nextcloud.sec-consult.com Open in urlscan Pro
185.238.32.141  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	404 Not Found	Primary Request download Show response nextcloud.sec-consult.com/index.php/s/9xcbnspcyedgwsb/	17 KB 19 KB	357ms 80ms	Document text/html	185.238.32.141 TIMEWARP-AS
General Check archive.org Show headers Download Go to Full URL https://nextcloud.sec-consult.com/index.php/s/9xcbnspcyedgwsb/download?path=%2Fdllhijacking&files=temp.dll&downloadstartsecret=3xves4alpoo Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.238.32.141 , Austria, ASN207203 (TIMEWARP-AS, AT), Reverse DNS Software Apache / Resource Hash cdbebd7ee53f1d2022a1336eba9d1eb4c4f7025e28df788cc9a482c8f74234d9 Security Headers Name Value Content-Security-Policy default-src 'none';base-uri 'none';manifest-src 'self';script-src 'nonce-ZThjME5kTHV4SlNWbnF6VGNOUUttMkpkM2FSK0p0Q2xiZ2pzeWtMdEZ4WT06QWJCVkRMTzdsdVBFNTl1MEU3VjlxMWR2cXNFbmZwWHJYbjZjK3hlaWRUMD0=';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src 'self' data:;connect-src 'self';media-src 'self';frame-src 'self';frame-ancestors 'self';form-action 'self' Strict-Transport-Security max-age=31536000; includeSubdomains; max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-cache, no-store, must-revalidate Connection Keep-Alive Content-Length 17272 Content-Security-Policy default-src 'none';base-uri 'none';manifest-src 'self';script-src 'nonce-ZThjME5kTHV4SlNWbnF6VGNOUUttMkpkM2FSK0p0Q2xiZ2pzeWtMdEZ4WT06QWJCVkRMTzdsdVBFNTl1MEU3VjlxMWR2cXNFbmZwWHJYbjZjK3hlaWRUMD0=';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src 'self' data:;connect-src 'self';media-src 'self';frame-src 'self';frame-ancestors 'self';form-action 'self' Content-Type text/html; charset=UTF-8 Date Wed, 12 Jul 2023 13:06:41 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Feature-Policy autoplay 'self';camera 'none';fullscreen 'self';geolocation 'none';microphone 'none';payment 'none' Keep-Alive timeout=5, max=100 Pragma no-cache Referrer-Policy no-referrer Server Apache Strict-Transport-Security max-age=31536000; includeSubdomains; max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Permitted-Cross-Domain-Policies none X-Request-Id IvSGhZoICPiU2QU71u1M X-Robots-Tag none X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	server.css nextcloud.sec-consult.com/core/css/	154 KB 26 KB	29ms 26ms	Stylesheet text/css	185.238.32.141 TIMEWARP-AS
General Check archive.org Show headers Download Go to Full URL https://nextcloud.sec-consult.com/core/css/server.css?v=a804941a-27 Requested by Host: nextcloud.sec-consult.com URL: https://nextcloud.sec-consult.com/index.php/s/9xcbnspcyedgwsb/download?path=%2Fdllhijacking&files=temp.dll&downloadstartsecret=3xves4alpoo Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.238.32.141 , Austria, ASN207203 (TIMEWARP-AS, AT), Reverse DNS Software Apache / Resource Hash 0bcabf4f18dcc9247c7193f68dc6b7e97c5ed1d0b44c6a65718bf5f1774306b6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Wed, 12 Jul 2023 13:06:41 GMT Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff Content-Encoding gzip X-Permitted-Cross-Domain-Policies none Connection Keep-Alive Content-Length 25558 X-XSS-Protection 1; mode=block Referrer-Policy no-referrer Last-Modified Thu, 23 Feb 2023 09:30:20 GMT Server Apache ETag "267d1-5f55aa94fe300-gzip" X-Frame-Options SAMEORIGIN Vary Accept-Encoding Content-Type text/css Cache-Control max-age=15778463, immutable Accept-Ranges bytes X-Robots-Tag none Keep-Alive timeout=5, max=99 Expires Wed, 12 Jul 2023 13:06:41 GMT
GET H/1.1	200 OK	app.css nextcloud.sec-consult.com/apps/files_rightclick/css/	412 B 898 B	50ms 19ms	Stylesheet text/css	185.238.32.141 TIMEWARP-AS
General Check archive.org Show headers Download Go to Full URL https://nextcloud.sec-consult.com/apps/files_rightclick/css/app.css?v=1bf6e69c-27 Requested by Host: nextcloud.sec-consult.com URL: https://nextcloud.sec-consult.com/index.php/s/9xcbnspcyedgwsb/download?path=%2Fdllhijacking&files=temp.dll&downloadstartsecret=3xves4alpoo Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.238.32.141 , Austria, ASN207203 (TIMEWARP-AS, AT), Reverse DNS Software Apache / Resource Hash 2d1f3b92d7591b69a06cb8bd6cda8e4d2fa4ed9ebb470488990780a2423d0bb7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Wed, 12 Jul 2023 13:06:41 GMT Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff Content-Encoding gzip X-Permitted-Cross-Domain-Policies none Connection Keep-Alive Content-Length 199 X-XSS-Protection 1; mode=block Referrer-Policy no-referrer Last-Modified Thu, 23 Feb 2023 09:30:32 GMT Server Apache ETag "19c-5f55aaa06fe00-gzip" X-Frame-Options SAMEORIGIN Vary Accept-Encoding Content-Type text/css Cache-Control max-age=15778463, immutable Accept-Ranges bytes X-Robots-Tag none Keep-Alive timeout=5, max=98 Expires Wed, 12 Jul 2023 13:06:41 GMT
GET H/1.1	200 OK	default.css nextcloud.sec-consult.com/apps/theming/css/	3 KB 2 KB	59ms 19ms	Stylesheet text/css	185.238.32.141 TIMEWARP-AS
General Check archive.org Show headers Download Go to Full URL https://nextcloud.sec-consult.com/apps/theming/css/default.css?v=47354877-27 Requested by Host: nextcloud.sec-consult.com URL: https://nextcloud.sec-consult.com/index.php/s/9xcbnspcyedgwsb/download?path=%2Fdllhijacking&files=temp.dll&downloadstartsecret=3xves4alpoo Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.238.32.141 , Austria, ASN207203 (TIMEWARP-AS, AT), Reverse DNS Software Apache / Resource Hash f50cae237c429ddad74b70172f04bda4081ff48fa400c7af60e31edb984ad1be Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Wed, 12 Jul 2023 13:06:41 GMT Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff Content-Encoding gzip X-Permitted-Cross-Domain-Policies none Connection Keep-Alive Content-Length 993 X-XSS-Protection 1; mode=block Referrer-Policy no-referrer Last-Modified Thu, 23 Feb 2023 09:30:20 GMT Server Apache ETag "cb3-5f55aa94fe300-gzip" X-Frame-Options SAMEORIGIN Vary Accept-Encoding Content-Type text/css Cache-Control max-age=15778463, immutable Accept-Ranges bytes X-Robots-Tag none Keep-Alive timeout=5, max=100 Expires Wed, 12 Jul 2023 13:06:41 GMT
GET H/1.1	200 OK	guest.css nextcloud.sec-consult.com/core/css/	19 KB 6 KB	63ms 22ms	Stylesheet text/css	185.238.32.141 TIMEWARP-AS
