urlscan.io logo urlscan.io
SecurityTrails logo

adfs.nlmk.com Open in urlscan Pro
81.20.194.242  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://nextcloud.nlmk.com/api/downloads?filename\\\\\\\\\\\\\\\\\\\\\=../../../../../../../../etc/passwd%27%27
Effective URL: https://adfs.nlmk.com/adfs/ls/?SAMLRequest=nZJNb9swDIbv%2BRWF7rFsp7FTIQmQNvsIkCVBk%2B3QS8HadCNMljRR2tJ%2FP0felm3AehgPA...
Submission: On March 04 via api from RU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 7 HTTP transactions. The main IP is 81.20.194.242, located in Lipetsk, Russian Federation and belongs to NLMK-AS, RU. The main domain is adfs.nlmk.com.
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on September 23rd 2021. Valid for: a year.
This is the only time adfs.nlmk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 3 81.20.194.209 20866 (INTELECOM-AS)
7 81.20.194.242 60833 (NLMK-AS)
7 1
Apex Domain
Subdomains		 Transfer
10 nlmk.com
nextcloud.nlmk.com
adfs.nlmk.com
472 KB
7 1
Domain Requested by
7 adfs.nlmk.com adfs.nlmk.com
3 nextcloud.nlmk.com 3 redirects
7 2

This site contains no links.

Subject Issuer Validity Valid
*.nlmk.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-09-23 -
2022-10-08		 a year crt.sh

This page contains 1 frames:

Primary Page: https://adfs.nlmk.com/adfs/ls/?SAMLRequest=nZJNb9swDIbv%2BRWF7rFsp7FTIQmQNvsIkCVBk%2B3QS8HadCNMljRR2tJ%2FP0felm3AehgPAkjxfcSX0JSgVVYsgj%2Fqe%2FwSkPzgqotTqzSJeDljwWlhgCQJDS2S8JXYLz6sRZ6kwjrjTWUU%2B0v2ugqI0HlpdC9bLWdsu3mz3r5bbR7zLBvV8JQXgPlkDACjMoWbSTMqcdKU46woi3FZFJNe%2BgkddZwZ67Bs0NOIAq40edC%2Bq6d5PkxHw%2FT6kKUiK0V689BLl51ZqcFH%2BdF7S4JzqBtKtGo%2FJ5VpY8YV8V6w%2B%2BH1Vupa6ufXLT71TSTeHw674W67P%2FSQxU%2Frd0ZTaNHt0X2VFX68X1%2Bm0HjylTKhvozS4fCU2KPlYC3x0FEez4vm8YCK2Dzyp%2BdcxB24%2BX%2FzWvRQg4cp%2Fx13ecCKTed4tdwZJauXWD%2FHW%2BNa8P9eTJZksSLrYRNbRdBksZKNxJr9wiyUMt%2FuHILHGfMuILvi80E%2Fy5%2Bfdf4d&RelayState=https%3A%2F%2Fnextcloud.nlmk.com%2Findex.php%2Fapps%2Fuser_saml%2Fsaml%2Flogin&client-request-id=245f590b-8a3b-4fc8-b75e-0480000000f5&pullStatus=0
Frame ID: 5ABBDB22251A8A2B0F9E7F84B9DEED60
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Anmelden

Page URL History Show full URLs

  1. https://nextcloud.nlmk.com/api/downloads?filename\\\\\\\\\\\\\\\\\\\\\=../../../../../../../../etc/pass... HTTP 302
    https://nextcloud.nlmk.com/index.php/login HTTP 302
    https://nextcloud.nlmk.com/index.php/apps/user_saml/saml/login?originalUrl=&requesttoken=rdBHTMVFJOIqi5... HTTP 303
    https://adfs.nlmk.com/adfs/ls/?SAMLRequest=nZJNb9swDIbv%2BRWF7rFsp7FTIQmQNvsIkCVBk%2B3QS8HadCNMljR... Page URL
  2. https://adfs.nlmk.com/adfs/ls/?SAMLRequest=nZJNb9swDIbv%2BRWF7rFsp7FTIQmQNvsIkCVBk%2B3QS8HadCNMljR... Page URL

