nethunter.bounceme.net/nextcloud/index.php/s/eqjwwekllelknzd/download?path=/&files=aact_x86_64~4.2.5p.zip
81.200.243.121301 Moved Permanently 413 B URL HTTP/1.1 nethunter.bounceme.net/nextcloud/index.php/s/eqjwwekllelknzd/download?path=/&files=aact_x86_64~4.2.5p.zip
IP 81.200.243.121:0
ASN #41148 Zolotaya Linia Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7777cf564166e12baeefe596f42c586a
0351277fa189fb5f74c080811a6f294c7512aaec
50ff4aa646cce9d1de66645c3799ecc6253b65624bdefefc327896c1fdb59eff
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /nextcloud/index.php/s/eqjwwekllelknzd/download?path=/&files=aact_x86_64~4.2.5p.zip HTTP/1.1
Host: nethunter.bounceme.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 30 Aug 2022 15:50:21 GMT
Server: Apache/2.4.54 (Debian)
Location: https://nethunter.bounceme.net/nextcloud/index.php/s/eqjwwekllelknzd/download?path=/&files=aact_x86_64~4.2.5p.zip
Content-Length: 413
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 30 Aug 2022 15:25:55 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: S5bG8NV6EZ3xq9s8TOgS27-A8g8qN37vElOkvf3sUQiLrYLZ_9l12w==
Age: 1466
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 517693963cc46e7a35a054296d0edfd5
11dfcd7e118e5f8d31e664e56ac29c57f973b8b3
ece269e8b9be8a5839d75c1343823d68b96930c593c2e3e8d522999176ee3149
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ECE269E8B9BE8A5839D75C1343823D68B96930C593C2E3E8D522999176EE3149"
Last-Modified: Mon, 29 Aug 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9027
Expires: Tue, 30 Aug 2022 18:20:48 GMT
Date: Tue, 30 Aug 2022 15:50:21 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 29 Aug 2022 22:35:59 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TPovQ0aVNNlqOMWw3w7q5ldfeiGGU1bVZNmNfSHWNh0XdslHrnXTdQ==
age: 62063
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 30 Aug 2022 15:50:21 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash bfe06afa751048449c0538e5119d1486
f9c6829a0a350e4f69520c4fa9d0de3d6329b7b3
46bc87c54a07fdf8d106f8568995ac9d4f5b2402e15067594385412655011e27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46BC87C54A07FDF8D106F8568995AC9D4F5B2402E15067594385412655011E27"
Last-Modified: Mon, 29 Aug 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21597
Expires: Tue, 30 Aug 2022 21:50:18 GMT
Date: Tue, 30 Aug 2022 15:50:21 GMT
Connection: keep-alive
nethunter.bounceme.net/nextcloud/index.php/s/eqjwwekllelknzd/download?path=/&files=aact_x86_64~4.2.5p.zip
81.200.243.121404 Not Found 25 kB URL HTTP/1.1 nethunter.bounceme.net/nextcloud/index.php/s/eqjwwekllelknzd/download?path=/&files=aact_x86_64~4.2.5p.zip
IP 81.200.243.121:0
ASN #41148 Zolotaya Linia Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11728)
Hash 956497f5ec42e4ca979b0c7a61117a85
aa79687a0a76f98d79efa4d46af2655f3f88f9a3
689eddc364afae2f486816d261b0fc36f133469aab89974b8a9e28d053356af4
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /nextcloud/index.php/s/eqjwwekllelknzd/download?path=/&files=aact_x86_64~4.2.5p.zip HTTP/1.1
Host: nethunter.bounceme.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 404 Not Found
Date: Tue, 30 Aug 2022 15:50:21 GMT
Server: Apache/2.4.54 (Debian)
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Set-Cookie: ocdy7rp8qooi=i2pjrmc4id331re3l81lc9tmvj; path=/nextcloud; secure; HttpOnly; SameSite=Lax
oc_sessionPassphrase=fXGHvGD36Pn1yo5OEr%2B2Fv3C2AQhWWjQse3mAkGxqXgYyYG3u6o1RhpA6%2BMLOPTGEmjtaNCHBnk%2BqO7uaIw1GgYwdG7zzq8zEPpoDKM0%2F6bADxcpBLEPpm88MydNi4kC; path=/nextcloud; secure; HttpOnly; SameSite=Lax
ocdy7rp8qooi=42hgh3m166gaonvg1cmfoaptf8; path=/nextcloud; secure; HttpOnly; SameSite=Lax
nc_sameSiteCookielax=true; path=/nextcloud; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=lax
nc_sameSiteCookiestrict=true; path=/nextcloud; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=strict
Content-Security-Policy: default-src 'none';base-uri 'none';manifest-src 'self';script-src 'nonce-V1c2QkUzTWxQb0xLVm0yTjVDbkZyYmZDeEd6c2dhT0NIcy9nSDFqWjJkOD06R3h1elpTbEtCKzZmSGdIb3MwcXMrNWlHaVNldXlNRHVTL2lzTEF1TWtlbz0=' blob:;style-src 'self' 'unsafe-inline';img-src 'self' data: blob: https://*.tile.openstreetmap.org;font-src 'self' data:;connect-src 'self' blob: stun.nextcloud.com:443;media-src 'self' blob:;frame-src 'self';child-src blob: 'self';frame-ancestors 'self';worker-src 'self' blob:;form-action 'self'
X-Request-Id: siNW4hUU67t6MRtK283r
Feature-Policy: autoplay 'self';camera 'self';fullscreen 'self';geolocation 'none';microphone 'self';payment 'none'
Content-Length: 24607
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
nethunter.bounceme.net/nextcloud/index.php/css/core/c991-d77e-server.css?v=a69bfa8dc79afac10f39c83934d5f116-d810e105-18
81.200.243.121200 OK 20 kB URL HTTP/1.1 nethunter.bounceme.net/nextcloud/index.php/css/core/c991-d77e-server.css?v=a69bfa8dc79afac10f39c83934d5f116-d810e105-18
IP 81.200.243.121:0
ASN #41148 Zolotaya Linia Ltd.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 04956430b958c1a1c8779af743bfe78d
e0eb4a16858ca71f92fab75364ab0cf7fdb7ad3c
1071a43c54533de044a2a5b463698f2b0a9c84fd8113d8f62b4412591f4f6172
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /nextcloud/index.php/css/core/c991-d77e-server.css?v=a69bfa8dc79afac10f39c83934d5f116-d810e105-18 HTTP/1.1
Host: nethunter.bounceme.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ocdy7rp8qooi=42hgh3m166gaonvg1cmfoaptf8; oc_sessionPassphrase=fXGHvGD36Pn1yo5OEr%2B2Fv3C2AQhWWjQse3mAkGxqXgYyYG3u6o1RhpA6%2BMLOPTGEmjtaNCHBnk%2BqO7uaIw1GgYwdG7zzq8zEPpoDKM0%2F6bADxcpBLEPpm88MydNi4kC; nc_sameSiteCookielax=true; nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 15:50:21 GMT
Server: Apache/2.4.54 (Debian)
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block
Expires: Wed, 30 Aug 2023 15:50:21 +0000
Cache-Control: max-age=31536000, immutable
Pragma: cache
Content-Security-Policy: default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'
Last-Modified: Thu, 18 Aug 2022 12:47:51 +0000
ETag: "5bb84694dd4509bc194e650dd4e226a7"
X-Request-Id: eFEVxfbQtlmFIWJYq4AL
Feature-Policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
Content-Disposition: inline; filename="c991-d77e-server.css.gzip"
Content-Encoding: gzip
Content-Length: 19865
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css;charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 30 Aug 2022 15:17:12 GMT
Cache-Control: max-age=3600
Expires: Tue, 30 Aug 2022 15:23:34 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: xSwHQQ5Lt0W0GJRT7cumcI2QsZ5PfYgnL_HhjhgM8q5GDOlh1r1saw==
Age: 1990
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f67e41cdd7e5f2aa8f93d031979c9109
5f4c0093f9bf8f8e48e0d7f56ed31aba0c6f43f6
608e2b7d208977f18da12165c9eb1539656d7754dc49f3f687736151a4810e06
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2704
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 30 Aug 2022 15:50:22 GMT
Last-Modified: Tue, 30 Aug 2022 15:05:18 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
nethunter.bounceme.net/nextcloud/core/l10n/ru.js?v=d810e105-18
81.200.243.121200 OK 22 kB URL HTTP/1.1 nethunter.bounceme.net/nextcloud/core/l10n/ru.js?v=d810e105-18
IP 81.200.243.121:0
ASN #41148 Zolotaya Linia Ltd.
