files.dfir.online Open in urlscan Pro
149.233.27.4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://files.dfir.online/
Effective URL:
https://files.dfir.online/login
Submission: On July 08 via api (July 8th 2024, 4:35:50 pm UTC) from US — Scanned from DE

Summary HTTP 35 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 35 HTTP transactions. The main IP is 149.233.27.4, located in Germany and belongs to ESHELTER, DE. The main domain is files.dfir.online.
TLS certificate: Issued by R10 on July 8th 2024. Valid for: 3 months.

This is the only time files.dfir.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 36	149.233.27.4 149.233.27.4		203329 (ESHELTER) (ESHELTER)
35	1

36 149.233.27.4 (Germany) 1 redirects

ASN203329 (ESHELTER, DE)

files.dfir.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	dfir.online 1 redirects files.dfir.online	12 MB
35	1

	Domain	Requested by
36	files.dfir.online	1 redirects files.dfir.online
35	1

This site contains no links.

Subject Issuer	Validity	Valid
files.dfir.online R10	`2024-07-08` - `2024-10-06`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://files.dfir.online/login
Frame ID: C9F0B763D222695773BAD3BBD385EB6A
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Anmelden – NTT DATA

Page URL History Show full URLs

https://files.dfir.online/ HTTP 302
https://files.dfir.online/login Page URL

Page Statistics

35
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

11792 kB
Transfer

22132 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://files.dfir.online/ HTTP 302
https://files.dfir.online/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
files.dfir.online/
Redirect Chain

https://files.dfir.online/
https://files.dfir.online/login

17 KB
6 KB

174ms
174ms

Document
text/html

149.233.27.4
ESHELTER

General

Check archive.org

Show headers Download Go to

Full URL

https://files.dfir.online/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.233.27.4 , Germany, ASN203329 (ESHELTER, DE),

Reverse DNS

Software

Apache /

Resource Hash

3ab892cdb98e52e399f214d256776ba07413bbf730a2d8cad3d2bc3d7127a625

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';base-uri 'none';manifest-src 'self';script-src 'nonce-QnFVT2h3a2tFSktVanIzY1JNOFhZUHI2UjBJYXZiek1qeEZ1eTNDWlNydz06ZGVGODAwWlFKZUtnNTlXdkFhSmxCTEtpTVNONzZzK2h6WEEzaFFmUUJOTT0=';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src 'self' data:;connect-src 'self';media-src 'self';frame-src 'self';frame-ancestors 'self';form-action 'self'
Strict-Transport-Security	max-age=15768000;includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-security-policy: default-src 'none';base-uri 'none';manifest-src 'self';script-src 'nonce-QnFVT2h3a2tFSktVanIzY1JNOFhZUHI2UjBJYXZiek1qeEZ1eTNDWlNydz06ZGVGODAwWlFKZUtnNTlXdkFhSmxCTEtpTVNONzZzK2h6WEEzaFFmUUJOTT0=';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src 'self' data:;connect-src 'self';media-src 'self';frame-src 'self';frame-ancestors 'self';form-action 'self'
content-type: text/html; charset=UTF-8
date: Mon, 08 Jul 2024 16:35:37 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
feature-policy: autoplay 'self';camera 'none';fullscreen 'self';geolocation 'none';microphone 'none';payment 'none'
pragma: no-cache
referrer-policy: no-referrer
server: Apache
strict-transport-security: max-age=15768000;includeSubdomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: AlW4yA0TTpc2G1iWBsvN
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-length: 0
content-security-policy: default-src 'self'; script-src 'self' 'nonce-cGJZSTNEK2N4Y0pnaVE4UXdGYVpFcE00WWhncEVqZlVRcXFWTmdMaE9IQT06MXZKNmlIRG84TEpVNEdkamhUdnJkdHRnRkhsSVJVUzVBTXZNZUhXb2RoOD0='; style-src 'self' 'unsafe-inline'; frame-src *; img-src * data: blob:; font-src 'self' data:; media-src *; connect-src *; object-src 'none'; base-uri 'self';
content-type: text/html; charset=UTF-8
date: Mon, 08 Jul 2024 16:35:36 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://files.dfir.online/login
pragma: no-cache
referrer-policy: no-referrer
server: Apache
strict-transport-security: max-age=15768000;includeSubdomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block

GET
H2 200 server.css
files.dfir.online/core/css/ 151 KB
25 KB 128ms
106ms Stylesheet
text/css 149.233.27.4
ESHELTER

General

Check archive.org

Show headers Download Go to

Full URL

https://files.dfir.online/core/css/server.css?v=aed078cb-29

Requested by

Host: files.dfir.online
URL: https://files.dfir.online/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.233.27.4 , Germany, ASN203329 (ESHELTER, DE),

Reverse DNS

Software

Apache /

Resource Hash

1ed8852fbceb17fe4ba3862d530f7620a7a4f7c1edfa0be0ddaad043f4016cf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=15768000;includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 08 Jul 2024 16:35:37 GMT
x-permitted-cross-domain-policies: none
content-length: 25065
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 30 Oct 2023 14:21:08 GMT
server: Apache
etag: "25be9-608efbfcacba1-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=15778463, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow

GET
H2 200 app.css
files.dfir.online/apps/files_rightclick/css/ 412 B
328 B 62ms
40ms Stylesheet
text/css 149.233.27.4
ESHELTER

General

Check archive.org

Show headers Download Go to

Full URL

https://files.dfir.online/apps/files_rightclick/css/app.css?v=1bf6e69c-29

Requested by

Host: files.dfir.online
URL: https://files.dfir.online/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.233.27.4 , Germany, ASN203329 (ESHELTER, DE),

Reverse DNS

Software

Apache /

Resource Hash

2d1f3b92d7591b69a06cb8bd6cda8e4d2fa4ed9ebb470488990780a2423d0bb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=15768000;includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 08 Jul 2024 16:35:37 GMT
x-permitted-cross-domain-policies: none
content-length: 199
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 30 Oct 2023 14:21:10 GMT
server: Apache
etag: "19c-608efbfee70ab-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=15778463, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow

GET
H2 200 default.css
files.dfir.online/apps/theming/css/ 3 KB
1 KB 52ms
30ms Stylesheet
text/css 149.233.27.4
ESHELTER

General

Check archive.org

Show headers Download Go to

Full URL

https://files.dfir.online/apps/theming/css/default.css?v=47354877-29

Requested by

Host: files.dfir.online
URL: https://files.dfir.online/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.233.27.4 , Germany, ASN203329 (ESHELTER, DE),

Reverse DNS

Software

Apache /

Resource Hash

f50cae237c429ddad74b70172f04bda4081ff48fa400c7af60e31edb984ad1be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=15768000;includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 08 Jul 2024 16:35:37 GMT
x-permitted-cross-domain-policies: none
content-length: 993
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 30 Oct 2023 14:21:11 GMT
server: Apache
etag: "cb3-608efc0030251-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=15778463, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow

GET
H2 200 guest.css
files.dfir.online/core/css/ 19 KB
5 KB 64ms
42ms Stylesheet
text/css 149.233.27.4
ESHELTER

General

Check archive.org

Show headers Download Go to

Full URL

https://files.dfir.online/core/css/guest.css?v=aed078cb-29

Requested by

Host: files.dfir.online
URL: https://files.dfir.online/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.233.27.4 , Germany, ASN203329 (ESHELTER, DE),

Reverse DNS

Software

Apache /

Resource Hash

43f794c27ef65cfb79270d3eca9512e0b7e5646d41035b0d9055df3bcf99d5a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=15768000;includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 08 Jul 2024 16:35:37 GMT
x-permitted-cross-domain-policies: none
content-length: 5308
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 30 Oct 2023 14:21:08 GMT
server: Apache
etag: "4aac-608efbfca9cc1-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=15778463, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow

GET
H2 200 core-common.js Show response
files.dfir.online/dist/ 12 MB
3 MB 83ms
81ms Script
application/javascript 149.233.27.4
ESHELTER

General

Check archive.org

Show headers Download Go to

Full URL

https://files.dfir.online/dist/core-common.js?v=aed078cb-29

Requested by

Host: files.dfir.online
URL: https://files.dfir.online/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.233.27.4 , Germany, ASN203329 (ESHELTER, DE),

Reverse DNS

Software

Apache /

Resource Hash

6c88928b9df19b6400e6c568494e12fdbbe31acc8047c961a4089f515cdbbcb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=15768000;includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 08 Jul 2024 16:35:37 GMT
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 30 Oct 2023 14:21:09 GMT
server: Apache
etag: "c53a84-608efbfe08627-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=15778463, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow

GET
H2 200 core-main.js Show response
files.dfir.online/dist/ 161 KB
52 KB 214ms
213ms Script
application/javascript 149.233.27.4
ESHELTER

General

Check archive.org

Show headers Download Go to

Full URL

https://files.dfir.online/dist/core-main.js?v=aed078cb-29

Requested by

Host: files.dfir.online
URL: https://files.dfir.online/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.233.27.4 , Germany, ASN203329 (ESHELTER, DE),

Reverse DNS

Software

Apache /

Resource Hash

1c9f54b30ef50f3f95914c0c3c06424222c5c51c4e1bc3877b5497218c46902e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=15768000;includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 08 Jul 2024 16:35:37 GMT
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 30 Oct 2023 14:21:09 GMT
server: Apache
etag: "284c0-608efbfdac966-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=15778463, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow

GET
H2 200 de_DE.js Show response
files.dfir.online/core/l10n/ 63 KB
20 KB 200ms
184ms Script
application/javascript 149.233.27.4
ESHELTER

General

Check archive.org

Show headers Download Go to

Full URL

https://files.dfir.online/core/l10n/de_DE.js?v=aed078cb-29

Requested by

Host: files.dfir.online
URL: https://files.dfir.online/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.233.27.4 , Germany, ASN203329 (ESHELTER, DE),

Reverse DNS

Software

Apache /

Resource Hash

902b5d2c08a760ad49716b323d6b53fc04ab17021e54deb96e071a8b7cdb587f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=15768000;includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 08 Jul 2024 16:35:37 GMT
x-permitted-cross-domain-policies: none
content-length: 20208
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 30 Oct 2023 14:21:09 GMT
server: Apache
etag: "fb08-608efbfd78d45-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=15778463, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow

GET
H2 200 core-files_fileinfo.js Show response
files.dfir.online/dist/ 928 B
581 B 170ms
155ms Script
application/javascript 149.233.27.4
ESHELTER

General

Check archive.org

Show headers Download Go to

Full URL

https://files.dfir.online/dist/core-files_fileinfo.js?v=aed078cb-29

Requested by

Host: files.dfir.online
URL: https://files.dfir.online/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.233.27.4 , Germany, ASN203329 (ESHELTER, DE),

Reverse DNS

Software

Apache /

Resource Hash

1889e20598b510771e1c2c378ce8cc073fd2e1f6cdaa9c65a9031a68514d5e02

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=15768000;includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 08 Jul 2024 16:35:37 GMT
x-permitted-cross-domain-policies: none
content-length: 521
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 30 Oct 2023 14:21:09 GMT
server: Apache
etag: "3a0-608efbfe0c4a7-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=15778463, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow

GET
H2 200 core-files_client.js Show response
files.dfir.online/dist/ 12 KB
4 KB 210ms
195ms Script
application/javascript 149.233.27.4
ESHELTER

General

Check archive.org

Show headers Download Go to

Full URL

https://files.dfir.online/dist/core-files_client.js?v=aed078cb-29

Requested by

Host: files.dfir.online
URL: https://files.dfir.online/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.233.27.4 , Germany, ASN203329 (ESHELTER, DE),

Reverse DNS

Software

Apache /

Resource Hash

68c73e3df49ab39b6fdf6f16c2bd33e64207b0eb632121f1ff4e59aae6dcdb39

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=15768000;includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 08 Jul 2024 16:35:37 GMT
x-permitted-cross-domain-policies: none
content-length: 4297
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 30 Oct 2023 14:21:09 GMT
server: Apache
etag: "30b3-608efbfdb1786-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=15778463, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow

GET
H2 200 merged-template-prepend.js Show response
files.dfir.online/js/core/ 12 KB
3 KB 289ms
275ms Script
application/javascript 149.233.27.4
ESHELTER

General

Check archive.org

Show headers Download Go to

Full URL

https://files.dfir.online/js/core/merged-template-prepend.js?v=aed078cb-29

Requested by

Host: files.dfir.online
URL: https://files.dfir.online/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.233.27.4 , Germany, ASN203329 (ESHELTER, DE),

Reverse DNS

Software

Apache /

Resource Hash

5aa81a1437f7064ff4e0e0279150b418837453fa43b2f6353b06283701b67491

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'
Strict-Transport-Security	max-age=15768000;includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000;includeSubdomains
x-permitted-cross-domain-policies: none
date: Mon, 08 Jul 2024 16:35:37 GMT
content-disposition: inline; filename="merged-template-prepend.js.gzip"
x-xss-protection: 1; mode=block
x-request-id: slVp2PW9yJnIw34LfoTx
pragma: cache
referrer-policy: no-referrer
last-modified: Mon, 30 Oct 2023 14:22:18 GMT
server: Apache
etag: "dfd16f12bc9bf3aeba7413df1d958518"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=31536000, immutable
feature-policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
x-robots-tag: noindex, nofollow
expires: Tue, 08 Jul 2025 16:35:37 +0000

GET
H2 200 core-login.js Show response
files.dfir.online/dist/ 107 KB
30 KB 210ms
195ms Script
application/javascript 149.233.27.4
ESHELTER

General

Check archive.org

Show headers Download Go to

Full URL

https://files.dfir.online/dist/core-login.js?v=aed078cb-29

Requested by

Host: files.dfir.online
URL: https://files.dfir.online/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.233.27.4 , Germany, ASN203329 (ESHELTER, DE),

Reverse DNS

Software

Apache /

Resource Hash

a7cf6334d03f73efeec3e3ffea3396796b573ad8724b8fd8e2326389133ade31

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=15768000;includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 08 Jul 2024 16:35:37 GMT
x-permitted-cross-domain-policies: none
content-length: 30774
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 30 Oct 2023 14:21:09 GMT
server: Apache
etag: "1aa29-608efbfd96205-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=15778463, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow

GET
H2 200 de_DE.js Show response
files.dfir.online/apps/files_sharing/l10n/ 24 KB
6 KB 210ms
196ms Script
application/javascript 149.233.27.4
ESHELTER

General

Check archive.org

Show headers Download Go to

Full URL

https://files.dfir.online/apps/files_sharing/l10n/de_DE.js?v=aed078cb-29

Requested by

Host: files.dfir.online
URL: https://files.dfir.online/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.233.27.4 , Germany, ASN203329 (ESHELTER, DE),

Reverse DNS

Software

Apache /

Resource Hash

585da8efbe25745279f7fb83765b65297bae4410c98aabf170f26b513eed0768

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=15768000;includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 08 Jul 2024 16:35:37 GMT
x-permitted-cross-domain-policies: none
content-length: 6536
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 30 Oct 2023 14:21:12 GMT
server: Apache
etag: "6056-608efc00b8dd4-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=15778463, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow

GET
H2 200 files_sharing-main.js Show response
files.dfir.online/dist/ 397 B
328 B 271ms
257ms Script
application/javascript 149.233.27.4
ESHELTER

General

Check archive.org

Show headers Download Go to

Full URL

https://files.dfir.online/dist/files_sharing-main.js?v=aed078cb-29

Requested by

Host: files.dfir.online
URL: https://files.dfir.online/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.233.27.4 , Germany, ASN203329 (ESHELTER, DE),

Reverse DNS

Software

Apache /

Resource Hash

0f6fb7f6a8c4d59f1a9ba85d9d7926ac147c87629074d490c4cf65853bc7bf4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=15768000;includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 08 Jul 2024 16:35:37 GMT
x-permitted-cross-domain-policies: none
content-length: 266
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 30 Oct 2023 14:21:09 GMT
server: Apache
etag: "18d-608efbfdaf846-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=15778463, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow

GET
H2 200 de_DE.js Show response
files.dfir.online/apps/files_rightclick/l10n/ 884 B
563 B 287ms
273ms Script
application/javascript 149.233.27.4
ESHELTER

General

Check archive.org

Show headers Download Go to

Full URL

https://files.dfir.online/apps/files_rightclick/l10n/de_DE.js?v=aed078cb-29

Requested by

Host: files.dfir.online
URL: https://files.dfir.online/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.233.27.4 , Germany, ASN203329 (ESHELTER, DE),

Reverse DNS

Software

Apache /

Resource Hash

cefc4c308e396b4fce4a2bc9a0f7005cc1e0dee15d5fa6ea0a0f0fa7ae59588c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=15768000;includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 08 Jul 2024 16:35:37 GMT
x-permitted-cross-domain-policies: none
content-length: 502
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 30 Oct 2023 14:21:10 GMT
server: Apache
etag: "374-608efbfef5b0c-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=15778463, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow

GET
H2 200 script.js Show response
files.dfir.online/apps/files_rightclick/js/ 15 KB
3 KB 328ms
315ms Script
application/javascript 149.233.27.4
ESHELTER

General

Check archive.org

Show headers Download Go to

Full URL

https://files.dfir.online/apps/files_rightclick/js/script.js?v=aed078cb-29

Requested by

Host: files.dfir.online
URL: https://files.dfir.online/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.233.27.4 , Germany, ASN203329 (ESHELTER, DE),

Reverse DNS

Software

Apache /

Resource Hash

2263fdb9b43029256cf21ee1a577e3d4cc91ae150949200c05733b19e1e15912

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=15768000;includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 08 Jul 2024 16:35:37 GMT
x-permitted-cross-domain-policies: none
content-length: 3219
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 30 Oct 2023 14:21:10 GMT
server: Apache
etag: "3a17-608efbfee70ab-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=15778463, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow

GET
H2 200 files.js Show response
files.dfir.online/apps/files_rightclick/js/ 5 KB
1 KB 332ms
319ms Script
application/javascript 149.233.27.4
ESHELTER