General Check archive.org Show headers Download Go to Full URL https://nextcloud.sec-consult.com/core/css/guest.css?v=a804941a-27 Requested by Host: nextcloud.sec-consult.com URL: https://nextcloud.sec-consult.com/index.php/s/9xcbnspcyedgwsb/download?path=%2Fdllhijacking&files=temp.dll&downloadstartsecret=3xves4alpoo Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.238.32.141 , Austria, ASN207203 (TIMEWARP-AS, AT), Reverse DNS Software Apache / Resource Hash 43f794c27ef65cfb79270d3eca9512e0b7e5646d41035b0d9055df3bcf99d5a6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Wed, 12 Jul 2023 13:06:41 GMT Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff Content-Encoding gzip X-Permitted-Cross-Domain-Policies none Connection Keep-Alive Content-Length 5308 X-XSS-Protection 1; mode=block Referrer-Policy no-referrer Last-Modified Thu, 23 Feb 2023 09:30:20 GMT Server Apache ETag "4aac-5f55aa94fe300-gzip" X-Frame-Options SAMEORIGIN Vary Accept-Encoding Content-Type text/css Cache-Control max-age=15778463, immutable Accept-Ranges bytes X-Robots-Tag none Keep-Alive timeout=5, max=100 Expires Wed, 12 Jul 2023 13:06:41 GMT
GET H/1.1	200 OK	core-common.js Show response nextcloud.sec-consult.com/dist/	14 MB 3 MB	41ms 40ms	Script application/javascript	185.238.32.141 TIMEWARP-AS
General Check archive.org Show headers Download Go to Full URL https://nextcloud.sec-consult.com/dist/core-common.js?v=a804941a-27 Requested by Host: nextcloud.sec-consult.com URL: https://nextcloud.sec-consult.com/index.php/s/9xcbnspcyedgwsb/download?path=%2Fdllhijacking&files=temp.dll&downloadstartsecret=3xves4alpoo Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.238.32.141 , Austria, ASN207203 (TIMEWARP-AS, AT), Reverse DNS Software Apache / Resource Hash 9a566672ddb405f6799a4422413575e6b78ea496529627da232be387cbeee276 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Wed, 12 Jul 2023 13:06:42 GMT Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff Content-Encoding gzip X-Permitted-Cross-Domain-Policies none Transfer-Encoding chunked Connection Keep-Alive X-XSS-Protection 1; mode=block Referrer-Policy no-referrer Last-Modified Thu, 23 Feb 2023 09:30:20 GMT Server Apache ETag "e4260e-5f55aa94fe300-gzip" X-Frame-Options SAMEORIGIN Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=15778463, immutable Accept-Ranges bytes X-Robots-Tag none Keep-Alive timeout=5, max=98 Expires Wed, 12 Jul 2023 13:06:42 GMT
GET H/1.1	200 OK	core-main.js Show response nextcloud.sec-consult.com/dist/	152 KB 51 KB	31ms 30ms	Script application/javascript	185.238.32.141 TIMEWARP-AS
General Check archive.org Show headers Download Go to Full URL https://nextcloud.sec-consult.com/dist/core-main.js?v=a804941a-27 Requested by Host: nextcloud.sec-consult.com URL: https://nextcloud.sec-consult.com/index.php/s/9xcbnspcyedgwsb/download?path=%2Fdllhijacking&files=temp.dll&downloadstartsecret=3xves4alpoo Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.238.32.141 , Austria, ASN207203 (TIMEWARP-AS, AT), Reverse DNS Software Apache / Resource Hash c56b39b2ad56f51730873b281fa0f43846db6d25b2eea1b3f7983b5e88ec5354 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Wed, 12 Jul 2023 13:06:42 GMT Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff Content-Encoding gzip X-Permitted-Cross-Domain-Policies none Connection Keep-Alive Content-Length 51546 X-XSS-Protection 1; mode=block Referrer-Policy no-referrer Last-Modified Thu, 23 Feb 2023 09:30:20 GMT Server Apache ETag "26100-5f55aa94fe300-gzip" X-Frame-Options SAMEORIGIN Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=15778463, immutable Accept-Ranges bytes X-Robots-Tag none Keep-Alive timeout=5, max=99 Expires Wed, 12 Jul 2023 13:06:42 GMT
GET H/1.1	200 OK	de_DE.js Show response nextcloud.sec-consult.com/core/l10n/	61 KB 20 KB	25ms 24ms	Script application/javascript	185.238.32.141 TIMEWARP-AS
General Check archive.org Show headers Download Go to Full URL https://nextcloud.sec-consult.com/core/l10n/de_DE.js?v=a804941a-27 Requested by Host: nextcloud.sec-consult.com URL: https://nextcloud.sec-consult.com/index.php/s/9xcbnspcyedgwsb/download?path=%2Fdllhijacking&files=temp.dll&downloadstartsecret=3xves4alpoo Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.238.32.141 , Austria, ASN207203 (TIMEWARP-AS, AT), Reverse DNS Software Apache / Resource Hash f22790f76aae64e16a784593f3e1af18cc6ffb0898a8b0a49d2cecbf2bc7d884 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Wed, 12 Jul 2023 13:06:42 GMT Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff Content-Encoding gzip X-Permitted-Cross-Domain-Policies none Connection Keep-Alive Content-Length 19523 X-XSS-Protection 1; mode=block Referrer-Policy no-referrer Last-Modified Thu, 23 Feb 2023 09:30:20 GMT Server Apache ETag "f21f-5f55aa94fe300-gzip" X-Frame-Options SAMEORIGIN Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=15778463, immutable Accept-Ranges bytes X-Robots-Tag none Keep-Alive timeout=5, max=98 Expires Wed, 12 Jul 2023 13:06:42 GMT
GET H/1.1	200 OK	core-files_fileinfo.js Show response nextcloud.sec-consult.com/dist/	928 B 1 KB	24ms 23ms	Script application/javascript	185.238.32.141 TIMEWARP-AS
General Check archive.org Show headers Download Go to Full URL https://nextcloud.sec-consult.com/dist/core-files_fileinfo.js?v=a804941a-27 Requested by Host: nextcloud.sec-consult.com URL: https://nextcloud.sec-consult.com/index.php/s/9xcbnspcyedgwsb/download?path=%2Fdllhijacking&files=temp.dll&downloadstartsecret=3xves4alpoo Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.238.32.141 , Austria, ASN207203 (TIMEWARP-AS, AT), Reverse DNS Software Apache / Resource Hash 1889e20598b510771e1c2c378ce8cc073fd2e1f6cdaa9c65a9031a68514d5e02 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Wed, 12 Jul 2023 13:06:42 GMT Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff Content-Encoding gzip X-Permitted-Cross-Domain-Policies none Connection Keep-Alive Content-Length 521 X-XSS-Protection 1; mode=block Referrer-Policy no-referrer Last-Modified Thu, 23 Feb 2023 09:30:20 GMT Server Apache ETag "3a0-5f55aa94fe300-gzip" X-Frame-Options SAMEORIGIN Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=15778463, immutable Accept-Ranges bytes X-Robots-Tag none Keep-Alive timeout=5, max=98 Expires Wed, 12 Jul 2023 13:06:42 GMT