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

1
Countries

468 kB
Transfer

465 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://nextcloud.nlmk.com/api/downloads?filename\\\\\\\\\\\\\\\\\\\\\=../../../../../../../../etc/passwd%27%27 HTTP 302
    https://nextcloud.nlmk.com/index.php/login HTTP 302
    https://nextcloud.nlmk.com/index.php/apps/user_saml/saml/login?originalUrl=&requesttoken=rdBHTMVFJOIqi5ld%2BnVNxjX96p6rSZCrNCp4SbsHNu8%3D:5ZkmAaIoYJsSxfwtzRQhq0bIoqn9M6budmcIBIlfeJg%3D&idp=1 HTTP 303
    https://adfs.nlmk.com/adfs/ls/?SAMLRequest=nZJNb9swDIbv%2BRWF7rFsp7FTIQmQNvsIkCVBk%2B3QS8HadCNMljRR2tJ%2FP0felm3AehgPAkjxfcSX0JSgVVYsgj%2Fqe%2FwSkPzgqotTqzSJeDljwWlhgCQJDS2S8JXYLz6sRZ6kwjrjTWUU%2B0v2ugqI0HlpdC9bLWdsu3mz3r5bbR7zLBvV8JQXgPlkDACjMoWbSTMqcdKU46woi3FZFJNe%2BgkddZwZ67Bs0NOIAq40edC%2Bq6d5PkxHw%2FT6kKUiK0V689BLl51ZqcFH%2BdF7S4JzqBtKtGo%2FJ5VpY8YV8V6w%2B%2BH1Vupa6ufXLT71TSTeHw674W67P%2FSQxU%2Frd0ZTaNHt0X2VFX68X1%2Bm0HjylTKhvozS4fCU2KPlYC3x0FEez4vm8YCK2Dzyp%2BdcxB24%2BX%2FzWvRQg4cp%2Fx13ecCKTed4tdwZJauXWD%2FHW%2BNa8P9eTJZksSLrYRNbRdBksZKNxJr9wiyUMt%2FuHILHGfMuILvi80E%2Fy5%2Bfdf4d&RelayState=https%3A%2F%2Fnextcloud.nlmk.com%2Findex.php%2Fapps%2Fuser_saml%2Fsaml%2Flogin Page URL
  2. https://adfs.nlmk.com/adfs/ls/?SAMLRequest=nZJNb9swDIbv%2BRWF7rFsp7FTIQmQNvsIkCVBk%2B3QS8HadCNMljRR2tJ%2FP0felm3AehgPAkjxfcSX0JSgVVYsgj%2Fqe%2FwSkPzgqotTqzSJeDljwWlhgCQJDS2S8JXYLz6sRZ6kwjrjTWUU%2B0v2ugqI0HlpdC9bLWdsu3mz3r5bbR7zLBvV8JQXgPlkDACjMoWbSTMqcdKU46woi3FZFJNe%2BgkddZwZ67Bs0NOIAq40edC%2Bq6d5PkxHw%2FT6kKUiK0V689BLl51ZqcFH%2BdF7S4JzqBtKtGo%2FJ5VpY8YV8V6w%2B%2BH1Vupa6ufXLT71TSTeHw674W67P%2FSQxU%2Frd0ZTaNHt0X2VFX68X1%2Bm0HjylTKhvozS4fCU2KPlYC3x0FEez4vm8YCK2Dzyp%2BdcxB24%2BX%2FzWvRQg4cp%2Fx13ecCKTed4tdwZJauXWD%2FHW%2BNa8P9eTJZksSLrYRNbRdBksZKNxJr9wiyUMt%2FuHILHGfMuILvi80E%2Fy5%2Bfdf4d&RelayState=https%3A%2F%2Fnextcloud.nlmk.com%2Findex.php%2Fapps%2Fuser_saml%2Fsaml%2Flogin&client-request-id=245f590b-8a3b-4fc8-b75e-0480000000f5&pullStatus=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://nextcloud.nlmk.com/api/downloads?filename\\\\\\\\\\\\\\\\\\\\\=../../../../../../../../etc/passwd%27%27 HTTP 302
  • https://nextcloud.nlmk.com/index.php/login HTTP 302
  • https://nextcloud.nlmk.com/index.php/apps/user_saml/saml/login?originalUrl=&requesttoken=rdBHTMVFJOIqi5ld%2BnVNxjX96p6rSZCrNCp4SbsHNu8%3D:5ZkmAaIoYJsSxfwtzRQhq0bIoqn9M6budmcIBIlfeJg%3D&idp=1 HTTP 303
  • https://adfs.nlmk.com/adfs/ls/?SAMLRequest=nZJNb9swDIbv%2BRWF7rFsp7FTIQmQNvsIkCVBk%2B3QS8HadCNMljRR2tJ%2FP0felm3AehgPAkjxfcSX0JSgVVYsgj%2Fqe%2FwSkPzgqotTqzSJeDljwWlhgCQJDS2S8JXYLz6sRZ6kwjrjTWUU%2B0v2ugqI0HlpdC9bLWdsu3mz3r5bbR7zLBvV8JQXgPlkDACjMoWbSTMqcdKU46woi3FZFJNe%2BgkddZwZ67Bs0NOIAq40edC%2Bq6d5PkxHw%2FT6kKUiK0V689BLl51ZqcFH%2BdF7S4JzqBtKtGo%2FJ5VpY8YV8V6w%2B%2BH1Vupa6ufXLT71TSTeHw674W67P%2FSQxU%2Frd0ZTaNHt0X2VFX68X1%2Bm0HjylTKhvozS4fCU2KPlYC3x0FEez4vm8YCK2Dzyp%2BdcxB24%2BX%2FzWvRQg4cp%2Fx13ecCKTed4tdwZJauXWD%2FHW%2BNa8P9eTJZksSLrYRNbRdBksZKNxJr9wiyUMt%2FuHILHGfMuILvi80E%2Fy5%2Bfdf4d&RelayState=https%3A%2F%2Fnextcloud.nlmk.com%2Findex.php%2Fapps%2Fuser_saml%2Fsaml%2Flogin

