cloud.victory.dk Open in urlscan Pro
159.69.231.187 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cloud.victory.dk/
Effective URL:
https://cloud.victory.dk/userportal/
Submission: On November 09 via api (November 9th 2024, 4:27:22 am UTC) from US — Scanned from DK

Summary HTTP 20 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 20 HTTP transactions. The main IP is 159.69.231.187, located in Nuremberg, Germany and belongs to HETZNER-AS, DE. The main domain is cloud.victory.dk.
TLS certificate: Issued by R11 on October 9th 2024. Valid for: 3 months.

This is the only time cloud.victory.dk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 19	159.69.231.187 159.69.231.187	24940 (HETZNER-AS) (HETZNER-AS)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
20	3

19 159.69.231.187 (Nuremberg, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.187.231.69.159.clients.your-server.de

cloud.victory.dk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	victory.dk 1 redirects cloud.victory.dk	3 MB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34	22 KB
20	2

	Domain	Requested by
19	cloud.victory.dk	1 redirects cloud.victory.dk
2	www.google-analytics.com	cloud.victory.dk www.google-analytics.com
20	2

This site contains links to these domains. Also see Links.

Domain
cloud.portmann.it
www.parallels.com

Subject Issuer	Validity	Valid
cloud.victory.dk R11	`2024-10-09` - `2025-01-07`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://cloud.victory.dk/userportal/
Frame ID: 0C94576C0CB0E082E7645FDF2927B42B
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Portmann Cloud Portal

Page URL History Show full URLs

https://cloud.victory.dk/ HTTP 303
https://cloud.victory.dk/userportal/ Page URL

Detected technologies

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

Socket.io (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

socket\.io.*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

20
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

3069 kB
Transfer

3278 kB
Size

6
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://cloud.portmann.it/
Title: Powered by Portmann Cloud GmbH

Search URL Search Domain Scan URL

URL: http://www.parallels.com/products/ras/vNaN/kb/#howtouseclipboard
Title: click here

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cloud.victory.dk/ HTTP 303
https://cloud.victory.dk/userportal/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
cloud.victory.dk/userportal/
Redirect Chain

https://cloud.victory.dk/
https://cloud.victory.dk/userportal/

23 KB
24 KB

133ms
34ms

Document
text/html

159.69.231.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.victory.dk/userportal/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.69.231.187 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.187.231.69.159.clients.your-server.de

Software

Resource Hash

af32d3d1d05e73f287d53f3634df54f8f83a329f6492b4fdffa28bfa55522077

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-inline'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none'
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Security-Policy: default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-inline'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none'
Content-type: text/html
Date: Sat, 09 Nov 2024 04:27:18 GMT
Keep-Alive: timeout=5
Last-Modified: Thu, 13 Apr 2023 03:02:06 GMT
Permissions-Policy: accelerometer=(), camera=(), document-domain=(), encrypted-media=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=(), publickey-credentials-get=(), usb=(), xr-spatial-tracking=(), fullscreen=(self), autoplay=(self), microphone=(self), picture-in-picture=(), sync-xhr=(self)
Referrer-Policy: strict-origin
Strict-Transport-Security: max-age=0
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-FRAME-OPTIONS: SAMEORIGIN
X-XSS-Protection: 1; mode=block
expires: Thu, 13 Apr 2023 03:02:06 GMT
max-age: 0

Redirect headers

Content-Length: 0
Location: https://cloud.victory.dk/userportal/
Strict-Transport-Security: max-age=0

GET
H/1.1 200
OK socket.io.js Show response
cloud.victory.dk/RASHTML5Gateway/socket.io/ 216 KB
47 KB 145ms
36ms Script
application/javascript 159.69.231.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.victory.dk/RASHTML5Gateway/socket.io/socket.io.js
Requested by: Host: cloud.victory.dk
URL: https://cloud.victory.dk/userportal/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.69.231.187 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.187.231.69.159.clients.your-server.de
Software: /
Resource Hash: 26b8e4f7180a0e551962247be089b187eac3ee15ec9659088048c152158942bc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cloud.victory.dk/

Response headers

Transfer-Encoding: chunked
Cache-Control: public, max-age=0
content-encoding: gzip
ETag: "3.0.5"
Connection: keep-alive
Keep-Alive: timeout=5
X-SourceMap: socket.io.js.map
Date: Sat, 09 Nov 2024 04:27:18 GMT
Content-Type: application/javascript