GET H/1.1	200 OK	core-files_client.js Show response nextcloud.sec-consult.com/dist/	12 KB 5 KB	23ms 22ms	Script application/javascript	185.238.32.141 TIMEWARP-AS
General Check archive.org Show headers Download Go to Full URL https://nextcloud.sec-consult.com/dist/core-files_client.js?v=a804941a-27 Requested by Host: nextcloud.sec-consult.com URL: https://nextcloud.sec-consult.com/index.php/s/9xcbnspcyedgwsb/download?path=%2Fdllhijacking&files=temp.dll&downloadstartsecret=3xves4alpoo Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.238.32.141 , Austria, ASN207203 (TIMEWARP-AS, AT), Reverse DNS Software Apache / Resource Hash 5fc9d9568976eab1260de67055d73f200fd729254477e3c34b19eaff26734bfc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Wed, 12 Jul 2023 13:06:42 GMT Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff Content-Encoding gzip X-Permitted-Cross-Domain-Policies none Connection Keep-Alive Content-Length 4294 X-XSS-Protection 1; mode=block Referrer-Policy no-referrer Last-Modified Thu, 23 Feb 2023 09:30:20 GMT Server Apache ETag "30ae-5f55aa94fe300-gzip" X-Frame-Options SAMEORIGIN Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=15778463, immutable Accept-Ranges bytes X-Robots-Tag none Keep-Alive timeout=5, max=95 Expires Wed, 12 Jul 2023 13:06:42 GMT
GET H/1.1	200 OK	merged-template-prepend.js Show response nextcloud.sec-consult.com/index.php/js/core/	12 KB 4 KB	92ms 91ms	Script application/javascript	185.238.32.141 TIMEWARP-AS
General Check archive.org Show headers Download Go to Full URL https://nextcloud.sec-consult.com/index.php/js/core/merged-template-prepend.js?v=a804941a-27 Requested by Host: nextcloud.sec-consult.com URL: https://nextcloud.sec-consult.com/index.php/s/9xcbnspcyedgwsb/download?path=%2Fdllhijacking&files=temp.dll&downloadstartsecret=3xves4alpoo Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.238.32.141 , Austria, ASN207203 (TIMEWARP-AS, AT), Reverse DNS Software Apache / Resource Hash 5aa81a1437f7064ff4e0e0279150b418837453fa43b2f6353b06283701b67491 Security Headers Name Value Content-Security-Policy default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none' Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Wed, 12 Jul 2023 13:06:42 GMT Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff Content-Security-Policy default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none' Content-Encoding gzip X-Permitted-Cross-Domain-Policies none Content-Disposition inline; filename="merged-template-prepend.js.gzip" Connection Keep-Alive Content-Length 3098 X-XSS-Protection 1; mode=block X-Request-Id 6VkJn0J0n8SAeToYk9or Pragma cache Referrer-Policy no-referrer Last-Modified Thu, 16 Mar 2023 21:06:45 +0000 Server Apache ETag "ce5a66d324d140b97cf6a0db7b1e90e5" X-Frame-Options SAMEORIGIN Content-Type application/javascript Cache-Control max-age=31536000, immutable Feature-Policy autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none' X-Robots-Tag none Keep-Alive timeout=5, max=99 Expires Thu, 11 Jul 2024 13:06:42 +0000
GET H/1.1	200 OK	de_DE.js Show response nextcloud.sec-consult.com/apps/files_sharing/l10n/	22 KB 7 KB	20ms 19ms	Script application/javascript	185.238.32.141 TIMEWARP-AS
General Check archive.org Show headers Download Go to Full URL https://nextcloud.sec-consult.com/apps/files_sharing/l10n/de_DE.js?v=a804941a-27 Requested by Host: nextcloud.sec-consult.com URL: https://nextcloud.sec-consult.com/index.php/s/9xcbnspcyedgwsb/download?path=%2Fdllhijacking&files=temp.dll&downloadstartsecret=3xves4alpoo Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.238.32.141 , Austria, ASN207203 (TIMEWARP-AS, AT), Reverse DNS Software Apache / Resource Hash 63ad0429ee8be049105bb6ce51ad475f46c296f6607acde9e5ad70c872c8bbe6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Wed, 12 Jul 2023 13:06:42 GMT Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff Content-Encoding gzip X-Permitted-Cross-Domain-Policies none Connection Keep-Alive Content-Length 6080 X-XSS-Protection 1; mode=block Referrer-Policy no-referrer Last-Modified Thu, 23 Feb 2023 09:30:20 GMT Server Apache ETag "575c-5f55aa94fe300-gzip" X-Frame-Options SAMEORIGIN Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=15778463, immutable Accept-Ranges bytes X-Robots-Tag none Keep-Alive timeout=5, max=97 Expires Wed, 12 Jul 2023 13:06:42 GMT
GET H/1.1	200 OK	files_sharing-main.js Show response nextcloud.sec-consult.com/dist/	371 B 967 B	28ms 28ms	Script application/javascript	185.238.32.141 TIMEWARP-AS
General Check archive.org Show headers Download Go to Full URL https://nextcloud.sec-consult.com/dist/files_sharing-main.js?v=a804941a-27 Requested by Host: nextcloud.sec-consult.com URL: https://nextcloud.sec-consult.com/index.php/s/9xcbnspcyedgwsb/download?path=%2Fdllhijacking&files=temp.dll&downloadstartsecret=3xves4alpoo Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.238.32.141 , Austria, ASN207203 (TIMEWARP-AS, AT), Reverse DNS Software Apache / Resource Hash 6e31f758314d2748c68e8db4aafbc5c6c26574ed21dee3c191e900ddba223d60 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Wed, 12 Jul 2023 13:06:42 GMT Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff Content-Encoding gzip X-Permitted-Cross-Domain-Policies none Connection Keep-Alive Content-Length 254 X-XSS-Protection 1; mode=block Referrer-Policy no-referrer Last-Modified Thu, 23 Feb 2023 09:30:20 GMT Server Apache ETag "173-5f55aa94fe300-gzip" X-Frame-Options SAMEORIGIN Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=15778463, immutable Accept-Ranges bytes X-Robots-Tag none Keep-Alive timeout=5, max=96 Expires Wed, 12 Jul 2023 13:06:42 GMT
GET H/1.1	200 OK	de_DE.js Show response nextcloud.sec-consult.com/apps/files_rightclick/l10n/	873 B 1 KB	24ms 24ms	Script application/javascript	185.238.32.141 TIMEWARP-AS