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
adfs.nlmk.com/adfs/ls/
Redirect Chain
  • https://nextcloud.nlmk.com/api/downloads?filename\\\\\\\\\\\\\\\\\\\\\=../../../../../../../../etc/passwd%27%27
  • https://nextcloud.nlmk.com/index.php/login
  • https://nextcloud.nlmk.com/index.php/apps/user_saml/saml/login?originalUrl=&requesttoken=rdBHTMVFJOIqi5ld%2BnVNxjX96p6rSZCrNCp4SbsHNu8%3D:5ZkmAaIoYJsSxfwtzRQhq0bIoqn9M6budmcIBIlfeJg%3D&idp=1
  • https://adfs.nlmk.com/adfs/ls/?SAMLRequest=nZJNb9swDIbv%2BRWF7rFsp7FTIQmQNvsIkCVBk%2B3QS8HadCNMljRR2tJ%2FP0felm3AehgPAkjxfcSX0JSgVVYsgj%2Fqe%2FwSkPzgqotTqzSJeDljwWlhgCQJDS2S8JXYLz6sRZ6kwjrjTWUU%2B0...
33 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adfs.nlmk.com/adfs/ls/?SAMLRequest=nZJNb9swDIbv%2BRWF7rFsp7FTIQmQNvsIkCVBk%2B3QS8HadCNMljRR2tJ%2FP0felm3AehgPAkjxfcSX0JSgVVYsgj%2Fqe%2FwSkPzgqotTqzSJeDljwWlhgCQJDS2S8JXYLz6sRZ6kwjrjTWUU%2B0v2ugqI0HlpdC9bLWdsu3mz3r5bbR7zLBvV8JQXgPlkDACjMoWbSTMqcdKU46woi3FZFJNe%2BgkddZwZ67Bs0NOIAq40edC%2Bq6d5PkxHw%2FT6kKUiK0V689BLl51ZqcFH%2BdF7S4JzqBtKtGo%2FJ5VpY8YV8V6w%2B%2BH1Vupa6ufXLT71TSTeHw674W67P%2FSQxU%2Frd0ZTaNHt0X2VFX68X1%2Bm0HjylTKhvozS4fCU2KPlYC3x0FEez4vm8YCK2Dzyp%2BdcxB24%2BX%2FzWvRQg4cp%2Fx13ecCKTed4tdwZJauXWD%2FHW%2BNa8P9eTJZksSLrYRNbRdBksZKNxJr9wiyUMt%2FuHILHGfMuILvi80E%2Fy5%2Bfdf4d&RelayState=https%3A%2F%2Fnextcloud.nlmk.com%2Findex.php%2Fapps%2Fuser_saml%2Fsaml%2Flogin
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
81.20.194.242 Lipetsk, Russian Federation, ASN60833 (NLMK-AS, RU),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
68ed22d314e4a52a07f4b4ae8b90a4dc9b71dd7f770fc4ebbdb537ce28224813
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,no-store
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Expires
-1
Server
Microsoft-HTTPAPI/2.0
Access-Control-Allow-Origin
https://nl-st-asop-kkp.ao.nlmk
X-Frame-Options
DENY
Date
Fri, 04 Mar 2022 10:17:09 GMT
Transfer-Encoding
chunked

Redirect headers

Date
Fri, 04 Mar 2022 10:17:09 GMT
Server
Apache/2.4.37 (centos) OpenSSL/1.1.1k
X-Powered-By
PHP/7.4.22
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
Content-Security-Policy
default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'
Feature-Policy
autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
X-Robots-Tag
none
Strict-Transport-Security
max-age=15552000; includeSubDomains
Referrer-Policy
no-referrer
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-XSS-Protection
1; mode=block
Location
https://adfs.nlmk.com/adfs/ls/?SAMLRequest=nZJNb9swDIbv%2BRWF7rFsp7FTIQmQNvsIkCVBk%2B3QS8HadCNMljRR2tJ%2FP0felm3AehgPAkjxfcSX0JSgVVYsgj%2Fqe%2FwSkPzgqotTqzSJeDljwWlhgCQJDS2S8JXYLz6sRZ6kwjrjTWUU%2B0v2ugqI0HlpdC9bLWdsu3mz3r5bbR7zLBvV8JQXgPlkDACjMoWbSTMqcdKU46woi3FZFJNe%2BgkddZwZ67Bs0NOIAq40edC%2Bq6d5PkxHw%2FT6kKUiK0V689BLl51ZqcFH%2BdF7S4JzqBtKtGo%2FJ5VpY8YV8V6w%2B%2BH1Vupa6ufXLT71TSTeHw674W67P%2FSQxU%2Frd0ZTaNHt0X2VFX68X1%2Bm0HjylTKhvozS4fCU2KPlYC3x0FEez4vm8YCK2Dzyp%2BdcxB24%2BX%2FzWvRQg4cp%2Fx13ecCKTed4tdwZJauXWD%2FHW%2BNa8P9eTJZksSLrYRNbRdBksZKNxJr9wiyUMt%2FuHILHGfMuILvi80E%2Fy5%2Bfdf4d&RelayState=https%3A%2F%2Fnextcloud.nlmk.com%2Findex.php%2Fapps%2Fuser_saml%2Fsaml%2Flogin
Content-Length
0
Keep-Alive
timeout=5, max=98
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
style.css
adfs.nlmk.com/adfs/portal/css/ 		8 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://adfs.nlmk.com/adfs/portal/css/style.css?id=0A13280A86E7DFA6949BD016EA848912FCAFC05E88CBEDF538AC325B27041205
Requested by
Host: adfs.nlmk.com
URL: https://adfs.nlmk.com/adfs/ls/?SAMLRequest=nZJNb9swDIbv%2BRWF7rFsp7FTIQmQNvsIkCVBk%2B3QS8HadCNMljRR2tJ%2FP0felm3AehgPAkjxfcSX0JSgVVYsgj%2Fqe%2FwSkPzgqotTqzSJeDljwWlhgCQJDS2S8JXYLz6sRZ6kwjrjTWUU%2B0v2ugqI0HlpdC9bLWdsu3mz3r5bbR7zLBvV8JQXgPlkDACjMoWbSTMqcdKU46woi3FZFJNe%2BgkddZwZ67Bs0NOIAq40edC%2Bq6d5PkxHw%2FT6kKUiK0V689BLl51ZqcFH%2BdF7S4JzqBtKtGo%2FJ5VpY8YV8V6w%2B%2BH1Vupa6ufXLT71TSTeHw674W67P%2FSQxU%2Frd0ZTaNHt0X2VFX68X1%2Bm0HjylTKhvozS4fCU2KPlYC3x0FEez4vm8YCK2Dzyp%2BdcxB24%2BX%2FzWvRQg4cp%2Fx13ecCKTed4tdwZJauXWD%2FHW%2BNa8P9eTJZksSLrYRNbRdBksZKNxJr9wiyUMt%2FuHILHGfMuILvi80E%2Fy5%2Bfdf4d&RelayState=https%3A%2F%2Fnextcloud.nlmk.com%2Findex.php%2Fapps%2Fuser_saml%2Fsaml%2Flogin
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
81.20.194.242 Lipetsk, Russian Federation, ASN60833 (NLMK-AS, RU),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
0a13280a86e7dfa6949bd016ea848912fcafc05e88cbedf538ac325b27041205

