urlscan.io logo urlscan.io
SecurityTrails logo

hvcuapp.online Open in urlscan Pro
2606:4700:3031::ac43:b432  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://hvcuapp.online/#ce
Effective URL: https://hvcuapp.online/
Submission Tags: 0xscam
Submission: On February 22 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 7 HTTP transactions. The main IP is 2606:4700:3031::ac43:b432, located in United States and belongs to CLOUDFLARENET, US. The main domain is hvcuapp.online.
TLS certificate: Issued by E1 on February 22nd 2024. Valid for: 3 months.
This is the only time hvcuapp.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 9 2606:4700:303... 13335 (CLOUDFLAR...)
7 1
Apex Domain
Subdomains		 Transfer
9 hvcuapp.online
hvcuapp.online
20 KB
7 1
Domain Requested by
9 hvcuapp.online 2 redirects hvcuapp.online
7 1

This site contains no links.

Subject Issuer Validity Valid
hvcuapp.online
E1		 2024-02-22 -
2024-05-22		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://hvcuapp.online/
Frame ID: 288202089662D16FFF7B436D3E6AA14A
Requests: 3 HTTP requests in this frame

Frame: https://hvcuapp.online/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js
Frame ID: E396F117B78C2C489DEB0D55DABA15E5
Requests: 2 HTTP requests in this frame

Frame: https://hvcuapp.online/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js
Frame ID: 1924BFBCEA26E619A5D4EAB83B5909E2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

403 Forbidden

Page URL History Show full URLs

  1. https://hvcuapp.online/ Page URL
  2. https://hvcuapp.online/ Page URL

Page Statistics

7
Requests

71 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

19 kB
Transfer

24 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://hvcuapp.online/ Page URL
  2. https://hvcuapp.online/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://hvcuapp.online/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://hvcuapp.online/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js
Request Chain 4
  • https://hvcuapp.online/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://hvcuapp.online/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
hvcuapp.online/ 		7 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hvcuapp.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:b432 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd165c673078a2ca49b95bc334effbecc40668682e41f36aa5b4165161acc93a
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
8598867869d87021-CDG
content-type
text/html; charset=utf-8
date
Thu, 22 Feb 2024 16:14:59 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=twXB523rlIsuB8OGDN9YpKBFQUsTG%2FEvtD7Ll9DqgY3VEFmkUhUdI4GG5UIMR2l%2FBU3PeEgVPdqFA%2BqSPBiYYaLgFE3S%2BY5%2Bf4Cdns%2BplwzYNSk8lVvucYkC%2BgGjaxSjtTxrye01SL%2Bf5bc5wA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block 1; mode=block
/
hvcuapp.online/ 		0
728 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hvcuapp.online/
Requested by
Host: hvcuapp.online
URL: https://hvcuapp.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:b432 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

l3NsAw4P-Iz2thWim0uMGxPbWiM
41262245
X-Requested-TimeStamp-Expire
accept-language
de-DE,de;q=0.9
X-Requested-TimeStamp-Combination
X-Requested-Type-Combination
GET
Content-type
application/x-www-form-urlencoded
X-Requested-Type
GET
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
Referer
https://hvcuapp.online/
X-Requested-with
XMLHttpRequest
X-Requested-TimeStamp
s0W1lkI2FaYwscZACVNWWpOmIzQ
xQZ5xG057NUdO6DA7w-CTSgHTIY