General

Check archive.org

Show headers Download Go to

Full URL

https://files.dfir.online/apps/files_rightclick/js/files.js?v=aed078cb-29

Requested by

Host: files.dfir.online
URL: https://files.dfir.online/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.233.27.4 , Germany, ASN203329 (ESHELTER, DE),

Reverse DNS

Software

Apache /

Resource Hash

77cde93f5ccad1764912a90f7c9a291aad94411b71f1ab5fc669081839decb71

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=15768000;includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 08 Jul 2024 16:35:37 GMT
x-permitted-cross-domain-policies: none
content-length: 1305
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 30 Oct 2023 14:21:10 GMT
server: Apache
etag: "12ef-608efbfee70ab-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=15778463, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow

GET
H2 200 de_DE.js Show response
files.dfir.online/apps/theming/l10n/ 13 KB
4 KB 333ms
319ms Script
application/javascript 149.233.27.4
ESHELTER

General

Check archive.org

Show headers Download Go to

Full URL

https://files.dfir.online/apps/theming/l10n/de_DE.js?v=aed078cb-29

Requested by

Host: files.dfir.online
URL: https://files.dfir.online/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.233.27.4 , Germany, ASN203329 (ESHELTER, DE),

Reverse DNS

Software

Apache /

Resource Hash

7496217cfdf7cf185ef3bb6487c2d5faa9085ddfcfae912b34fb605e61e81d79

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=15768000;includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 08 Jul 2024 16:35:37 GMT
x-permitted-cross-domain-policies: none
content-length: 4393
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 30 Oct 2023 14:21:12 GMT
server: Apache
etag: "33c4-608efc009c8b3-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=15778463, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow

GET
H2 200 theming.js Show response
files.dfir.online/apps/theming/js/ 60 B
114 B 333ms
319ms Script
application/javascript 149.233.27.4
ESHELTER

General

Check archive.org

Show headers Download Go to

Full URL

https://files.dfir.online/apps/theming/js/theming.js?v=aed078cb-29

Requested by

Host: files.dfir.online
URL: https://files.dfir.online/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.233.27.4 , Germany, ASN203329 (ESHELTER, DE),

Reverse DNS

Software

Apache /

Resource Hash

ec4e73e49bca3f6e523c3dfd66e58fa157c81c4da5eb3fa0ceaa589ba8dc0785

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=15768000;includeSubdomains
date: Mon, 08 Jul 2024 16:35:37 GMT
referrer-policy: no-referrer
x-content-type-options: nosniff
last-modified: Mon, 30 Oct 2023 14:21:12 GMT
x-permitted-cross-domain-policies: none
server: Apache
etag: "3c-608efc0086153"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=15778463, immutable
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 60
x-xss-protection: 1; mode=block

GET
H2 200 default.css
files.dfir.online/apps/theming/theme/ 3 KB
1 KB 156ms
135ms Stylesheet
text/css 149.233.27.4
ESHELTER

General

Check archive.org

Show headers Download Go to

Full URL

https://files.dfir.online/apps/theming/theme/default.css?plain=1&v=7719a1c7

Requested by

Host: files.dfir.online
URL: https://files.dfir.online/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.233.27.4 , Germany, ASN203329 (ESHELTER, DE),

Reverse DNS

Software

Apache /

Resource Hash

dfe94bc8e92acaa880dc54a44885fef23dc7b3f3ca84ce12c154e5e6b255d9bb

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'
Strict-Transport-Security	max-age=15768000;includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000;includeSubdomains
x-permitted-cross-domain-policies: none
date: Mon, 08 Jul 2024 16:35:37 GMT
content-disposition: inline; filename=""
content-length: 1019
x-xss-protection: 1; mode=block
x-request-id: TcmG3NNZOV9DHxuasmj6
pragma: private
referrer-policy: no-referrer
server: Apache
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: private, max-age=86400, must-revalidate
feature-policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
x-robots-tag: noindex, nofollow
expires: Tue, 09 Jul 2024 16:35:37 +0000

GET
H2 200 light.css
files.dfir.online/apps/theming/theme/ 3 KB
1 KB 172ms
151ms Stylesheet
text/css 149.233.27.4
ESHELTER

General

Check archive.org

Show headers Download Go to

Full URL

https://files.dfir.online/apps/theming/theme/light.css?plain=1&v=7719a1c7

Requested by

Host: files.dfir.online
URL: https://files.dfir.online/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.233.27.4 , Germany, ASN203329 (ESHELTER, DE),

Reverse DNS

Software

Apache /

Resource Hash

dfe94bc8e92acaa880dc54a44885fef23dc7b3f3ca84ce12c154e5e6b255d9bb

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'
Strict-Transport-Security	max-age=15768000;includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000;includeSubdomains
x-permitted-cross-domain-policies: none
date: Mon, 08 Jul 2024 16:35:37 GMT
content-disposition: inline; filename=""
content-length: 1019
x-xss-protection: 1; mode=block
x-request-id: M5ck0sxEJJucqZjVx9nv
pragma: private
referrer-policy: no-referrer
server: Apache
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: private, max-age=86400, must-revalidate
feature-policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
x-robots-tag: noindex, nofollow
expires: Tue, 09 Jul 2024 16:35:37 +0000

GET
H2 200 light.css
files.dfir.online/apps/theming/theme/ 3 KB
1 KB 149ms
128ms Stylesheet
text/css 149.233.27.4
ESHELTER

General

Check archive.org

Show headers Download Go to

Full URL

https://files.dfir.online/apps/theming/theme/light.css?plain=0&v=7719a1c7

Requested by

Host: files.dfir.online
URL: https://files.dfir.online/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.233.27.4 , Germany, ASN203329 (ESHELTER, DE),

Reverse DNS

Software

Apache /

Resource Hash

038cee3010be66623f48110b01d3739483472697191878065d98da1768424339

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'
Strict-Transport-Security	max-age=15768000;includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000;includeSubdomains
x-permitted-cross-domain-policies: none
date: Mon, 08 Jul 2024 16:35:37 GMT
content-disposition: inline; filename=""
content-length: 1042
x-xss-protection: 1; mode=block
x-request-id: 5NzusLqLpy9WZdb53oYf
pragma: private
referrer-policy: no-referrer
server: Apache
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: private, max-age=86400, must-revalidate
feature-policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
x-robots-tag: noindex, nofollow
expires: Tue, 09 Jul 2024 16:35:37 +0000

