valhalla.nextron-systems.com Open in urlscan Pro
185.241.152.180 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://valhalla.nextron-systems.com/
Effective URL:
https://valhalla.nextron-systems.com/
Submission: On July 12 via api (July 12th 2024, 2:51:09 pm UTC) from IT — Scanned from IT

Summary HTTP 17 Redirects Links 78 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 17 HTTP transactions. The main IP is 185.241.152.180, located in Germany and belongs to WUNET, DE. The main domain is valhalla.nextron-systems.com.
TLS certificate: Issued by R3 on June 3rd 2024. Valid for: 3 months.

This is the only time valhalla.nextron-systems.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	185.241.152.180 185.241.152.180	47777 (WUNET) (WUNET)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
17	3

13 185.241.152.180 (Germany)

ASN47777 (WUNET, DE)

valhalla.nextron-systems.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	nextron-systems.com valhalla.nextron-systems.com	403 KB
2	gstatic.com fonts.gstatic.com	42 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 74	2 KB
17	3

	Domain	Requested by
13	valhalla.nextron-systems.com	valhalla.nextron-systems.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	valhalla.nextron-systems.com
17	3

This site contains links to these domains. Also see Links.

Domain
github.com
leosmith.wtf
www.virustotal.com
research.checkpoint.com
www.elastic.co
twitter.com
yoroi.company
pentest.party
www.esentire.com
redcanary.com
docs.microsoft.com
lolbas-project.github.io
securelist.com
defr0ggy.github.io
learn.microsoft.com
dear-territory-023.notion.site
www.mandiant.com
darkdefender.medium.com
help.hoptodesk.com
docs.tenable.com
www.tenable.com
de.tenable.com
www.fireeye.com
www.nextron-systems.com

Subject Issuer	Validity	Valid
valhalla.nextron-systems.com R3	`2024-06-03` - `2024-09-01`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://valhalla.nextron-systems.com/
Frame ID: F967823B2EA21ABAD9E04BDF180BF741
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Valhalla YARA Rules - Valhalla

Page URL History Show full URLs

http://valhalla.nextron-systems.com/ HTTP 307
https://valhalla.nextron-systems.com/ Page URL

Detected technologies

Chart.js (JavaScript Graphics) Expand

Overall confidence: 75%
Detected patterns

/Chart(?:\.bundle)?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

17
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

446 kB
Transfer

539 kB
Size

0
Cookies

78 Outgoing links

These are links going to different origins than the main page.

URL: https://github.com/TheCruZ/kdmapper

Search URL Search Domain Scan URL

URL: https://github.com/0xsp-SRD/MDE_Enum

Search URL Search Domain Scan URL

URL: https://github.com/NHAS/reverse_ssh/

Search URL Search Domain Scan URL

URL: https://leosmith.wtf/blog/metasploit-and-havoc.html

Search URL Search Domain Scan URL

URL: https://github.com/liwugang/filecrypt

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/file/e40e88307364f9dedb8ada3c5016a62996913ada78581bbbbd98ba917d71ca77/content

Search URL Search Domain Scan URL

URL: https://research.checkpoint.com/2023/malware-spotlight-into-the-trash-analyzing-litterdrifter/

Search URL Search Domain Scan URL

URL: https://www.elastic.co/security-labs/grimresource

Search URL Search Domain Scan URL

URL: https://twitter.com/Gi7w0rm/status/1655327430372995075?s=20

Search URL Search Domain Scan URL

URL: https://github.com/senzee1984/EDRPrison

Search URL Search Domain Scan URL

URL: https://yoroi.company/en/research/the-wayback-campaign-a-large-scale-operation-hiding-in-plain-sight/

Search URL Search Domain Scan URL

URL: https://github.com/fortra/nanodump

Search URL Search Domain Scan URL

URL: https://pentest.party/notes/windows/rdp-dump

Search URL Search Domain Scan URL

URL: https://pentest.party/notes/windows/lsass-dump-extraction

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/search/%2523mal_guloader_shellcode_oct22_3/comments