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://adfs.nlmk.com/adfs/ls/?SAMLRequest=nZJNb9swDIbv%2BRWF7rFsp7FTIQmQNvsIkCVBk%2B3QS8HadCNMljRR2tJ%2FP0felm3AehgPAkjxfcSX0JSgVVYsgj%2Fqe%2FwSkPzgqotTqzSJeDljwWlhgCQJDS2S8JXYLz6sRZ6kwjrjTWUU%2B0v2ugqI0HlpdC9bLWdsu3mz3r5bbR7zLBvV8JQXgPlkDACjMoWbSTMqcdKU46woi3FZFJNe%2BgkddZwZ67Bs0NOIAq40edC%2Bq6d5PkxHw%2FT6kKUiK0V689BLl51ZqcFH%2BdF7S4JzqBtKtGo%2FJ5VpY8YV8V6w%2B%2BH1Vupa6ufXLT71TSTeHw674W67P%2FSQxU%2Frd0ZTaNHt0X2VFX68X1%2Bm0HjylTKhvozS4fCU2KPlYC3x0FEez4vm8YCK2Dzyp%2BdcxB24%2BX%2FzWvRQg4cp%2Fx13ecCKTed4tdwZJauXWD%2FHW%2BNa8P9eTJZksSLrYRNbRdBksZKNxJr9wiyUMt%2FuHILHGfMuILvi80E%2Fy5%2Bfdf4d&RelayState=https%3A%2F%2Fnextcloud.nlmk.com%2Findex.php%2Fapps%2Fuser_saml%2Fsaml%2Flogin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://nl-st-asop-kkp.ao.nlmk
Date
Fri, 04 Mar 2022 10:17:10 GMT
Expires
Sun, 03 Apr 2022 10:17:10 GMT
Server
Microsoft-HTTPAPI/2.0
ETag
0A13280A86E7DFA6949BD016EA848912FCAFC05E88CBEDF538AC325B27041205
Transfer-Encoding
chunked
Content-Type
text/css
logo.png
adfs.nlmk.com/adfs/portal/logo/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adfs.nlmk.com/adfs/portal/logo/logo.png?id=3EC57AEA1D0E01EC1F60EC7E88888E651105F7BD1413ECAA99E1257E6D08929F
Requested by
Host: adfs.nlmk.com
URL: https://adfs.nlmk.com/adfs/ls/?SAMLRequest=nZJNb9swDIbv%2BRWF7rFsp7FTIQmQNvsIkCVBk%2B3QS8HadCNMljRR2tJ%2FP0felm3AehgPAkjxfcSX0JSgVVYsgj%2Fqe%2FwSkPzgqotTqzSJeDljwWlhgCQJDS2S8JXYLz6sRZ6kwjrjTWUU%2B0v2ugqI0HlpdC9bLWdsu3mz3r5bbR7zLBvV8JQXgPlkDACjMoWbSTMqcdKU46woi3FZFJNe%2BgkddZwZ67Bs0NOIAq40edC%2Bq6d5PkxHw%2FT6kKUiK0V689BLl51ZqcFH%2BdF7S4JzqBtKtGo%2FJ5VpY8YV8V6w%2B%2BH1Vupa6ufXLT71TSTeHw674W67P%2FSQxU%2Frd0ZTaNHt0X2VFX68X1%2Bm0HjylTKhvozS4fCU2KPlYC3x0FEez4vm8YCK2Dzyp%2BdcxB24%2BX%2FzWvRQg4cp%2Fx13ecCKTed4tdwZJauXWD%2FHW%2BNa8P9eTJZksSLrYRNbRdBksZKNxJr9wiyUMt%2FuHILHGfMuILvi80E%2Fy5%2Bfdf4d&RelayState=https%3A%2F%2Fnextcloud.nlmk.com%2Findex.php%2Fapps%2Fuser_saml%2Fsaml%2Flogin
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
81.20.194.242 Lipetsk, Russian Federation, ASN60833 (NLMK-AS, RU),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://adfs.nlmk.com/adfs/ls/?SAMLRequest=nZJNb9swDIbv%2BRWF7rFsp7FTIQmQNvsIkCVBk%2B3QS8HadCNMljRR2tJ%2FP0felm3AehgPAkjxfcSX0JSgVVYsgj%2Fqe%2FwSkPzgqotTqzSJeDljwWlhgCQJDS2S8JXYLz6sRZ6kwjrjTWUU%2B0v2ugqI0HlpdC9bLWdsu3mz3r5bbR7zLBvV8JQXgPlkDACjMoWbSTMqcdKU46woi3FZFJNe%2BgkddZwZ67Bs0NOIAq40edC%2Bq6d5PkxHw%2FT6kKUiK0V689BLl51ZqcFH%2BdF7S4JzqBtKtGo%2FJ5VpY8YV8V6w%2B%2BH1Vupa6ufXLT71TSTeHw674W67P%2FSQxU%2Frd0ZTaNHt0X2VFX68X1%2Bm0HjylTKhvozS4fCU2KPlYC3x0FEez4vm8YCK2Dzyp%2BdcxB24%2BX%2FzWvRQg4cp%2Fx13ecCKTed4tdwZJauXWD%2FHW%2BNa8P9eTJZksSLrYRNbRdBksZKNxJr9wiyUMt%2FuHILHGfMuILvi80E%2Fy5%2Bfdf4d&RelayState=https%3A%2F%2Fnextcloud.nlmk.com%2Findex.php%2Fapps%2Fuser_saml%2Fsaml%2Flogin
