Report - cloud.koenig.cx/

Report Overview

Submitted URL
cloud.koenig.cx/
IP
185.16.61.123
ASN
#197540 netcup GmbH
Submitted
2024-03-29 05:51:57
Access
public
Website Title
Login – DropBox
Final URL
cloud.koenig.cx/index.php/login
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
48

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cloud.koenig.cx	unknown	2006-09-19	2023-11-30	2024-03-27	22 kB	3.8 MB	185.16.61.123

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-03-28	medium	cloud.koenig.cx/	Dropbox, Inc.
2024-03-28	medium	cloud.koenig.cx/	Dropbox, Inc.
2024-03-28	medium	cloud.koenig.cx/	Dropbox, Inc.
2024-03-28	medium	cloud.koenig.cx/	Dropbox, Inc.
2024-03-28	medium	cloud.koenig.cx/	Dropbox, Inc.
2024-03-28	medium	cloud.koenig.cx/	Dropbox, Inc.
2024-03-28	medium	cloud.koenig.cx/	Dropbox, Inc.
2024-03-28	medium	cloud.koenig.cx/	Dropbox, Inc.
2024-03-28	medium	cloud.koenig.cx/	Dropbox, Inc.
2024-03-28	medium	cloud.koenig.cx/	Dropbox, Inc.
2024-03-28	medium	cloud.koenig.cx/	Dropbox, Inc.
2024-03-28	medium	cloud.koenig.cx/	Dropbox, Inc.
2024-03-28	medium	cloud.koenig.cx/	Dropbox, Inc.
2024-03-28	medium	cloud.koenig.cx/	Dropbox, Inc.
2024-03-28	medium	cloud.koenig.cx/	Dropbox, Inc.
2024-03-28	medium	cloud.koenig.cx/	Dropbox, Inc.
2024-03-28	medium	cloud.koenig.cx/	Dropbox, Inc.
2024-03-28	medium	cloud.koenig.cx/	Dropbox, Inc.
2024-03-28	medium	cloud.koenig.cx/	Dropbox, Inc.
2024-03-28	medium	cloud.koenig.cx/	Dropbox, Inc.
2024-03-28	medium	cloud.koenig.cx/	Dropbox, Inc.
2024-03-28	medium	cloud.koenig.cx/	Dropbox, Inc.
2024-03-28	medium	cloud.koenig.cx/	Dropbox, Inc.
2024-03-28	medium	cloud.koenig.cx/	Dropbox, Inc.

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (11)

	URL	Size	First Seen	Last Seen
	cloud.koenig.cx/index.php/login	4.2 kB	2024-03-29	2024-03-29
Pretty URL cloud.koenig.cx/index.php/login IP 185.16.61.123 ASN #197540 netcup GmbH Introduced by scriptElement Embedded in HTML true Observations First Seen2024-03-29 06:52:04 Last Seen2024-03-29 06:52:04 Times Seen1 Hash d3e3f950a856266b2e6039147fbf0029 42f6fce4ffc597bd222a833a9197236d1a25c7fc 2f29dc4b669ccc1bcc01c2ba732aa501e8243b3551cac8467cdadc901cbd858e Loading...

	cloud.koenig.cx/dist/core-files_client.js?v=8b619ef2-18	12 kB	2023-10-14	2024-03-31
Pretty URL cloud.koenig.cx/dist/core-files_client.js?v=8b619ef2-18 IP 185.16.61.123 ASN #197540 netcup GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-14 18:55:54 Last Seen2024-03-31 18:57:59 Times Seen99 Hash 408f293a74e50e0ec030c7345df037bf cb43615a71c486eed0db36bbe032acdd08f99eb4 3db6c808f95fb590010538e0aac80d544b66b4e264a850614da0bca8cb7f8dbe Loading...

	cloud.koenig.cx/index.php/js/core/merged-template-prepend.js?v=8b619ef2-18	12 kB	2023-03-08	2024-04-16
Pretty URL cloud.koenig.cx/index.php/js/core/merged-template-prepend.js?v=8b619ef2-18 IP 185.16.61.123 ASN #197540 netcup GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:48:27 Last Seen2024-04-16 20:07:25 Times Seen412 Hash e2c95eaabb507e3d8dfb8de151387d02 7c7d2af7bbe04c70f487cb84011e327cf56ad575 5aa81a1437f7064ff4e0e0279150b418837453fa43b2f6353b06283701b67491 Loading...

	cloud.koenig.cx/apps/theming/js/theming.js?v=8b619ef2-18	60 B	2023-03-07	2024-04-24
Pretty URL cloud.koenig.cx/apps/theming/js/theming.js?v=8b619ef2-18 IP 185.16.61.123 ASN #197540 netcup GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:52 Last Seen2024-04-24 16:15:35 Times Seen600 Hash 44b0d37d24a2e33ca0b64b50f83cfd6a 1c09d10dcabf2c8fac03ea3b56852ca3feb58cb0 ec4e73e49bca3f6e523c3dfd66e58fa157c81c4da5eb3fa0ceaa589ba8dc0785 Loading...

	cloud.koenig.cx/apps/files_rightclick/js/script.js?v=8b619ef2-18	15 kB	2023-03-07	2024-04-16
Pretty URL cloud.koenig.cx/apps/files_rightclick/js/script.js?v=8b619ef2-18 IP 185.16.61.123 ASN #197540 netcup GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:52 Last Seen2024-04-16 20:07:24 Times Seen504 Hash c96a8f5f25ef51f00b32b37b051fb4ce f117ec65e8387932c674908a30ab90d0a7f01eba 2263fdb9b43029256cf21ee1a577e3d4cc91ae150949200c05733b19e1e15912 Loading...

	cloud.koenig.cx/apps/files_rightclick/js/files.js?v=8b619ef2-18	4.8 kB	2023-07-29	2024-03-31
Pretty URL cloud.koenig.cx/apps/files_rightclick/js/files.js?v=8b619ef2-18 IP 185.16.61.123 ASN #197540 netcup GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-29 00:59:28 Last Seen2024-03-31 18:57:59 Times Seen179 Hash 1448ebf6f503c5cdde8e5a5123268e10 d27fd1343e79f02cdc3ce4187109259a65fdc54b 77cde93f5ccad1764912a90f7c9a291aad94411b71f1ab5fc669081839decb71 Loading...

	cloud.koenig.cx/dist/core-common.js?v=8b619ef2-18	16 MB	2024-03-05	2024-03-31
Pretty URL cloud.koenig.cx/dist/core-common.js?v=8b619ef2-18 IP 185.16.61.123 ASN #197540 netcup GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-05 18:03:59 Last Seen2024-03-31 18:57:59 Times Seen11 Hash 4929e520440bd3313e088ae201b725e7 26dd06dbf3691b566c01d521e651da16d14ffcd6 c949e1d669a80075c254fef7e746a0957de3bbd838b7092d3851f62ad75ccd4b Loading...