General Check archive.org Show headers Download Go to Full URL https://nextcloud.sec-consult.com/apps/files_rightclick/l10n/de_DE.js?v=a804941a-27 Requested by Host: nextcloud.sec-consult.com URL: https://nextcloud.sec-consult.com/index.php/s/9xcbnspcyedgwsb/download?path=%2Fdllhijacking&files=temp.dll&downloadstartsecret=3xves4alpoo Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.238.32.141 , Austria, ASN207203 (TIMEWARP-AS, AT), Reverse DNS Software Apache / Resource Hash 7285a33fd0987f5d4217068f5b6b2e39ede7f73e3fc399c79599d5b028c83e87 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Wed, 12 Jul 2023 13:06:42 GMT Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff Content-Encoding gzip X-Permitted-Cross-Domain-Policies none Connection Keep-Alive Content-Length 493 X-XSS-Protection 1; mode=block Referrer-Policy no-referrer Last-Modified Thu, 23 Feb 2023 09:30:32 GMT Server Apache ETag "369-5f55aaa06fe00-gzip" X-Frame-Options SAMEORIGIN Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=15778463, immutable Accept-Ranges bytes X-Robots-Tag none Keep-Alive timeout=5, max=98 Expires Wed, 12 Jul 2023 13:06:42 GMT
GET H/1.1	200 OK	script.js Show response nextcloud.sec-consult.com/apps/files_rightclick/js/	15 KB 4 KB	24ms 23ms	Script application/javascript	185.238.32.141 TIMEWARP-AS
General Check archive.org Show headers Download Go to Full URL https://nextcloud.sec-consult.com/apps/files_rightclick/js/script.js?v=a804941a-27 Requested by Host: nextcloud.sec-consult.com URL: https://nextcloud.sec-consult.com/index.php/s/9xcbnspcyedgwsb/download?path=%2Fdllhijacking&files=temp.dll&downloadstartsecret=3xves4alpoo Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.238.32.141 , Austria, ASN207203 (TIMEWARP-AS, AT), Reverse DNS Software Apache / Resource Hash 2263fdb9b43029256cf21ee1a577e3d4cc91ae150949200c05733b19e1e15912 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Wed, 12 Jul 2023 13:06:42 GMT Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff Content-Encoding gzip X-Permitted-Cross-Domain-Policies none Connection Keep-Alive Content-Length 3219 X-XSS-Protection 1; mode=block Referrer-Policy no-referrer Last-Modified Thu, 23 Feb 2023 09:30:32 GMT Server Apache ETag "3a17-5f55aaa06fe00-gzip" X-Frame-Options SAMEORIGIN Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=15778463, immutable Accept-Ranges bytes X-Robots-Tag none Keep-Alive timeout=5, max=98 Expires Wed, 12 Jul 2023 13:06:42 GMT
GET H/1.1	200 OK	files.js Show response nextcloud.sec-consult.com/apps/files_rightclick/js/	5 KB 2 KB	24ms 21ms	Script application/javascript	185.238.32.141 TIMEWARP-AS
General Check archive.org Show headers Download Go to Full URL https://nextcloud.sec-consult.com/apps/files_rightclick/js/files.js?v=a804941a-27 Requested by Host: nextcloud.sec-consult.com URL: https://nextcloud.sec-consult.com/index.php/s/9xcbnspcyedgwsb/download?path=%2Fdllhijacking&files=temp.dll&downloadstartsecret=3xves4alpoo Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.238.32.141 , Austria, ASN207203 (TIMEWARP-AS, AT), Reverse DNS Software Apache / Resource Hash 8025ed63fff72b931370a8d1dfa3b0884555db5d9e240fc3bb21704e01e5e8cc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Wed, 12 Jul 2023 13:06:42 GMT Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff Content-Encoding gzip X-Permitted-Cross-Domain-Policies none Connection Keep-Alive Content-Length 1269 X-XSS-Protection 1; mode=block Referrer-Policy no-referrer Last-Modified Thu, 23 Feb 2023 09:30:32 GMT Server Apache ETag "12b0-5f55aaa06fe00-gzip" X-Frame-Options SAMEORIGIN Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=15778463, immutable Accept-Ranges bytes X-Robots-Tag none Keep-Alive timeout=5, max=95 Expires Wed, 12 Jul 2023 13:06:42 GMT
GET H/1.1	200 OK	de_DE.js Show response nextcloud.sec-consult.com/apps/theming/l10n/	11 KB 4 KB	27ms 21ms	Script application/javascript	185.238.32.141 TIMEWARP-AS
General Check archive.org Show headers Download Go to Full URL https://nextcloud.sec-consult.com/apps/theming/l10n/de_DE.js?v=a804941a-27 Requested by Host: nextcloud.sec-consult.com URL: https://nextcloud.sec-consult.com/index.php/s/9xcbnspcyedgwsb/download?path=%2Fdllhijacking&files=temp.dll&downloadstartsecret=3xves4alpoo Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.238.32.141 , Austria, ASN207203 (TIMEWARP-AS, AT), Reverse DNS Software Apache / Resource Hash d115edb82c94cd8a774d993d8ca1a249e924b84f876839a8b52517f53a93d144 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Wed, 12 Jul 2023 13:06:42 GMT Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff Content-Encoding gzip X-Permitted-Cross-Domain-Policies none Connection Keep-Alive Content-Length 3668 X-XSS-Protection 1; mode=block Referrer-Policy no-referrer Last-Modified Thu, 23 Feb 2023 09:30:20 GMT Server Apache ETag "2ae5-5f55aa94fe300-gzip" X-Frame-Options SAMEORIGIN Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=15778463, immutable Accept-Ranges bytes X-Robots-Tag none Keep-Alive timeout=5, max=97 Expires Wed, 12 Jul 2023 13:06:42 GMT
GET H/1.1	200 OK	theming.js Show response nextcloud.sec-consult.com/apps/theming/js/	60 B 719 B	22ms 21ms	Script application/javascript	185.238.32.141 TIMEWARP-AS
General Check archive.org Show headers Download Go to Full URL https://nextcloud.sec-consult.com/apps/theming/js/theming.js?v=a804941a-27 Requested by Host: nextcloud.sec-consult.com URL: https://nextcloud.sec-consult.com/index.php/s/9xcbnspcyedgwsb/download?path=%2Fdllhijacking&files=temp.dll&downloadstartsecret=3xves4alpoo Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.238.32.141 , Austria, ASN207203 (TIMEWARP-AS, AT), Reverse DNS Software Apache / Resource Hash ec4e73e49bca3f6e523c3dfd66e58fa157c81c4da5eb3fa0ceaa589ba8dc0785 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Wed, 12 Jul 2023 13:06:42 GMT Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff X-Permitted-Cross-Domain-Policies none Connection Keep-Alive Content-Length 60 X-XSS-Protection 1; mode=block Referrer-Policy no-referrer Last-Modified Thu, 23 Feb 2023 09:30:20 GMT Server Apache ETag "3c-5f55aa94fe300" X-Frame-Options SAMEORIGIN Content-Type application/javascript Cache-Control max-age=15778463, immutable Accept-Ranges bytes X-Robots-Tag none Keep-Alive timeout=5, max=93 Expires Wed, 12 Jul 2023 13:06:42 GMT
GET H/1.1	200 OK	default.css nextcloud.sec-consult.com/index.php/apps/theming/theme/	3 KB 2 KB	104ms 64ms	Stylesheet text/css	185.238.32.141 TIMEWARP-AS