GET
H/1.1 200
OK localforage.min.js Show response
cloud.victory.dk/userportal/js/thirdparty/localforage/ 25 KB
26 KB 143ms
34ms Script
text/javascript 159.69.231.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.victory.dk/userportal/js/thirdparty/localforage/localforage.min.js

Requested by

Host: cloud.victory.dk
URL: https://cloud.victory.dk/userportal/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.69.231.187 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.187.231.69.159.clients.your-server.de

Software

Resource Hash

34e9583d060e41eceeb48956fdd4f4c6ad106994957d8a128e99d03a74a779c3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-inline'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none'
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cloud.victory.dk/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=0
Content-Security-Policy: default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-inline'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none'
max-age: 0
Connection: keep-alive
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Permissions-Policy: accelerometer=(), camera=(), document-domain=(), encrypted-media=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=(), publickey-credentials-get=(), usb=(), xr-spatial-tracking=(), fullscreen=(self), autoplay=(self), microphone=(self), picture-in-picture=(), sync-xhr=(self)
expires: Thu, 13 Apr 2023 03:02:06 GMT
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block
Date: Sat, 09 Nov 2024 04:27:18 GMT
Content-type: text/javascript
Last-Modified: Thu, 13 Apr 2023 03:02:06 GMT
X-FRAME-OPTIONS: SAMEORIGIN

GET
H/1.1 200
OK promise.min.js Show response
cloud.victory.dk/userportal/js/thirdparty/polyfill/ 3 KB
4 KB 143ms
35ms Script
text/javascript 159.69.231.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.victory.dk/userportal/js/thirdparty/polyfill/promise.min.js

Requested by

Host: cloud.victory.dk
URL: https://cloud.victory.dk/userportal/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.69.231.187 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.187.231.69.159.clients.your-server.de

Software

Resource Hash

0344d6a6292431917a2b282b2c32b20fb5af43c4f2be2910b3d8d8e47f426f27

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-inline'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none'
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cloud.victory.dk/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=0
Content-Security-Policy: default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-inline'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none'
max-age: 0
Connection: keep-alive
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Permissions-Policy: accelerometer=(), camera=(), document-domain=(), encrypted-media=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=(), publickey-credentials-get=(), usb=(), xr-spatial-tracking=(), fullscreen=(self), autoplay=(self), microphone=(self), picture-in-picture=(), sync-xhr=(self)
expires: Thu, 13 Apr 2023 03:02:06 GMT
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block
Date: Sat, 09 Nov 2024 04:27:18 GMT
Content-type: text/javascript
Last-Modified: Thu, 13 Apr 2023 03:02:06 GMT
X-FRAME-OPTIONS: SAMEORIGIN

GET
H/1.1 200
OK style.css
cloud.victory.dk/userportal/js/rdp/css/ 42 KB
43 KB 63ms
35ms Stylesheet
text/css 159.69.231.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.victory.dk/userportal/js/rdp/css/style.css

Requested by

Host: cloud.victory.dk
URL: https://cloud.victory.dk/userportal/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.69.231.187 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.187.231.69.159.clients.your-server.de

Software

Resource Hash

df09707be0e4ae4285106fb7a7914b3f66d995f744a614d35efa65ddd73b4a80

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-inline'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none'
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cloud.victory.dk/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=0
Content-Security-Policy: default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-inline'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none'
max-age: 0
Connection: keep-alive
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Permissions-Policy: accelerometer=(), camera=(), document-domain=(), encrypted-media=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=(), publickey-credentials-get=(), usb=(), xr-spatial-tracking=(), fullscreen=(self), autoplay=(self), microphone=(self), picture-in-picture=(), sync-xhr=(self)
expires: Thu, 13 Apr 2023 03:02:06 GMT
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block
Date: Sat, 09 Nov 2024 04:27:18 GMT
Content-type: text/css
Last-Modified: Thu, 13 Apr 2023 03:02:06 GMT
X-FRAME-OPTIONS: SAMEORIGIN

GET
H/1.1 200
OK theme.css
cloud.victory.dk/userportal/pax-theme/2.0/ 382 KB
383 KB 127ms
33ms Stylesheet
text/css 159.69.231.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.victory.dk/userportal/pax-theme/2.0/theme.css

Requested by

Host: cloud.victory.dk
URL: https://cloud.victory.dk/userportal/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.69.231.187 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.187.231.69.159.clients.your-server.de

Software

Resource Hash

7e01035c57b298f9a3fd4911e46aa7e4d6a4772f632d662a05cea6a2172bf3f3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-inline'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none'
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cloud.victory.dk/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=0
Content-Security-Policy: default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-inline'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none'
max-age: 0
Connection: keep-alive
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Permissions-Policy: accelerometer=(), camera=(), document-domain=(), encrypted-media=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=(), publickey-credentials-get=(), usb=(), xr-spatial-tracking=(), fullscreen=(self), autoplay=(self), microphone=(self), picture-in-picture=(), sync-xhr=(self)
expires: Thu, 13 Apr 2023 03:02:06 GMT
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block
Date: Sat, 09 Nov 2024 04:27:18 GMT
Content-type: text/css
Last-Modified: Thu, 13 Apr 2023 03:02:06 GMT
X-FRAME-OPTIONS: SAMEORIGIN

GET
H/1.1 200
OK style.23942.css
cloud.victory.dk/userportal/css/ 95 KB
96 KB 135ms
34ms Stylesheet
text/css 159.69.231.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.victory.dk/userportal/css/style.23942.css

Requested by

Host: cloud.victory.dk
URL: https://cloud.victory.dk/userportal/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.69.231.187 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.187.231.69.159.clients.your-server.de

Software

Resource Hash

ae8766a024bfb23f076d487a5c88160efd88b31c1119c43341cd952b196c1726

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-inline'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none'
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cloud.victory.dk/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=0
Content-Security-Policy: default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-inline'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none'
max-age: 0
Connection: keep-alive
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Permissions-Policy: accelerometer=(), camera=(), document-domain=(), encrypted-media=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=(), publickey-credentials-get=(), usb=(), xr-spatial-tracking=(), fullscreen=(self), autoplay=(self), microphone=(self), picture-in-picture=(), sync-xhr=(self)
expires: Thu, 13 Apr 2023 03:02:06 GMT
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block
Date: Sat, 09 Nov 2024 04:27:18 GMT
Content-type: text/css
Last-Modified: Thu, 13 Apr 2023 03:02:06 GMT
X-FRAME-OPTIONS: SAMEORIGIN

GET
H/1.1 200
OK fonts.css
cloud.victory.dk/userportal/css/ 1 KB
2 KB 140ms
33ms Stylesheet
text/css 159.69.231.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.victory.dk/userportal/css/fonts.css

Requested by

Host: cloud.victory.dk
URL: https://cloud.victory.dk/userportal/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.69.231.187 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.187.231.69.159.clients.your-server.de

Software

Resource Hash

8002a3ee17d7f3c01438bdd29c7e460d4b0e8bb0b88e88286860dd7c1cab4c5d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-inline'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none'
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cloud.victory.dk/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=0
Content-Security-Policy: default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-inline'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none'
max-age: 0
Connection: keep-alive
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Permissions-Policy: accelerometer=(), camera=(), document-domain=(), encrypted-media=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=(), publickey-credentials-get=(), usb=(), xr-spatial-tracking=(), fullscreen=(self), autoplay=(self), microphone=(self), picture-in-picture=(), sync-xhr=(self)
expires: Thu, 13 Apr 2023 03:02:06 GMT
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block
Date: Sat, 09 Nov 2024 04:27:18 GMT
Content-type: text/css
Last-Modified: Thu, 13 Apr 2023 03:02:06 GMT
X-FRAME-OPTIONS: SAMEORIGIN

GET
H/1.1 200
OK require.js Show response
cloud.victory.dk/userportal/js/thirdparty/requirejs/ 15 KB
16 KB 33ms
33ms Script
text/javascript 159.69.231.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.victory.dk/userportal/js/thirdparty/requirejs/require.js

Requested by

Host: cloud.victory.dk
URL: https://cloud.victory.dk/userportal/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.69.231.187 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.187.231.69.159.clients.your-server.de

Software

Resource Hash

506af4c0dea33a22347864afd6c8935059f2c3df25e375f8010b7faaaa8b99b5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-inline'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none'
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cloud.victory.dk/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=0
Content-Security-Policy: default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-inline'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none'
max-age: 0
Connection: keep-alive
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Permissions-Policy: accelerometer=(), camera=(), document-domain=(), encrypted-media=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=(), publickey-credentials-get=(), usb=(), xr-spatial-tracking=(), fullscreen=(self), autoplay=(self), microphone=(self), picture-in-picture=(), sync-xhr=(self)
expires: Thu, 13 Apr 2023 03:02:06 GMT
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block
Date: Sat, 09 Nov 2024 04:27:18 GMT
Content-type: text/javascript
Last-Modified: Thu, 13 Apr 2023 03:02:06 GMT
X-FRAME-OPTIONS: SAMEORIGIN

GET
H/1.1 200
OK OpenSans-Regular.ttf
cloud.victory.dk/userportal/fonts/ 212 KB
213 KB 34ms
34ms Font
application/octet-stream 159.69.231.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.victory.dk/userportal/fonts/OpenSans-Regular.ttf

Requested by

Host: cloud.victory.dk
URL: https://cloud.victory.dk/userportal/css/fonts.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.69.231.187 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.187.231.69.159.clients.your-server.de

Software

Resource Hash

13c03e22a633919beb2847c58c8285fb8a735ee97097d7c48fd403f8294b05f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-inline'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none'
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://cloud.victory.dk
Referer: https://cloud.victory.dk/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=0
Content-Security-Policy: default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-inline'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none'
max-age: 0
Connection: keep-alive
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Permissions-Policy: accelerometer=(), camera=(), document-domain=(), encrypted-media=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=(), publickey-credentials-get=(), usb=(), xr-spatial-tracking=(), fullscreen=(self), autoplay=(self), microphone=(self), picture-in-picture=(), sync-xhr=(self)
expires: Thu, 13 Apr 2023 03:02:06 GMT
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block
Date: Sat, 09 Nov 2024 04:27:18 GMT
Content-type: application/octet-stream
Last-Modified: Thu, 13 Apr 2023 03:02:06 GMT
X-FRAME-OPTIONS: SAMEORIGIN

GET
H/1.1 200
OK RasHTML5Gateway.23942.js Show response
cloud.victory.dk/userportal/js/ 2 MB
2 MB 34ms
34ms Script
text/javascript 159.69.231.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.victory.dk/userportal/js/RasHTML5Gateway.23942.js

Requested by

Host: cloud.victory.dk
URL: https://cloud.victory.dk/userportal/js/thirdparty/requirejs/require.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.69.231.187 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.187.231.69.159.clients.your-server.de

Software

Resource Hash

81caada88496d1a792962eaf553e361ed596a117266d54b38f60af8c705debde

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-inline'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none'
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cloud.victory.dk/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=0
Content-Security-Policy: default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-inline'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none'
max-age: 0
Connection: keep-alive
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Permissions-Policy: accelerometer=(), camera=(), document-domain=(), encrypted-media=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=(), publickey-credentials-get=(), usb=(), xr-spatial-tracking=(), fullscreen=(self), autoplay=(self), microphone=(self), picture-in-picture=(), sync-xhr=(self)
expires: Thu, 13 Apr 2023 03:02:06 GMT
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block
Date: Sat, 09 Nov 2024 04:27:18 GMT
Content-type: text/javascript
Last-Modified: Thu, 13 Apr 2023 03:02:06 GMT
X-FRAME-OPTIONS: SAMEORIGIN

GET
H/1.1 200
OK favicon_32.png
cloud.victory.dk/userportal/favicons/ 1 KB
2 KB 33ms
33ms Other
image/png 159.69.231.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.victory.dk/userportal/favicons/favicon_32.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.69.231.187 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.187.231.69.159.clients.your-server.de

Software

Resource Hash

fd5d1b7b829206b0c469c95d303788907e6f1d65938d471780a5890020dbc332

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-inline'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none'
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cloud.victory.dk/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=0
Content-Security-Policy: default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-inline'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none'
max-age: 0
Connection: keep-alive
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Permissions-Policy: accelerometer=(), camera=(), document-domain=(), encrypted-media=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=(), publickey-credentials-get=(), usb=(), xr-spatial-tracking=(), fullscreen=(self), autoplay=(self), microphone=(self), picture-in-picture=(), sync-xhr=(self)
expires: Thu, 13 Apr 2023 03:02:06 GMT
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block
Date: Sat, 09 Nov 2024 04:27:18 GMT
Content-type: image/png
Last-Modified: Thu, 13 Apr 2023 03:02:06 GMT
X-FRAME-OPTIONS: SAMEORIGIN

GET
H/1.1 200
OK init.js Show response
cloud.victory.dk/userportal/ 93 KB
94 KB 35ms
35ms Script
text/javascript 159.69.231.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.victory.dk/userportal/init.js?theme=&nocache=0.04373653095606711

Requested by

Host: cloud.victory.dk
URL: https://cloud.victory.dk/userportal/js/thirdparty/requirejs/require.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.69.231.187 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.187.231.69.159.clients.your-server.de

Software

Resource Hash

ab4542fc19dd6eb25a05319c4f0e658c9b060d27c733d59a2c956469f3bee1da

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-inline'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none'
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cloud.victory.dk/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=0
Content-Security-Policy: default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-inline'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none'
Connection: keep-alive
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Permissions-Policy: accelerometer=(), camera=(), document-domain=(), encrypted-media=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=(), publickey-credentials-get=(), usb=(), xr-spatial-tracking=(), fullscreen=(self), autoplay=(self), microphone=(self), picture-in-picture=(), sync-xhr=(self)
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block
Date: Sat, 09 Nov 2024 04:27:18 GMT
Content-type: text/javascript; charset=utf8

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 161ms
51ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cloud.victory.dk
URL: https://cloud.victory.dk/userportal/js/RasHTML5Gateway.23942.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cloud.victory.dk/

Response headers

content-encoding: gzip
age: 3429
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Sat, 09 Nov 2024 05:30:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 09 Nov 2024 03:30:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a6a18cfd335698a801e50117687615b7ad52c16413ced6c89dee73dbe6eefa97

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 302 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b331f475d7d05fe5deef3e9b412c980f29a63d7f6bfb66c1a6bab4512bc66e39

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H/1.1 200
OK favicon_32.png
cloud.victory.dk/userportal/favicons/ 1 KB
1 KB 33ms
33ms Other
image/png 159.69.231.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.victory.dk/userportal/favicons/favicon_32.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.69.231.187 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.187.231.69.159.clients.your-server.de

Software

Resource Hash

fd5d1b7b829206b0c469c95d303788907e6f1d65938d471780a5890020dbc332

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-inline'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none'
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cloud.victory.dk/

Response headers

Strict-Transport-Security: max-age=0
Content-Security-Policy: default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-inline'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none'
max-age: 0
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Permissions-Policy: accelerometer=(), camera=(), document-domain=(), encrypted-media=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=(), publickey-credentials-get=(), usb=(), xr-spatial-tracking=(), fullscreen=(self), autoplay=(self), microphone=(self), picture-in-picture=(), sync-xhr=(self)
expires: Thu, 13 Apr 2023 03:02:06 GMT
Date: Sat, 09 Nov 2024 04:27:18 GMT
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 13 Apr 2023 03:02:06 GMT
Content-type: image/png
X-FRAME-OPTIONS: SAMEORIGIN

GET
DATA 200
OK truncated
/ 25 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4abdbb85a08b95eed858ea54897a2edb0d203a439e26a5c12ab02d3c2abdbb0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H/1.1 200
OK spritesheet_large.png
cloud.victory.dk/userportal/pax-theme/2.0/media/sprites/common/ 17 KB
18 KB 34ms
33ms Image
image/png 159.69.231.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cloud.victory.dk/userportal/pax-theme/2.0/media/sprites/common/spritesheet_large.png

Requested by

Host: cloud.victory.dk
URL: https://cloud.victory.dk/userportal/pax-theme/2.0/theme.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.69.231.187 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.187.231.69.159.clients.your-server.de

Software

Resource Hash

9068389bb5ba8669d949b8a23bd3d4deed60d4dec6b4655814a755868ee35ecb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-inline'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none'
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cloud.victory.dk/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=0
Content-Security-Policy: default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-inline'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none'
max-age: 0
Connection: keep-alive
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Permissions-Policy: accelerometer=(), camera=(), document-domain=(), encrypted-media=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=(), publickey-credentials-get=(), usb=(), xr-spatial-tracking=(), fullscreen=(self), autoplay=(self), microphone=(self), picture-in-picture=(), sync-xhr=(self)
expires: Thu, 13 Apr 2023 03:02:06 GMT
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block
Date: Sat, 09 Nov 2024 04:27:18 GMT
Content-type: image/png
Last-Modified: Thu, 13 Apr 2023 03:02:06 GMT
X-FRAME-OPTIONS: SAMEORIGIN

GET
H/1.1 200
OK icon-cross-norm.png
cloud.victory.dk/userportal/images/ 1 KB
2 KB 34ms
34ms Image
image/png 159.69.231.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cloud.victory.dk/userportal/images/icon-cross-norm.png

Requested by

Host: cloud.victory.dk
URL: https://cloud.victory.dk/userportal/css/style.23942.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.69.231.187 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.187.231.69.159.clients.your-server.de

Software

Resource Hash

6aacafac85899cde4b6c7f91325db8eb730eeae79e6b41afecb2937d3b484758

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-inline'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none'
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cloud.victory.dk/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=0
Content-Security-Policy: default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-inline'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none'
max-age: 0
Connection: keep-alive
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Permissions-Policy: accelerometer=(), camera=(), document-domain=(), encrypted-media=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=(), publickey-credentials-get=(), usb=(), xr-spatial-tracking=(), fullscreen=(self), autoplay=(self), microphone=(self), picture-in-picture=(), sync-xhr=(self)
expires: Thu, 13 Apr 2023 03:02:06 GMT
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block
Date: Sat, 09 Nov 2024 04:27:18 GMT
Content-type: image/png
Last-Modified: Thu, 13 Apr 2023 03:02:06 GMT
X-FRAME-OPTIONS: SAMEORIGIN

GET
H/1.1 200
OK OpenSans-Light.ttf
cloud.victory.dk/userportal/fonts/ 217 KB
218 KB 33ms
33ms Font
application/octet-stream 159.69.231.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.victory.dk/userportal/fonts/OpenSans-Light.ttf

Requested by

Host: cloud.victory.dk
URL: https://cloud.victory.dk/userportal/css/fonts.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.69.231.187 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.187.231.69.159.clients.your-server.de

Software

Resource Hash

1c8d3cc6810ecd3623ebff7d2c3db1a44024260c5ae662f8166d69b9425828ed

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-inline'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none'
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://cloud.victory.dk
Referer: https://cloud.victory.dk/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=0
Content-Security-Policy: default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-inline'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none'
max-age: 0
Connection: keep-alive
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Permissions-Policy: accelerometer=(), camera=(), document-domain=(), encrypted-media=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=(), publickey-credentials-get=(), usb=(), xr-spatial-tracking=(), fullscreen=(self), autoplay=(self), microphone=(self), picture-in-picture=(), sync-xhr=(self)
expires: Thu, 13 Apr 2023 03:02:06 GMT
Keep-Alive: timeout=5
X-XSS-Protection: 1; mode=block
Date: Sat, 09 Nov 2024 04:27:18 GMT
Content-type: application/octet-stream
Last-Modified: Thu, 13 Apr 2023 03:02:06 GMT
X-FRAME-OPTIONS: SAMEORIGIN

GET
H/1.1 200
OK favicon_32.png
cloud.victory.dk/userportal/favicons/ 1 KB
1 KB 61ms
31ms Other
image/png 159.69.231.187
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.victory.dk/userportal/favicons/favicon_32.png

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.69.231.187 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.187.231.69.159.clients.your-server.de

Software

Resource Hash

fd5d1b7b829206b0c469c95d303788907e6f1d65938d471780a5890020dbc332

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-inline'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none'
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://cloud.victory.dk/

Response headers

Strict-Transport-Security: max-age=0
Content-Security-Policy: default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-inline'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none'
max-age: 0
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Permissions-Policy: accelerometer=(), camera=(), document-domain=(), encrypted-media=(), geolocation=(), gyroscope=(), magnetometer=(), midi=(), payment=(), publickey-credentials-get=(), usb=(), xr-spatial-tracking=(), fullscreen=(self), autoplay=(self), microphone=(self), picture-in-picture=(), sync-xhr=(self)
expires: Thu, 13 Apr 2023 03:02:06 GMT
Date: Sat, 09 Nov 2024 04:27:18 GMT
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 13 Apr 2023 03:02:06 GMT
Content-type: image/png
X-FRAME-OPTIONS: SAMEORIGIN

GET
DATA 200
OK truncated
/ 275 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 55b0cad3fb5826bff08e9ef5b8bc70a2c67fc49557466ccae1486f1de1f73029