	cloud.koenig.cx/dist/core-main.js?v=8b619ef2-18	159 kB	2024-03-05	2024-03-31
Pretty URL cloud.koenig.cx/dist/core-main.js?v=8b619ef2-18 IP 185.16.61.123 ASN #197540 netcup GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-05 18:03:58 Last Seen2024-03-31 18:57:59 Times Seen12 Hash a11a4a96ec5eadb6a6c6da053d6ad561 bc36d5c215d15267860b0830cd2334ad01c37bf1 ea980a75f5abfdd63b737a8616c5ecf9cff0d7b21c19a902d7d7d2fccee53a48 Loading...

	cloud.koenig.cx/dist/core-files_fileinfo.js?v=8b619ef2-18	936 B	2023-06-25	2024-03-31
Pretty URL cloud.koenig.cx/dist/core-files_fileinfo.js?v=8b619ef2-18 IP 185.16.61.123 ASN #197540 netcup GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-25 11:03:47 Last Seen2024-03-31 18:57:59 Times Seen193 Hash 866fb1f4f594a1353ad5ecbe535a0b88 a499414e2b5191e8c1ae97a683c30fda52f519ff dd97cc05fe0564f3e1169033de18e2eea082d7cfa5db65553d68cb542d3c246e Loading...

	cloud.koenig.cx/dist/core-login.js?v=8b619ef2-18	100 kB	2024-03-05	2024-03-31
Pretty URL cloud.koenig.cx/dist/core-login.js?v=8b619ef2-18 IP 185.16.61.123 ASN #197540 netcup GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-05 18:04:00 Last Seen2024-03-31 18:57:59 Times Seen12 Hash 6ec7d873fd64f44e32129a9a9813a642 880005cc39fa2cf8fa60f9225f4a483505ee3477 7a6f89eac37351d434e4b7ccc17d29e99f26207c9c88dc3de26c76cf8988cc76 Loading...

	cloud.koenig.cx/dist/files_sharing-main.js?v=8b619ef2-18	397 B	2023-04-11	2024-03-31
Pretty URL cloud.koenig.cx/dist/files_sharing-main.js?v=8b619ef2-18 IP 185.16.61.123 ASN #197540 netcup GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 12:47:10 Last Seen2024-03-31 18:57:59 Times Seen270 Hash 8381fa39881b5c908f8eeb853fa57d6b 2ca28d40b3ecf96d458408534c6cc300fd98a652 0f6fb7f6a8c4d59f1a9ba85d9d7926ac147c87629074d490c4cf65853bc7bf4a Loading...

HTTP Transactions (32)

URL IP Response Size

cloud.koenig.cx/

185.16.61.123

302 Found

0 B

URL User Request GET HTTP/1.1
cloud.koenig.cx/
IP
185.16.61.123:443
ASN
#197540 netcup GmbH

Certificate
IssuerLet's Encrypt
Subjectcloud.obez.de
Fingerprint83:C7:7B:A9:C1:0A:9E:AC:DC:C3:AA:83:BE:F6:A2:4C:DD:DC:E8:05
ValidityThu, 01 Feb 2024 10:14:25 GMT - Wed, 01 May 2024 10:14:24 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Dropbox, Inc.

HTTP Headers

GET / HTTP/1.1
Host: cloud.koenig.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Fri, 29 Mar 2024 05:51:24 GMT
Server: Apache/2.4.57 (Debian)
Content-Security-Policy: default-src 'self'; script-src 'self' 'nonce-eGxMcVVlZ2lMdzFyakVueEtRN2ljK3pkZ2V4RENFdTZpRlZkek9iMHBIQT06cFFxckZxMUlWa3RTemh5NVRGMk5DWU9GNk1kc1JocU93aUJraTU2TzFUUT0='; style-src 'self' 'unsafe-inline'; frame-src *; img-src * data: blob:; font-src 'self' data:; media-src *; connect-src *; object-src 'none'; base-uri 'self';
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: oc_sessionPassphrase=ZjubBcTT4wdvNAzk5GEdBLFh%2BD6C4SvE4v5fk3Ew7%2F5JPwPoJkuQ0sn0YajtZd14oDXQ5TjljNZyrjzUHM4jhg%2BCKw6HDcjWNW%2FJUlWSXg1dp3peGj4JBFW1ChHIYUaA; path=/; secure; HttpOnly; SameSite=Lax
__Host-nc_sameSiteCookielax=true; path=/; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=lax
__Host-nc_sameSiteCookiestrict=true; path=/; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=strict
ocu5nkyxm8p0=45b2p98k60hn4n04tao1lgmj7v; path=/; secure; HttpOnly; SameSite=Lax
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block
Location: https://cloud.koenig.cx/index.php/login
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

cloud.koenig.cx/index.php/login

185.16.61.123

200 OK

7.6 kB

URL User Request GET HTTP/1.1
cloud.koenig.cx/index.php/login
IP
185.16.61.123:443
ASN
#197540 netcup GmbH

Certificate
IssuerLet's Encrypt
Subjectcloud.obez.de
Fingerprint83:C7:7B:A9:C1:0A:9E:AC:DC:C3:AA:83:BE:F6:A2:4C:DD:DC:E8:05
ValidityThu, 01 Feb 2024 10:14:25 GMT - Wed, 01 May 2024 10:14:24 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (8480)
Size
7.6 kB (7612 bytes)
Hash
a45811e3eba9449d04e9120f4ce1f27e
029c847ea4307088d52af9ba6a3dce562f7a3ddc
6d32c35867640534d8e4a5b219487df8535e9a5d0298f561875ab4a51e7f8612

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Dropbox, Inc.

HTTP Headers

GET /index.php/login HTTP/1.1
Host: cloud.koenig.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: oc_sessionPassphrase=ZjubBcTT4wdvNAzk5GEdBLFh%2BD6C4SvE4v5fk3Ew7%2F5JPwPoJkuQ0sn0YajtZd14oDXQ5TjljNZyrjzUHM4jhg%2BCKw6HDcjWNW%2FJUlWSXg1dp3peGj4JBFW1ChHIYUaA; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; ocu5nkyxm8p0=45b2p98k60hn4n04tao1lgmj7v
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 05:51:24 GMT
Server: Apache/2.4.57 (Debian)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Request-Id: HoB6fRRc9V4aCfNs9Hfl
Content-Encoding: gzip
Content-Security-Policy: default-src 'none';base-uri 'none';manifest-src 'self';script-src 'nonce-SjlTTGU5OVpTempKd01IYnFId25lcjRTTWNvOGFMeHhwZGV3dll0WGhEUT06Ukl6S1BKb3pNbjd3Z3BTVHpTOUlBTkZLV09FVEp1MUY3NktKK3ZNdDlYQT0=' blob:;style-src 'self' 'unsafe-inline';img-src 'self' data: blob: https://*.tile.openstreetmap.org;font-src 'self' data:;connect-src 'self' blob: stun.nextcloud.com:443 turn.obez.de:3478;media-src 'self' blob:;frame-src 'self';child-src blob: 'self';frame-ancestors 'self';worker-src blob: 'self';form-action 'self'
Feature-Policy: autoplay 'self';camera 'self';fullscreen 'self';geolocation 'none';microphone 'self';payment 'none'
X-Robots-Tag: noindex, nofollow
Set-Cookie: ocu5nkyxm8p0=45b2p98k60hn4n04tao1lgmj7v; path=/; secure; HttpOnly; SameSite=Lax
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block
Content-Length: 7612
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

cloud.koenig.cx/core/css/server.css?v=8b619ef2-18

185.16.61.123

200 OK

18 kB

URL GET HTTP/1.1
cloud.koenig.cx/core/css/server.css?v=8b619ef2-18
IP
185.16.61.123:443
ASN
#197540 netcup GmbH