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/search/%2523susp_mal_exfil_stealer_output_characteristics_sep22_1/comments

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/search/%2523susp_py_obfusc_berserker_indicators_dec22_1/comments

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/search/%2523susp_bat_obfusc_apr23_2/comments

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/search/%2523susp_encrypted_zip_suspicious_contents_jul23_1_file/comments

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/search/%2523susp_pua_rustdesk_apr23_1/comments

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/search/%2523susp_bat_ps1_combo_jan23_2/comments

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/search/%2523susp_js_obfusc_feb23_2/comments

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/search/%2523susp_wevtutil_clearlogs_sep22_1/comments

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/search/%2523susp_cryptbase_pe_info_not_cryptbase_feb23/comments

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/search/%2523susp_obfusc_py_loader_jun23_1/comments

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/search/%2523susp_webshell_obfusc_indicators_aug22_1/comments

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/search/%2523susp_url_split_jun23/comments

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/search/%2523susp_obfusc_js_atob_anomalies_feb23/comments

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/search/%2523pua_ruskdesk_remote_desktop_jun23_1/comments

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/search/%2523susp_js_redirector_mar23/comments

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/search/%2523susp_js_executing_powershell_apr23/comments

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/search/%2523susp_py_reverse_shell_indicators_jan23_1/comments

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/search/%2523susp_obfusc_js_execute_base64_mar23/comments

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/search/%2523susp_encoded_registry_key_paths_sep22_1/comments

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/search/%2523susp_pe_ok_ru_url_jun23/comments

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/search/%2523hktl_clash_tunneling_tool_aug22_2/comments

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/search/%2523susp_py_obfusc_hyperion_aug22_1/comments

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/search/%2523susp_bat_obfusc_apr23_1/comments

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/search/%2523susp_ransom_note_aug22/comments

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/search/%2523susp_obfusc_js_atob_anomalies_feb23_2/comments

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/search/%2523susp_bat_ps1_contents_jan23_1/comments

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/search/%2523susp_obfusc_ps1_formatstrings_dec22_1/comments

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/search/%2523susp_bat_obfusc_apr23_4/comments

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/search/%2523susp_obfusc_bat_dec22_1/comments

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/file/935ca7e2f564ed9fdabaff1f8bfb4f4029a7404a0c22ec8321217c764750c56c/detection

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/file/3800872ae711246cdd457c8271081ead6e1cf67f4d2f2ec9a06c072549eb8e59/detection

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/file/f2575269ce5ee08a90a7f3ca21157b163f8d6b66fd5b39ea7feed8c200a18ab7/detection

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/file/2f7c50d49253c3607107d64254395d494562646020cc9ca9d72f34b22512d6d1/detection

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/file/5cf42d323149d50f7e02466a3168be8bf74a172dec08f90f14d3008e58e57e1c/detection

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/file/4deb000db6320374a6129973be0e6c3154f495578c950cea3b3cd3456f349c4e/detection

Search URL Search Domain Scan URL

URL: https://www.virustotal.com/gui/file/9a267871abe70f50a889992eb53e6238e46ec1484985b317df9998f35a7011c9/detection

Search URL Search Domain Scan URL

URL: https://www.esentire.com/blog/exploring-the-infection-chain-screenconnects-link-to-asyncrat-deployment

Search URL Search Domain Scan URL

URL: https://redcanary.com/blog/threat-intelligence/msix-installers/

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/windows-server/administration/windows-commands/schtasks-change

Search URL Search Domain Scan URL

URL: https://www.esentire.com/blog/fin7-uses-trusted-brands-and-sponsored-google-ads-to-distribute-msix-payloads

Search URL Search Domain Scan URL

URL: https://lolbas-project.github.io/lolbas/Binaries/Fsutil/

Search URL Search Domain Scan URL

URL: https://securelist.com/network-tunneling-with-qemu/111803/

Search URL Search Domain Scan URL

URL: https://defr0ggy.github.io/research/Abusing-Cloudflared-A-Proxy-Service-To-Host-Share-Applications/

Search URL Search Domain Scan URL

URL: https://learn.microsoft.com/en-us/windows/win32/procthread/process-security-and-access-rights