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://nl-st-asop-kkp.ao.nlmk
Date
Fri, 04 Mar 2022 10:17:10 GMT
Expires
Sun, 03 Apr 2022 10:17:10 GMT
Server
Microsoft-HTTPAPI/2.0
ETag
3EC57AEA1D0E01EC1F60EC7E88888E651105F7BD1413ECAA99E1257E6D08929F
Content-Length
9572
Content-Type
image/png
Primary Request /
adfs.nlmk.com/adfs/ls/ 		21 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adfs.nlmk.com/adfs/ls/?SAMLRequest=nZJNb9swDIbv%2BRWF7rFsp7FTIQmQNvsIkCVBk%2B3QS8HadCNMljRR2tJ%2FP0felm3AehgPAkjxfcSX0JSgVVYsgj%2Fqe%2FwSkPzgqotTqzSJeDljwWlhgCQJDS2S8JXYLz6sRZ6kwjrjTWUU%2B0v2ugqI0HlpdC9bLWdsu3mz3r5bbR7zLBvV8JQXgPlkDACjMoWbSTMqcdKU46woi3FZFJNe%2BgkddZwZ67Bs0NOIAq40edC%2Bq6d5PkxHw%2FT6kKUiK0V689BLl51ZqcFH%2BdF7S4JzqBtKtGo%2FJ5VpY8YV8V6w%2B%2BH1Vupa6ufXLT71TSTeHw674W67P%2FSQxU%2Frd0ZTaNHt0X2VFX68X1%2Bm0HjylTKhvozS4fCU2KPlYC3x0FEez4vm8YCK2Dzyp%2BdcxB24%2BX%2FzWvRQg4cp%2Fx13ecCKTed4tdwZJauXWD%2FHW%2BNa8P9eTJZksSLrYRNbRdBksZKNxJr9wiyUMt%2FuHILHGfMuILvi80E%2Fy5%2Bfdf4d&RelayState=https%3A%2F%2Fnextcloud.nlmk.com%2Findex.php%2Fapps%2Fuser_saml%2Fsaml%2Flogin&client-request-id=245f590b-8a3b-4fc8-b75e-0480000000f5&pullStatus=0
Requested by
Host: adfs.nlmk.com
URL: https://adfs.nlmk.com/adfs/ls/?SAMLRequest=nZJNb9swDIbv%2BRWF7rFsp7FTIQmQNvsIkCVBk%2B3QS8HadCNMljRR2tJ%2FP0felm3AehgPAkjxfcSX0JSgVVYsgj%2Fqe%2FwSkPzgqotTqzSJeDljwWlhgCQJDS2S8JXYLz6sRZ6kwjrjTWUU%2B0v2ugqI0HlpdC9bLWdsu3mz3r5bbR7zLBvV8JQXgPlkDACjMoWbSTMqcdKU46woi3FZFJNe%2BgkddZwZ67Bs0NOIAq40edC%2Bq6d5PkxHw%2FT6kKUiK0V689BLl51ZqcFH%2BdF7S4JzqBtKtGo%2FJ5VpY8YV8V6w%2B%2BH1Vupa6ufXLT71TSTeHw674W67P%2FSQxU%2Frd0ZTaNHt0X2VFX68X1%2Bm0HjylTKhvozS4fCU2KPlYC3x0FEez4vm8YCK2Dzyp%2BdcxB24%2BX%2FzWvRQg4cp%2Fx13ecCKTed4tdwZJauXWD%2FHW%2BNa8P9eTJZksSLrYRNbRdBksZKNxJr9wiyUMt%2FuHILHGfMuILvi80E%2Fy5%2Bfdf4d&RelayState=https%3A%2F%2Fnextcloud.nlmk.com%2Findex.php%2Fapps%2Fuser_saml%2Fsaml%2Flogin
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
81.20.194.242 Lipetsk, Russian Federation, ASN60833 (NLMK-AS, RU),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
acb9daeca49a909d91d42f9f3061b12cb809c1a49cf02be1092cd8badb03b0ee
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://adfs.nlmk.com/adfs/ls/?SAMLRequest=nZJNb9swDIbv%2BRWF7rFsp7FTIQmQNvsIkCVBk%2B3QS8HadCNMljRR2tJ%2FP0felm3AehgPAkjxfcSX0JSgVVYsgj%2Fqe%2FwSkPzgqotTqzSJeDljwWlhgCQJDS2S8JXYLz6sRZ6kwjrjTWUU%2B0v2ugqI0HlpdC9bLWdsu3mz3r5bbR7zLBvV8JQXgPlkDACjMoWbSTMqcdKU46woi3FZFJNe%2BgkddZwZ67Bs0NOIAq40edC%2Bq6d5PkxHw%2FT6kKUiK0V689BLl51ZqcFH%2BdF7S4JzqBtKtGo%2FJ5VpY8YV8V6w%2B%2BH1Vupa6ufXLT71TSTeHw674W67P%2FSQxU%2Frd0ZTaNHt0X2VFX68X1%2Bm0HjylTKhvozS4fCU2KPlYC3x0FEez4vm8YCK2Dzyp%2BdcxB24%2BX%2FzWvRQg4cp%2Fx13ecCKTed4tdwZJauXWD%2FHW%2BNa8P9eTJZksSLrYRNbRdBksZKNxJr9wiyUMt%2FuHILHGfMuILvi80E%2Fy5%2Bfdf4d&RelayState=https%3A%2F%2Fnextcloud.nlmk.com%2Findex.php%2Fapps%2Fuser_saml%2Fsaml%2Flogin