Requested by
https://cloud.koenig.cx/index.php/login
Certificate
IssuerLet's Encrypt
Subjectcloud.obez.de
Fingerprint83:C7:7B:A9:C1:0A:9E:AC:DC:C3:AA:83:BE:F6:A2:4C:DD:DC:E8:05
ValidityThu, 01 Feb 2024 10:14:25 GMT - Wed, 01 May 2024 10:14:24 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
18 kB (17925 bytes)
Hash
b368d6032189b3bfede55a3d819bf669
9858724f13b6ebac4ef59b7531b95e55fffc93fb
8821d28cac48b99f52d482fdc6ab3c5bab9ecf065e15c8c07925065c3d011444

HTTP Headers

GET /core/css/server.css?v=8b619ef2-18 HTTP/1.1
Host: cloud.koenig.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: oc_sessionPassphrase=ZjubBcTT4wdvNAzk5GEdBLFh%2BD6C4SvE4v5fk3Ew7%2F5JPwPoJkuQ0sn0YajtZd14oDXQ5TjljNZyrjzUHM4jhg%2BCKw6HDcjWNW%2FJUlWSXg1dp3peGj4JBFW1ChHIYUaA; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; ocu5nkyxm8p0=45b2p98k60hn4n04tao1lgmj7v
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 05:51:25 GMT
Server: Apache/2.4.57 (Debian)
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 29 Feb 2024 06:54:38 GMT
ETag: "1da7c-6127fbb9c6780-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=15778463, immutable
Content-Length: 17925
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

cloud.koenig.cx/apps/files_rightclick/css/app.css?v=ca9f0d77-18

185.16.61.123

200 OK

199 B

URL GET HTTP/1.1
cloud.koenig.cx/apps/files_rightclick/css/app.css?v=ca9f0d77-18
IP
185.16.61.123:443
ASN
#197540 netcup GmbH

Requested by
https://cloud.koenig.cx/index.php/login
Certificate
IssuerLet's Encrypt
Subjectcloud.obez.de
Fingerprint83:C7:7B:A9:C1:0A:9E:AC:DC:C3:AA:83:BE:F6:A2:4C:DD:DC:E8:05
ValidityThu, 01 Feb 2024 10:14:25 GMT - Wed, 01 May 2024 10:14:24 GMT

File type
ASCII text
Size
199 B (199 bytes)
Hash
fdf5f4b9a2cf9214a61c17e5455f4f57
cd2b0c8819d98513930bac4284ac16d9820a1a3c
2d1f3b92d7591b69a06cb8bd6cda8e4d2fa4ed9ebb470488990780a2423d0bb7

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Dropbox, Inc.

HTTP Headers

GET /apps/files_rightclick/css/app.css?v=ca9f0d77-18 HTTP/1.1
Host: cloud.koenig.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: oc_sessionPassphrase=ZjubBcTT4wdvNAzk5GEdBLFh%2BD6C4SvE4v5fk3Ew7%2F5JPwPoJkuQ0sn0YajtZd14oDXQ5TjljNZyrjzUHM4jhg%2BCKw6HDcjWNW%2FJUlWSXg1dp3peGj4JBFW1ChHIYUaA; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; ocu5nkyxm8p0=45b2p98k60hn4n04tao1lgmj7v
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 05:51:25 GMT
Server: Apache/2.4.57 (Debian)
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 29 Feb 2024 06:55:28 GMT
ETag: "19c-6127fbe975800-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=15778463, immutable
Content-Length: 199
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

cloud.koenig.cx/apps/theming/css/default.css?v=34e90de1-18

185.16.61.123

200 OK

1.0 kB

URL GET HTTP/1.1
cloud.koenig.cx/apps/theming/css/default.css?v=34e90de1-18
IP
185.16.61.123:443
ASN
#197540 netcup GmbH

Requested by
https://cloud.koenig.cx/index.php/login
Certificate
IssuerLet's Encrypt
Subjectcloud.obez.de
Fingerprint83:C7:7B:A9:C1:0A:9E:AC:DC:C3:AA:83:BE:F6:A2:4C:DD:DC:E8:05
ValidityThu, 01 Feb 2024 10:14:25 GMT - Wed, 01 May 2024 10:14:24 GMT

File type
ASCII text
Size
1.0 kB (1024 bytes)
Hash
3a44fc4b9ea2b34409263ce32ff18faf
8c075e32aa21b55bc51eac40bc4db8d8f5d19ac4
cf1c3eb95b33f58d1851eda20b54202df68cdc019cd09c779ddb814356d0b664

HTTP Headers

GET /apps/theming/css/default.css?v=34e90de1-18 HTTP/1.1
Host: cloud.koenig.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: oc_sessionPassphrase=ZjubBcTT4wdvNAzk5GEdBLFh%2BD6C4SvE4v5fk3Ew7%2F5JPwPoJkuQ0sn0YajtZd14oDXQ5TjljNZyrjzUHM4jhg%2BCKw6HDcjWNW%2FJUlWSXg1dp3peGj4JBFW1ChHIYUaA; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; ocu5nkyxm8p0=45b2p98k60hn4n04tao1lgmj7v
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 05:51:25 GMT
Server: Apache/2.4.57 (Debian)
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 29 Feb 2024 06:54:36 GMT
ETag: "cb5-6127fbb7de300-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=15778463, immutable
Content-Length: 1024
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

cloud.koenig.cx/core/css/guest.css?v=8b619ef2-18

185.16.61.123

200 OK

4.5 kB

URL GET HTTP/1.1
cloud.koenig.cx/core/css/guest.css?v=8b619ef2-18
IP
185.16.61.123:443
ASN
#197540 netcup GmbH

Requested by
https://cloud.koenig.cx/index.php/login
Certificate
IssuerLet's Encrypt
Subjectcloud.obez.de
Fingerprint83:C7:7B:A9:C1:0A:9E:AC:DC:C3:AA:83:BE:F6:A2:4C:DD:DC:E8:05
ValidityThu, 01 Feb 2024 10:14:25 GMT - Wed, 01 May 2024 10:14:24 GMT

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (15455)
Size
4.5 kB (4542 bytes)
Hash
c49e22389e5b64efea0e535a9da7e1c2
7d822136c33c2042838320f9dbd010e88c2687d0
fbb33fe5dc8f8abfd363b2f23f4d00c175c12d3d82563cba8f5d536c812bea85

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Dropbox, Inc.