Search URL Search Domain Scan URL

URL: https://twitter.com/DTCERT/status/1712785421845790799

Search URL Search Domain Scan URL

URL: https://twitter.com/0gtweet/status/1477925112561209344

Search URL Search Domain Scan URL

URL: https://github.com/redcanaryco/atomic-red-team/blob/f339e7da7d05f6057fdfcdd3742bfcf365fee2a9/atomics/T1569.001/T1569.001.md

Search URL Search Domain Scan URL

URL: https://github.com/redcanaryco/atomic-red-team/blob/5f866ca4517e837c4ea576e7309d0891e78080a8/atomics/T1040/T1040.md#atomic-test-16---powershell-network-sniffing

Search URL Search Domain Scan URL

URL: https://github.com/redcanaryco/atomic-red-team/blob/7e11e9b79583545f208a6dc3fa062f2ed443d999/atomics/T1548.002/T1548.002.md

Search URL Search Domain Scan URL

URL: https://dear-territory-023.notion.site/WebDav-Share-Testing-e4950fa0c00149c3aa430d779b9b1d0f?pvs=4

Search URL Search Domain Scan URL

URL: https://www.mandiant.com/resources/blog/triton-actor-ttp-profile-custom-attack-tools-detections

Search URL Search Domain Scan URL

URL: https://github.com/redcanaryco/atomic-red-team/blob/master/atomics/T1562.004/T1562.004.md#atomic-test-24---set-a-firewall-rule-using-new-netfirewallrule

Search URL Search Domain Scan URL

URL: https://darkdefender.medium.com/windows-10-mail-app-forensics-39025f5418d2

Search URL Search Domain Scan URL

URL: https://github.com/LOLBAS-Project/LOLBAS/blob/2cc01b01132b5c304027a658c698ae09dd6a92bf/yml/OSBinaries/Wbadmin.yml

Search URL Search Domain Scan URL

URL: https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/wbadmin-start-recovery

Search URL Search Domain Scan URL

URL: https://github.com/randyrants/sharpkeys/

Search URL Search Domain Scan URL

URL: https://help.hoptodesk.com/#command-line-arguments-1670685043

Search URL Search Domain Scan URL

URL: https://docs.tenable.com/nessus/Content/CredentialedChecksOnWindows.htm
Title: https://docs.tenable.com/nessus/Content/CredentialedChecksOnWindows.htm

Search URL Search Domain Scan URL

URL: https://www.tenable.com/plugins/nessus/91990
Title: 91990

Search URL Search Domain Scan URL

URL: https://de.tenable.com/blog/threat-hunting-with-yara-and-nessus
Title: https://de.tenable.com/blog/threat-hunting-with-yara-and-nessus

Search URL Search Domain Scan URL

URL: https://github.com/carbonblack/cb-yara-connector
Title: https://github.com/carbonblack/cb-yara-connector

Search URL Search Domain Scan URL

URL: https://www.fireeye.com/blog/products-and-services/2018/12/detect-and-block-email-threats-with-custom-yara-rules.html
Title: https://www.fireeye.com/blog/products-and-services/2018/12/detect-and-block-email-threats-with-custom-yara-rules.html

Search URL Search Domain Scan URL

URL: https://www.nextron-systems.com/thor/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://valhalla.nextron-systems.com/ HTTP 307
https://valhalla.nextron-systems.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
valhalla.nextron-systems.com/
Redirect Chain

http://valhalla.nextron-systems.com/
https://valhalla.nextron-systems.com/

112 KB
19 KB

369ms
289ms

Document
text/html

185.241.152.180
WUNET

General

Check archive.org

Show headers Download Go to

Full URL: https://valhalla.nextron-systems.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.241.152.180 , Germany, ASN47777 (WUNET, DE),
Reverse DNS
Software: nginx /
Resource Hash: aa1ffc0563be81ba24e8f9bd8e5549c39edddbec5491b1ceb59a6f421933d324

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Fri, 12 Jul 2024 14:51:04 GMT
Server: nginx
Transfer-Encoding: chunked