General Check archive.org Show headers Download Go to Full URL https://nextcloud.sec-consult.com/index.php/apps/theming/theme/default.css?plain=1&v=bc33ea4e Requested by Host: nextcloud.sec-consult.com URL: https://nextcloud.sec-consult.com/index.php/s/9xcbnspcyedgwsb/download?path=%2Fdllhijacking&files=temp.dll&downloadstartsecret=3xves4alpoo Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.238.32.141 , Austria, ASN207203 (TIMEWARP-AS, AT), Reverse DNS Software Apache / Resource Hash ec6bc27e7ea3a16fb5fe24332651a99626c753829f8259e21a8d3fc128ff6317 Security Headers Name Value Content-Security-Policy default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none' Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Wed, 12 Jul 2023 13:06:41 GMT Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff Content-Security-Policy default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none' Content-Encoding gzip X-Permitted-Cross-Domain-Policies none Content-Disposition inline; filename="" Connection Keep-Alive Content-Length 1031 X-XSS-Protection 1; mode=block X-Request-Id gaJldM4dhNM0uOhYAKph Pragma private Referrer-Policy no-referrer Server Apache X-Frame-Options SAMEORIGIN Vary Accept-Encoding Content-Type text/css;charset=UTF-8 Cache-Control private, max-age=86400, must-revalidate Feature-Policy autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none' X-Robots-Tag none Keep-Alive timeout=5, max=100 Expires Thu, 13 Jul 2023 13:06:41 +0000
GET H/1.1	200 OK	light.css nextcloud.sec-consult.com/index.php/apps/theming/theme/	3 KB 2 KB	184ms 134ms	Stylesheet text/css	185.238.32.141 TIMEWARP-AS
General Check archive.org Show headers Download Go to Full URL https://nextcloud.sec-consult.com/index.php/apps/theming/theme/light.css?plain=1&v=bc33ea4e Requested by Host: nextcloud.sec-consult.com URL: https://nextcloud.sec-consult.com/index.php/s/9xcbnspcyedgwsb/download?path=%2Fdllhijacking&files=temp.dll&downloadstartsecret=3xves4alpoo Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.238.32.141 , Austria, ASN207203 (TIMEWARP-AS, AT), Reverse DNS Software Apache / Resource Hash ec6bc27e7ea3a16fb5fe24332651a99626c753829f8259e21a8d3fc128ff6317 Security Headers Name Value Content-Security-Policy default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none' Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Wed, 12 Jul 2023 13:06:41 GMT Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff Content-Security-Policy default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none' Content-Encoding gzip X-Permitted-Cross-Domain-Policies none Content-Disposition inline; filename="" Connection Keep-Alive Content-Length 1031 X-XSS-Protection 1; mode=block X-Request-Id 7TvTbJPJ6YqaJTgjdvTm Pragma private Referrer-Policy no-referrer Server Apache X-Frame-Options SAMEORIGIN Vary Accept-Encoding Content-Type text/css;charset=UTF-8 Cache-Control private, max-age=86400, must-revalidate Feature-Policy autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none' X-Robots-Tag none Keep-Alive timeout=5, max=100 Expires Thu, 13 Jul 2023 13:06:41 +0000
GET H/1.1	200 OK	light.css nextcloud.sec-consult.com/index.php/apps/theming/theme/	3 KB 2 KB	213ms 162ms	Stylesheet text/css	185.238.32.141 TIMEWARP-AS
General Check archive.org Show headers Download Go to Full URL https://nextcloud.sec-consult.com/index.php/apps/theming/theme/light.css?plain=0&v=bc33ea4e Requested by Host: nextcloud.sec-consult.com URL: https://nextcloud.sec-consult.com/index.php/s/9xcbnspcyedgwsb/download?path=%2Fdllhijacking&files=temp.dll&downloadstartsecret=3xves4alpoo Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.238.32.141 , Austria, ASN207203 (TIMEWARP-AS, AT), Reverse DNS Software Apache / Resource Hash 5e2f48346c94112768d3bd32cd59ab76f50cf669f3881fe2be939ae87dd2b966 Security Headers Name Value Content-Security-Policy default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none' Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Wed, 12 Jul 2023 13:06:41 GMT Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff Content-Security-Policy default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none' Content-Encoding gzip X-Permitted-Cross-Domain-Policies none Content-Disposition inline; filename="" Connection Keep-Alive Content-Length 1049 X-XSS-Protection 1; mode=block X-Request-Id 9s5lHFTUqJM1DnNezHHm Pragma private Referrer-Policy no-referrer Server Apache X-Frame-Options SAMEORIGIN Vary Accept-Encoding Content-Type text/css;charset=UTF-8 Cache-Control private, max-age=86400, must-revalidate Feature-Policy autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none' X-Robots-Tag none Keep-Alive timeout=5, max=100 Expires Thu, 13 Jul 2023 13:06:41 +0000
GET H/1.1	200 OK	dark.css nextcloud.sec-consult.com/index.php/apps/theming/theme/	3 KB 2 KB	177ms 126ms	Stylesheet text/css	185.238.32.141 TIMEWARP-AS
General Check archive.org Show headers Download Go to Full URL https://nextcloud.sec-consult.com/index.php/apps/theming/theme/dark.css?plain=0&v=bc33ea4e Requested by Host: nextcloud.sec-consult.com URL: https://nextcloud.sec-consult.com/index.php/s/9xcbnspcyedgwsb/download?path=%2Fdllhijacking&files=temp.dll&downloadstartsecret=3xves4alpoo Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.238.32.141 , Austria, ASN207203 (TIMEWARP-AS, AT), Reverse DNS Software Apache / Resource Hash a280f5bb501af8ca03219a30f1bd86f6350d7ad610e3577393bc9240d2380dc8 Security Headers Name Value Content-Security-Policy default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none' Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Wed, 12 Jul 2023 13:06:41 GMT Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff Content-Security-Policy default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none' Content-Encoding gzip X-Permitted-Cross-Domain-Policies none Content-Disposition inline; filename="" Connection Keep-Alive Content-Length 1038 X-XSS-Protection 1; mode=block X-Request-Id kgzWr6bv0M9ukglIIb14 Pragma private Referrer-Policy no-referrer Server Apache X-Frame-Options SAMEORIGIN Vary Accept-Encoding Content-Type text/css;charset=UTF-8 Cache-Control private, max-age=86400, must-revalidate Feature-Policy autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none' X-Robots-Tag none Keep-Alive timeout=5, max=97 Expires Thu, 13 Jul 2023 13:06:41 +0000