File type Unicode text, UTF-8 text, with very long lines (942)
Hash ad0d99285ae682e8a6bc77f39c227025
70ef648f2082317ea538d85985566776646e2056
34fe83777d2397be7c835f5167a1a55e8056dbfebd00170d5bf7dd6b68fbc750
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /nextcloud/core/l10n/ru.js?v=d810e105-18 HTTP/1.1
Host: nethunter.bounceme.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ocdy7rp8qooi=42hgh3m166gaonvg1cmfoaptf8; oc_sessionPassphrase=fXGHvGD36Pn1yo5OEr%2B2Fv3C2AQhWWjQse3mAkGxqXgYyYG3u6o1RhpA6%2BMLOPTGEmjtaNCHBnk%2BqO7uaIw1GgYwdG7zzq8zEPpoDKM0%2F6bADxcpBLEPpm88MydNi4kC; nc_sameSiteCookielax=true; nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 15:50:22 GMT
Server: Apache/2.4.54 (Debian)
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 11 Aug 2022 08:14:29 GMT
ETag: "13df5-5e5f2c127a340-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=15778463, immutable
Content-Length: 22234
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
nethunter.bounceme.net/nextcloud/apps/files_rightclick/css/app.css?v=198068b3-18
81.200.243.121200 OK 199 B URL HTTP/1.1 nethunter.bounceme.net/nextcloud/apps/files_rightclick/css/app.css?v=198068b3-18
IP 81.200.243.121:0
ASN #41148 Zolotaya Linia Ltd.
Hash 89f69b6cde83f8947ef73d1bfb8f26e6
d031de2d2fd084992e5130bfab2ba6cb6b990db4
097572e799fc98c94b5a4fd6ef2ae464fa0d7fa4913665619a91a49bdefbaa7d
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /nextcloud/apps/files_rightclick/css/app.css?v=198068b3-18 HTTP/1.1
Host: nethunter.bounceme.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ocdy7rp8qooi=42hgh3m166gaonvg1cmfoaptf8; oc_sessionPassphrase=fXGHvGD36Pn1yo5OEr%2B2Fv3C2AQhWWjQse3mAkGxqXgYyYG3u6o1RhpA6%2BMLOPTGEmjtaNCHBnk%2BqO7uaIw1GgYwdG7zzq8zEPpoDKM0%2F6bADxcpBLEPpm88MydNi4kC; nc_sameSiteCookielax=true; nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 15:50:22 GMT
Server: Apache/2.4.54 (Debian)
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 11 Aug 2022 08:14:41 GMT
ETag: "19c-5e5f2c1debe40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=15778463, immutable
Content-Length: 199
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
nethunter.bounceme.net/nextcloud/core/css/guest.css?v=d810e105-18
81.200.243.121200 OK 5.6 kB URL HTTP/1.1 nethunter.bounceme.net/nextcloud/core/css/guest.css?v=d810e105-18
IP 81.200.243.121:0
ASN #41148 Zolotaya Linia Ltd.
File type ASCII text, with very long lines (455)
Hash 34f8a14b49950a1bd14a26be95fef37e
ae7fd479ad40aac920a164686dc8594fc0b64ca0
dbf7c564353cedec1e0f691b3d6fb74dc8242c699e8eae3c8c004d6966e6a5be
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /nextcloud/core/css/guest.css?v=d810e105-18 HTTP/1.1
Host: nethunter.bounceme.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ocdy7rp8qooi=42hgh3m166gaonvg1cmfoaptf8; oc_sessionPassphrase=fXGHvGD36Pn1yo5OEr%2B2Fv3C2AQhWWjQse3mAkGxqXgYyYG3u6o1RhpA6%2BMLOPTGEmjtaNCHBnk%2BqO7uaIw1GgYwdG7zzq8zEPpoDKM0%2F6bADxcpBLEPpm88MydNi4kC; nc_sameSiteCookielax=true; nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 15:50:22 GMT
Server: Apache/2.4.54 (Debian)
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 11 Aug 2022 08:14:29 GMT
ETag: "546c-5e5f2c127a340-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=15778463, immutable
Content-Length: 5613
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
nethunter.bounceme.net/nextcloud/index.php/css/core/c991-d77e-css-variables.css?v=a69bfa8dc79afac10f39c83934d5f116-d810e105-18
81.200.243.121200 OK 724 B URL HTTP/1.1 nethunter.bounceme.net/nextcloud/index.php/css/core/c991-d77e-css-variables.css?v=a69bfa8dc79afac10f39c83934d5f116-d810e105-18
IP 81.200.243.121:0
ASN #41148 Zolotaya Linia Ltd.
File type ASCII text, with very long lines (1905), with no line terminators
Hash 12dbd77d91e7352d7b2908404fc036ba
509fa51230b561403bdb72c7143bae116dde1116
89c840731bf4ef430cadf52954574e8ff281927eaa4cabd6a4d9facc9518bdf7
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /nextcloud/index.php/css/core/c991-d77e-css-variables.css?v=a69bfa8dc79afac10f39c83934d5f116-d810e105-18 HTTP/1.1
Host: nethunter.bounceme.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ocdy7rp8qooi=42hgh3m166gaonvg1cmfoaptf8; oc_sessionPassphrase=fXGHvGD36Pn1yo5OEr%2B2Fv3C2AQhWWjQse3mAkGxqXgYyYG3u6o1RhpA6%2BMLOPTGEmjtaNCHBnk%2BqO7uaIw1GgYwdG7zzq8zEPpoDKM0%2F6bADxcpBLEPpm88MydNi4kC; nc_sameSiteCookielax=true; nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 15:50:22 GMT
Server: Apache/2.4.54 (Debian)
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block
Expires: Wed, 30 Aug 2023 15:50:22 +0000
Cache-Control: max-age=31536000, immutable
Pragma: cache
Content-Security-Policy: default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'
Last-Modified: Thu, 18 Aug 2022 12:47:51 +0000
ETag: "d5b1e56c91184783d7059604602af0e5"
X-Request-Id: DHmvBJX5wyKP9tq46Jgn
Feature-Policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
Content-Disposition: inline; filename="c991-d77e-css-variables.css.gzip"
Content-Encoding: gzip
Content-Length: 724
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css;charset=UTF-8
nethunter.bounceme.net/nextcloud/dist/core-files_fileinfo.js?v=d810e105-18
81.200.243.121200 OK 521 B URL HTTP/1.1 nethunter.bounceme.net/nextcloud/dist/core-files_fileinfo.js?v=d810e105-18
IP 81.200.243.121:0
ASN #41148 Zolotaya Linia Ltd.
File type ASCII text, with very long lines (780)
Hash 2984216958203a850b9f1ed3494c4a8a
1cf9ec6c4b2b1e370660fa05450450569a7a49b0
3ec13208a2bba5f4ad2436a88092a23c85d95c76bfde05deeb453824e4ed8134
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /nextcloud/dist/core-files_fileinfo.js?v=d810e105-18 HTTP/1.1
Host: nethunter.bounceme.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ocdy7rp8qooi=42hgh3m166gaonvg1cmfoaptf8; oc_sessionPassphrase=fXGHvGD36Pn1yo5OEr%2B2Fv3C2AQhWWjQse3mAkGxqXgYyYG3u6o1RhpA6%2BMLOPTGEmjtaNCHBnk%2BqO7uaIw1GgYwdG7zzq8zEPpoDKM0%2F6bADxcpBLEPpm88MydNi4kC; nc_sameSiteCookielax=true; nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 15:50:22 GMT
Server: Apache/2.4.54 (Debian)
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 11 Aug 2022 08:14:29 GMT
ETag: "3a0-5e5f2c127a340-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=15778463, immutable
Content-Length: 521
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
nethunter.bounceme.net/nextcloud/dist/core-files_client.js?v=d810e105-18
81.200.243.121200 OK 4.3 kB URL HTTP/1.1 nethunter.bounceme.net/nextcloud/dist/core-files_client.js?v=d810e105-18
IP 81.200.243.121:0
ASN #41148 Zolotaya Linia Ltd.