HTTP Headers

GET /core/css/guest.css?v=8b619ef2-18 HTTP/1.1
Host: cloud.koenig.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: oc_sessionPassphrase=ZjubBcTT4wdvNAzk5GEdBLFh%2BD6C4SvE4v5fk3Ew7%2F5JPwPoJkuQ0sn0YajtZd14oDXQ5TjljNZyrjzUHM4jhg%2BCKw6HDcjWNW%2FJUlWSXg1dp3peGj4JBFW1ChHIYUaA; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; ocu5nkyxm8p0=45b2p98k60hn4n04tao1lgmj7v
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 05:51:25 GMT
Server: Apache/2.4.57 (Debian)
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 29 Feb 2024 06:54:38 GMT
ETag: "3fa9-6127fbb9c6780-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=15778463, immutable
Content-Length: 4542
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

cloud.koenig.cx/index.php/apps/theming/theme/light.css?plain=0&v=9e6a55b6

185.16.61.123

200 OK

1.0 kB

URL GET HTTP/1.1
cloud.koenig.cx/index.php/apps/theming/theme/light.css?plain=0&v=9e6a55b6
IP
185.16.61.123:443
ASN
#197540 netcup GmbH

Requested by
https://cloud.koenig.cx/index.php/login
Certificate
IssuerLet's Encrypt
Subjectcloud.obez.de
Fingerprint83:C7:7B:A9:C1:0A:9E:AC:DC:C3:AA:83:BE:F6:A2:4C:DD:DC:E8:05
ValidityThu, 01 Feb 2024 10:14:25 GMT - Wed, 01 May 2024 10:14:24 GMT

File type
ASCII text
Size
1.0 kB (1026 bytes)
Hash
5e5f3deac3843c01df1d67beecbbd152
ce1ed8f15cb06791e10a3a12ea94d00c44de0e45
3b6ae66b75abf1cca99b8e6a20b283f8d47f118fec79761c9929967a362344fc

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Dropbox, Inc.

HTTP Headers

GET /index.php/apps/theming/theme/light.css?plain=0&v=9e6a55b6 HTTP/1.1
Host: cloud.koenig.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: oc_sessionPassphrase=ZjubBcTT4wdvNAzk5GEdBLFh%2BD6C4SvE4v5fk3Ew7%2F5JPwPoJkuQ0sn0YajtZd14oDXQ5TjljNZyrjzUHM4jhg%2BCKw6HDcjWNW%2FJUlWSXg1dp3peGj4JBFW1ChHIYUaA; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; ocu5nkyxm8p0=45b2p98k60hn4n04tao1lgmj7v
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 05:51:25 GMT
Server: Apache/2.4.57 (Debian)
Cache-Control: private, max-age=86400, must-revalidate
X-Request-Id: upuojXcmuAjs79vGLyaj
Content-Security-Policy: default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'
Feature-Policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
X-Robots-Tag: noindex, nofollow
Content-Disposition: inline; filename=""
Pragma: private
Expires: Sat, 30 Mar 2024 05:51:25 +0000
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1026
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css;charset=UTF-8

cloud.koenig.cx/index.php/apps/theming/theme/default.css?plain=1&v=9e6a55b6

185.16.61.123

200 OK

1.0 kB

URL GET HTTP/1.1
cloud.koenig.cx/index.php/apps/theming/theme/default.css?plain=1&v=9e6a55b6
IP
185.16.61.123:443
ASN
#197540 netcup GmbH

Requested by
https://cloud.koenig.cx/index.php/login
Certificate
IssuerLet's Encrypt
Subjectcloud.obez.de
Fingerprint83:C7:7B:A9:C1:0A:9E:AC:DC:C3:AA:83:BE:F6:A2:4C:DD:DC:E8:05
ValidityThu, 01 Feb 2024 10:14:25 GMT - Wed, 01 May 2024 10:14:24 GMT

File type
ASCII text, with very long lines (3081), with no line terminators
Size
1.0 kB (1006 bytes)
Hash
726f7bf8aa405c9e16df231a86bc0c9e
cd767483784159796a2723680aa5ff64edf653c9
95880b9929c743e43f9ebb5cf95871d9371f42f50472c1e4df987b1f16a07dba

HTTP Headers

GET /index.php/apps/theming/theme/default.css?plain=1&v=9e6a55b6 HTTP/1.1
Host: cloud.koenig.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: oc_sessionPassphrase=ZjubBcTT4wdvNAzk5GEdBLFh%2BD6C4SvE4v5fk3Ew7%2F5JPwPoJkuQ0sn0YajtZd14oDXQ5TjljNZyrjzUHM4jhg%2BCKw6HDcjWNW%2FJUlWSXg1dp3peGj4JBFW1ChHIYUaA; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; ocu5nkyxm8p0=45b2p98k60hn4n04tao1lgmj7v
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 05:51:25 GMT
Server: Apache/2.4.57 (Debian)
Cache-Control: private, max-age=86400, must-revalidate
X-Request-Id: Beu4mHDNgJ0F2NAvmAA4
Content-Security-Policy: default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'
Feature-Policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
X-Robots-Tag: noindex, nofollow
Content-Disposition: inline; filename=""
Pragma: private
Expires: Sat, 30 Mar 2024 05:51:25 +0000
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1006
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css;charset=UTF-8

cloud.koenig.cx/index.php/apps/theming/theme/light.css?plain=1&v=9e6a55b6

185.16.61.123

200 OK

1.0 kB

URL GET HTTP/1.1
cloud.koenig.cx/index.php/apps/theming/theme/light.css?plain=1&v=9e6a55b6
IP
185.16.61.123:443
ASN
#197540 netcup GmbH

Requested by
https://cloud.koenig.cx/index.php/login
Certificate
IssuerLet's Encrypt
Subjectcloud.obez.de
Fingerprint83:C7:7B:A9:C1:0A:9E:AC:DC:C3:AA:83:BE:F6:A2:4C:DD:DC:E8:05
ValidityThu, 01 Feb 2024 10:14:25 GMT - Wed, 01 May 2024 10:14:24 GMT

File type
ASCII text, with very long lines (3081), with no line terminators
Size
1.0 kB (1006 bytes)
Hash
726f7bf8aa405c9e16df231a86bc0c9e
cd767483784159796a2723680aa5ff64edf653c9
95880b9929c743e43f9ebb5cf95871d9371f42f50472c1e4df987b1f16a07dba

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Dropbox, Inc.