GET H/1.1	200 OK	light-highcontrast.css nextcloud.sec-consult.com/index.php/apps/theming/theme/	4 KB 2 KB	211ms 147ms	Stylesheet text/css	185.238.32.141 TIMEWARP-AS
General Check archive.org Show headers Download Go to Full URL https://nextcloud.sec-consult.com/index.php/apps/theming/theme/light-highcontrast.css?plain=0&v=bc33ea4e Requested by Host: nextcloud.sec-consult.com URL: https://nextcloud.sec-consult.com/index.php/s/9xcbnspcyedgwsb/download?path=%2Fdllhijacking&files=temp.dll&downloadstartsecret=3xves4alpoo Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.238.32.141 , Austria, ASN207203 (TIMEWARP-AS, AT), Reverse DNS Software Apache / Resource Hash cc79a2421fd504d9acebd76b6b7d867428d04e78a9d0c79b60907486c60913c3 Security Headers Name Value Content-Security-Policy default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none' Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Wed, 12 Jul 2023 13:06:41 GMT Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff Content-Security-Policy default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none' Content-Encoding gzip X-Permitted-Cross-Domain-Policies none Content-Disposition inline; filename="" Connection Keep-Alive Content-Length 1114 X-XSS-Protection 1; mode=block X-Request-Id pQqFknZHF3jQvP2RuyGx Pragma private Referrer-Policy no-referrer Server Apache X-Frame-Options SAMEORIGIN Vary Accept-Encoding Content-Type text/css;charset=UTF-8 Cache-Control private, max-age=86400, must-revalidate Feature-Policy autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none' X-Robots-Tag none Keep-Alive timeout=5, max=99 Expires Thu, 13 Jul 2023 13:06:41 +0000
GET H/1.1	200 OK	dark-highcontrast.css nextcloud.sec-consult.com/index.php/apps/theming/theme/	4 KB 2 KB	213ms 146ms	Stylesheet text/css	185.238.32.141 TIMEWARP-AS
General Check archive.org Show headers Download Go to Full URL https://nextcloud.sec-consult.com/index.php/apps/theming/theme/dark-highcontrast.css?plain=0&v=bc33ea4e Requested by Host: nextcloud.sec-consult.com URL: https://nextcloud.sec-consult.com/index.php/s/9xcbnspcyedgwsb/download?path=%2Fdllhijacking&files=temp.dll&downloadstartsecret=3xves4alpoo Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.238.32.141 , Austria, ASN207203 (TIMEWARP-AS, AT), Reverse DNS Software Apache / Resource Hash eadd819e81e6c7ef4534b43a9c826d3a16ecd5a0f54d53fade87fa6ce9b0ec2d Security Headers Name Value Content-Security-Policy default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none' Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Wed, 12 Jul 2023 13:06:41 GMT Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff Content-Security-Policy default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none' Content-Encoding gzip X-Permitted-Cross-Domain-Policies none Content-Disposition inline; filename="" Connection Keep-Alive Content-Length 1129 X-XSS-Protection 1; mode=block X-Request-Id A3rSNhYCHQX5LcHodn6i Pragma private Referrer-Policy no-referrer Server Apache X-Frame-Options SAMEORIGIN Vary Accept-Encoding Content-Type text/css;charset=UTF-8 Cache-Control private, max-age=86400, must-revalidate Feature-Policy autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none' X-Robots-Tag none Keep-Alive timeout=5, max=99 Expires Thu, 13 Jul 2023 13:06:41 +0000
GET H/1.1	200 OK	opendyslexic.css nextcloud.sec-consult.com/index.php/apps/theming/theme/	867 B 1 KB	209ms 104ms	Stylesheet text/css	185.238.32.141 TIMEWARP-AS
General Check archive.org Show headers Download Go to Full URL https://nextcloud.sec-consult.com/index.php/apps/theming/theme/opendyslexic.css?plain=0&v=bc33ea4e Requested by Host: nextcloud.sec-consult.com URL: https://nextcloud.sec-consult.com/index.php/s/9xcbnspcyedgwsb/download?path=%2Fdllhijacking&files=temp.dll&downloadstartsecret=3xves4alpoo Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.238.32.141 , Austria, ASN207203 (TIMEWARP-AS, AT), Reverse DNS Software Apache / Resource Hash 1f90b1cc10add6e6cf941ddcc78fc9ef4fe28d7478e49c000658dfc50fbf4258 Security Headers Name Value Content-Security-Policy default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none' Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Wed, 12 Jul 2023 13:06:41 GMT Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff Content-Security-Policy default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none' Content-Encoding gzip X-Permitted-Cross-Domain-Policies none Content-Disposition inline; filename="" Connection Keep-Alive Content-Length 331 X-XSS-Protection 1; mode=block X-Request-Id X0Sk99H28hqUJKk0KN6x Pragma private Referrer-Policy no-referrer Server Apache X-Frame-Options SAMEORIGIN Vary Accept-Encoding Content-Type text/css;charset=UTF-8 Cache-Control private, max-age=86400, must-revalidate Feature-Policy autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none' X-Robots-Tag none Keep-Alive timeout=5, max=99 Expires Thu, 13 Jul 2023 13:06:41 +0000
GET H/1.1	200 OK	icons.css nextcloud.sec-consult.com/dist/	212 KB 31 KB	172ms 24ms	Stylesheet text/css	185.238.32.141 TIMEWARP-AS
General Check archive.org Show headers Download Go to Full URL https://nextcloud.sec-consult.com/dist/icons.css Requested by Host: nextcloud.sec-consult.com URL: https://nextcloud.sec-consult.com/core/css/server.css?v=a804941a-27 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.238.32.141 , Austria, ASN207203 (TIMEWARP-AS, AT), Reverse DNS Software Apache / Resource Hash 6d14d306a071132f38a470e9ed5fb23a8e445faca6a093d75fc925e35e804bf3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Wed, 12 Jul 2023 13:06:41 GMT Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff Content-Encoding gzip X-Permitted-Cross-Domain-Policies none Connection Keep-Alive Content-Length 30980 X-XSS-Protection 1; mode=block Referrer-Policy no-referrer Last-Modified Thu, 23 Feb 2023 09:30:20 GMT Server Apache ETag "351b5-5f55aa94fe300-gzip" X-Frame-Options SAMEORIGIN Vary Accept-Encoding Content-Type text/css Cache-Control max-age=15778463, immutable Accept-Ranges bytes X-Robots-Tag none Keep-Alive timeout=5, max=96 Expires Wed, 12 Jul 2023 13:06:41 GMT
GET H/1.1	200 OK	dark.css nextcloud.sec-consult.com/index.php/apps/theming/theme/	3 KB 2 KB	68ms 66ms	Stylesheet text/css	185.238.32.141 TIMEWARP-AS