File type ASCII text, with very long lines (12318)
Hash ece5d521ea05777c3e1dc05d14d9968d
6ad7061353b1c6b6bd9017024965dbef27793b2f
db485b677164226c7ae47b12810340c176082810fad34887ec8a79e0023db8bf
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /nextcloud/dist/core-files_client.js?v=d810e105-18 HTTP/1.1
Host: nethunter.bounceme.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ocdy7rp8qooi=42hgh3m166gaonvg1cmfoaptf8; oc_sessionPassphrase=fXGHvGD36Pn1yo5OEr%2B2Fv3C2AQhWWjQse3mAkGxqXgYyYG3u6o1RhpA6%2BMLOPTGEmjtaNCHBnk%2BqO7uaIw1GgYwdG7zzq8zEPpoDKM0%2F6bADxcpBLEPpm88MydNi4kC; nc_sameSiteCookielax=true; nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 15:50:22 GMT
Server: Apache/2.4.54 (Debian)
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 11 Aug 2022 08:14:29 GMT
ETag: "30ae-5e5f2c127a340-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=15778463, immutable
Content-Length: 4294
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
nethunter.bounceme.net/nextcloud/core/js/backgroundjobs.js?v=d810e105-18
81.200.243.121200 OK 608 B URL HTTP/1.1 nethunter.bounceme.net/nextcloud/core/js/backgroundjobs.js?v=d810e105-18
IP 81.200.243.121:0
ASN #41148 Zolotaya Linia Ltd.
Hash 6a448eb0636875dedeae1073ca40dd8a
c1d9f19a60a5324da265c536da938268d11c9ab2
e639a387d23754395538fcdd883febd5c8d821d6d4aab507591a35eba4f7fed5
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /nextcloud/core/js/backgroundjobs.js?v=d810e105-18 HTTP/1.1
Host: nethunter.bounceme.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ocdy7rp8qooi=42hgh3m166gaonvg1cmfoaptf8; oc_sessionPassphrase=fXGHvGD36Pn1yo5OEr%2B2Fv3C2AQhWWjQse3mAkGxqXgYyYG3u6o1RhpA6%2BMLOPTGEmjtaNCHBnk%2BqO7uaIw1GgYwdG7zzq8zEPpoDKM0%2F6bADxcpBLEPpm88MydNi4kC; nc_sameSiteCookielax=true; nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 15:50:22 GMT
Server: Apache/2.4.54 (Debian)
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 11 Aug 2022 08:14:29 GMT
ETag: "3af-5e5f2c127a340-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=15778463, immutable
Content-Length: 608
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
nethunter.bounceme.net/nextcloud/index.php/js/core/merged-template-prepend.js?v=d810e105-18
81.200.243.121200 OK 3.1 kB URL HTTP/1.1 nethunter.bounceme.net/nextcloud/index.php/js/core/merged-template-prepend.js?v=d810e105-18
IP 81.200.243.121:0
ASN #41148 Zolotaya Linia Ltd.
Hash 9ea2faef93a66a111807bd8427636654
e82570c5ce89397158d7ad34b0f628f57ef439bd
5a714ea86f3ce9eb59a67cd96e45939d55e0563ff848718beacdfd28f30fab03
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /nextcloud/index.php/js/core/merged-template-prepend.js?v=d810e105-18 HTTP/1.1
Host: nethunter.bounceme.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ocdy7rp8qooi=42hgh3m166gaonvg1cmfoaptf8; oc_sessionPassphrase=fXGHvGD36Pn1yo5OEr%2B2Fv3C2AQhWWjQse3mAkGxqXgYyYG3u6o1RhpA6%2BMLOPTGEmjtaNCHBnk%2BqO7uaIw1GgYwdG7zzq8zEPpoDKM0%2F6bADxcpBLEPpm88MydNi4kC; nc_sameSiteCookielax=true; nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 15:50:22 GMT
Server: Apache/2.4.54 (Debian)
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block
Expires: Wed, 30 Aug 2023 15:50:22 +0000
Cache-Control: max-age=31536000, immutable
Pragma: cache
Content-Security-Policy: default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'
Last-Modified: Thu, 18 Aug 2022 12:47:51 +0000
ETag: "04bc5f120ca2345b67a40fd86ee91034"
X-Request-Id: sr9ExhZyyJU8Q9yScvbi
Feature-Policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
Content-Disposition: inline; filename="merged-template-prepend.js.gzip"
Content-Encoding: gzip
Content-Length: 3054
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
nethunter.bounceme.net/nextcloud/apps/files_sharing/l10n/ru.js?v=d810e105-18
81.200.243.121200 OK 7.1 kB URL HTTP/1.1 nethunter.bounceme.net/nextcloud/apps/files_sharing/l10n/ru.js?v=d810e105-18
IP 81.200.243.121:0
ASN #41148 Zolotaya Linia Ltd.
File type Unicode text, UTF-8 text, with very long lines (1784)
Hash abbcb1d0aa5eefcf58331dd467dd97d9
4b7e4428c4e211f9ed5269d470164943c882f37e
8d12f87085991712c21a4e71214426ae1bf69b96120cf236ea2cd08a50a5eb12
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /nextcloud/apps/files_sharing/l10n/ru.js?v=d810e105-18 HTTP/1.1
Host: nethunter.bounceme.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ocdy7rp8qooi=42hgh3m166gaonvg1cmfoaptf8; oc_sessionPassphrase=fXGHvGD36Pn1yo5OEr%2B2Fv3C2AQhWWjQse3mAkGxqXgYyYG3u6o1RhpA6%2BMLOPTGEmjtaNCHBnk%2BqO7uaIw1GgYwdG7zzq8zEPpoDKM0%2F6bADxcpBLEPpm88MydNi4kC; nc_sameSiteCookielax=true; nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 15:50:22 GMT
Server: Apache/2.4.54 (Debian)
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 11 Aug 2022 08:14:29 GMT
ETag: "77a9-5e5f2c127a340-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=15778463, immutable
Content-Length: 7094
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
nethunter.bounceme.net/nextcloud/dist/files_sharing-main.js?v=d810e105-18
81.200.243.121200 OK 254 B URL HTTP/1.1 nethunter.bounceme.net/nextcloud/dist/files_sharing-main.js?v=d810e105-18
IP 81.200.243.121:0
ASN #41148 Zolotaya Linia Ltd.
Hash 06014f66b50759d5ee3e0d9545e619b0
79785bfd161e8ea91864107b1591c57ec73e7637
48e7749ba057f09c750eb9a4deeec5ba39960d5a1015e51354af5e7c742a6d0b
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /nextcloud/dist/files_sharing-main.js?v=d810e105-18 HTTP/1.1
Host: nethunter.bounceme.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ocdy7rp8qooi=42hgh3m166gaonvg1cmfoaptf8; oc_sessionPassphrase=fXGHvGD36Pn1yo5OEr%2B2Fv3C2AQhWWjQse3mAkGxqXgYyYG3u6o1RhpA6%2BMLOPTGEmjtaNCHBnk%2BqO7uaIw1GgYwdG7zzq8zEPpoDKM0%2F6bADxcpBLEPpm88MydNi4kC; nc_sameSiteCookielax=true; nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 15:50:22 GMT
Server: Apache/2.4.54 (Debian)
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 11 Aug 2022 08:14:29 GMT
ETag: "173-5e5f2c127a340-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=15778463, immutable
Content-Length: 254
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
nethunter.bounceme.net/nextcloud/dist/core-main.js?v=d810e105-18
81.200.243.121200 OK 48 kB URL HTTP/1.1 nethunter.bounceme.net/nextcloud/dist/core-main.js?v=d810e105-18
IP 81.200.243.121:0
ASN #41148 Zolotaya Linia Ltd.