HTTP Headers

GET /index.php/apps/theming/theme/light.css?plain=1&v=9e6a55b6 HTTP/1.1
Host: cloud.koenig.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: oc_sessionPassphrase=ZjubBcTT4wdvNAzk5GEdBLFh%2BD6C4SvE4v5fk3Ew7%2F5JPwPoJkuQ0sn0YajtZd14oDXQ5TjljNZyrjzUHM4jhg%2BCKw6HDcjWNW%2FJUlWSXg1dp3peGj4JBFW1ChHIYUaA; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; ocu5nkyxm8p0=45b2p98k60hn4n04tao1lgmj7v
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 05:51:25 GMT
Server: Apache/2.4.57 (Debian)
Cache-Control: private, max-age=86400, must-revalidate
X-Request-Id: O9PT4qjjks5MdRaBEtnh
Content-Security-Policy: default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'
Feature-Policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
X-Robots-Tag: noindex, nofollow
Content-Disposition: inline; filename=""
Pragma: private
Expires: Sat, 30 Mar 2024 05:51:25 +0000
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1006
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css;charset=UTF-8

cloud.koenig.cx/index.php/apps/theming/theme/dark.css?plain=0&v=9e6a55b6

185.16.61.123

200 OK

1.0 kB

URL GET HTTP/1.1
cloud.koenig.cx/index.php/apps/theming/theme/dark.css?plain=0&v=9e6a55b6
IP
185.16.61.123:443
ASN
#197540 netcup GmbH

Requested by
https://cloud.koenig.cx/index.php/login
Certificate
IssuerLet's Encrypt
Subjectcloud.obez.de
Fingerprint83:C7:7B:A9:C1:0A:9E:AC:DC:C3:AA:83:BE:F6:A2:4C:DD:DC:E8:05
ValidityThu, 01 Feb 2024 10:14:25 GMT - Wed, 01 May 2024 10:14:24 GMT

File type
ASCII text
Size
1.0 kB (1017 bytes)
Hash
ea97fe5d63244386d43ef0c11084e27d
3d177e996a82f274e2f5ca7f066f37ec5887a442
c1c6fe92268b78e3131d519156111ef7062d308846ead819b9afa4bab26bfab8

HTTP Headers

GET /index.php/apps/theming/theme/dark.css?plain=0&v=9e6a55b6 HTTP/1.1
Host: cloud.koenig.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: oc_sessionPassphrase=ZjubBcTT4wdvNAzk5GEdBLFh%2BD6C4SvE4v5fk3Ew7%2F5JPwPoJkuQ0sn0YajtZd14oDXQ5TjljNZyrjzUHM4jhg%2BCKw6HDcjWNW%2FJUlWSXg1dp3peGj4JBFW1ChHIYUaA; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; ocu5nkyxm8p0=45b2p98k60hn4n04tao1lgmj7v
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 05:51:25 GMT
Server: Apache/2.4.57 (Debian)
Cache-Control: private, max-age=86400, must-revalidate
X-Request-Id: FA8Id57xZhXYaKFj0HE2
Content-Security-Policy: default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'
Feature-Policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
X-Robots-Tag: noindex, nofollow
Content-Disposition: inline; filename=""
Pragma: private
Expires: Sat, 30 Mar 2024 05:51:25 +0000
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1017
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css;charset=UTF-8

cloud.koenig.cx/index.php/apps/theming/theme/light-highcontrast.css?plain=0&v=9e6a55b6

185.16.61.123

200 OK

1.1 kB

URL GET HTTP/1.1
cloud.koenig.cx/index.php/apps/theming/theme/light-highcontrast.css?plain=0&v=9e6a55b6
IP
185.16.61.123:443
ASN
#197540 netcup GmbH

Requested by
https://cloud.koenig.cx/index.php/login
Certificate
IssuerLet's Encrypt
Subjectcloud.obez.de
Fingerprint83:C7:7B:A9:C1:0A:9E:AC:DC:C3:AA:83:BE:F6:A2:4C:DD:DC:E8:05
ValidityThu, 01 Feb 2024 10:14:25 GMT - Wed, 01 May 2024 10:14:24 GMT

File type
ASCII text
Size
1.1 kB (1084 bytes)
Hash
d3650556ded9d8f3c373a4914a1693eb
73feaa08d1ca25e667c28e7b34bd2f33ee6a4b56
abd0ad32510f49a624aaf9757cecc61da0fe19aa6f23d8dc2c4233c6ee0de12d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Dropbox, Inc.

HTTP Headers

GET /index.php/apps/theming/theme/light-highcontrast.css?plain=0&v=9e6a55b6 HTTP/1.1
Host: cloud.koenig.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: oc_sessionPassphrase=ZjubBcTT4wdvNAzk5GEdBLFh%2BD6C4SvE4v5fk3Ew7%2F5JPwPoJkuQ0sn0YajtZd14oDXQ5TjljNZyrjzUHM4jhg%2BCKw6HDcjWNW%2FJUlWSXg1dp3peGj4JBFW1ChHIYUaA; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; ocu5nkyxm8p0=45b2p98k60hn4n04tao1lgmj7v
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 05:51:25 GMT
Server: Apache/2.4.57 (Debian)
Cache-Control: private, max-age=86400, must-revalidate
X-Request-Id: D2D3Kwl5zLMbpvetwn4B
Content-Security-Policy: default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'
Feature-Policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
X-Robots-Tag: noindex, nofollow
Content-Disposition: inline; filename=""
Pragma: private
Expires: Sat, 30 Mar 2024 05:51:25 +0000
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1084
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css;charset=UTF-8

cloud.koenig.cx/dist/core-files_fileinfo.js?v=8b619ef2-18

185.16.61.123

200 OK

524 B

URL GET HTTP/1.1
cloud.koenig.cx/dist/core-files_fileinfo.js?v=8b619ef2-18
IP
185.16.61.123:443
ASN
#197540 netcup GmbH

Requested by
https://cloud.koenig.cx/index.php/login
Certificate
IssuerLet's Encrypt
Subjectcloud.obez.de
Fingerprint83:C7:7B:A9:C1:0A:9E:AC:DC:C3:AA:83:BE:F6:A2:4C:DD:DC:E8:05
ValidityThu, 01 Feb 2024 10:14:25 GMT - Wed, 01 May 2024 10:14:24 GMT

File type
JavaScript source, ASCII text, with very long lines (788)
Size
524 B (524 bytes)
Hash
866fb1f4f594a1353ad5ecbe535a0b88
a499414e2b5191e8c1ae97a683c30fda52f519ff
dd97cc05fe0564f3e1169033de18e2eea082d7cfa5db65553d68cb542d3c246e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Dropbox, Inc.

HTTP Headers

GET /dist/core-files_fileinfo.js?v=8b619ef2-18 HTTP/1.1
Host: cloud.koenig.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: oc_sessionPassphrase=ZjubBcTT4wdvNAzk5GEdBLFh%2BD6C4SvE4v5fk3Ew7%2F5JPwPoJkuQ0sn0YajtZd14oDXQ5TjljNZyrjzUHM4jhg%2BCKw6HDcjWNW%2FJUlWSXg1dp3peGj4JBFW1ChHIYUaA; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; ocu5nkyxm8p0=45b2p98k60hn4n04tao1lgmj7v
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 05:51:25 GMT
Server: Apache/2.4.57 (Debian)
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 29 Feb 2024 06:54:38 GMT
ETag: "3a8-6127fbb9c6780-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=15778463, immutable
Content-Length: 524
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/javascript

cloud.koenig.cx/dist/core-files_client.js?v=8b619ef2-18

185.16.61.123

200 OK

4.3 kB

URL GET HTTP/1.1
cloud.koenig.cx/dist/core-files_client.js?v=8b619ef2-18
IP
185.16.61.123:443
ASN
#197540 netcup GmbH

Requested by
https://cloud.koenig.cx/index.php/login
Certificate
IssuerLet's Encrypt
Subjectcloud.obez.de
Fingerprint83:C7:7B:A9:C1:0A:9E:AC:DC:C3:AA:83:BE:F6:A2:4C:DD:DC:E8:05
ValidityThu, 01 Feb 2024 10:14:25 GMT - Wed, 01 May 2024 10:14:24 GMT

File type
JavaScript source, ASCII text, with very long lines (12211)
Size
4.3 kB (4282 bytes)
Hash
408f293a74e50e0ec030c7345df037bf
cb43615a71c486eed0db36bbe032acdd08f99eb4
3db6c808f95fb590010538e0aac80d544b66b4e264a850614da0bca8cb7f8dbe

HTTP Headers

GET /dist/core-files_client.js?v=8b619ef2-18 HTTP/1.1
Host: cloud.koenig.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: oc_sessionPassphrase=ZjubBcTT4wdvNAzk5GEdBLFh%2BD6C4SvE4v5fk3Ew7%2F5JPwPoJkuQ0sn0YajtZd14oDXQ5TjljNZyrjzUHM4jhg%2BCKw6HDcjWNW%2FJUlWSXg1dp3peGj4JBFW1ChHIYUaA; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; ocu5nkyxm8p0=45b2p98k60hn4n04tao1lgmj7v
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 05:51:25 GMT
Server: Apache/2.4.57 (Debian)
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 29 Feb 2024 06:54:38 GMT
ETag: "3043-6127fbb9c6780-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=15778463, immutable
Content-Length: 4282
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/javascript

cloud.koenig.cx/dist/core-main.js?v=8b619ef2-18

185.16.61.123

200 OK

52 kB

URL GET HTTP/1.1
cloud.koenig.cx/dist/core-main.js?v=8b619ef2-18
IP
185.16.61.123:443
ASN
#197540 netcup GmbH

Requested by
https://cloud.koenig.cx/index.php/login
Certificate
IssuerLet's Encrypt
Subjectcloud.obez.de
Fingerprint83:C7:7B:A9:C1:0A:9E:AC:DC:C3:AA:83:BE:F6:A2:4C:DD:DC:E8:05
ValidityThu, 01 Feb 2024 10:14:25 GMT - Wed, 01 May 2024 10:14:24 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65459)
Size
52 kB (52384 bytes)
Hash
a11a4a96ec5eadb6a6c6da053d6ad561
bc36d5c215d15267860b0830cd2334ad01c37bf1
ea980a75f5abfdd63b737a8616c5ecf9cff0d7b21c19a902d7d7d2fccee53a48

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Dropbox, Inc.

HTTP Headers

GET /dist/core-main.js?v=8b619ef2-18 HTTP/1.1
Host: cloud.koenig.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: oc_sessionPassphrase=ZjubBcTT4wdvNAzk5GEdBLFh%2BD6C4SvE4v5fk3Ew7%2F5JPwPoJkuQ0sn0YajtZd14oDXQ5TjljNZyrjzUHM4jhg%2BCKw6HDcjWNW%2FJUlWSXg1dp3peGj4JBFW1ChHIYUaA; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; ocu5nkyxm8p0=45b2p98k60hn4n04tao1lgmj7v
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 05:51:25 GMT
Server: Apache/2.4.57 (Debian)
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 29 Feb 2024 06:54:38 GMT
ETag: "26ba9-6127fbb9c6780-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=15778463, immutable
Content-Length: 52384
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/javascript

cloud.koenig.cx/index.php/apps/theming/theme/dark-highcontrast.css?plain=0&v=9e6a55b6

185.16.61.123

200 OK

1.1 kB

URL GET HTTP/1.1
cloud.koenig.cx/index.php/apps/theming/theme/dark-highcontrast.css?plain=0&v=9e6a55b6
IP
185.16.61.123:443
ASN
#197540 netcup GmbH

Requested by
https://cloud.koenig.cx/index.php/login
Certificate
IssuerLet's Encrypt
Subjectcloud.obez.de
Fingerprint83:C7:7B:A9:C1:0A:9E:AC:DC:C3:AA:83:BE:F6:A2:4C:DD:DC:E8:05
ValidityThu, 01 Feb 2024 10:14:25 GMT - Wed, 01 May 2024 10:14:24 GMT

File type
ASCII text
Size
1.1 kB (1111 bytes)
Hash
c8576975a2f2a456b428829b0ede7c18
73666def5108846bea256f7306a23a42dc5820e3
3186749dc70b52ba304d204491caa764d1de46703f4b4d9e5b9bba5582d48511

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Dropbox, Inc.

HTTP Headers

GET /index.php/apps/theming/theme/dark-highcontrast.css?plain=0&v=9e6a55b6 HTTP/1.1
Host: cloud.koenig.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: oc_sessionPassphrase=ZjubBcTT4wdvNAzk5GEdBLFh%2BD6C4SvE4v5fk3Ew7%2F5JPwPoJkuQ0sn0YajtZd14oDXQ5TjljNZyrjzUHM4jhg%2BCKw6HDcjWNW%2FJUlWSXg1dp3peGj4JBFW1ChHIYUaA; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; ocu5nkyxm8p0=45b2p98k60hn4n04tao1lgmj7v
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 05:51:25 GMT
Server: Apache/2.4.57 (Debian)
Cache-Control: private, max-age=86400, must-revalidate
X-Request-Id: fIoVM6HZPxY2CCeVYYVY
Content-Security-Policy: default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'
Feature-Policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
X-Robots-Tag: noindex, nofollow
Content-Disposition: inline; filename=""
Pragma: private
Expires: Sat, 30 Mar 2024 05:51:25 +0000
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1111
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css;charset=UTF-8

cloud.koenig.cx/index.php/apps/theming/theme/opendyslexic.css?plain=0&v=9e6a55b6

185.16.61.123

200 OK

331 B

URL GET HTTP/1.1
cloud.koenig.cx/index.php/apps/theming/theme/opendyslexic.css?plain=0&v=9e6a55b6
IP
185.16.61.123:443
ASN
#197540 netcup GmbH

Requested by
https://cloud.koenig.cx/index.php/login
Certificate
IssuerLet's Encrypt
Subjectcloud.obez.de
Fingerprint83:C7:7B:A9:C1:0A:9E:AC:DC:C3:AA:83:BE:F6:A2:4C:DD:DC:E8:05
ValidityThu, 01 Feb 2024 10:14:25 GMT - Wed, 01 May 2024 10:14:24 GMT

File type
ASCII text
Size
331 B (331 bytes)
Hash
31978e19d0a4b5dd3204ef7e043f5a4f
dd54b09b26633899dcf3c4b37524c49cf2add1af
e08ea6e9664148da531ec9b4bbf5f7c3be48dc12d2ce1d34d62a1dff819c2a32

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Dropbox, Inc.

HTTP Headers

GET /index.php/apps/theming/theme/opendyslexic.css?plain=0&v=9e6a55b6 HTTP/1.1
Host: cloud.koenig.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: oc_sessionPassphrase=ZjubBcTT4wdvNAzk5GEdBLFh%2BD6C4SvE4v5fk3Ew7%2F5JPwPoJkuQ0sn0YajtZd14oDXQ5TjljNZyrjzUHM4jhg%2BCKw6HDcjWNW%2FJUlWSXg1dp3peGj4JBFW1ChHIYUaA; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; ocu5nkyxm8p0=45b2p98k60hn4n04tao1lgmj7v
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 05:51:25 GMT
Server: Apache/2.4.57 (Debian)
Cache-Control: private, max-age=86400, must-revalidate
X-Request-Id: zIYQuMMTLk0ighUTTynT
Content-Security-Policy: default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'
Feature-Policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
X-Robots-Tag: noindex, nofollow
Content-Disposition: inline; filename=""
Pragma: private
Expires: Sat, 30 Mar 2024 05:51:25 +0000
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 331
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css;charset=UTF-8

cloud.koenig.cx/dist/files_sharing-main.js?v=8b619ef2-18

185.16.61.123

200 OK

266 B

URL GET HTTP/1.1
cloud.koenig.cx/dist/files_sharing-main.js?v=8b619ef2-18
IP
185.16.61.123:443
ASN
#197540 netcup GmbH

Requested by
https://cloud.koenig.cx/index.php/login
Certificate
IssuerLet's Encrypt
Subjectcloud.obez.de
Fingerprint83:C7:7B:A9:C1:0A:9E:AC:DC:C3:AA:83:BE:F6:A2:4C:DD:DC:E8:05
ValidityThu, 01 Feb 2024 10:14:25 GMT - Wed, 01 May 2024 10:14:24 GMT

File type
ASCII text
Size
266 B (266 bytes)
Hash
8381fa39881b5c908f8eeb853fa57d6b
2ca28d40b3ecf96d458408534c6cc300fd98a652
0f6fb7f6a8c4d59f1a9ba85d9d7926ac147c87629074d490c4cf65853bc7bf4a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Dropbox, Inc.

HTTP Headers

GET /dist/files_sharing-main.js?v=8b619ef2-18 HTTP/1.1
Host: cloud.koenig.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: oc_sessionPassphrase=ZjubBcTT4wdvNAzk5GEdBLFh%2BD6C4SvE4v5fk3Ew7%2F5JPwPoJkuQ0sn0YajtZd14oDXQ5TjljNZyrjzUHM4jhg%2BCKw6HDcjWNW%2FJUlWSXg1dp3peGj4JBFW1ChHIYUaA; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; ocu5nkyxm8p0=45b2p98k60hn4n04tao1lgmj7v
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 05:51:25 GMT
Server: Apache/2.4.57 (Debian)
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 29 Feb 2024 06:54:38 GMT
ETag: "18d-6127fbb9c6780-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=15778463, immutable
Content-Length: 266
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/javascript

cloud.koenig.cx/dist/core-login.js?v=8b619ef2-18

185.16.61.123

200 OK

29 kB

URL GET HTTP/1.1
cloud.koenig.cx/dist/core-login.js?v=8b619ef2-18
IP
185.16.61.123:443
ASN
#197540 netcup GmbH

Requested by
https://cloud.koenig.cx/index.php/login
Certificate
IssuerLet's Encrypt
Subjectcloud.obez.de
Fingerprint83:C7:7B:A9:C1:0A:9E:AC:DC:C3:AA:83:BE:F6:A2:4C:DD:DC:E8:05
ValidityThu, 01 Feb 2024 10:14:25 GMT - Wed, 01 May 2024 10:14:24 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65456)
Size
29 kB (28623 bytes)
Hash
6ec7d873fd64f44e32129a9a9813a642
880005cc39fa2cf8fa60f9225f4a483505ee3477
7a6f89eac37351d434e4b7ccc17d29e99f26207c9c88dc3de26c76cf8988cc76

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Dropbox, Inc.

HTTP Headers

GET /dist/core-login.js?v=8b619ef2-18 HTTP/1.1
Host: cloud.koenig.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: oc_sessionPassphrase=ZjubBcTT4wdvNAzk5GEdBLFh%2BD6C4SvE4v5fk3Ew7%2F5JPwPoJkuQ0sn0YajtZd14oDXQ5TjljNZyrjzUHM4jhg%2BCKw6HDcjWNW%2FJUlWSXg1dp3peGj4JBFW1ChHIYUaA; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; ocu5nkyxm8p0=45b2p98k60hn4n04tao1lgmj7v
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 05:51:25 GMT
Server: Apache/2.4.57 (Debian)
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 29 Feb 2024 06:54:38 GMT
ETag: "1889d-6127fbb9c6780-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=15778463, immutable
Content-Length: 28623
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/javascript

cloud.koenig.cx/apps/files_rightclick/js/script.js?v=8b619ef2-18

185.16.61.123

200 OK

3.2 kB

URL GET HTTP/1.1
cloud.koenig.cx/apps/files_rightclick/js/script.js?v=8b619ef2-18
IP
185.16.61.123:443
ASN
#197540 netcup GmbH

Requested by
https://cloud.koenig.cx/index.php/login
Certificate
IssuerLet's Encrypt
Subjectcloud.obez.de
Fingerprint83:C7:7B:A9:C1:0A:9E:AC:DC:C3:AA:83:BE:F6:A2:4C:DD:DC:E8:05
ValidityThu, 01 Feb 2024 10:14:25 GMT - Wed, 01 May 2024 10:14:24 GMT

File type
JavaScript source, Unicode text, UTF-8 text
Size
3.2 kB (3219 bytes)
Hash
c96a8f5f25ef51f00b32b37b051fb4ce
f117ec65e8387932c674908a30ab90d0a7f01eba
2263fdb9b43029256cf21ee1a577e3d4cc91ae150949200c05733b19e1e15912

HTTP Headers

GET /apps/files_rightclick/js/script.js?v=8b619ef2-18 HTTP/1.1
Host: cloud.koenig.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: oc_sessionPassphrase=ZjubBcTT4wdvNAzk5GEdBLFh%2BD6C4SvE4v5fk3Ew7%2F5JPwPoJkuQ0sn0YajtZd14oDXQ5TjljNZyrjzUHM4jhg%2BCKw6HDcjWNW%2FJUlWSXg1dp3peGj4JBFW1ChHIYUaA; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; ocu5nkyxm8p0=45b2p98k60hn4n04tao1lgmj7v
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 05:51:25 GMT
Server: Apache/2.4.57 (Debian)
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 29 Feb 2024 06:55:28 GMT
ETag: "3a17-6127fbe975800-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=15778463, immutable
Content-Length: 3219
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/javascript

cloud.koenig.cx/apps/files_rightclick/js/files.js?v=8b619ef2-18

185.16.61.123

200 OK

1.3 kB

URL GET HTTP/1.1
cloud.koenig.cx/apps/files_rightclick/js/files.js?v=8b619ef2-18
IP
185.16.61.123:443
ASN
#197540 netcup GmbH