General Check archive.org Show headers Download Go to Full URL https://nextcloud.sec-consult.com/index.php/apps/theming/theme/dark.css?plain=1&v=bc33ea4e Requested by Host: nextcloud.sec-consult.com URL: https://nextcloud.sec-consult.com/index.php/s/9xcbnspcyedgwsb/download?path=%2Fdllhijacking&files=temp.dll&downloadstartsecret=3xves4alpoo Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.238.32.141 , Austria, ASN207203 (TIMEWARP-AS, AT), Reverse DNS Software Apache / Resource Hash 114c283ea03023c899975416e50c43b028f80c473e3873e139143200aa65734d Security Headers Name Value Content-Security-Policy default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none' Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Wed, 12 Jul 2023 13:06:42 GMT Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff Content-Security-Policy default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none' Content-Encoding gzip X-Permitted-Cross-Domain-Policies none Content-Disposition inline; filename="" Connection Keep-Alive Content-Length 1020 X-XSS-Protection 1; mode=block X-Request-Id 6qzuFOemfzx52zJgRJFI Pragma private Referrer-Policy no-referrer Server Apache X-Frame-Options SAMEORIGIN Vary Accept-Encoding Content-Type text/css;charset=UTF-8 Cache-Control private, max-age=86400, must-revalidate Feature-Policy autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none' X-Robots-Tag none Keep-Alive timeout=5, max=94 Expires Thu, 13 Jul 2023 13:06:42 +0000
GET H/1.1	200 OK	light-highcontrast.css nextcloud.sec-consult.com/index.php/apps/theming/theme/	3 KB 2 KB	111ms 109ms	Stylesheet text/css	185.238.32.141 TIMEWARP-AS
General Check archive.org Show headers Download Go to Full URL https://nextcloud.sec-consult.com/index.php/apps/theming/theme/light-highcontrast.css?plain=1&v=bc33ea4e Requested by Host: nextcloud.sec-consult.com URL: https://nextcloud.sec-consult.com/index.php/s/9xcbnspcyedgwsb/download?path=%2Fdllhijacking&files=temp.dll&downloadstartsecret=3xves4alpoo Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.238.32.141 , Austria, ASN207203 (TIMEWARP-AS, AT), Reverse DNS Software Apache / Resource Hash d2cb1a0706a387b3fda3cc820d8e6be86eeb9f8c7074c64b48dfa1c8482e93fd Security Headers Name Value Content-Security-Policy default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none' Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Wed, 12 Jul 2023 13:06:42 GMT Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff Content-Security-Policy default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none' Content-Encoding gzip X-Permitted-Cross-Domain-Policies none Content-Disposition inline; filename="" Connection Keep-Alive Content-Length 1094 X-XSS-Protection 1; mode=block X-Request-Id iwHlrUBUjfmXzQ7KieWQ Pragma private Referrer-Policy no-referrer Server Apache X-Frame-Options SAMEORIGIN Vary Accept-Encoding Content-Type text/css;charset=UTF-8 Cache-Control private, max-age=86400, must-revalidate Feature-Policy autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none' X-Robots-Tag none Keep-Alive timeout=5, max=97 Expires Thu, 13 Jul 2023 13:06:42 +0000
GET H/1.1	200 OK	dark-highcontrast.css nextcloud.sec-consult.com/index.php/apps/theming/theme/	3 KB 2 KB	95ms 94ms	Stylesheet text/css	185.238.32.141 TIMEWARP-AS
General Check archive.org Show headers Download Go to Full URL https://nextcloud.sec-consult.com/index.php/apps/theming/theme/dark-highcontrast.css?plain=1&v=bc33ea4e Requested by Host: nextcloud.sec-consult.com URL: https://nextcloud.sec-consult.com/index.php/s/9xcbnspcyedgwsb/download?path=%2Fdllhijacking&files=temp.dll&downloadstartsecret=3xves4alpoo Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.238.32.141 , Austria, ASN207203 (TIMEWARP-AS, AT), Reverse DNS Software Apache / Resource Hash 973a8603b04b7f8e8652785aee27d5d0c994d5335cbd7052f0b62a13a8a3812b Security Headers Name Value Content-Security-Policy default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none' Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Wed, 12 Jul 2023 13:06:42 GMT Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff Content-Security-Policy default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none' Content-Encoding gzip X-Permitted-Cross-Domain-Policies none Content-Disposition inline; filename="" Connection Keep-Alive Content-Length 1109 X-XSS-Protection 1; mode=block X-Request-Id bZzlWunVdxECms5BOjGi Pragma private Referrer-Policy no-referrer Server Apache X-Frame-Options SAMEORIGIN Vary Accept-Encoding Content-Type text/css;charset=UTF-8 Cache-Control private, max-age=86400, must-revalidate Feature-Policy autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none' X-Robots-Tag none Keep-Alive timeout=5, max=92 Expires Thu, 13 Jul 2023 13:06:42 +0000
GET H/1.1	200 OK	app-background.jpg nextcloud.sec-consult.com/core/img/	186 KB 186 KB	29ms 18ms	Image image/jpeg	185.238.32.141 TIMEWARP-AS
General Check archive.org Show headers Download Go to Show image Full URL https://nextcloud.sec-consult.com/core/img/app-background.jpg Requested by Host: nextcloud.sec-consult.com URL: https://nextcloud.sec-consult.com/core/css/server.css?v=a804941a-27 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.238.32.141 , Austria, ASN207203 (TIMEWARP-AS, AT), Reverse DNS Software Apache / Resource Hash 2f34636d12e5a59e6798cbece88456148131af4ca16946dab87db7ee47d53b4c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Wed, 12 Jul 2023 13:06:42 GMT Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff X-Permitted-Cross-Domain-Policies none Connection Keep-Alive Content-Length 190294 X-XSS-Protection 1; mode=block Referrer-Policy no-referrer Last-Modified Thu, 23 Feb 2023 09:30:20 GMT Server Apache ETag "2e756-5f55aa94fe300" X-Frame-Options SAMEORIGIN Content-Type image/jpeg Cache-Control max-age=15778463, immutable Accept-Ranges bytes X-Robots-Tag none Keep-Alive timeout=5, max=97 Expires Wed, 12 Jul 2023 13:06:42 GMT
GET H/1.1	200 OK	logo nextcloud.sec-consult.com/index.php/apps/theming/image/	97 KB 99 KB	70ms 58ms	Image image/png	185.238.32.141 TIMEWARP-AS
General Check archive.org Show headers Download Go to Show image Full URL https://nextcloud.sec-consult.com/index.php/apps/theming/image/logo?v=27 Requested by Host: nextcloud.sec-consult.com URL: https://nextcloud.sec-consult.com/core/css/guest.css?v=a804941a-27 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.238.32.141 , Austria, ASN207203 (TIMEWARP-AS, AT), Reverse DNS Software Apache / Resource Hash b84225c5363e73af224549d1646b1c6ced4908ea1d58221f33569d4a43040ce4 Security Headers Name Value Content-Security-Policy default-src 'none';base-uri 'none';manifest-src 'self';script-src 'nonce-cVAyMjhIY3NaTFBrbGJsUEQ5bURpU1ByMk1LRmRPVlhYS2R6bnZpWHY0VT06MG9yWHlSWjVOc1MxN000b2JMajB1UmJacjZmY0xLQVpiTkVEcjYzWTNhND0=';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src 'self' data:;connect-src 'self';media-src 'self';frame-src 'self';frame-ancestors 'self';form-action 'self' Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Date Wed, 12 Jul 2023 13:06:42 GMT Strict-Transport-Security max-age=31536000; includeSubdomains;, max-age=31536000 X-Content-Type-Options nosniff Content-Security-Policy default-src 'none';base-uri 'none';manifest-src 'self';script-src 'nonce-cVAyMjhIY3NaTFBrbGJsUEQ5bURpU1ByMk1LRmRPVlhYS2R6bnZpWHY0VT06MG9yWHlSWjVOc1MxN000b2JMajB1UmJacjZmY0xLQVpiTkVEcjYzWTNhND0=';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src 'self' data:;connect-src 'self';media-src 'self';frame-src 'self';frame-ancestors 'self';form-action 'self' X-Permitted-Cross-Domain-Policies none Content-Disposition attachment; filename="logo" Connection Keep-Alive Content-Length 99675 X-XSS-Protection 1; mode=block X-Request-Id 7r3gsLIrXxDLXJvoVYBS Pragma private Referrer-Policy no-referrer Last-Modified Fri, 20 Jan 2023 09:34:34 +0000 Server Apache ETag "ebfac5edc9b12bf143a8e15d11fca5c0" X-Frame-Options SAMEORIGIN Content-Type image/png Cache-Control private, max-age=3600, must-revalidate Feature-Policy autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none' X-Robots-Tag none Keep-Alive timeout=5, max=94 Expires Wed, 12 Jul 2023 14:06:42 +0000
GET DATA	200 OK	truncated /	243 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 15d2b03b6d4ff99be116ee1f33585b3fd3b9f17823c6902e0d266df7f55a7194 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Content-Type image/svg+xml

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend boolean| _oc_debug boolean| _oc_isadmin boolean| backendAllowsPasswordConfirmation boolean| oc_dataURL string| _oc_webroot object| _oc_appswebroots string| datepickerFormatDate number| nc_lastLogin number| nc_pageLoad object| dayNames object| dayNamesShort object| dayNamesMin object| monthNames object| monthNamesShort number| firstDay object| _oc_config object| oc_appconfig object| _theme object| webpackChunknextcloud function| clearImmediate function| setImmediate object| regeneratorRuntime function| applyFocusVisiblePolyfill object| _nc_event_bus object| process object| Backbone object| dav object| _oc_l10n_registry_translations object| _oc_l10n_registry_plural_functions object| Select2 function| Snap function| _ object| OC object| OCP object| OCA function| t function| n object| RightClick

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			nextcloud.sec-consult.com/	1969-12-31 23:59:59	Name: oc_sessionPassphrase Value: c3T0doVYb6stUdtxbg%2FZB4D4cMrz2Jo7DC3yx3ka7wBVMtV4uQ068ipBBG4v3VPEiNtkByjABwQqBpxglesHTxYjNDgFBLgcbqsjE9sxPFZnG8V2Eau6ahRi3c5DzV5d
			nextcloud.sec-consult.com/	1969-12-31 23:59:59	Name: oca6ag097e35 Value: tadacgqpvusva4ib916rcr3028
			nextcloud.sec-consult.com/	1970-01-20 22:48:47	Name: __Host-nc_sameSiteCookielax Value: true
			nextcloud.sec-consult.com/	1970-01-20 22:48:47	Name: __Host-nc_sameSiteCookiestrict Value: true

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://nextcloud.sec-consult.com/index.php/s/9xcbnspcyedgwsb/download?path=%2Fdllhijacking&files=temp.dll&downloadstartsecret=3xves4alpoo Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'none';base-uri 'none';manifest-src 'self';script-src 'nonce-ZThjME5kTHV4SlNWbnF6VGNOUUttMkpkM2FSK0p0Q2xiZ2pzeWtMdEZ4WT06QWJCVkRMTzdsdVBFNTl1MEU3VjlxMWR2cXNFbmZwWHJYbjZjK3hlaWRUMD0=';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src 'self' data:;connect-src 'self';media-src 'self';frame-src 'self';frame-ancestors 'self';form-action 'self'
Strict-Transport-Security	max-age=31536000; includeSubdomains; max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

nextcloud.sec-consult.com
185.238.32.141
0bcabf4f18dcc9247c7193f68dc6b7e97c5ed1d0b44c6a65718bf5f1774306b6
114c283ea03023c899975416e50c43b028f80c473e3873e139143200aa65734d
15d2b03b6d4ff99be116ee1f33585b3fd3b9f17823c6902e0d266df7f55a7194
1889e20598b510771e1c2c378ce8cc073fd2e1f6cdaa9c65a9031a68514d5e02
1f90b1cc10add6e6cf941ddcc78fc9ef4fe28d7478e49c000658dfc50fbf4258
2263fdb9b43029256cf21ee1a577e3d4cc91ae150949200c05733b19e1e15912
2d1f3b92d7591b69a06cb8bd6cda8e4d2fa4ed9ebb470488990780a2423d0bb7
2f34636d12e5a59e6798cbece88456148131af4ca16946dab87db7ee47d53b4c
43f794c27ef65cfb79270d3eca9512e0b7e5646d41035b0d9055df3bcf99d5a6
5aa81a1437f7064ff4e0e0279150b418837453fa43b2f6353b06283701b67491
5e2f48346c94112768d3bd32cd59ab76f50cf669f3881fe2be939ae87dd2b966
5fc9d9568976eab1260de67055d73f200fd729254477e3c34b19eaff26734bfc
63ad0429ee8be049105bb6ce51ad475f46c296f6607acde9e5ad70c872c8bbe6
6d14d306a071132f38a470e9ed5fb23a8e445faca6a093d75fc925e35e804bf3
6e31f758314d2748c68e8db4aafbc5c6c26574ed21dee3c191e900ddba223d60
7285a33fd0987f5d4217068f5b6b2e39ede7f73e3fc399c79599d5b028c83e87
8025ed63fff72b931370a8d1dfa3b0884555db5d9e240fc3bb21704e01e5e8cc
973a8603b04b7f8e8652785aee27d5d0c994d5335cbd7052f0b62a13a8a3812b
9a566672ddb405f6799a4422413575e6b78ea496529627da232be387cbeee276
a280f5bb501af8ca03219a30f1bd86f6350d7ad610e3577393bc9240d2380dc8
b84225c5363e73af224549d1646b1c6ced4908ea1d58221f33569d4a43040ce4
c56b39b2ad56f51730873b281fa0f43846db6d25b2eea1b3f7983b5e88ec5354
cc79a2421fd504d9acebd76b6b7d867428d04e78a9d0c79b60907486c60913c3
cdbebd7ee53f1d2022a1336eba9d1eb4c4f7025e28df788cc9a482c8f74234d9
d115edb82c94cd8a774d993d8ca1a249e924b84f876839a8b52517f53a93d144
d2cb1a0706a387b3fda3cc820d8e6be86eeb9f8c7074c64b48dfa1c8482e93fd
eadd819e81e6c7ef4534b43a9c826d3a16ecd5a0f54d53fade87fa6ce9b0ec2d
ec4e73e49bca3f6e523c3dfd66e58fa157c81c4da5eb3fa0ceaa589ba8dc0785
ec6bc27e7ea3a16fb5fe24332651a99626c753829f8259e21a8d3fc128ff6317
f22790f76aae64e16a784593f3e1af18cc6ffb0898a8b0a49d2cecbf2bc7d884
f50cae237c429ddad74b70172f04bda4081ff48fa400c7af60e31edb984ad1be