File type Unicode text, UTF-8 text, with very long lines (65459)
Hash cb767df2730915d4e59e859502937370
822578db2228ceca35a6f1766abb01b038f57d07
d9ad4c8e9a76ce48d46c1a4023a4361adb76082105c3c893f8a3d9648c3bd0a8
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /nextcloud/dist/core-main.js?v=d810e105-18 HTTP/1.1
Host: nethunter.bounceme.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ocdy7rp8qooi=42hgh3m166gaonvg1cmfoaptf8; oc_sessionPassphrase=fXGHvGD36Pn1yo5OEr%2B2Fv3C2AQhWWjQse3mAkGxqXgYyYG3u6o1RhpA6%2BMLOPTGEmjtaNCHBnk%2BqO7uaIw1GgYwdG7zzq8zEPpoDKM0%2F6bADxcpBLEPpm88MydNi4kC; nc_sameSiteCookielax=true; nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 15:50:22 GMT
Server: Apache/2.4.54 (Debian)
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 11 Aug 2022 08:14:29 GMT
ETag: "219d9-5e5f2c127a340-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=15778463, immutable
Content-Length: 47869
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
nethunter.bounceme.net/nextcloud/apps/accessibility/l10n/ru.js?v=d810e105-18
81.200.243.121200 OK 1.7 kB URL HTTP/1.1 nethunter.bounceme.net/nextcloud/apps/accessibility/l10n/ru.js?v=d810e105-18
IP 81.200.243.121:0
ASN #41148 Zolotaya Linia Ltd.
File type Unicode text, UTF-8 text, with very long lines (749)
Hash 889025b32ff562b669999b83dedb9886
5b617e0e5cb09a843961cb29d0ea66d2ea0a6eaa
a69e27ddb3a4cbad4c1ed46abafa59d372a177614527ae5bc954bc40427e9a95
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /nextcloud/apps/accessibility/l10n/ru.js?v=d810e105-18 HTTP/1.1
Host: nethunter.bounceme.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ocdy7rp8qooi=42hgh3m166gaonvg1cmfoaptf8; oc_sessionPassphrase=fXGHvGD36Pn1yo5OEr%2B2Fv3C2AQhWWjQse3mAkGxqXgYyYG3u6o1RhpA6%2BMLOPTGEmjtaNCHBnk%2BqO7uaIw1GgYwdG7zzq8zEPpoDKM0%2F6bADxcpBLEPpm88MydNi4kC; nc_sameSiteCookielax=true; nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 15:50:22 GMT
Server: Apache/2.4.54 (Debian)
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 11 Aug 2022 08:14:29 GMT
ETag: "e6e-5e5f2c127a340-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=15778463, immutable
Content-Length: 1675
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
nethunter.bounceme.net/nextcloud/dist/accessibility-accessibilityoca.js?v=d810e105-18
81.200.243.121200 OK 1.2 kB URL HTTP/1.1 nethunter.bounceme.net/nextcloud/dist/accessibility-accessibilityoca.js?v=d810e105-18
IP 81.200.243.121:0
ASN #41148 Zolotaya Linia Ltd.
File type ASCII text, with very long lines (2340)
Hash 77a4adca9836dc01a11b3409a0c302db
b99d4551130d5928acd8c5291af4e4d4eb273b21
f860b5ad56d90003f7adf366d0a1997f41f44e39e778c0f0dc739c7c9510b92e
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /nextcloud/dist/accessibility-accessibilityoca.js?v=d810e105-18 HTTP/1.1
Host: nethunter.bounceme.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ocdy7rp8qooi=42hgh3m166gaonvg1cmfoaptf8; oc_sessionPassphrase=fXGHvGD36Pn1yo5OEr%2B2Fv3C2AQhWWjQse3mAkGxqXgYyYG3u6o1RhpA6%2BMLOPTGEmjtaNCHBnk%2BqO7uaIw1GgYwdG7zzq8zEPpoDKM0%2F6bADxcpBLEPpm88MydNi4kC; nc_sameSiteCookielax=true; nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 15:50:22 GMT
Server: Apache/2.4.54 (Debian)
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 11 Aug 2022 08:14:29 GMT
ETag: "9ce-5e5f2c127a340-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=15778463, immutable
Content-Length: 1243
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
nethunter.bounceme.net/nextcloud/apps/files_rightclick/l10n/ru.js?v=d810e105-18
81.200.243.121200 OK 697 B URL HTTP/1.1 nethunter.bounceme.net/nextcloud/apps/files_rightclick/l10n/ru.js?v=d810e105-18
IP 81.200.243.121:0
ASN #41148 Zolotaya Linia Ltd.
File type Unicode text, UTF-8 text, with very long lines (499)
Hash 361a6f69447757f788b77cd5c5a1edb1
89c868f693909c29b7a15416b6bd7c16fd76d4d6
3a375f67a24e53f6b83286cfb4222385432a06694c36c1b84deba15aabdd2e8a
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /nextcloud/apps/files_rightclick/l10n/ru.js?v=d810e105-18 HTTP/1.1
Host: nethunter.bounceme.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ocdy7rp8qooi=42hgh3m166gaonvg1cmfoaptf8; oc_sessionPassphrase=fXGHvGD36Pn1yo5OEr%2B2Fv3C2AQhWWjQse3mAkGxqXgYyYG3u6o1RhpA6%2BMLOPTGEmjtaNCHBnk%2BqO7uaIw1GgYwdG7zzq8zEPpoDKM0%2F6bADxcpBLEPpm88MydNi4kC; nc_sameSiteCookielax=true; nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 15:50:22 GMT
Server: Apache/2.4.54 (Debian)
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 11 Aug 2022 08:14:41 GMT
ETag: "537-5e5f2c1debe40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=15778463, immutable
Content-Length: 697
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
nethunter.bounceme.net/nextcloud/apps/files_rightclick/js/script.js?v=d810e105-18
81.200.243.121200 OK 3.2 kB URL HTTP/1.1 nethunter.bounceme.net/nextcloud/apps/files_rightclick/js/script.js?v=d810e105-18
IP 81.200.243.121:0
ASN #41148 Zolotaya Linia Ltd.
Hash bce0fcd585f1a08b04604260e87385ef
bd5beed3c82a2423d10a71f119d79391c593b786
68dab6b13a2093748fcbeabfe9998e6b821cee0cd8ec662e8fce56a2bb33805b
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /nextcloud/apps/files_rightclick/js/script.js?v=d810e105-18 HTTP/1.1
Host: nethunter.bounceme.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ocdy7rp8qooi=42hgh3m166gaonvg1cmfoaptf8; oc_sessionPassphrase=fXGHvGD36Pn1yo5OEr%2B2Fv3C2AQhWWjQse3mAkGxqXgYyYG3u6o1RhpA6%2BMLOPTGEmjtaNCHBnk%2BqO7uaIw1GgYwdG7zzq8zEPpoDKM0%2F6bADxcpBLEPpm88MydNi4kC; nc_sameSiteCookielax=true; nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 15:50:22 GMT
Server: Apache/2.4.54 (Debian)
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 11 Aug 2022 08:14:41 GMT
ETag: "3a17-5e5f2c1debe40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=15778463, immutable
Content-Length: 3219
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
nethunter.bounceme.net/nextcloud/apps/files_rightclick/js/files.js?v=d810e105-18
81.200.243.121200 OK 1.3 kB URL HTTP/1.1 nethunter.bounceme.net/nextcloud/apps/files_rightclick/js/files.js?v=d810e105-18
IP 81.200.243.121:0
ASN #41148 Zolotaya Linia Ltd.