GET
H2 200 dark.css
files.dfir.online/apps/theming/theme/ 3 KB
1 KB 206ms
186ms Stylesheet
text/css 149.233.27.4
ESHELTER

General

Check archive.org

Show headers Download Go to

Full URL

https://files.dfir.online/apps/theming/theme/dark.css?plain=0&v=7719a1c7

Requested by

Host: files.dfir.online
URL: https://files.dfir.online/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.233.27.4 , Germany, ASN203329 (ESHELTER, DE),

Reverse DNS

Software

Apache /

Resource Hash

72e24fb35f2e82cd5c7728df48cdcac16fb42f75cd0a94e5f1a8312443488fce

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'
Strict-Transport-Security	max-age=15768000;includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000;includeSubdomains
x-permitted-cross-domain-policies: none
date: Mon, 08 Jul 2024 16:35:37 GMT
content-disposition: inline; filename=""
content-length: 1031
x-xss-protection: 1; mode=block
x-request-id: T7wUbsO8p83tce6OfO9s
pragma: private
referrer-policy: no-referrer
server: Apache
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: private, max-age=86400, must-revalidate
feature-policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
x-robots-tag: noindex, nofollow
expires: Tue, 09 Jul 2024 16:35:37 +0000

GET
H2 200 light-highcontrast.css
files.dfir.online/apps/theming/theme/ 4 KB
1 KB 171ms
151ms Stylesheet
text/css 149.233.27.4
ESHELTER

General

Check archive.org

Show headers Download Go to

Full URL

https://files.dfir.online/apps/theming/theme/light-highcontrast.css?plain=0&v=7719a1c7

Requested by

Host: files.dfir.online
URL: https://files.dfir.online/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.233.27.4 , Germany, ASN203329 (ESHELTER, DE),

Reverse DNS

Software

Apache /

Resource Hash

8fe215e8d19343ed168f5535425abc449e3b20c10eca87302fa637d1d16e3048

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'
Strict-Transport-Security	max-age=15768000;includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000;includeSubdomains
x-permitted-cross-domain-policies: none
date: Mon, 08 Jul 2024 16:35:37 GMT
content-disposition: inline; filename=""
content-length: 1095
x-xss-protection: 1; mode=block
x-request-id: pwX65tIvYQaWnrRv6mw6
pragma: private
referrer-policy: no-referrer
server: Apache
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: private, max-age=86400, must-revalidate
feature-policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
x-robots-tag: noindex, nofollow
expires: Tue, 09 Jul 2024 16:35:37 +0000

GET
H2 200 dark-highcontrast.css
files.dfir.online/apps/theming/theme/ 4 KB
1 KB 177ms
157ms Stylesheet
text/css 149.233.27.4
ESHELTER

General

Check archive.org

Show headers Download Go to

Full URL

https://files.dfir.online/apps/theming/theme/dark-highcontrast.css?plain=0&v=7719a1c7

Requested by

Host: files.dfir.online
URL: https://files.dfir.online/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.233.27.4 , Germany, ASN203329 (ESHELTER, DE),

Reverse DNS

Software

Apache /

Resource Hash

37dff3e2a630e40cfbba5a430a90b668f2ac170499f5e3a8fa900c4c74e98a03

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'
Strict-Transport-Security	max-age=15768000;includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000;includeSubdomains
x-permitted-cross-domain-policies: none
date: Mon, 08 Jul 2024 16:35:37 GMT
content-disposition: inline; filename=""
content-length: 1128
x-xss-protection: 1; mode=block
x-request-id: JCkrA7dIw5MnEWQ2pAhV
pragma: private
referrer-policy: no-referrer
server: Apache
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: private, max-age=86400, must-revalidate
feature-policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
x-robots-tag: noindex, nofollow
expires: Tue, 09 Jul 2024 16:35:37 +0000

GET
H2 200 opendyslexic.css
files.dfir.online/apps/theming/theme/ 867 B
393 B 169ms
149ms Stylesheet
text/css 149.233.27.4
ESHELTER

General

Check archive.org

Show headers Download Go to

Full URL

https://files.dfir.online/apps/theming/theme/opendyslexic.css?plain=0&v=7719a1c7

Requested by

Host: files.dfir.online
URL: https://files.dfir.online/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.233.27.4 , Germany, ASN203329 (ESHELTER, DE),

Reverse DNS

Software

Apache /

Resource Hash

1f90b1cc10add6e6cf941ddcc78fc9ef4fe28d7478e49c000658dfc50fbf4258

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'
Strict-Transport-Security	max-age=15768000;includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000;includeSubdomains
x-permitted-cross-domain-policies: none
date: Mon, 08 Jul 2024 16:35:37 GMT
content-disposition: inline; filename=""
content-length: 331
x-xss-protection: 1; mode=block
x-request-id: eQAM9ZqDQIc5IXtldVgu
pragma: private
referrer-policy: no-referrer
server: Apache
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: private, max-age=86400, must-revalidate
feature-policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
x-robots-tag: noindex, nofollow
expires: Tue, 09 Jul 2024 16:35:37 +0000

GET
H2 200 icons.css
files.dfir.online/dist/ 212 KB
30 KB 52ms
51ms Stylesheet
text/css 149.233.27.4
ESHELTER

General

Check archive.org

Show headers Download Go to

Full URL

https://files.dfir.online/dist/icons.css

Requested by

Host: files.dfir.online
URL: https://files.dfir.online/core/css/server.css?v=aed078cb-29

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.233.27.4 , Germany, ASN203329 (ESHELTER, DE),

Reverse DNS

Software

Apache /

Resource Hash

6d14d306a071132f38a470e9ed5fb23a8e445faca6a093d75fc925e35e804bf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=15768000;includeSubdomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 08 Jul 2024 16:35:37 GMT
x-permitted-cross-domain-policies: none
content-length: 30980
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 30 Oct 2023 14:21:09 GMT
server: Apache
etag: "351b5-608efbfda3cc5-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=15778463
accept-ranges: bytes
x-robots-tag: noindex, nofollow