Response headers

pragma
no-cache
date
Thu, 22 Feb 2024 16:15:00 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff, nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=te%2BARvQ%2BochLZcpXQszJ1DWUYgwswbjbmxtdM6g3xv%2FIejMJa%2FIVUb8lcFaK2xI1%2BNiphKfq6lNBXXlSQYnpEW%2BHm0tnmUzcHNxXwGVnuH6dtwdaOZYIPF%2FRKzpdAv81cQvaF4w1wfMfdLqNBw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
859886792adf7021-CDG
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
expires
0
main.js
hvcuapp.online/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/ Frame E396
Redirect Chain
  • https://hvcuapp.online/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://hvcuapp.online/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hvcuapp.online/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js
Protocol
H2
Server
2606:4700:3031::ac43:b432 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b7db7d10f4bfa6d0d450c3574602c509a52923ba99e281afd3d6c9fcd2b0a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 16:15:00 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LCyP9dIYyzPrzdBcC2xaL1yLgQwDYA7H%2Bk0HaCQ%2BI3lOxbRhGGYoytlcrKTioBxtEbB9HvZRg5pZmTWVwHD81h5N16yUaKb6w6XqdUn9qNu%2F9Rt3mD%2FqkaDyGAchYKxYGGprwZDz8s3v%2FNEmyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
859886795b257021-CDG
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 22 Feb 2024 16:15:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hTaJCXyNjMAX6CWtJUnB%2F0Ngiai7dPwPrr0hsDfAIbl1i10FzCx%2BywmEhDcEekFEBYi4iKGkUV0JNBtO3HluszxC9RSlcJO7na9cbFdDXOxlvrdWc8tvQAaQN3KuGueSQQ3mpuhMX1%2BqvvcUMA%3D%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
859886793aed7021-CDG
alt-svc
h3=":443"; ma=86400
8598867869d87021
hvcuapp.online/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame E396 		0
644 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hvcuapp.online/cdn-cgi/challenge-platform/h/b/jsd/r/8598867869d87021
Requested by
Host: hvcuapp.online
URL: https://hvcuapp.online/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b432 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 22 Feb 2024 16:15:00 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wp9%2BRsvN%2BQty6RNTChkPnmxNJH%2B8v5ygMOdJ5%2FAbfbFHnlbxrbvhaDo36hdcqgK7yujOIRPrhQWI9IKlcGrNnThJA6yERjq%2F2I3ez7%2FkO%2BrQqCIJC8GGkQNOZYGWEyYcM6Q2bE5nPeMXbwg6jQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
85988679da65b8e5-AMS
alt-svc
h3=":443"; ma=86400
Primary Request /
hvcuapp.online/ 		2 KB
1015 B 		Document
General
Check archive.org
Download Go to
Full URL
https://hvcuapp.online/
Requested by
Host: hvcuapp.online
URL: https://hvcuapp.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b432 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e2149f142ec6e91ebb03ca8e587f494a578d48715df4511e3bc588e181dff8b
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Referer
https://hvcuapp.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85988679da66b8e5-AMS
content-encoding
br
content-type
text/html
date
Thu, 22 Feb 2024 16:15:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s3%2FFaChvFim70JC1rvRS5rzgPSUzPHRKi%2BYhQPRGZZ6nwbApvZdZztyCiT6JRw34ntNEnXONnRG7j%2BXEMzPGTk0sovXPpovIByz4UNROTXpHVRJohdC2pipbP3Csq6JEVAv%2B2NEzHf3yMAlJSg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-xss-protection
1; mode=block 1; mode=block
main.js
hvcuapp.online/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/ Frame 1924
Redirect Chain
  • https://hvcuapp.online/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://hvcuapp.online/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hvcuapp.online/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js
Protocol
H3
Server
2606:4700:3031::ac43:b432 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3341186211c8c016c3f63fe7d17653cb4366b6a184c0e83b7e19bfc897e89946
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 16:15:00 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GBD%2Fnbbx6GSx0VP9NKGIpyyvL7nI7jD3k1BuRgyNemRapg%2BL%2Fdyvh8Q3lISO9hzUzLDBLNOYad0DHZ9wpmM3dqTONgPIJaxu63loweV9wWrIs959X%2FpsVeoElJGdX7cLNvSi6yUUIFwKtm4PMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
8598867a7b4db8e5-AMS
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 22 Feb 2024 16:15:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rR%2BJ%2BDVNFkz4uYMgqd6i9lz6ADhdp8ecIfbMmeYaUuzBU4hLAvXdtLmYYmm3Yp%2FXVIzegt9NqdMvDDFHW6U6I%2BxNdoyFBTGB5hLttbtuBED9fpfuPoLCArE8lpcIyHbD1vaj83%2FWe06qR3m5sg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/0f752fefe334/main.js
cache-control
max-age=300, public
cf-ray
8598867a5b14b8e5-AMS
alt-svc
h3=":443"; ma=86400
85988679da66b8e5
hvcuapp.online/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 1924 		0
604 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hvcuapp.online/cdn-cgi/challenge-platform/h/b/jsd/r/85988679da66b8e5
Requested by
Host: hvcuapp.online
URL: https://hvcuapp.online/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b432 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 22 Feb 2024 16:15:00 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w8az7sQx%2FgUZuVeQHnHJzbYSlmHXoQwxSlrcDjdBYsX93C2xN6OW%2Fx6BZ7uvfq%2BeRmc9khuTR%2FraWlTdlLUkh8HunBzaRtp3OwQjHG2kvlrkaNu1AvLNctBbB4u9kI2RP0jsZFjLIlAWEyQ7hA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
8598867afc4fb8e5-AMS
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

12 Cookies

Domain/Path Name / Value
hvcuapp.online/ Name: Y3YtbxoWjLmLXKDHtOo1jnsDbAI
Value: 2QtXF6RoXLtuzKoPa40Tyh07yKM
hvcuapp.online/ Name: sxOGqdqnH1t5iOTYs_P95WrDlh8
Value: 1708618499
hvcuapp.online/ Name: uKf8MhtmIRheXL1_X_Hx8j4tQAA
Value: 1708704899
hvcuapp.online/ Name: l8IZlCaXnPyJF9f-0pi_uPY_tIs
Value: 1RXSq4w9inoIi7zP779FWPqLx0k
hvcuapp.online/ Name: A9H7C6N86ryz4M-BiQecdkVogUg
Value: -Tr_mUuv3u4ZEaUKiAZhWl8yWyg
hvcuapp.online/ Name: 5fmF6cJ4yr7c_3K0DcCWJlAKuUY
Value: tUe894P3EgZjcSh_v7ikikSw73M
hvcuapp.online/ Name: np7fkuJeQr0YejCgQMFFN6HL2kc
Value: y6-pjz07AgQrrmCij0C2zeIzmFI
hvcuapp.online/ Name: SFY7hfGFovErERvDj3fqgsPFUIk
Value: 1708618500
hvcuapp.online/ Name: Ec9sAi0rJRfaeHJmm6u8rLMKO0Y
Value: 1708704900
hvcuapp.online/ Name: q4723SyHr_ghQ5dsqhTwhIQJSfs
Value: UkSlRX9DBHtZbr_fynNfOq2nsgU
hvcuapp.online/ Name: XMoIoB8wuwk1Sy6HPAlrAO6AoC0
Value: tiyJkPHPkCtlHaqK_GHgzcokn8A
.hvcuapp.online/ Name: cf_clearance
Value: lCmh0u8koTzDKSvrWNy8WA7JR4jDYE_0SzXRugEJY58-1708618500-1.0-AXdCrIcVEinlpwkN5H7YAMi+A3aJHkk/3W9eG52ZQvkAOOVdhpKLPhHAK+vQHo/81JtQvH8sqXdcixNv75BgskQ=

2 Console Messages

Source Level URL
Text
network error URL: https://hvcuapp.online/#ce
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://hvcuapp.online/#ce
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block