Hash f90eaf01fa9b9ebfde54d4ebcb188835
dc02cd66d74c8045aedc10b881f763b1f0ab4dae
d2316a71b6f6b2b8c763166d11ba7cc7a34515ba60100090226623a4c0819d2a
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /nextcloud/apps/files_rightclick/js/files.js?v=d810e105-18 HTTP/1.1
Host: nethunter.bounceme.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ocdy7rp8qooi=42hgh3m166gaonvg1cmfoaptf8; oc_sessionPassphrase=fXGHvGD36Pn1yo5OEr%2B2Fv3C2AQhWWjQse3mAkGxqXgYyYG3u6o1RhpA6%2BMLOPTGEmjtaNCHBnk%2BqO7uaIw1GgYwdG7zzq8zEPpoDKM0%2F6bADxcpBLEPpm88MydNi4kC; nc_sameSiteCookielax=true; nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 15:50:22 GMT
Server: Apache/2.4.54 (Debian)
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 11 Aug 2022 08:14:41 GMT
ETag: "12a5-5e5f2c1debe40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=15778463, immutable
Content-Length: 1270
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
nethunter.bounceme.net/nextcloud/apps/theming/l10n/ru.js?v=d810e105-18
81.200.243.121200 OK 2.9 kB URL HTTP/1.1 nethunter.bounceme.net/nextcloud/apps/theming/l10n/ru.js?v=d810e105-18
IP 81.200.243.121:0
ASN #41148 Zolotaya Linia Ltd.
File type Unicode text, UTF-8 text, with very long lines (749)
Hash 0a3d156ab806ed4ca280125db6421dc7
e3835931e0a60fa5702b64bc26a0d4f499dcf17a
627d4fd395f27fc82488e7f6aaf569ba68d64913cff8e90bf46d50200ba3c696
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /nextcloud/apps/theming/l10n/ru.js?v=d810e105-18 HTTP/1.1
Host: nethunter.bounceme.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ocdy7rp8qooi=42hgh3m166gaonvg1cmfoaptf8; oc_sessionPassphrase=fXGHvGD36Pn1yo5OEr%2B2Fv3C2AQhWWjQse3mAkGxqXgYyYG3u6o1RhpA6%2BMLOPTGEmjtaNCHBnk%2BqO7uaIw1GgYwdG7zzq8zEPpoDKM0%2F6bADxcpBLEPpm88MydNi4kC; nc_sameSiteCookielax=true; nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 15:50:22 GMT
Server: Apache/2.4.54 (Debian)
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 11 Aug 2022 08:14:29 GMT
ETag: "1e7d-5e5f2c127a340-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=15778463, immutable
Content-Length: 2879
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
nethunter.bounceme.net/nextcloud/apps/theming/js/theming.js?v=d810e105-18
81.200.243.121200 OK 60 B URL HTTP/1.1 nethunter.bounceme.net/nextcloud/apps/theming/js/theming.js?v=d810e105-18
IP 81.200.243.121:0
ASN #41148 Zolotaya Linia Ltd.
Hash 44b0d37d24a2e33ca0b64b50f83cfd6a
1c09d10dcabf2c8fac03ea3b56852ca3feb58cb0
ec4e73e49bca3f6e523c3dfd66e58fa157c81c4da5eb3fa0ceaa589ba8dc0785
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /nextcloud/apps/theming/js/theming.js?v=d810e105-18 HTTP/1.1
Host: nethunter.bounceme.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ocdy7rp8qooi=42hgh3m166gaonvg1cmfoaptf8; oc_sessionPassphrase=fXGHvGD36Pn1yo5OEr%2B2Fv3C2AQhWWjQse3mAkGxqXgYyYG3u6o1RhpA6%2BMLOPTGEmjtaNCHBnk%2BqO7uaIw1GgYwdG7zzq8zEPpoDKM0%2F6bADxcpBLEPpm88MydNi4kC; nc_sameSiteCookielax=true; nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 15:50:22 GMT
Server: Apache/2.4.54 (Debian)
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 11 Aug 2022 08:14:29 GMT
ETag: "3c-5e5f2c127a340"
Accept-Ranges: bytes
Content-Length: 60
Cache-Control: max-age=15778463, immutable
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
nethunter.bounceme.net/nextcloud/index.php/apps/theming/styles?v=18
81.200.243.121200 OK 565 B URL HTTP/1.1 nethunter.bounceme.net/nextcloud/index.php/apps/theming/styles?v=18
IP 81.200.243.121:0
ASN #41148 Zolotaya Linia Ltd.
File type ASCII text, with very long lines (1879), with no line terminators
Hash ebaa995367b9afc6a233a667b657cfde
e4c81e064130dcb5717daf5ae45e7d8a459f21fe
52528a9e846a9cb982f4b71c33b79f917ab1b776fd337ebf9814626eae80f1ac
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /nextcloud/index.php/apps/theming/styles?v=18 HTTP/1.1
Host: nethunter.bounceme.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ocdy7rp8qooi=42hgh3m166gaonvg1cmfoaptf8; oc_sessionPassphrase=fXGHvGD36Pn1yo5OEr%2B2Fv3C2AQhWWjQse3mAkGxqXgYyYG3u6o1RhpA6%2BMLOPTGEmjtaNCHBnk%2BqO7uaIw1GgYwdG7zzq8zEPpoDKM0%2F6bADxcpBLEPpm88MydNi4kC; nc_sameSiteCookielax=true; nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 15:50:22 GMT
Server: Apache/2.4.54 (Debian)
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block
Expires: Wed, 31 Aug 2022 15:50:22 +0000
Cache-Control: private, max-age=86400, must-revalidate
Pragma: private
Content-Security-Policy: default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'
Last-Modified: Thu, 18 Aug 2022 12:47:51 +0000
ETag: "c87266e69f1ea4b0583061f96431edc6-gzip"
X-Request-Id: qJ0awlicbOAmYyXFe62U
Feature-Policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
Content-Disposition: inline; filename="d71e-d77e-theming.css"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 565
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css;charset=UTF-8
push.services.mozilla.com/
35.160.250.221101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.160.250.221:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 03ZCK+SoLsoip8VzWFQYOA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 2nd3TjJCn2/3ho7wwZticqxYW2c=
nethunter.bounceme.net/nextcloud/index.php/css/icons/icons-vars.css?v=1661825886
81.200.243.121200 OK 48 kB URL HTTP/1.1 nethunter.bounceme.net/nextcloud/index.php/css/icons/icons-vars.css?v=1661825886
IP 81.200.243.121:0
ASN #41148 Zolotaya Linia Ltd.
File type ASCII text, with very long lines (65528)
Hash 835835b6cb0df64d5a8281e5ac4fda04
c8681f5e358dee473f6ecdf5a398073681284a09
c330179f00dc177c8c6982bf85260af3d3fdd4fe6b2a0a0c671b8dd676a2b598
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /nextcloud/index.php/css/icons/icons-vars.css?v=1661825886 HTTP/1.1
Host: nethunter.bounceme.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ocdy7rp8qooi=42hgh3m166gaonvg1cmfoaptf8; oc_sessionPassphrase=fXGHvGD36Pn1yo5OEr%2B2Fv3C2AQhWWjQse3mAkGxqXgYyYG3u6o1RhpA6%2BMLOPTGEmjtaNCHBnk%2BqO7uaIw1GgYwdG7zzq8zEPpoDKM0%2F6bADxcpBLEPpm88MydNi4kC; nc_sameSiteCookielax=true; nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 15:50:22 GMT
Server: Apache/2.4.54 (Debian)
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block
Expires: Wed, 30 Aug 2023 15:50:22 +0000
Cache-Control: max-age=31536000, immutable
Pragma: cache
Content-Security-Policy: default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'
Last-Modified: Tue, 30 Aug 2022 02:18:06 +0000
ETag: "1cb43100f812a805f3e9467c96c047be-gzip"
X-Request-Id: pkktyiSNTVjMkt06fJEl
Feature-Policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
Content-Disposition: inline; filename="icons-vars.css"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 47525
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css;charset=UTF-8
nethunter.bounceme.net/nextcloud/index.php/apps/theming/image/logo?useSvg=1&v=18
81.200.243.121200 OK 42 kB URL HTTP/1.1 nethunter.bounceme.net/nextcloud/index.php/apps/theming/image/logo?useSvg=1&v=18
IP 81.200.243.121:0
ASN #41148 Zolotaya Linia Ltd.