GET
H2 200 dark.css
files.dfir.online/apps/theming/theme/ 3 KB
1 KB 419ms
406ms Stylesheet
text/css 149.233.27.4
ESHELTER

General

Check archive.org

Show headers Download Go to

Full URL

https://files.dfir.online/apps/theming/theme/dark.css?plain=1&v=7719a1c7

Requested by

Host: files.dfir.online
URL: https://files.dfir.online/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.233.27.4 , Germany, ASN203329 (ESHELTER, DE),

Reverse DNS

Software

Apache /

Resource Hash

0c67742a8e4a2d23e160ddda71803de957544f46ad5976a7fec3b23313463781

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'
Strict-Transport-Security	max-age=15768000;includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000;includeSubdomains
x-permitted-cross-domain-policies: none
date: Mon, 08 Jul 2024 16:35:37 GMT
content-disposition: inline; filename=""
content-length: 1009
x-xss-protection: 1; mode=block
x-request-id: EOQWXczfy6PTaCWk7y8u
pragma: private
referrer-policy: no-referrer
server: Apache
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: private, max-age=86400, must-revalidate
feature-policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
x-robots-tag: noindex, nofollow
expires: Tue, 09 Jul 2024 16:35:37 +0000

GET
H2 200 light-highcontrast.css
files.dfir.online/apps/theming/theme/ 3 KB
1 KB 417ms
404ms Stylesheet
text/css 149.233.27.4
ESHELTER

General

Check archive.org

Show headers Download Go to

Full URL

https://files.dfir.online/apps/theming/theme/light-highcontrast.css?plain=1&v=7719a1c7

Requested by

Host: files.dfir.online
URL: https://files.dfir.online/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.233.27.4 , Germany, ASN203329 (ESHELTER, DE),

Reverse DNS

Software

Apache /

Resource Hash

ff87bdaf63b29bb9adb81755ccca945e73248b5b1bdd2bc08045227439e960ee

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'
Strict-Transport-Security	max-age=15768000;includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000;includeSubdomains
x-permitted-cross-domain-policies: none
date: Mon, 08 Jul 2024 16:35:37 GMT
content-disposition: inline; filename=""
content-length: 1071
x-xss-protection: 1; mode=block
x-request-id: CvDObuYZkVy4Enk4IkGy
pragma: private
referrer-policy: no-referrer
server: Apache
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: private, max-age=86400, must-revalidate
feature-policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
x-robots-tag: noindex, nofollow
expires: Tue, 09 Jul 2024 16:35:37 +0000

GET
H2 200 dark-highcontrast.css
files.dfir.online/apps/theming/theme/ 3 KB
1 KB 429ms
416ms Stylesheet
text/css 149.233.27.4
ESHELTER

General

Check archive.org

Show headers Download Go to

Full URL

https://files.dfir.online/apps/theming/theme/dark-highcontrast.css?plain=1&v=7719a1c7

Requested by

Host: files.dfir.online
URL: https://files.dfir.online/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.233.27.4 , Germany, ASN203329 (ESHELTER, DE),

Reverse DNS

Software

Apache /

Resource Hash

9fd8ec00cc7ef88071753fa8cddbbfc2cd9b9024c39ba379218c1e3534a0e740

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'
Strict-Transport-Security	max-age=15768000;includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000;includeSubdomains
x-permitted-cross-domain-policies: none
date: Mon, 08 Jul 2024 16:35:37 GMT
content-disposition: inline; filename=""
content-length: 1103
x-xss-protection: 1; mode=block
x-request-id: hrPP1j73M1LdifiP1iYv
pragma: private
referrer-policy: no-referrer
server: Apache
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: private, max-age=86400, must-revalidate
feature-policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
x-robots-tag: noindex, nofollow
expires: Tue, 09 Jul 2024 16:35:37 +0000

GET
H2 200 background
files.dfir.online/apps/theming/image/ 8 MB
8 MB 473ms
472ms Image
image/jpeg 149.233.27.4
ESHELTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.dfir.online/apps/theming/image/background?v=29

Requested by

Host: files.dfir.online
URL: https://files.dfir.online/core/css/server.css?v=aed078cb-29

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.233.27.4 , Germany, ASN203329 (ESHELTER, DE),

Reverse DNS

Software

Apache /

Resource Hash

fd1a6fc19d6e78df8340b7161281cee8b9db552afe8c77e7a7a5fe695c98b100

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';base-uri 'none';manifest-src 'self';script-src 'nonce-WmR0Ymg0Y01LS1o1OWdQblYyVFVTd2tRd0F5TDArZENGSEZoTlY3SUZZWT06RnA4cDA4aDRIZFpObjJ1VUVnbW1MMEZJdG0zcWhKUXZWaEE0ZXltQlcraz0=';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src 'self' data:;connect-src 'self';media-src 'self';frame-src 'self';frame-ancestors 'self';form-action 'self'
Strict-Transport-Security	max-age=15768000;includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'none';base-uri 'none';manifest-src 'self';script-src 'nonce-WmR0Ymg0Y01LS1o1OWdQblYyVFVTd2tRd0F5TDArZENGSEZoTlY3SUZZWT06RnA4cDA4aDRIZFpObjJ1VUVnbW1MMEZJdG0zcWhKUXZWaEE0ZXltQlcraz0=';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src 'self' data:;connect-src 'self';media-src 'self';frame-src 'self';frame-ancestors 'self';form-action 'self'
strict-transport-security: max-age=15768000;includeSubdomains
x-content-type-options: nosniff
date: Mon, 08 Jul 2024 16:35:37 GMT
x-permitted-cross-domain-policies: none
content-disposition: attachment; filename="background"
x-xss-protection: 1; mode=block
x-request-id: Q0L54frFtv8Yj6GR1QHS
pragma: private
referrer-policy: no-referrer
last-modified: Wed, 07 Dec 2022 07:43:25 GMT
server: Apache
etag: "965871d152b0c4dc05b6e0f78b39b5bb"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=3600, must-revalidate
feature-policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
x-robots-tag: noindex, nofollow
expires: Mon, 08 Jul 2024 17:35:37 +0000