Response headers

Cache-Control
no-cache,no-store
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Expires
-1
Server
Microsoft-HTTPAPI/2.0
Access-Control-Allow-Origin
https://nl-st-asop-kkp.ao.nlmk
X-Frame-Options
DENY
Date
Fri, 04 Mar 2022 10:17:10 GMT
Transfer-Encoding
chunked
style.css
adfs.nlmk.com/adfs/portal/css/ 		8 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://adfs.nlmk.com/adfs/portal/css/style.css?id=0A13280A86E7DFA6949BD016EA848912FCAFC05E88CBEDF538AC325B27041205
Requested by
Host: adfs.nlmk.com
URL: https://adfs.nlmk.com/adfs/ls/?SAMLRequest=nZJNb9swDIbv%2BRWF7rFsp7FTIQmQNvsIkCVBk%2B3QS8HadCNMljRR2tJ%2FP0felm3AehgPAkjxfcSX0JSgVVYsgj%2Fqe%2FwSkPzgqotTqzSJeDljwWlhgCQJDS2S8JXYLz6sRZ6kwjrjTWUU%2B0v2ugqI0HlpdC9bLWdsu3mz3r5bbR7zLBvV8JQXgPlkDACjMoWbSTMqcdKU46woi3FZFJNe%2BgkddZwZ67Bs0NOIAq40edC%2Bq6d5PkxHw%2FT6kKUiK0V689BLl51ZqcFH%2BdF7S4JzqBtKtGo%2FJ5VpY8YV8V6w%2B%2BH1Vupa6ufXLT71TSTeHw674W67P%2FSQxU%2Frd0ZTaNHt0X2VFX68X1%2Bm0HjylTKhvozS4fCU2KPlYC3x0FEez4vm8YCK2Dzyp%2BdcxB24%2BX%2FzWvRQg4cp%2Fx13ecCKTed4tdwZJauXWD%2FHW%2BNa8P9eTJZksSLrYRNbRdBksZKNxJr9wiyUMt%2FuHILHGfMuILvi80E%2Fy5%2Bfdf4d&RelayState=https%3A%2F%2Fnextcloud.nlmk.com%2Findex.php%2Fapps%2Fuser_saml%2Fsaml%2Flogin&client-request-id=245f590b-8a3b-4fc8-b75e-0480000000f5&pullStatus=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
81.20.194.242 Lipetsk, Russian Federation, ASN60833 (NLMK-AS, RU),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
0a13280a86e7dfa6949bd016ea848912fcafc05e88cbedf538ac325b27041205