File type PNG image data, 647 x 106, 16-bit/color RGBA, non-interlaced\012- data
Hash ceccd96550d952c5dc6e8d49cc0002e0
82097836584bec63f5dd68d6308a5c798729f478
c0e546a250590bc594555a08ea31e073e8238d2629496d3b7b954c74cb7f3056
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /nextcloud/index.php/apps/theming/image/logo?useSvg=1&v=18 HTTP/1.1
Host: nethunter.bounceme.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ocdy7rp8qooi=42hgh3m166gaonvg1cmfoaptf8; oc_sessionPassphrase=fXGHvGD36Pn1yo5OEr%2B2Fv3C2AQhWWjQse3mAkGxqXgYyYG3u6o1RhpA6%2BMLOPTGEmjtaNCHBnk%2BqO7uaIw1GgYwdG7zzq8zEPpoDKM0%2F6bADxcpBLEPpm88MydNi4kC; nc_sameSiteCookielax=true; nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 15:50:22 GMT
Server: Apache/2.4.54 (Debian)
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block
Expires: Tue, 30 Aug 2022 16:50:22 +0000
Cache-Control: private, max-age=3600, must-revalidate
Pragma: private
Content-Security-Policy: default-src 'none';base-uri 'none';manifest-src 'self';script-src 'nonce-QTdMVHd0K1JsL29MTjAyYkVOUmdQNU5mcHdMcmhRYXRraUI4UkxUVWFmND06UWNmaHRJWCtycFplZnlIK1I3Y0phYndiNmttcHpHWEJ4eGN3ZCtlQkljcz0=' blob:;style-src 'self' 'unsafe-inline';img-src 'self' data: blob: https://*.tile.openstreetmap.org;font-src 'self' data:;connect-src 'self' blob: stun.nextcloud.com:443;media-src 'self' blob:;frame-src 'self';child-src blob: 'self';frame-ancestors 'self';worker-src 'self' blob:;form-action 'self'
Last-Modified: Thu, 18 Aug 2022 12:47:51 +0000
ETag: "7429160f0a5f02251cf919f1c117bba5"
X-Request-Id: 7OcNaT9KzAy2mwgsjzSB
Feature-Policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
Content-Disposition: attachment; filename="logo"
Content-Length: 42498
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
nethunter.bounceme.net/nextcloud/dist/core-common.js?v=d810e105-18
81.200.243.121200 OK 2.1 MB URL HTTP/1.1 nethunter.bounceme.net/nextcloud/dist/core-common.js?v=d810e105-18
IP 81.200.243.121:0
ASN #41148 Zolotaya Linia Ltd.
File type Unicode text, UTF-8 text, with very long lines (65435)
Size 2.1 MB (2109222 bytes)
Hash c89700be8ffa86aee65691818e2a0df9
e8ea3ba9b54642bb0aa069439a5793f916569cd3
a7b36902f87f8b849bfc7b37bb72ce199f8f9f13b37fbec44dc87ba53b4d0773
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /nextcloud/dist/core-common.js?v=d810e105-18 HTTP/1.1
Host: nethunter.bounceme.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ocdy7rp8qooi=42hgh3m166gaonvg1cmfoaptf8; oc_sessionPassphrase=fXGHvGD36Pn1yo5OEr%2B2Fv3C2AQhWWjQse3mAkGxqXgYyYG3u6o1RhpA6%2BMLOPTGEmjtaNCHBnk%2BqO7uaIw1GgYwdG7zzq8zEPpoDKM0%2F6bADxcpBLEPpm88MydNi4kC; nc_sameSiteCookielax=true; nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 15:50:22 GMT
Server: Apache/2.4.54 (Debian)
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 11 Aug 2022 08:14:29 GMT
ETag: "86101d-5e5f2c127a340-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=15778463, immutable
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
nethunter.bounceme.net/nextcloud/index.php/apps/theming/image/logo?v=18
81.200.243.121200 OK 42 kB URL HTTP/1.1 nethunter.bounceme.net/nextcloud/index.php/apps/theming/image/logo?v=18
IP 81.200.243.121:0
ASN #41148 Zolotaya Linia Ltd.
File type PNG image data, 647 x 106, 16-bit/color RGBA, non-interlaced\012- data
Hash ceccd96550d952c5dc6e8d49cc0002e0
82097836584bec63f5dd68d6308a5c798729f478
c0e546a250590bc594555a08ea31e073e8238d2629496d3b7b954c74cb7f3056
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /nextcloud/index.php/apps/theming/image/logo?v=18 HTTP/1.1
Host: nethunter.bounceme.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ocdy7rp8qooi=42hgh3m166gaonvg1cmfoaptf8; oc_sessionPassphrase=fXGHvGD36Pn1yo5OEr%2B2Fv3C2AQhWWjQse3mAkGxqXgYyYG3u6o1RhpA6%2BMLOPTGEmjtaNCHBnk%2BqO7uaIw1GgYwdG7zzq8zEPpoDKM0%2F6bADxcpBLEPpm88MydNi4kC; nc_sameSiteCookielax=true; nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 15:50:22 GMT
Server: Apache/2.4.54 (Debian)
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block
Expires: Tue, 30 Aug 2022 16:50:22 +0000
Cache-Control: private, max-age=3600, must-revalidate
Pragma: private
Content-Security-Policy: default-src 'none';base-uri 'none';manifest-src 'self';script-src 'nonce-cndOUUlHVUhEVW03U2VDRDl0QmZEZS9pSVVhaFI3MHFxR3BTaTdlUjJQYz06N1haaVZqOW9OQ1h1QVl6bW9iTTJXOENtYkEzakR0NUcvVjBldU9URWtNST0=' blob:;style-src 'self' 'unsafe-inline';img-src 'self' data: blob: https://*.tile.openstreetmap.org;font-src 'self' data:;connect-src 'self' blob: stun.nextcloud.com:443;media-src 'self' blob:;frame-src 'self';child-src blob: 'self';frame-ancestors 'self';worker-src 'self' blob:;form-action 'self'
Last-Modified: Thu, 18 Aug 2022 12:47:51 +0000
ETag: "7429160f0a5f02251cf919f1c117bba5"
X-Request-Id: 1sZCdkZwGdcgBtTEPZO1
Feature-Policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
Content-Disposition: attachment; filename="logo"
Content-Length: 42498
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
nethunter.bounceme.net/nextcloud/index.php/apps/accessibility/css/user-a82fd95db10ff25dfad39f07372ebe37
81.200.243.121200 OK 4.3 kB URL HTTP/1.1 nethunter.bounceme.net/nextcloud/index.php/apps/accessibility/css/user-a82fd95db10ff25dfad39f07372ebe37
IP 81.200.243.121:0
ASN #41148 Zolotaya Linia Ltd.
File type ASCII text, with very long lines (28622)
Hash 5a0849f1d6a7fb7494871287902e0c94
eb80c157fc1b13d37dd0ca02a98cc6b330600b58
19fe43364e8e2c73ace374914a476d4b6dc60c32ed939bff65a54ceb9a6b04a7
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /nextcloud/index.php/apps/accessibility/css/user-a82fd95db10ff25dfad39f07372ebe37 HTTP/1.1
Host: nethunter.bounceme.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ocdy7rp8qooi=42hgh3m166gaonvg1cmfoaptf8; oc_sessionPassphrase=fXGHvGD36Pn1yo5OEr%2B2Fv3C2AQhWWjQse3mAkGxqXgYyYG3u6o1RhpA6%2BMLOPTGEmjtaNCHBnk%2BqO7uaIw1GgYwdG7zzq8zEPpoDKM0%2F6bADxcpBLEPpm88MydNi4kC; nc_sameSiteCookielax=true; nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 15:50:22 GMT
Server: Apache/2.4.54 (Debian)
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block
Expires: Wed, 30 Aug 2023 15:50:22 +0000
Cache-Control: max-age=31536000, immutable
Pragma: cache
Content-Security-Policy: default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'
X-Request-Id: clInFMhF8k1UBSLHxV9H
Feature-Policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
Content-Disposition: inline; filename=""
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4333
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css;charset=UTF-8
nethunter.bounceme.net/nextcloud/index.php/apps/theming/icon?v=18
81.200.243.121200 OK 18 kB URL HTTP/1.1 nethunter.bounceme.net/nextcloud/index.php/apps/theming/icon?v=18
IP 81.200.243.121:0
ASN #41148 Zolotaya Linia Ltd.