GET
H2 404 logo
files.dfir.online/apps/theming/image/ 3 KB
3 KB 458ms
451ms Image
text/html 149.233.27.4
ESHELTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.dfir.online/apps/theming/image/logo?v=29

Requested by

Host: files.dfir.online
URL: https://files.dfir.online/core/css/guest.css?v=aed078cb-29

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.233.27.4 , Germany, ASN203329 (ESHELTER, DE),

Reverse DNS

Software

Apache /

Resource Hash

31a527793814f4878ec1df7eb27b6d3585ce9ea4649c2785d19ac1fca572b89d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';base-uri 'none';manifest-src 'self';script-src 'nonce-akpSdmhyaWtxcHNTU08zb1FhSWRGRkpXb09sNThKUXl1Rk0wWmp3djZ1Yz06LzlBZDB2ZlFuK3NtSVlXYkJNOXZjQm9PMW9nWXArZGYrakp0S0V0bXBJZz0=';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src 'self' data:;connect-src 'self';media-src 'self';frame-src 'self';frame-ancestors 'self';form-action 'self'
Strict-Transport-Security	max-age=15768000;includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'none';base-uri 'none';manifest-src 'self';script-src 'nonce-akpSdmhyaWtxcHNTU08zb1FhSWRGRkpXb09sNThKUXl1Rk0wWmp3djZ1Yz06LzlBZDB2ZlFuK3NtSVlXYkJNOXZjQm9PMW9nWXArZGYrakp0S0V0bXBJZz0=';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src 'self' data:;connect-src 'self';media-src 'self';frame-src 'self';frame-ancestors 'self';form-action 'self'
strict-transport-security: max-age=15768000;includeSubdomains
x-content-type-options: nosniff
date: Mon, 08 Jul 2024 16:35:37 GMT
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: QoSqBSvAVyl9YRH5jkdg
pragma: no-cache
referrer-policy: no-referrer
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
feature-policy: autoplay 'self';camera 'none';fullscreen 'self';geolocation 'none';microphone 'none';payment 'none'
x-robots-tag: noindex, nofollow
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 404 logo
files.dfir.online/apps/theming/image/ 16 KB
16 KB 329ms
328ms Image
text/html 149.233.27.4
ESHELTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.dfir.online/apps/theming/image/logo?v=29

Requested by

Host: files.dfir.online
URL: https://files.dfir.online/core/css/guest.css?v=aed078cb-29

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.233.27.4 , Germany, ASN203329 (ESHELTER, DE),

Reverse DNS

Software

Apache /

Resource Hash

134aedc13926858957c40a4bb3089930417f9cf1a9f07336a4da4d5fd8b63fa4

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';base-uri 'none';manifest-src 'self';script-src 'nonce-Qk1yMXFoMkMrU3lpdTFTQlVqQVZrNlpkTzY0SVoySnNodktYS2lpTUo3RT06ZDQ2SC9sTDJ6RnlXMGp6eUYxMW45KzRGVGM5cE1CRUJ4SlBPWkYvRmFkND0=';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src 'self' data:;connect-src 'self';media-src 'self';frame-src 'self';frame-ancestors 'self';form-action 'self'
Strict-Transport-Security	max-age=15768000;includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'none';base-uri 'none';manifest-src 'self';script-src 'nonce-Qk1yMXFoMkMrU3lpdTFTQlVqQVZrNlpkTzY0SVoySnNodktYS2lpTUo3RT06ZDQ2SC9sTDJ6RnlXMGp6eUYxMW45KzRGVGM5cE1CRUJ4SlBPWkYvRmFkND0=';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src 'self' data:;connect-src 'self';media-src 'self';frame-src 'self';frame-ancestors 'self';form-action 'self'
strict-transport-security: max-age=15768000;includeSubdomains
x-content-type-options: nosniff
date: Mon, 08 Jul 2024 16:35:39 GMT
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 57tJoYSHWNYj4CJMRadb
pragma: no-cache
referrer-policy: no-referrer
server: Apache
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
feature-policy: autoplay 'self';camera 'none';fullscreen 'self';geolocation 'none';microphone 'none';payment 'none'
x-robots-tag: noindex, nofollow
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 loading-dark.gif
files.dfir.online/core/img/ 5 KB
5 KB 378ms
377ms Image
image/gif 149.233.27.4
ESHELTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.dfir.online/core/img/loading-dark.gif

Requested by

Host: files.dfir.online
URL: https://files.dfir.online/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.233.27.4 , Germany, ASN203329 (ESHELTER, DE),

Reverse DNS

Software

Apache /

Resource Hash

93b795ec06aebf7141dbfb46cf6fa51fb964d2a5c0646303eb135b38d007a0a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=15768000;includeSubdomains
date: Mon, 08 Jul 2024 16:35:39 GMT
referrer-policy: no-referrer
x-content-type-options: nosniff
last-modified: Mon, 30 Oct 2023 14:21:06 GMT
x-permitted-cross-domain-policies: none
server: Apache
etag: "124b-608efbfad50b8"
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: max-age=15778463
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 4683
x-xss-protection: 1; mode=block

GET
H2 200 favicon
files.dfir.online/apps/theming/ 7 KB
7 KB 114ms
114ms Other
image/x-icon 149.233.27.4
ESHELTER

General

Check archive.org

Show headers Download Go to

Full URL

https://files.dfir.online/apps/theming/favicon?v=7719a1c7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

