan 2022 18:50:50 GMT
server: cloudflare
etag: W/"61f1980a-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ztBIuAEPxTRav0hbJ%2FTr16BP%2Fof9ISeWwfPHCRg8I%2F%2FqBuLQa%2B%2FRqWVoFm7ZndMxjlvHaTrnQOY0K5bSjcFKaSaf%2FO7XncWNKR1nXyZHjMih17R54X1NuBZPMbVDgZtYvq2vwjB4X%2Bd72IlHHX6z%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d788776dcc25c20-FRA
vary: Accept-Encoding
expires: Sat, 05 Feb 2022 03:21:26 GMT

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 84ms
39ms Script
text/javascript 2606:4700::6810:5e41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: app.app-valley.vip
URL: https://app.app-valley.vip/install_pages/install.php?id=91
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://app.app-valley.vip/
Origin: https://app.app-valley.vip
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 03:21:26 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6d7887770a12910d-FRA

GET
H2 200 4UaHrEJCrhhnVA3DgluA96rp5w.woff2
fonts.gstatic.com/s/breeserif/v16/ 10 KB
11 KB 130ms
19ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/breeserif/v16/4UaHrEJCrhhnVA3DgluA96rp5w.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bree%20Serif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb27fcf27e09328582b85835364d5a2dd4dd134ed69841913069574c3676f272

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://app.app-valley.vip
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 21:12:58 GMT
x-content-type-options: nosniff
age: 22109
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10408
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:15:54 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 21:12:58 GMT

POST
H3 204 result Show response
app.app-valley.vip/cdn-cgi/bm/cv/ 0
709 B 60ms
60ms XHR
text/plain 2606:4700:20::681a:f0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.app-valley.vip/cdn-cgi/bm/cv/result?req_id=6d7887759ef79277
Requested by: Host: app.app-valley.vip
URL: https://app.app-valley.vip/cdn-cgi/bm/cv/669835187/api.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:f0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://app.app-valley.vip/install_pages/install.php?id=91
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 03 Feb 2022 03:21:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IPSXEPmkQloeEkCN2sGvjWDHGomCtAv9sygGBKFUiCv1oiC3yr1wjq%2FTKhKgelvWoYGFeA2774FAqp3cpK%2BN3XrxHbe6YsQUT2sVZU%2FbDkCnb71QK%2FIn3EsP61lUtV3btknjA0IY2cK5nHVTV%2FtK1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 6d788777fe105c20-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ 4 KB
2 KB 74ms
21ms Script
application/javascript 18.66.248.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: app.app-valley.vip
URL: https://app.app-valley.vip/install_pages/install.php?id=91
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-5.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.app-valley.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
Age: 24311641
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 5bbaa27b453dc834289b91c14bbb4934.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-P1
X-Amz-Cf-Id: KbC8-UFrRovtkfDYmnflKKviu8dYTdEGnILY7DGuHSPJEB_51g5T4A==

POST
H3 200 rum Show response
app.app-valley.vip/cdn-cgi/ 0
168 B 21ms
21ms XHR
text/plain 2606:4700:20::681a:f0c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.app-valley.vip/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:f0c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://app.app-valley.vip/install_pages/install.php?id=91
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
content-type: application/json

Response headers

date: Thu, 03 Feb 2022 03:21:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://app.app-valley.vip
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6d788779e89c5c20-FRA
vary: Origin

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
552 B 66ms
17ms Image
image/gif 18.66.112.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=FLStudio%20Mobile%20on%20iOS%20with%20Appvalley&time=1643858487407&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fapp.app-valley.vip%2Finstall_pages%2Finstall.php%3Fid%3D91%23&random_number=13664795252&sess_cookie=eed0197117ebd99e86ed51de3c8&sess_cookie_flag=1&user_cookie=eed0197117ebd99e86ed51de3c8&user_cookie_flag=1&dynamic=true&domain=app-valley.vip&account=sYGgr1O7kI20L7&jsv=20130128&user_lang=en-US
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-27.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.app-valley.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 02 Feb 2022 04:13:31 GMT
Via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 83277
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: FRA56-P5
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: D95BBveOlhnE8usz2M7um6iy0sDzwrEpDCOofgO0XMLImPWHrg0ZRw==

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 0
48 B 362ms
111ms Image
text/plain 3.132.120.215
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.132.120.215 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-132-120-215.us-east-2.compute.amazonaws.com
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://app.app-valley.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 03:21:27 GMT
server: Server

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.app-valley.vip/	1970-01-20 00:37:40	Name: __cf_bm Value: LywMsWqFbvQL811yrgo5VMg_N6VomxhyP2CRKTsJsJw-1643858487-0-ASNc8gK+9/8y744meEHsBs3GetJsE4sD5GjmSFkioFxef36rmjNObLfg+ag5jYtotiQQQ6ZdJ875oVH2I+Ns3WVmUXLJOqYGJwBgjyQcIfrfEVqIyeBFsavH19VKyiEcnQ==
.app-valley.vip/	1970-01-20 00:37:40	Name: __asc Value: eed0197117ebd99e86ed51de3c8
.app-valley.vip/	1970-01-20 09:24:40	Name: __auc Value: eed0197117ebd99e86ed51de3c8

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.app-valley.vip
certify-js.alexametrics.com
certify.alexametrics.com
fonts.googleapis.com
fonts.gstatic.com
img.app-valley.vip
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
static.cloudflareinsights.com
18.66.112.27
18.66.248.5
2606:4700:20::681a:f0c
2606:4700::6810:5e41
2a00:1450:4001:810::2003
2a00:1450:4001:830::200a
3.132.120.215
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
359940feb0cf3d99d4804a8d6e33cc2ad7992e420740d648be3095262facc849
490b949b53da0901629957366b3d51e2e30bba5cda9c7582fc69f2d3c525934a
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
cb27fcf27e09328582b85835364d5a2dd4dd134ed69841913069574c3676f272
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d26a9c0aa1eb0fa005cb76374345cb7983dad340746083b17f99008797a514f7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea2eacb5f47d394b480c940fdfa4c6e554c7846eb9aa0e6ed570be78a440311d
f0649eb07f75d538e904d999dad660e48f5534c5a5810c206be05f36648d86c6
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

app.app-valley.vip Open in urlscan Pro 2606:4700:20::681a:f0c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

57 %IPv6

6 Domains

8 Subdomains

7 IPs

2 Countries

50 kBTransfer

94 kBSize

3 Cookies

1 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

3 Cookies

Indicators

app.app-valley.vip Open in urlscan Pro
2606:4700:20::681a:f0c Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

57 %
IPv6

6
Domains

8
Subdomains

7
IPs

2
Countries

50 kB
Transfer

94 kB
Size

3
Cookies

14 HTTP transactions
0 data transactions