Redirect headers

Location: https://valhalla.nextron-systems.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 200
OK style.css
valhalla.nextron-systems.com/static/ 10 KB
10 KB 35ms
33ms Stylesheet
text/css 185.241.152.180
WUNET

General

Check archive.org

Show headers Download Go to

Full URL: https://valhalla.nextron-systems.com/static/style.css?v=1.1.2
Requested by: Host: valhalla.nextron-systems.com
URL: https://valhalla.nextron-systems.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.241.152.180 , Germany, ASN47777 (WUNET, DE),
Reverse DNS
Software: nginx /
Resource Hash: 4e28b97a3befbf9c565e8fd13febea283e59ecda24b8b7c6233327a6dcfcbdb7

Request headers

Referer: https://valhalla.nextron-systems.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Fri, 12 Jul 2024 14:51:04 GMT
Last-Modified: Fri, 28 Jul 2023 12:16:07 GMT
Server: nginx
ETag: "64c3b187-286d"
Content-Type: text/css
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10349
Expires: Sat, 13 Jul 2024 14:51:04 GMT

GET
H/1.1 200
OK chart.min.css
valhalla.nextron-systems.com/static/ 521 B
821 B 67ms
31ms Stylesheet
text/css 185.241.152.180
WUNET

General

Check archive.org

Show headers Download Go to

Full URL: https://valhalla.nextron-systems.com/static/chart.min.css
Requested by: Host: valhalla.nextron-systems.com
URL: https://valhalla.nextron-systems.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.241.152.180 , Germany, ASN47777 (WUNET, DE),
Reverse DNS
Software: nginx /
Resource Hash: 69ad316898262bf5fbe16336db828c41e3500b6c582b0940b74f2866a8de1741

Request headers

Referer: https://valhalla.nextron-systems.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Fri, 12 Jul 2024 14:51:04 GMT
Last-Modified: Fri, 28 Jul 2023 12:16:07 GMT
Server: nginx
ETag: "64c3b187-209"
Content-Type: text/css
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 521
Expires: Sat, 13 Jul 2024 14:51:04 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
711 B 118ms
43ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed

Requested by

Host: valhalla.nextron-systems.com
URL: https://valhalla.nextron-systems.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9891d15f4d1053d2a69a38af4e16c049d1123d877a7a8914eca155abb93cd348

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://valhalla.nextron-systems.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Jul 2024 14:51:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Jul 2024 13:45:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Jul 2024 14:51:04 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 110ms
35ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:700

Requested by

Host: valhalla.nextron-systems.com
URL: https://valhalla.nextron-systems.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f18c13dd052559f98602abaea443f382c5424cafe8eac4f51f0f38e800073332

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://valhalla.nextron-systems.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 12 Jul 2024 14:51:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 12 Jul 2024 14:39:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Jul 2024 14:51:04 GMT

GET
H/1.1 200
OK fontawesome.css
valhalla.nextron-systems.com/static/fontawesome/css/ 70 KB
70 KB 118ms
57ms Stylesheet
text/css 185.241.152.180
WUNET

General

Check archive.org

Show headers Download Go to

Full URL: https://valhalla.nextron-systems.com/static/fontawesome/css/fontawesome.css
Requested by: Host: valhalla.nextron-systems.com
URL: https://valhalla.nextron-systems.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.241.152.180 , Germany, ASN47777 (WUNET, DE),
Reverse DNS
Software: nginx /
Resource Hash: 04e006f8545615d85e460487df8169d506369c7fafac7227d296e4e749021fca

Request headers

Referer: https://valhalla.nextron-systems.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Fri, 12 Jul 2024 14:51:04 GMT
Last-Modified: Fri, 28 Jul 2023 12:16:07 GMT
Server: nginx
ETag: "64c3b187-1173a"
Content-Type: text/css
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 71482
Expires: Sat, 13 Jul 2024 14:51:04 GMT

GET
H/1.1 200
OK brands.css
valhalla.nextron-systems.com/static/fontawesome/css/ 732 B
1 KB 90ms
29ms Stylesheet
text/css 185.241.152.180
WUNET