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Hash f004ca3071a00513d4df4b11e0e0d747
e199415e3120c7a9913f544d25eac7e2cdffda20
57ba956e3d45162ee599b2c0eba0cf700586641c431e43ff177e8a32d509a709
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /nextcloud/index.php/apps/theming/icon?v=18 HTTP/1.1
Host: nethunter.bounceme.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ocdy7rp8qooi=42hgh3m166gaonvg1cmfoaptf8; oc_sessionPassphrase=fXGHvGD36Pn1yo5OEr%2B2Fv3C2AQhWWjQse3mAkGxqXgYyYG3u6o1RhpA6%2BMLOPTGEmjtaNCHBnk%2BqO7uaIw1GgYwdG7zzq8zEPpoDKM0%2F6bADxcpBLEPpm88MydNi4kC; nc_sameSiteCookielax=true; nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 15:50:23 GMT
Server: Apache/2.4.54 (Debian)
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block
Expires: Wed, 31 Aug 2022 15:50:23 +0000
Cache-Control: private, max-age=86400, must-revalidate
Pragma: private
Content-Security-Policy: default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'
Last-Modified: Thu, 18 Aug 2022 12:47:51 +0000
ETag: "55d22d3f16f3738a670f0e796ffe7a5d"
X-Request-Id: ltw45mVBiWAi5vh39Ezn
Feature-Policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
Content-Disposition: inline; filename="touchIcon-core"
Content-Length: 18034
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
nethunter.bounceme.net/nextcloud/index.php/apps/theming/favicon?v=18
81.200.243.121200 OK 92 kB URL HTTP/1.1 nethunter.bounceme.net/nextcloud/index.php/apps/theming/favicon?v=18
IP 81.200.243.121:0
ASN #41148 Zolotaya Linia Ltd.
File type PNG image data, 1000 x 1000, 8-bit/color RGBA, non-interlaced\012- data
Hash e617c284cd17c7ab200d9d1d7e320f1b
f71dbb42d2d2ff61a6dee31650d3a3c578d2982e
923465959ff6028fac7983ed7e42f63fcced555941c50478e96d8e23f448f3bb
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /nextcloud/index.php/apps/theming/favicon?v=18 HTTP/1.1
Host: nethunter.bounceme.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ocdy7rp8qooi=42hgh3m166gaonvg1cmfoaptf8; oc_sessionPassphrase=fXGHvGD36Pn1yo5OEr%2B2Fv3C2AQhWWjQse3mAkGxqXgYyYG3u6o1RhpA6%2BMLOPTGEmjtaNCHBnk%2BqO7uaIw1GgYwdG7zzq8zEPpoDKM0%2F6bADxcpBLEPpm88MydNi4kC; nc_sameSiteCookielax=true; nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 15:50:23 GMT
Server: Apache/2.4.54 (Debian)
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block
Expires: Wed, 31 Aug 2022 15:50:23 +0000
Cache-Control: private, max-age=86400, must-revalidate
Pragma: private
Content-Security-Policy: default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'
Last-Modified: Thu, 18 Aug 2022 12:47:51 +0000
ETag: "a9c125bc438812c37a355081cd48d769"
X-Request-Id: h6VKoJ21CR3IFk7aTMV7
Feature-Policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
Content-Disposition: inline; filename="favicon.png"
Content-Length: 92418
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/x-icon
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 8483eb99dbd130593ed0072e2fbaccf9
fcb83f0b4a448f0b94b0bf9db431cc802413dacd
5e07e7bbf5dd7a48f9330dbc0248b7a1aa69dff7a9a913f493a384d2ec332f74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9765
Expires: Tue, 30 Aug 2022 18:33:08 GMT
Date: Tue, 30 Aug 2022 15:50:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 8483eb99dbd130593ed0072e2fbaccf9
fcb83f0b4a448f0b94b0bf9db431cc802413dacd
5e07e7bbf5dd7a48f9330dbc0248b7a1aa69dff7a9a913f493a384d2ec332f74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9765
Expires: Tue, 30 Aug 2022 18:33:08 GMT
Date: Tue, 30 Aug 2022 15:50:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 8483eb99dbd130593ed0072e2fbaccf9
fcb83f0b4a448f0b94b0bf9db431cc802413dacd
5e07e7bbf5dd7a48f9330dbc0248b7a1aa69dff7a9a913f493a384d2ec332f74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9765
Expires: Tue, 30 Aug 2022 18:33:08 GMT
Date: Tue, 30 Aug 2022 15:50:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 8483eb99dbd130593ed0072e2fbaccf9
fcb83f0b4a448f0b94b0bf9db431cc802413dacd
5e07e7bbf5dd7a48f9330dbc0248b7a1aa69dff7a9a913f493a384d2ec332f74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9765
Expires: Tue, 30 Aug 2022 18:33:08 GMT
Date: Tue, 30 Aug 2022 15:50:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 8483eb99dbd130593ed0072e2fbaccf9
fcb83f0b4a448f0b94b0bf9db431cc802413dacd
5e07e7bbf5dd7a48f9330dbc0248b7a1aa69dff7a9a913f493a384d2ec332f74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9765
Expires: Tue, 30 Aug 2022 18:33:08 GMT
Date: Tue, 30 Aug 2022 15:50:23 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac715f17-8b9a-495f-bc62-6136925908ac.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac715f17-8b9a-495f-bc62-6136925908ac.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7bfe221c6ea8b215ff7f30b28f7cd389
84b01ce7d173848c449e4332eb1fa1abe8ac307d
6c53f4d30d7f0f735c793f46ab25feb5767373718b6f92c7f13eeec8306b8ab5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac715f17-8b9a-495f-bc62-6136925908ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6405
x-amzn-requestid: 1c49054a-8058-48cc-8660-46e06070b23b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XYcDvEJ4oAMFkyw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630673b1-19d3c0a020e8efca51a1bb05;Sampled=0
x-amzn-remapped-date: Wed, 24 Aug 2022 18:53:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PZhzybMlkffQY1Tru6l6lk6u4E5AjJyQsY0AfiA3jnIMmiKftra-3g==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 29 Aug 2022 22:44:05 GMT
age: 61578
etag: "84b01ce7d173848c449e4332eb1fa1abe8ac307d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ed547f-030a-462d-a7c7-12a7748cf9c8.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ed547f-030a-462d-a7c7-12a7748cf9c8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91310bc1fb5ae0efa502a9bafe046399
ec2a4baf0a21c1738a541d89756cccd6f3bef5fd
5fe0511116c6bd2d6e668c69764905c3a5c93fa23a4dc207b0f4b1604783ceb6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ed547f-030a-462d-a7c7-12a7748cf9c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5925
x-amzn-requestid: fa7479ef-c5db-45ce-a973-a8831df14931
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XpS-ZFH1IAMFsFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630d31f5-1a9b0a43065d731b4cc61ed3;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 21:39:01 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: DBxGjmVUCTjHUrOzLWp37FwLUUo_5CykjgxAeCAaw1TlodWSmbnCrA==
via: 1.1 174acb08636ac7d9e9a778bbf1bcbc52.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 29 Aug 2022 21:46:33 GMT
age: 65030
etag: "ec2a4baf0a21c1738a541d89756cccd6f3bef5fd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb19e4053-4c42-4436-ba83-5e76fd16f5a4.webp
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb19e4053-4c42-4436-ba83-5e76fd16f5a4.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0502c5060f29d82fd10f9f79459e2ce0
110f2eecf72c6b89f250ebefeff5ef664dc2f3f6
f722656c432bbec2baa63b6edc4116c1996850462864456105d9fea9c3bc7ff4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb19e4053-4c42-4436-ba83-5e76fd16f5a4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10056