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
422 B 60ms
60ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=504963883&t=pageview&_s=1&dl=https%3A%2F%2Fcloud.victory.dk%2Fuserportal%2F&ul=da-dk&de=UTF-8&dt=Portmann%20Cloud%20Portal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=2052816916&gjid=1976250658&cid=1839913778.1731126439&tid=UA-62125517-3&_gid=1714526502.1731126439&_r=1&_slc=1&cd1=19.2.1%20(build%2023942)&z=1810697646

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://cloud.victory.dk/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 09 Nov 2024 04:27:19 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://cloud.victory.dk
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 3
server: Golfe2

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
cloud.victory.dk/userportal	1970-01-21 10:28:06	Name: config Value: %7B%22LCNAME%22%3A%22PAXLocale%22%2C%22locale%22%3A%22en_US%22%7D
cloud.victory.dk/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 1731126438077kgfYAT98hvVFDQPs
.cloud.victory.dk/	1970-01-21 09:37:42	Name: PAXLocale Value: en_US
.victory.dk/	1970-01-21 10:28:06	Name: _ga Value: GA1.2.1839913778.1731126439
.victory.dk/	1970-01-21 00:53:32	Name: _gid Value: GA1.2.1714526502.1731126439
.victory.dk/	1970-01-21 00:52:06	Name: _gat Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; frame-src 'self' tuxclient: blob:; style-src 'self' 'unsafe-inline'; script-src 'self' https: 'unsafe-inline' 'unsafe-eval'; font-src 'self' data:; img-src 'self' data: blob: https://www.google-analytics.com; connect-src 'self' wss: https://www.google-analytics.com; object-src 'none'
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cloud.victory.dk
www.google-analytics.com
159.69.231.187
2a00:1450:4001:800::200e
0344d6a6292431917a2b282b2c32b20fb5af43c4f2be2910b3d8d8e47f426f27
13c03e22a633919beb2847c58c8285fb8a735ee97097d7c48fd403f8294b05f8
1c8d3cc6810ecd3623ebff7d2c3db1a44024260c5ae662f8166d69b9425828ed
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
26b8e4f7180a0e551962247be089b187eac3ee15ec9659088048c152158942bc
34e9583d060e41eceeb48956fdd4f4c6ad106994957d8a128e99d03a74a779c3
506af4c0dea33a22347864afd6c8935059f2c3df25e375f8010b7faaaa8b99b5
55b0cad3fb5826bff08e9ef5b8bc70a2c67fc49557466ccae1486f1de1f73029
6aacafac85899cde4b6c7f91325db8eb730eeae79e6b41afecb2937d3b484758
7e01035c57b298f9a3fd4911e46aa7e4d6a4772f632d662a05cea6a2172bf3f3
8002a3ee17d7f3c01438bdd29c7e460d4b0e8bb0b88e88286860dd7c1cab4c5d
81caada88496d1a792962eaf553e361ed596a117266d54b38f60af8c705debde
9068389bb5ba8669d949b8a23bd3d4deed60d4dec6b4655814a755868ee35ecb
a6a18cfd335698a801e50117687615b7ad52c16413ced6c89dee73dbe6eefa97
ab4542fc19dd6eb25a05319c4f0e658c9b060d27c733d59a2c956469f3bee1da
ae8766a024bfb23f076d487a5c88160efd88b31c1119c43341cd952b196c1726
af32d3d1d05e73f287d53f3634df54f8f83a329f6492b4fdffa28bfa55522077
b331f475d7d05fe5deef3e9b412c980f29a63d7f6bfb66c1a6bab4512bc66e39
d4abdbb85a08b95eed858ea54897a2edb0d203a439e26a5c12ab02d3c2abdbb0
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df09707be0e4ae4285106fb7a7914b3f66d995f744a614d35efa65ddd73b4a80
fd5d1b7b829206b0c469c95d303788907e6f1d65938d471780a5890020dbc332

cloud.victory.dk Open in urlscan Pro 159.69.231.187 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

3 IPs

1 Countries

3069 kBTransfer

3278 kBSize

6 Cookies

2 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

6 Cookies

1 Console Messages

Security Headers

Indicators

cloud.victory.dk Open in urlscan Pro
159.69.231.187 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

3069 kB
Transfer

3278 kB
Size

6
Cookies

20 HTTP transactions
4 data transactions