149.233.27.4 , Germany, ASN203329 (ESHELTER, DE),

Reverse DNS

Software

Apache /

Resource Hash

908419a042c8ebf05daee3ca1babd298454aec93cf5f71c699ba5d4577cf8aae

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'
Strict-Transport-Security	max-age=15768000;includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'
strict-transport-security: max-age=15768000;includeSubdomains
x-content-type-options: nosniff
date: Mon, 08 Jul 2024 16:35:40 GMT
x-permitted-cross-domain-policies: none
content-disposition: inline; filename="favicon.png"
x-xss-protection: 1; mode=block
x-request-id: VxmyFNyjGgml6DlhYT02
pragma: private
referrer-policy: no-referrer
last-modified: Wed, 07 Dec 2022 08:05:53 GMT
server: Apache
etag: "f57d7d79794ccbefdb3b34fd2bee3756"
x-frame-options: SAMEORIGIN
content-type: image/x-icon
cache-control: private, max-age=86400, must-revalidate
feature-policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
x-robots-tag: noindex, nofollow
expires: Tue, 09 Jul 2024 16:35:40 +0000

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
files.dfir.online/	1969-12-31 23:59:59	Name: oc_sessionPassphrase Value: 2u4Js85U9ruB87A94PwhF%2BGK8oz4KErp%2BXJ9U0XxXTHpPmbzHcg9eJARip4OAmPHW1cJvptFS2LajTwJebpdrqJ5udChbEufcSJa0GkK6AwCNwdsMA4O5x05ZEHX3q88
files.dfir.online/	1970-01-21 07:30:16	Name: __Host-nc_sameSiteCookielax Value: true
files.dfir.online/	1970-01-21 07:30:16	Name: __Host-nc_sameSiteCookiestrict Value: true
files.dfir.online/	1969-12-31 23:59:59	Name: oc7axvm8x2ls Value: fo89aj3ns722g4vc4olu48ohtv

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://files.dfir.online/apps/theming/image/logo?v=29 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://files.dfir.online/apps/theming/image/logo?v=29 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'none';base-uri 'none';manifest-src 'self';script-src 'nonce-QnFVT2h3a2tFSktVanIzY1JNOFhZUHI2UjBJYXZiek1qeEZ1eTNDWlNydz06ZGVGODAwWlFKZUtnNTlXdkFhSmxCTEtpTVNONzZzK2h6WEEzaFFmUUJOTT0=';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src 'self' data:;connect-src 'self';media-src 'self';frame-src 'self';frame-ancestors 'self';form-action 'self'
Strict-Transport-Security	max-age=15768000;includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

files.dfir.online
149.233.27.4
038cee3010be66623f48110b01d3739483472697191878065d98da1768424339
0c67742a8e4a2d23e160ddda71803de957544f46ad5976a7fec3b23313463781
0f6fb7f6a8c4d59f1a9ba85d9d7926ac147c87629074d490c4cf65853bc7bf4a
134aedc13926858957c40a4bb3089930417f9cf1a9f07336a4da4d5fd8b63fa4
1889e20598b510771e1c2c378ce8cc073fd2e1f6cdaa9c65a9031a68514d5e02
1c9f54b30ef50f3f95914c0c3c06424222c5c51c4e1bc3877b5497218c46902e
1ed8852fbceb17fe4ba3862d530f7620a7a4f7c1edfa0be0ddaad043f4016cf2
1f90b1cc10add6e6cf941ddcc78fc9ef4fe28d7478e49c000658dfc50fbf4258
2263fdb9b43029256cf21ee1a577e3d4cc91ae150949200c05733b19e1e15912
2d1f3b92d7591b69a06cb8bd6cda8e4d2fa4ed9ebb470488990780a2423d0bb7
31a527793814f4878ec1df7eb27b6d3585ce9ea4649c2785d19ac1fca572b89d
37dff3e2a630e40cfbba5a430a90b668f2ac170499f5e3a8fa900c4c74e98a03
3ab892cdb98e52e399f214d256776ba07413bbf730a2d8cad3d2bc3d7127a625
43f794c27ef65cfb79270d3eca9512e0b7e5646d41035b0d9055df3bcf99d5a6
585da8efbe25745279f7fb83765b65297bae4410c98aabf170f26b513eed0768
5aa81a1437f7064ff4e0e0279150b418837453fa43b2f6353b06283701b67491
68c73e3df49ab39b6fdf6f16c2bd33e64207b0eb632121f1ff4e59aae6dcdb39
6c88928b9df19b6400e6c568494e12fdbbe31acc8047c961a4089f515cdbbcb4
6d14d306a071132f38a470e9ed5fb23a8e445faca6a093d75fc925e35e804bf3
72e24fb35f2e82cd5c7728df48cdcac16fb42f75cd0a94e5f1a8312443488fce
7496217cfdf7cf185ef3bb6487c2d5faa9085ddfcfae912b34fb605e61e81d79
77cde93f5ccad1764912a90f7c9a291aad94411b71f1ab5fc669081839decb71
8fe215e8d19343ed168f5535425abc449e3b20c10eca87302fa637d1d16e3048
902b5d2c08a760ad49716b323d6b53fc04ab17021e54deb96e071a8b7cdb587f
908419a042c8ebf05daee3ca1babd298454aec93cf5f71c699ba5d4577cf8aae
93b795ec06aebf7141dbfb46cf6fa51fb964d2a5c0646303eb135b38d007a0a9
9fd8ec00cc7ef88071753fa8cddbbfc2cd9b9024c39ba379218c1e3534a0e740
a7cf6334d03f73efeec3e3ffea3396796b573ad8724b8fd8e2326389133ade31
cefc4c308e396b4fce4a2bc9a0f7005cc1e0dee15d5fa6ea0a0f0fa7ae59588c
dfe94bc8e92acaa880dc54a44885fef23dc7b3f3ca84ce12c154e5e6b255d9bb
ec4e73e49bca3f6e523c3dfd66e58fa157c81c4da5eb3fa0ceaa589ba8dc0785
f50cae237c429ddad74b70172f04bda4081ff48fa400c7af60e31edb984ad1be
fd1a6fc19d6e78df8340b7161281cee8b9db552afe8c77e7a7a5fe695c98b100
ff87bdaf63b29bb9adb81755ccca945e73248b5b1bdd2bc08045227439e960ee

files.dfir.online Open in urlscan Pro 149.233.27.4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

35 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

11792 kBTransfer

22132 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

files.dfir.online Open in urlscan Pro
149.233.27.4 Public Scan

Screenshot
Live screenshot

Full Image

35
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

11792 kB
Transfer

22132 kB
Size

4
Cookies

35 HTTP transactions
0 data transactions