x-amzn-requestid: 2eb7bbf2-47ad-4f80-98e8-ecb45e98961b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xguh2H_woAMFXnQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6309c472-7dda060b4e7c81262aef3421;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 07:14:58 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 1cunCq4Z1J-oQSmTlcAtgfXO0A4_XpHKl2UHpRCbf75--3eHEIgZGQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Tue, 30 Aug 2022 07:36:27 GMT
age: 29636
etag: "110f2eecf72c6b89f250ebefeff5ef664dc2f3f6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3a7959a-ba16-4840-a4e4-ca7b2c6305c1.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3a7959a-ba16-4840-a4e4-ca7b2c6305c1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 76021ba70733e8d4647f29e4c990180c
66558c36958c9162188e7aeef27c38e0c4b37cdd
c5278295212999c6941d57d5cee8f4d33447302af0eb74985f5dae48434607c1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3a7959a-ba16-4840-a4e4-ca7b2c6305c1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10319
x-amzn-requestid: 4f0cb1b4-c2a6-410a-965c-4cc72459484a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XhG-yG-eIAMFbQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6309eb91-58fb7017711dd2a56fe5ef79;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 10:01:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: JcHN5unq1F9L9h2My0SFXdW-n06ebaRZ8jj0W0I67pTuddWWkJ9RkQ==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 29 Aug 2022 22:07:13 GMT
age: 63790
etag: "66558c36958c9162188e7aeef27c38e0c4b37cdd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa91a5094-5af6-430d-993d-243427b324ba.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa91a5094-5af6-430d-993d-243427b324ba.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 82bc1c69018845280d29653d6b2d6f8d
0c122f15422cab7ee3461e8fa657183ae54adcc5
e221638eff281c27ef4656f76e64963718186285c57e50a8958bd3065e662674
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa91a5094-5af6-430d-993d-243427b324ba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9980
x-amzn-requestid: b9f6b930-9c47-41b9-879d-ce239e39f033
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XpTMGHlNoAMFuoA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630d324d-72ea52c010dff34438bbca28;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 21:40:29 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: orq6ucCez7UBzTSPTyJR8u8ZYf1VOV_zPOLsJFvGD2jfiW0YJmxVSg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Mon, 29 Aug 2022 21:47:30 GMT
age: 64973
etag: "0c122f15422cab7ee3461e8fa657183ae54adcc5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67641144-189e-4213-b00d-7d27d45f0e9b.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67641144-189e-4213-b00d-7d27d45f0e9b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4aa2a22c2851d082acd55c1c9782cee9
20b6a116eb4d8a7c1321e09c7ad4d8aa1269603e
d0d6a3cc781786f5377191e2b1f3495ac76f4f8af7c56291f761a49a167b8726
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67641144-189e-4213-b00d-7d27d45f0e9b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8684
x-amzn-requestid: b1f808e9-a765-453f-a7cb-2054d3dd45e6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XpTRyGxKIAMFXkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630d3271-79de3e365428be651400d407;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 21:41:05 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ciFN36F5h8hh3JPmeHR2WtZQcb4F1OUZFUnwntZfTwgST3EkV9Vy1Q==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Mon, 29 Aug 2022 21:52:03 GMT
age: 64700
etag: "20b6a116eb4d8a7c1321e09c7ad4d8aa1269603e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
nethunter.bounceme.net/nextcloud/cron.php
81.200.243.121200 OK 20 B URL HTTP/1.1 nethunter.bounceme.net/nextcloud/cron.php
IP 81.200.243.121:0
ASN #41148 Zolotaya Linia Ltd.
File type JSON data\012- , ASCII text, with no line terminators
Hash 5820854f62a6eb3d38ba7ba0d1b3ea75
639df0b84fe699b4a290a713fd6b9a94bd4deb95
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /nextcloud/cron.php HTTP/1.1
Host: nethunter.bounceme.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
requesttoken: WW6BE3MlPoLKVm2N5CnFrbfCxGzsgaOCHs/gH1jZ2d8=:GxuzZSlKB+6fHgHos0qs+5iGiSeuyMDuS/isLAuMkeo=
OCS-APIREQUEST: true
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Cookie: ocdy7rp8qooi=42hgh3m166gaonvg1cmfoaptf8; oc_sessionPassphrase=fXGHvGD36Pn1yo5OEr%2B2Fv3C2AQhWWjQse3mAkGxqXgYyYG3u6o1RhpA6%2BMLOPTGEmjtaNCHBnk%2BqO7uaIw1GgYwdG7zzq8zEPpoDKM0%2F6bADxcpBLEPpm88MydNi4kC; nc_sameSiteCookielax=true; nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 15:50:24 GMT
Server: Apache/2.4.54 (Debian)
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Security-Policy: default-src 'self'; script-src 'self' 'nonce-MmowNXF6WWE2aVd2cENQUU1abHkxeVFKVWc2elQ4ZmJqRkczZGtEN1dVTT06bUVnTDNXeDEwMG42N0UrMVp2b2JnUXROSDBYeEJxUzMyV2I3UlJPdUVYWT0='; style-src 'self' 'unsafe-inline'; frame-src *; img-src * data: blob:; font-src 'self' data:; media-src *; connect-src *; object-src 'none'; base-uri 'self';
Content-Length: 20
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/json; charset=utf-8
nethunter.bounceme.net/nextcloud/index.php/apps/theming/image/background?v=18
81.200.243.121200 OK 0 B URL HTTP/1.1 nethunter.bounceme.net/nextcloud/index.php/apps/theming/image/background?v=18
IP 81.200.243.121:0
ASN #41148 Zolotaya Linia Ltd.
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /nextcloud/index.php/apps/theming/image/background?v=18 HTTP/1.1
Host: nethunter.bounceme.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ocdy7rp8qooi=42hgh3m166gaonvg1cmfoaptf8; oc_sessionPassphrase=fXGHvGD36Pn1yo5OEr%2B2Fv3C2AQhWWjQse3mAkGxqXgYyYG3u6o1RhpA6%2BMLOPTGEmjtaNCHBnk%2BqO7uaIw1GgYwdG7zzq8zEPpoDKM0%2F6bADxcpBLEPpm88MydNi4kC; nc_sameSiteCookielax=true; nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 30 Aug 2022 15:50:22 GMT
Server: Apache/2.4.54 (Debian)
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block
Expires: Tue, 30 Aug 2022 16:50:22 +0000
Cache-Control: private, max-age=3600, must-revalidate
Pragma: private
Content-Security-Policy: default-src 'none';base-uri 'none';manifest-src 'self';script-src 'nonce-RE9CWFN4aXBxT1ZqOEpIUStybGdhMjFTZWRrWU5kZnRSNmhncTdOQlZaTT06VHBWbFBVTEdrWWsydVAyMXJkb0pQVUlXTkpKYWZMU0JFcDhzbU9BVUhhWT0=' blob:;style-src 'self' 'unsafe-inline';img-src 'self' data: blob: https://*.tile.openstreetmap.org;font-src 'self' data:;connect-src 'self' blob: stun.nextcloud.com:443;media-src 'self' blob:;frame-src 'self';child-src blob: 'self';frame-ancestors 'self';worker-src 'self' blob:;form-action 'self'
Last-Modified: Thu, 18 Aug 2022 12:47:51 +0000
ETag: "f5408e831b96d3ae03b1f8b6b6b4d654"
X-Request-Id: aeMvFvNP1Xrt3qOy9uzy
Feature-Policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
Content-Disposition: attachment; filename="background"
Content-Length: 1302181
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg