urlscan.io logo urlscan.io
SecurityTrails logo

portal.ucom.cloud Open in urlscan Pro
193.32.51.176  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.users.sotel.at/
Effective URL: https://portal.ucom.cloud/
Submission: On June 13 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 9 HTTP transactions. The main IP is 193.32.51.176, located in Austria and belongs to IP-AUSTRIA-COMMUNICATION-GMBH-AS, AT. The main domain is portal.ucom.cloud.
TLS certificate: Issued by R3 on June 3rd 2023. Valid for: 3 months.
This is the only time portal.ucom.cloud was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 91.220.179.49 21013 (ITANDTEL-...)
6 193.32.51.176 198400 (IP-AUSTRI...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
9 3
Apex Domain
Subdomains		 Transfer
6 ucom.cloud
portal.ucom.cloud
56 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 993
36 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 263
27 KB
1 sotel.at
www.users.sotel.at
251 B
9 4
Domain Requested by
6 portal.ucom.cloud portal.ucom.cloud
2 maxcdn.bootstrapcdn.com portal.ucom.cloud
1 cdnjs.cloudflare.com portal.ucom.cloud
1 www.users.sotel.at 1 redirects
9 4

This site contains no links.

Subject Issuer Validity Valid
portal.ucom.cloud
R3		 2023-06-03 -
2023-09-01		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh

This page contains 1 frames:

Primary Page: https://portal.ucom.cloud/
Frame ID: 41CD18C631B5689A9EC0CE707F0B976B
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login

Page URL History Show full URLs

  1. https://www.users.sotel.at/ HTTP 302
    https://portal.ucom.cloud/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

9
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

120 kB
Transfer

420 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.users.sotel.at/ HTTP 302
    https://portal.ucom.cloud/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
portal.ucom.cloud/
Redirect Chain
  • https://www.users.sotel.at/
  • https://portal.ucom.cloud/
12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://portal.ucom.cloud/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.32.51.176 , Austria, ASN198400 (IP-AUSTRIA-COMMUNICATION-GMBH-AS, AT),
Reverse DNS
Software
Apache /
Resource Hash
cd61e0922e795ae7a608ac6867c28a1db73110e77414f69390bd4e51f175afe9
Security Headers
Name Value
Content-Security-Policy default-src https://*.ucom.cloud; script-src 'unsafe-inline' 'unsafe-eval' https://*.ucom.cloud https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://ajax.googleapis.com https://code.jquery.com https://d3js.org https://cdn.datatables.net https://cdn.jsdelivr.net https://unpkg.com; style-src 'unsafe-inline' https://*.ucom.cloud https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://use.fontawesome.com https://cdn.datatables.net https://ajax.googleapis.com https://unpkg.com; img-src data: blob: https://*.ucom.cloud https://cdn.datatables.net https://ajax.googleapis.com; font-src https://*.ucom.cloud https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://use.fontawesome.com; connect-src https://*.ucom.cloud https://cdn.datatables.net
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
2174
Content-Security-Policy
default-src https://*.ucom.cloud; script-src 'unsafe-inline' 'unsafe-eval' https://*.ucom.cloud https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://ajax.googleapis.com https://code.jquery.com https://d3js.org https://cdn.datatables.net https://cdn.jsdelivr.net https://unpkg.com; style-src 'unsafe-inline' https://*.ucom.cloud https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://use.fontawesome.com https://cdn.datatables.net https://ajax.googleapis.com https://unpkg.com; img-src data: blob: https://*.ucom.cloud https://cdn.datatables.net https://ajax.googleapis.com; font-src https://*.ucom.cloud https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://use.fontawesome.com; connect-src https://*.ucom.cloud https://cdn.datatables.net
Content-Type
text/html; charset=utf-8
Cross-Origin-Embedder-Policy
require-corp; report-to='default'
Cross-Origin-Opener-Policy
same-origin; report-to='default'
Cross-Origin-Resource-Policy
same-origin
Date
Tue, 13 Jun 2023 10:33:48 GMT
Keep-Alive
timeout=5, max=100
Permissions-Policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=()
Referrer-Policy
same-origin
Server
Apache
Strict-Transport-Security
max-age=63072000
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Xss-Protection
1; mode=block

Redirect headers

Connection
Keep-Alive
Content-Length
295
Content-Type
text/html; charset=iso-8859-1
Date
Tue, 13 Jun 2023 10:33:48 GMT
Keep-Alive
timeout=5, max=100
Location
https://portal.ucom.cloud/
Server
Apache/2.4.52 (Ubuntu)
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.1.1/css/ 		138 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.1.1/css/bootstrap.min.css
Requested by
Host: portal.ucom.cloud
URL: https://portal.ucom.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 10:33:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
617, 617
age
13849996
cdn-cachedat
2021-06-08 14:36:18
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:05 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
b2915590a24a7e889382e9de0f9fa1bb
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
7d69ad6ccc522c5a-FRA
cdn-requestpullsuccess
True
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.1.1/js/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.1.1/js/bootstrap.min.js
Requested by
Host: portal.ucom.cloud
URL: https://portal.ucom.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 10:33:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
617, 617
age
13849996
cdn-cachedat
2021-06-08 14:21:11
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:05 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
ddd13c7ba304d640e9a091095191a174
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
7d69ad6ccc532c5a-FRA
cdn-requestpullsuccess
True
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/ 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: portal.ucom.cloud
URL: https://portal.ucom.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 13 Jun 2023 10:33:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1012557
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27277
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-15283"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xp9DdjodUqSfBlBK7y1fMTi%2FQEqzfNHDw3mv5jifhyA2WXNN%2FzCLiBnLxLKXXIHFHpMENI9WXOqOz86dOZxOT83rNzcGH4rfmvTwdpfqICunmg%2FZMz7ZVTlVaktuIdSgkrIFhaPd5HrGOnE6QMzPwdUQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7d69ad6cce8290d6-FRA
expires
Sun, 02 Jun 2024 10:33:48 GMT
chance.min.js
portal.ucom.cloud/static/js/ 		117 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.ucom.cloud/static/js/chance.min.js
Requested by
Host: portal.ucom.cloud
URL: https://portal.ucom.cloud/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.32.51.176 , Austria, ASN198400 (IP-AUSTRIA-COMMUNICATION-GMBH-AS, AT),
Reverse DNS
Software
Apache /
Resource Hash
bf0d1943c72f827e7a6b9e7a2863ae80f44a22e11c8115dd328f055015be46cd
Security Headers
Name Value
Content-Security-Policy default-src https://*.ucom.cloud; script-src 'unsafe-inline' 'unsafe-eval' https://*.ucom.cloud https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://ajax.googleapis.com https://code.jquery.com https://d3js.org https://cdn.datatables.net https://cdn.jsdelivr.net https://unpkg.com; style-src 'unsafe-inline' https://*.ucom.cloud https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://use.fontawesome.com https://cdn.datatables.net https://ajax.googleapis.com https://unpkg.com; img-src data: blob: https://*.ucom.cloud https://cdn.datatables.net https://ajax.googleapis.com; font-src https://*.ucom.cloud https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://use.fontawesome.com; connect-src https://*.ucom.cloud https://cdn.datatables.net
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.ucom.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Tue, 13 Jun 2023 10:33:48 GMT
Strict-Transport-Security
max-age=63072000
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src https://*.ucom.cloud; script-src 'unsafe-inline' 'unsafe-eval' https://*.ucom.cloud https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://ajax.googleapis.com https://code.jquery.com https://d3js.org https://cdn.datatables.net https://cdn.jsdelivr.net https://unpkg.com; style-src 'unsafe-inline' https://*.ucom.cloud https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://use.fontawesome.com https://cdn.datatables.net https://ajax.googleapis.com https://unpkg.com; img-src data: blob: https://*.ucom.cloud https://cdn.datatables.net https://ajax.googleapis.com; font-src https://*.ucom.cloud https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://use.fontawesome.com; connect-src https://*.ucom.cloud https://cdn.datatables.net
Content-Encoding
gzip
Cross-Origin-Embedder-Policy
require-corp; report-to='default'
Cross-Origin-Resource-Policy
same-origin
Connection
Keep-Alive
Content-Length
37387
X-Xss-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 07 Jun 2023 11:50:16 GMT
Server
Apache
Cross-Origin-Opener-Policy
same-origin; report-to='default'
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Permissions-Policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=()
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
bowser.min.js
portal.ucom.cloud/static/js/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.ucom.cloud/static/js/bowser.min.js
Requested by
Host: portal.ucom.cloud
URL: https://portal.ucom.cloud/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.32.51.176 , Austria, ASN198400 (IP-AUSTRIA-COMMUNICATION-GMBH-AS, AT),
Reverse DNS
Software
Apache /
Resource Hash
0df36faa8c0da70e17455582d9546a49749d3b4053b285f85f706d90be77e3ec
Security Headers
Name Value
Content-Security-Policy default-src https://*.ucom.cloud; script-src 'unsafe-inline' 'unsafe-eval' https://*.ucom.cloud https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://ajax.googleapis.com https://code.jquery.com https://d3js.org https://cdn.datatables.net https://cdn.jsdelivr.net https://unpkg.com; style-src 'unsafe-inline' https://*.ucom.cloud https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://use.fontawesome.com https://cdn.datatables.net https://ajax.googleapis.com https://unpkg.com; img-src data: blob: https://*.ucom.cloud https://cdn.datatables.net https://ajax.googleapis.com; font-src https://*.ucom.cloud https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://use.fontawesome.com; connect-src https://*.ucom.cloud https://cdn.datatables.net
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.ucom.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Tue, 13 Jun 2023 10:33:48 GMT
Strict-Transport-Security
max-age=63072000
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src https://*.ucom.cloud; script-src 'unsafe-inline' 'unsafe-eval' https://*.ucom.cloud https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://ajax.googleapis.com https://code.jquery.com https://d3js.org https://cdn.datatables.net https://cdn.jsdelivr.net https://unpkg.com; style-src 'unsafe-inline' https://*.ucom.cloud https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://use.fontawesome.com https://cdn.datatables.net https://ajax.googleapis.com https://unpkg.com; img-src data: blob: https://*.ucom.cloud https://cdn.datatables.net https://ajax.googleapis.com; font-src https://*.ucom.cloud https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://use.fontawesome.com; connect-src https://*.ucom.cloud https://cdn.datatables.net
Content-Encoding
gzip
Cross-Origin-Embedder-Policy
require-corp; report-to='default'
Cross-Origin-Resource-Policy
same-origin
Connection
Keep-Alive
Content-Length
2434
X-Xss-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 07 Jun 2023 11:50:17 GMT
Server
Apache
Cross-Origin-Opener-Policy
same-origin; report-to='default'
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Permissions-Policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=()
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
helpers.js
portal.ucom.cloud/static/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.ucom.cloud/static/helpers.js?version=VtVB6LojkOrHc0AU
Requested by
Host: portal.ucom.cloud
URL: https://portal.ucom.cloud/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.32.51.176 , Austria, ASN198400 (IP-AUSTRIA-COMMUNICATION-GMBH-AS, AT),
Reverse DNS
Software
Apache /
Resource Hash
a7f8048e951d699049b93670b3baa9881ff05ca9c34983c6f6d727047b39eaaa
Security Headers
Name Value
Content-Security-Policy default-src https://*.ucom.cloud; script-src 'unsafe-inline' 'unsafe-eval' https://*.ucom.cloud https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://ajax.googleapis.com https://code.jquery.com https://d3js.org https://cdn.datatables.net https://cdn.jsdelivr.net https://unpkg.com; style-src 'unsafe-inline' https://*.ucom.cloud https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://use.fontawesome.com https://cdn.datatables.net https://ajax.googleapis.com https://unpkg.com; img-src data: blob: https://*.ucom.cloud https://cdn.datatables.net https://ajax.googleapis.com; font-src https://*.ucom.cloud https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://use.fontawesome.com; connect-src https://*.ucom.cloud https://cdn.datatables.net
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.ucom.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Tue, 13 Jun 2023 10:33:48 GMT
Strict-Transport-Security
max-age=63072000
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src https://*.ucom.cloud; script-src 'unsafe-inline' 'unsafe-eval' https://*.ucom.cloud https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://ajax.googleapis.com https://code.jquery.com https://d3js.org https://cdn.datatables.net https://cdn.jsdelivr.net https://unpkg.com; style-src 'unsafe-inline' https://*.ucom.cloud https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://use.fontawesome.com https://cdn.datatables.net https://ajax.googleapis.com https://unpkg.com; img-src data: blob: https://*.ucom.cloud https://cdn.datatables.net https://ajax.googleapis.com; font-src https://*.ucom.cloud https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://use.fontawesome.com; connect-src https://*.ucom.cloud https://cdn.datatables.net
Content-Encoding
gzip
Cross-Origin-Embedder-Policy
require-corp; report-to='default'
Cross-Origin-Resource-Policy
same-origin
Connection
Keep-Alive
Content-Length
882
X-Xss-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 07 Jun 2023 11:50:16 GMT
Server
Apache
Cross-Origin-Opener-Policy
same-origin; report-to='default'
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Permissions-Policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=()
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
login.js
portal.ucom.cloud/static/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.ucom.cloud/static/login.js?version=VtVB6LojkOrHc0AU
Requested by
Host: portal.ucom.cloud
URL: https://portal.ucom.cloud/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.32.51.176 , Austria, ASN198400 (IP-AUSTRIA-COMMUNICATION-GMBH-AS, AT),
Reverse DNS
Software
Apache /
Resource Hash
4982bebc4b1896ac651c6bc7761e6124230b0c614174dac96c4a0d766c01698d
Security Headers
Name Value
Content-Security-Policy default-src https://*.ucom.cloud; script-src 'unsafe-inline' 'unsafe-eval' https://*.ucom.cloud https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://ajax.googleapis.com https://code.jquery.com https://d3js.org https://cdn.datatables.net https://cdn.jsdelivr.net https://unpkg.com; style-src 'unsafe-inline' https://*.ucom.cloud https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://use.fontawesome.com https://cdn.datatables.net https://ajax.googleapis.com https://unpkg.com; img-src data: blob: https://*.ucom.cloud https://cdn.datatables.net https://ajax.googleapis.com; font-src https://*.ucom.cloud https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://use.fontawesome.com; connect-src https://*.ucom.cloud https://cdn.datatables.net
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.ucom.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Tue, 13 Jun 2023 10:33:48 GMT
Strict-Transport-Security
max-age=63072000
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src https://*.ucom.cloud; script-src 'unsafe-inline' 'unsafe-eval' https://*.ucom.cloud https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://ajax.googleapis.com https://code.jquery.com https://d3js.org https://cdn.datatables.net https://cdn.jsdelivr.net https://unpkg.com; style-src 'unsafe-inline' https://*.ucom.cloud https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://use.fontawesome.com https://cdn.datatables.net https://ajax.googleapis.com https://unpkg.com; img-src data: blob: https://*.ucom.cloud https://cdn.datatables.net https://ajax.googleapis.com; font-src https://*.ucom.cloud https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://use.fontawesome.com; connect-src https://*.ucom.cloud https://cdn.datatables.net
Content-Encoding
gzip
Cross-Origin-Embedder-Policy
require-corp; report-to='default'
Cross-Origin-Resource-Policy
same-origin
Connection
Keep-Alive
Content-Length
1615
X-Xss-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 07 Jun 2023 11:50:16 GMT
Server
Apache
Cross-Origin-Opener-Policy
same-origin; report-to='default'
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Permissions-Policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=()
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
login.css
portal.ucom.cloud/static/css/ 		4 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.ucom.cloud/static/css/login.css
Requested by
Host: portal.ucom.cloud
URL: https://portal.ucom.cloud/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.32.51.176 , Austria, ASN198400 (IP-AUSTRIA-COMMUNICATION-GMBH-AS, AT),
Reverse DNS
Software
Apache /
Resource Hash
bbd6868413c0c93a12f863e880508b8eee8cb4fbf51bc134b2ab32fdb311b65a
Security Headers
Name Value
Content-Security-Policy default-src https://*.ucom.cloud; script-src 'unsafe-inline' 'unsafe-eval' https://*.ucom.cloud https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://ajax.googleapis.com https://code.jquery.com https://d3js.org https://cdn.datatables.net https://cdn.jsdelivr.net https://unpkg.com; style-src 'unsafe-inline' https://*.ucom.cloud https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://use.fontawesome.com https://cdn.datatables.net https://ajax.googleapis.com https://unpkg.com; img-src data: blob: https://*.ucom.cloud https://cdn.datatables.net https://ajax.googleapis.com; font-src https://*.ucom.cloud https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://use.fontawesome.com; connect-src https://*.ucom.cloud https://cdn.datatables.net
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.ucom.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Tue, 13 Jun 2023 10:33:48 GMT
Strict-Transport-Security
max-age=63072000
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src https://*.ucom.cloud; script-src 'unsafe-inline' 'unsafe-eval' https://*.ucom.cloud https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://ajax.googleapis.com https://code.jquery.com https://d3js.org https://cdn.datatables.net https://cdn.jsdelivr.net https://unpkg.com; style-src 'unsafe-inline' https://*.ucom.cloud https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://use.fontawesome.com https://cdn.datatables.net https://ajax.googleapis.com https://unpkg.com; img-src data: blob: https://*.ucom.cloud https://cdn.datatables.net https://ajax.googleapis.com; font-src https://*.ucom.cloud https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://use.fontawesome.com; connect-src https://*.ucom.cloud https://cdn.datatables.net
Content-Encoding
gzip
Cross-Origin-Embedder-Policy
require-corp; report-to='default'
Cross-Origin-Resource-Policy
same-origin
Connection
Keep-Alive
Content-Length
964
X-Xss-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 07 Jun 2023 11:50:16 GMT
Server
Apache
Cross-Origin-Opener-Policy
same-origin; report-to='default'
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Permissions-Policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=()
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend object| bootstrap function| $ function| jQuery function| Chance object| chance object| bowser function| isNumber function| moveToNextInput function| logout function| check_pass function| open_forget_pass_div function| send_forget_password function| login function| login_2_factor function| send_code_repeat

0 Cookies

7 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'battery'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'execution-while-not-rendered'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'execution-while-out-of-viewport'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'navigation-override'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https://*.ucom.cloud; script-src 'unsafe-inline' 'unsafe-eval' https://*.ucom.cloud https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://ajax.googleapis.com https://code.jquery.com https://d3js.org https://cdn.datatables.net https://cdn.jsdelivr.net https://unpkg.com; style-src 'unsafe-inline' https://*.ucom.cloud https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://cdn.jsdelivr.net https://use.fontawesome.com https://cdn.datatables.net https://ajax.googleapis.com https://unpkg.com; img-src data: blob: https://*.ucom.cloud https://cdn.datatables.net https://ajax.googleapis.com; font-src https://*.ucom.cloud https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://use.fontawesome.com; connect-src https://*.ucom.cloud https://cdn.datatables.net
Strict-Transport-Security max-age=63072000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block