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://adfs.nlmk.com/adfs/ls/?SAMLRequest=nZJNb9swDIbv%2BRWF7rFsp7FTIQmQNvsIkCVBk%2B3QS8HadCNMljRR2tJ%2FP0felm3AehgPAkjxfcSX0JSgVVYsgj%2Fqe%2FwSkPzgqotTqzSJeDljwWlhgCQJDS2S8JXYLz6sRZ6kwjrjTWUU%2B0v2ugqI0HlpdC9bLWdsu3mz3r5bbR7zLBvV8JQXgPlkDACjMoWbSTMqcdKU46woi3FZFJNe%2BgkddZwZ67Bs0NOIAq40edC%2Bq6d5PkxHw%2FT6kKUiK0V689BLl51ZqcFH%2BdF7S4JzqBtKtGo%2FJ5VpY8YV8V6w%2B%2BH1Vupa6ufXLT71TSTeHw674W67P%2FSQxU%2Frd0ZTaNHt0X2VFX68X1%2Bm0HjylTKhvozS4fCU2KPlYC3x0FEez4vm8YCK2Dzyp%2BdcxB24%2BX%2FzWvRQg4cp%2Fx13ecCKTed4tdwZJauXWD%2FHW%2BNa8P9eTJZksSLrYRNbRdBksZKNxJr9wiyUMt%2FuHILHGfMuILvi80E%2Fy5%2Bfdf4d&RelayState=https%3A%2F%2Fnextcloud.nlmk.com%2Findex.php%2Fapps%2Fuser_saml%2Fsaml%2Flogin&client-request-id=245f590b-8a3b-4fc8-b75e-0480000000f5&pullStatus=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://nl-st-asop-kkp.ao.nlmk
Date
Fri, 04 Mar 2022 10:17:10 GMT
Expires
Sun, 03 Apr 2022 10:17:10 GMT
Server
Microsoft-HTTPAPI/2.0
ETag
0A13280A86E7DFA6949BD016EA848912FCAFC05E88CBEDF538AC325B27041205
Transfer-Encoding
chunked
Content-Type
text/css
logo.png
adfs.nlmk.com/adfs/portal/logo/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adfs.nlmk.com/adfs/portal/logo/logo.png?id=3EC57AEA1D0E01EC1F60EC7E88888E651105F7BD1413ECAA99E1257E6D08929F
Requested by
Host: adfs.nlmk.com
URL: https://adfs.nlmk.com/adfs/ls/?SAMLRequest=nZJNb9swDIbv%2BRWF7rFsp7FTIQmQNvsIkCVBk%2B3QS8HadCNMljRR2tJ%2FP0felm3AehgPAkjxfcSX0JSgVVYsgj%2Fqe%2FwSkPzgqotTqzSJeDljwWlhgCQJDS2S8JXYLz6sRZ6kwjrjTWUU%2B0v2ugqI0HlpdC9bLWdsu3mz3r5bbR7zLBvV8JQXgPlkDACjMoWbSTMqcdKU46woi3FZFJNe%2BgkddZwZ67Bs0NOIAq40edC%2Bq6d5PkxHw%2FT6kKUiK0V689BLl51ZqcFH%2BdF7S4JzqBtKtGo%2FJ5VpY8YV8V6w%2B%2BH1Vupa6ufXLT71TSTeHw674W67P%2FSQxU%2Frd0ZTaNHt0X2VFX68X1%2Bm0HjylTKhvozS4fCU2KPlYC3x0FEez4vm8YCK2Dzyp%2BdcxB24%2BX%2FzWvRQg4cp%2Fx13ecCKTed4tdwZJauXWD%2FHW%2BNa8P9eTJZksSLrYRNbRdBksZKNxJr9wiyUMt%2FuHILHGfMuILvi80E%2Fy5%2Bfdf4d&RelayState=https%3A%2F%2Fnextcloud.nlmk.com%2Findex.php%2Fapps%2Fuser_saml%2Fsaml%2Flogin&client-request-id=245f590b-8a3b-4fc8-b75e-0480000000f5&pullStatus=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
81.20.194.242 Lipetsk, Russian Federation, ASN60833 (NLMK-AS, RU),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
3ec57aea1d0e01ec1f60ec7e88888e651105f7bd1413ecaa99e1257e6d08929f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://adfs.nlmk.com/adfs/ls/?SAMLRequest=nZJNb9swDIbv%2BRWF7rFsp7FTIQmQNvsIkCVBk%2B3QS8HadCNMljRR2tJ%2FP0felm3AehgPAkjxfcSX0JSgVVYsgj%2Fqe%2FwSkPzgqotTqzSJeDljwWlhgCQJDS2S8JXYLz6sRZ6kwjrjTWUU%2B0v2ugqI0HlpdC9bLWdsu3mz3r5bbR7zLBvV8JQXgPlkDACjMoWbSTMqcdKU46woi3FZFJNe%2BgkddZwZ67Bs0NOIAq40edC%2Bq6d5PkxHw%2FT6kKUiK0V689BLl51ZqcFH%2BdF7S4JzqBtKtGo%2FJ5VpY8YV8V6w%2B%2BH1Vupa6ufXLT71TSTeHw674W67P%2FSQxU%2Frd0ZTaNHt0X2VFX68X1%2Bm0HjylTKhvozS4fCU2KPlYC3x0FEez4vm8YCK2Dzyp%2BdcxB24%2BX%2FzWvRQg4cp%2Fx13ecCKTed4tdwZJauXWD%2FHW%2BNa8P9eTJZksSLrYRNbRdBksZKNxJr9wiyUMt%2FuHILHGfMuILvi80E%2Fy5%2Bfdf4d&RelayState=https%3A%2F%2Fnextcloud.nlmk.com%2Findex.php%2Fapps%2Fuser_saml%2Fsaml%2Flogin&client-request-id=245f590b-8a3b-4fc8-b75e-0480000000f5&pullStatus=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://nl-st-asop-kkp.ao.nlmk
Date
Fri, 04 Mar 2022 10:17:10 GMT
Expires
Sun, 03 Apr 2022 10:17:10 GMT
Server
Microsoft-HTTPAPI/2.0
ETag
3EC57AEA1D0E01EC1F60EC7E88888E651105F7BD1413ECAA99E1257E6D08929F
Content-Length
9572
Content-Type
image/png
illustration.jpg
adfs.nlmk.com/adfs/portal/illustration/ 		376 KB
376 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adfs.nlmk.com/adfs/portal/illustration/illustration.jpg?id=2F51B75C2CD559E49A085EC61F936D85F2B04133C4FB061F7DB8372215F0984C
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
81.20.194.242 Lipetsk, Russian Federation, ASN60833 (NLMK-AS, RU),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
2f51b75c2cd559e49a085ec61f936d85f2b04133c4fb061f7db8372215f0984c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://adfs.nlmk.com/adfs/ls/?SAMLRequest=nZJNb9swDIbv%2BRWF7rFsp7FTIQmQNvsIkCVBk%2B3QS8HadCNMljRR2tJ%2FP0felm3AehgPAkjxfcSX0JSgVVYsgj%2Fqe%2FwSkPzgqotTqzSJeDljwWlhgCQJDS2S8JXYLz6sRZ6kwjrjTWUU%2B0v2ugqI0HlpdC9bLWdsu3mz3r5bbR7zLBvV8JQXgPlkDACjMoWbSTMqcdKU46woi3FZFJNe%2BgkddZwZ67Bs0NOIAq40edC%2Bq6d5PkxHw%2FT6kKUiK0V689BLl51ZqcFH%2BdF7S4JzqBtKtGo%2FJ5VpY8YV8V6w%2B%2BH1Vupa6ufXLT71TSTeHw674W67P%2FSQxU%2Frd0ZTaNHt0X2VFX68X1%2Bm0HjylTKhvozS4fCU2KPlYC3x0FEez4vm8YCK2Dzyp%2BdcxB24%2BX%2FzWvRQg4cp%2Fx13ecCKTed4tdwZJauXWD%2FHW%2BNa8P9eTJZksSLrYRNbRdBksZKNxJr9wiyUMt%2FuHILHGfMuILvi80E%2Fy5%2Bfdf4d&RelayState=https%3A%2F%2Fnextcloud.nlmk.com%2Findex.php%2Fapps%2Fuser_saml%2Fsaml%2Flogin&client-request-id=245f590b-8a3b-4fc8-b75e-0480000000f5&pullStatus=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://nl-st-asop-kkp.ao.nlmk
Date
Fri, 04 Mar 2022 10:17:10 GMT
Expires
Sun, 03 Apr 2022 10:17:10 GMT
Server
Microsoft-HTTPAPI/2.0
ETag
2F51B75C2CD559E49A085EC61F936D85F2B04133C4FB061F7DB8372215F0984C
Content-Length
385099
Content-Type
image/jpg

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| LoginErrors number| maxPasswordLength function| InputUtil function| SelectOption function| Login undefined| emails undefined| msViewportStyle undefined| viewport function| getStyle function| computeLoadIllustration function| SetIllustrationImage function| changeFavicon

6 Cookies

Domain/Path Name / Value
nextcloud.nlmk.com/ Name: oc_sessionPassphrase
Value: rRysLcldwj9M9d1RnkwquRldLcPLA4xFC85eYrjPQYiHG%2Fm2O3F%2BKA68RWoakd0%2BAciBbV4P6Xo%2FygOFSJBuEvbPZDDBxsdzLU227aIRgoF5Gdigv2NAaKTGgdXjI2%2B%2B
nextcloud.nlmk.com/ Name: oce115cef9ke
Value: p8m7lcrp1k3uteagdmotcmv3g2
nextcloud.nlmk.com/ Name: __Host-nc_sameSiteCookielax
Value: true
nextcloud.nlmk.com/ Name: __Host-nc_sameSiteCookiestrict
Value: true
nextcloud.nlmk.com/ Name: saml_data
Value: NGM3YjE3OTU5ZTQ1ZThmOWM2NTk3OGYyZTRiZmNhZjA0MThkMzMyNzI4ODhkY2M2ZDdkZWJiY2EzZGMxNjkzNzNhY2NlMjI0NGMwMTA3NjA1ZDM1Mzk5NjVhYmNkYzhmNGQzYjc5MjhmZmMzZTZmNmUyY2FlMGRmNzJiOTlmYzkwMWM0ZDM4YWMwMThmMjVkZmY5NzAyYjJmZDdhYWVmZTdmNjc1ZjY1NTNiNDljNWE0NzdkMjZiOTJmOWM1MWFiOTRlMGFhMGJkZmRiOGJlMjhiMWNiZTVmZTlkZTU4MTd8ZGRmY2ZhZjY3MTk3ZDFjMTQyN2JkYzIzYmEwNWY1NmJ8OTI5MTMxY2FjODc4OGUxMDFkZjI2NzQ3NGRjY2JmMmRmYzViMTkzZDc0MDM1MGQxYTNiYzkzMzc0YTJkNDViODM1Yzc3NDlkNzE1NWI5OGUxMWQ4NGRlMzM4NjdiZTljMGJjMWU2OWM1MDgyYWRjY2NkNjEwZjc2ZDhlMWMxY2J8Mw%3D%3D
.nlmk.com/ Name: citrix_ns_id
Value: RAU0eXqnSIv09IE+NGPgvOLfX8M0001

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options DENY