General

Check archive.org

Show headers Download Go to

Full URL: https://valhalla.nextron-systems.com/static/fontawesome/css/brands.css
Requested by: Host: valhalla.nextron-systems.com
URL: https://valhalla.nextron-systems.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.241.152.180 , Germany, ASN47777 (WUNET, DE),
Reverse DNS
Software: nginx /
Resource Hash: a1dfb91a22a70d536674b08b3f0a5864f0a8b767d1a475ad3512f62ef4e0b9c6

Request headers

Referer: https://valhalla.nextron-systems.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Fri, 12 Jul 2024 14:51:04 GMT
Last-Modified: Fri, 28 Jul 2023 12:16:07 GMT
Server: nginx
ETag: "64c3b187-2dc"
Content-Type: text/css
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 732
Expires: Sat, 13 Jul 2024 14:51:04 GMT

GET
H/1.1 200
OK solid.css
valhalla.nextron-systems.com/static/fontawesome/css/ 727 B
1 KB 93ms
30ms Stylesheet
text/css 185.241.152.180
WUNET

General

Check archive.org

Show headers Download Go to

Full URL: https://valhalla.nextron-systems.com/static/fontawesome/css/solid.css
Requested by: Host: valhalla.nextron-systems.com
URL: https://valhalla.nextron-systems.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.241.152.180 , Germany, ASN47777 (WUNET, DE),
Reverse DNS
Software: nginx /
Resource Hash: 1a83f492300bfde68554fa8f5daa588537e7b61f4d027573ae45777bff2e89cb

Request headers

Referer: https://valhalla.nextron-systems.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Fri, 12 Jul 2024 14:51:04 GMT
Last-Modified: Fri, 28 Jul 2023 12:16:07 GMT
Server: nginx
ETag: "64c3b187-2d7"
Content-Type: text/css
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 727
Expires: Sat, 13 Jul 2024 14:51:04 GMT

GET
H/1.1 200
OK modal_flat.css
valhalla.nextron-systems.com/static/modal-alert/css/ 708 B
1008 B 97ms
33ms Stylesheet
text/css 185.241.152.180
WUNET

General

Check archive.org

Show headers Download Go to

Full URL: https://valhalla.nextron-systems.com/static/modal-alert/css/modal_flat.css
Requested by: Host: valhalla.nextron-systems.com
URL: https://valhalla.nextron-systems.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.241.152.180 , Germany, ASN47777 (WUNET, DE),
Reverse DNS
Software: nginx /
Resource Hash: 1794d6c8fb3fa0bac5b48cee6719db894924697ca4b04dfe89d83b523db83158

Request headers

Referer: https://valhalla.nextron-systems.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Fri, 12 Jul 2024 14:51:04 GMT
Last-Modified: Fri, 28 Jul 2023 12:16:08 GMT
Server: nginx
ETag: "64c3b188-2c4"
Content-Type: text/css
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 708
Expires: Sat, 13 Jul 2024 14:51:04 GMT

GET
H/1.1 200
OK daypilot-modal-2.9.js Show response
valhalla.nextron-systems.com/static/modal-alert/js/ 43 KB
43 KB 100ms
33ms Script
application/javascript 185.241.152.180
WUNET

General

Check archive.org

Show headers Download Go to

Full URL: https://valhalla.nextron-systems.com/static/modal-alert/js/daypilot-modal-2.9.js
Requested by: Host: valhalla.nextron-systems.com
URL: https://valhalla.nextron-systems.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.241.152.180 , Germany, ASN47777 (WUNET, DE),
Reverse DNS
Software: nginx /
Resource Hash: ca28ac627abe06b1c3e189bec1c0a02caa835e48de8ca7ee1490facab632d03a

Request headers

Referer: https://valhalla.nextron-systems.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Fri, 12 Jul 2024 14:51:04 GMT
Last-Modified: Fri, 28 Jul 2023 12:16:08 GMT
Server: nginx
ETag: "64c3b188-ab3f"
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43839
Expires: Sat, 13 Jul 2024 14:51:04 GMT

GET
H/1.1 200
OK chart.min.js Show response
valhalla.nextron-systems.com/static/ 153 KB
153 KB 147ms
57ms Script
application/javascript 185.241.152.180
WUNET

General

Check archive.org

Show headers Download Go to

Full URL: https://valhalla.nextron-systems.com/static/chart.min.js
Requested by: Host: valhalla.nextron-systems.com
URL: https://valhalla.nextron-systems.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.241.152.180 , Germany, ASN47777 (WUNET, DE),
Reverse DNS
Software: nginx /
Resource Hash: 52ff41341b9cbc23e2a4a436352f706292668bc0d33847d303f9c7d9aa0900bc

Request headers

Referer: https://valhalla.nextron-systems.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Fri, 12 Jul 2024 14:51:04 GMT
Last-Modified: Fri, 28 Jul 2023 12:16:07 GMT
Server: nginx
ETag: "64c3b187-26431"
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 156721
Expires: Sat, 13 Jul 2024 14:51:04 GMT

GET
H/1.1 200
OK valhalla-logo.png
valhalla.nextron-systems.com/static/ 7 KB
7 KB 33ms
30ms Image
image/png 185.241.152.180
WUNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://valhalla.nextron-systems.com/static/valhalla-logo.png
Requested by: Host: valhalla.nextron-systems.com
URL: https://valhalla.nextron-systems.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.241.152.180 , Germany, ASN47777 (WUNET, DE),
Reverse DNS
Software: nginx /
Resource Hash: adb91c5506639970547886bd5063fe43037c85a63c0c6491c2da2531d449c87a

Request headers

Referer: https://valhalla.nextron-systems.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Fri, 12 Jul 2024 14:51:04 GMT
Last-Modified: Fri, 28 Jul 2023 12:16:07 GMT
Server: nginx
ETag: "64c3b187-1a50"
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6736
Expires: Sat, 13 Jul 2024 14:51:04 GMT

GET
H/1.1 200
OK thor_symbol_16x16.png
valhalla.nextron-systems.com/static/ 2 KB
2 KB 48ms
47ms Image
image/png 185.241.152.180
WUNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://valhalla.nextron-systems.com/static/thor_symbol_16x16.png
Requested by: Host: valhalla.nextron-systems.com
URL: https://valhalla.nextron-systems.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.241.152.180 , Germany, ASN47777 (WUNET, DE),
Reverse DNS
Software: nginx /
Resource Hash: c7bc23e8ac1a6315ea58f2cbe6fae67bfc34ae3977dd56fa72b659d4fdaa6e95

Request headers

Referer: https://valhalla.nextron-systems.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Fri, 12 Jul 2024 14:51:04 GMT
Last-Modified: Fri, 28 Jul 2023 12:16:07 GMT
Server: nginx
ETag: "64c3b187-7c4"
Content-Type: image/png
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1988
Expires: Sat, 13 Jul 2024 14:51:04 GMT

GET
H2 200 ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 20 KB
20 KB 129ms
56ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

948d25dc34ee935a5254468691714c9f2e53a2927652a077c2ca84cb03fa4895

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://valhalla.nextron-systems.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 04:58:47 GMT
x-content-type-options: nosniff
age: 121937
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20824
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:53:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Jul 2025 04:58:47 GMT

GET
H2 200 ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyVVpcBO5Xw.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 21 KB
21 KB 102ms
30ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyVVpcBO5Xw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9514372ab8ac313ea8019966fdcfe91b201c3aa69f92de8346ab34af461bbad2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://valhalla.nextron-systems.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 15:12:28 GMT
x-content-type-options: nosniff
age: 257916
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21140
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:53:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Jul 2025 15:12:28 GMT

GET
H/1.1 200
OK fa-solid-900.woff2
valhalla.nextron-systems.com/static/fontawesome/webfonts/ 78 KB
79 KB 32ms
31ms Font
application/octet-stream 185.241.152.180
WUNET

General

Check archive.org

Show headers Download Go to

Full URL: https://valhalla.nextron-systems.com/static/fontawesome/webfonts/fa-solid-900.woff2
Requested by: Host: valhalla.nextron-systems.com
URL: https://valhalla.nextron-systems.com/static/fontawesome/css/solid.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.241.152.180 , Germany, ASN47777 (WUNET, DE),
Reverse DNS
Software: nginx /
Resource Hash: cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658

Request headers

Referer: https://valhalla.nextron-systems.com/static/fontawesome/css/solid.css
Origin: https://valhalla.nextron-systems.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Fri, 12 Jul 2024 14:51:04 GMT
Last-Modified: Fri, 28 Jul 2023 12:16:08 GMT
Server: nginx
ETag: "64c3b188-13914"
Content-Type: application/octet-stream
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 80148
Expires: Sat, 13 Jul 2024 14:51:04 GMT

GET
H/1.1 200
OK favicon.ico
valhalla.nextron-systems.com/static/ 15 KB
15 KB 30ms
30ms Other
image/x-icon 185.241.152.180
WUNET

General

Check archive.org

Show headers Download Go to

Full URL: https://valhalla.nextron-systems.com/static/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.241.152.180 , Germany, ASN47777 (WUNET, DE),
Reverse DNS
Software: nginx /
Resource Hash: 3ce5feb9cc26c2c7dbfed5e4ec8bda8c9ab03d9e50d5e98b06af7ea18fada2ca

Request headers

Referer: https://valhalla.nextron-systems.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Fri, 12 Jul 2024 14:51:05 GMT
Last-Modified: Fri, 28 Jul 2023 12:16:07 GMT
Server: nginx
ETag: "64c3b187-3c2e"
Content-Type: image/x-icon
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15406
Expires: Sat, 13 Jul 2024 14:51:05 GMT

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
valhalla.nextron-systems.com
185.241.152.180
2a00:1450:4001:827::2003
2a00:1450:4001:82f::200a
04e006f8545615d85e460487df8169d506369c7fafac7227d296e4e749021fca
1794d6c8fb3fa0bac5b48cee6719db894924697ca4b04dfe89d83b523db83158
1a83f492300bfde68554fa8f5daa588537e7b61f4d027573ae45777bff2e89cb
3ce5feb9cc26c2c7dbfed5e4ec8bda8c9ab03d9e50d5e98b06af7ea18fada2ca
4e28b97a3befbf9c565e8fd13febea283e59ecda24b8b7c6233327a6dcfcbdb7
52ff41341b9cbc23e2a4a436352f706292668bc0d33847d303f9c7d9aa0900bc
69ad316898262bf5fbe16336db828c41e3500b6c582b0940b74f2866a8de1741
948d25dc34ee935a5254468691714c9f2e53a2927652a077c2ca84cb03fa4895
9514372ab8ac313ea8019966fdcfe91b201c3aa69f92de8346ab34af461bbad2
9891d15f4d1053d2a69a38af4e16c049d1123d877a7a8914eca155abb93cd348
a1dfb91a22a70d536674b08b3f0a5864f0a8b767d1a475ad3512f62ef4e0b9c6
aa1ffc0563be81ba24e8f9bd8e5549c39edddbec5491b1ceb59a6f421933d324
adb91c5506639970547886bd5063fe43037c85a63c0c6491c2da2531d449c87a
c7bc23e8ac1a6315ea58f2cbe6fae67bfc34ae3977dd56fa72b659d4fdaa6e95
ca28ac627abe06b1c3e189bec1c0a02caa835e48de8ca7ee1490facab632d03a
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658
f18c13dd052559f98602abaea443f382c5424cafe8eac4f51f0f38e800073332

valhalla.nextron-systems.com Open in urlscan Pro 185.241.152.180 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

100 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

3 IPs

1 Countries

446 kBTransfer

539 kBSize

0 Cookies

78 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

0 Cookies

Indicators

valhalla.nextron-systems.com Open in urlscan Pro
185.241.152.180 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

446 kB
Transfer

539 kB
Size

0
Cookies

17 HTTP transactions
0 data transactions