Requested by
https://cloud.koenig.cx/index.php/login
Certificate
IssuerLet's Encrypt
Subjectcloud.obez.de
Fingerprint83:C7:7B:A9:C1:0A:9E:AC:DC:C3:AA:83:BE:F6:A2:4C:DD:DC:E8:05
ValidityThu, 01 Feb 2024 10:14:25 GMT - Wed, 01 May 2024 10:14:24 GMT

File type
JavaScript source, ASCII text
Size
1.3 kB (1305 bytes)
Hash
1448ebf6f503c5cdde8e5a5123268e10
d27fd1343e79f02cdc3ce4187109259a65fdc54b
77cde93f5ccad1764912a90f7c9a291aad94411b71f1ab5fc669081839decb71

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Dropbox, Inc.

HTTP Headers

GET /apps/files_rightclick/js/files.js?v=8b619ef2-18 HTTP/1.1
Host: cloud.koenig.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: oc_sessionPassphrase=ZjubBcTT4wdvNAzk5GEdBLFh%2BD6C4SvE4v5fk3Ew7%2F5JPwPoJkuQ0sn0YajtZd14oDXQ5TjljNZyrjzUHM4jhg%2BCKw6HDcjWNW%2FJUlWSXg1dp3peGj4JBFW1ChHIYUaA; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; ocu5nkyxm8p0=45b2p98k60hn4n04tao1lgmj7v
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 05:51:25 GMT
Server: Apache/2.4.57 (Debian)
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 29 Feb 2024 06:55:28 GMT
ETag: "12ef-6127fbe975800-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=15778463, immutable
Content-Length: 1305
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/javascript

cloud.koenig.cx/apps/theming/js/theming.js?v=8b619ef2-18

185.16.61.123

200 OK

60 B

URL GET HTTP/1.1
cloud.koenig.cx/apps/theming/js/theming.js?v=8b619ef2-18
IP
185.16.61.123:443
ASN
#197540 netcup GmbH

Requested by
https://cloud.koenig.cx/index.php/login
Certificate
IssuerLet's Encrypt
Subjectcloud.obez.de
Fingerprint83:C7:7B:A9:C1:0A:9E:AC:DC:C3:AA:83:BE:F6:A2:4C:DD:DC:E8:05
ValidityThu, 01 Feb 2024 10:14:25 GMT - Wed, 01 May 2024 10:14:24 GMT

File type
ASCII text
Size
60 B (60 bytes)
Hash
44b0d37d24a2e33ca0b64b50f83cfd6a
1c09d10dcabf2c8fac03ea3b56852ca3feb58cb0
ec4e73e49bca3f6e523c3dfd66e58fa157c81c4da5eb3fa0ceaa589ba8dc0785

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Dropbox, Inc.

HTTP Headers

GET /apps/theming/js/theming.js?v=8b619ef2-18 HTTP/1.1
Host: cloud.koenig.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: oc_sessionPassphrase=ZjubBcTT4wdvNAzk5GEdBLFh%2BD6C4SvE4v5fk3Ew7%2F5JPwPoJkuQ0sn0YajtZd14oDXQ5TjljNZyrjzUHM4jhg%2BCKw6HDcjWNW%2FJUlWSXg1dp3peGj4JBFW1ChHIYUaA; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; ocu5nkyxm8p0=45b2p98k60hn4n04tao1lgmj7v
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 05:51:25 GMT
Server: Apache/2.4.57 (Debian)
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 29 Feb 2024 06:54:36 GMT
ETag: "3c-6127fbb7de300"
Accept-Ranges: bytes
Content-Length: 60
Cache-Control: max-age=15778463, immutable
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/javascript

cloud.koenig.cx/dist/icons.css

185.16.61.123

200 OK

30 kB

URL GET HTTP/1.1
cloud.koenig.cx/dist/icons.css
IP
185.16.61.123:443
ASN
#197540 netcup GmbH

Requested by
https://cloud.koenig.cx/index.php/login
Certificate
IssuerLet's Encrypt
Subjectcloud.obez.de
Fingerprint83:C7:7B:A9:C1:0A:9E:AC:DC:C3:AA:83:BE:F6:A2:4C:DD:DC:E8:05
ValidityThu, 01 Feb 2024 10:14:25 GMT - Wed, 01 May 2024 10:14:24 GMT

File type
ASCII text, with very long lines (1612)
Size
30 kB (30166 bytes)
Hash
7b747e25f67ba2745846284e768a74a4
00ec67f868303c70bfba0ea96a3d1b5a78990973
6eb93cc2f1bf847a09cfe1d3186c2fc5a707b3353ed58e634d7ace869ba8b7d7

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Dropbox, Inc.

HTTP Headers

GET /dist/icons.css HTTP/1.1
Host: cloud.koenig.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: oc_sessionPassphrase=ZjubBcTT4wdvNAzk5GEdBLFh%2BD6C4SvE4v5fk3Ew7%2F5JPwPoJkuQ0sn0YajtZd14oDXQ5TjljNZyrjzUHM4jhg%2BCKw6HDcjWNW%2FJUlWSXg1dp3peGj4JBFW1ChHIYUaA; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; ocu5nkyxm8p0=45b2p98k60hn4n04tao1lgmj7v
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 05:51:25 GMT
Server: Apache/2.4.57 (Debian)
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 29 Feb 2024 06:54:38 GMT
ETag: "34ce1-6127fbb9c6780-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=15778463
Content-Length: 30166
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css

cloud.koenig.cx/index.php/js/core/merged-template-prepend.js?v=8b619ef2-18

185.16.61.123

200 OK

3.1 kB

URL GET HTTP/1.1
cloud.koenig.cx/index.php/js/core/merged-template-prepend.js?v=8b619ef2-18
IP
185.16.61.123:443
ASN
#197540 netcup GmbH

Requested by
https://cloud.koenig.cx/index.php/login
Certificate
IssuerLet's Encrypt
Subjectcloud.obez.de
Fingerprint83:C7:7B:A9:C1:0A:9E:AC:DC:C3:AA:83:BE:F6:A2:4C:DD:DC:E8:05
ValidityThu, 01 Feb 2024 10:14:25 GMT - Wed, 01 May 2024 10:14:24 GMT

File type
ASCII text
Size
3.1 kB (3098 bytes)
Hash
e2c95eaabb507e3d8dfb8de151387d02
7c7d2af7bbe04c70f487cb84011e327cf56ad575
5aa81a1437f7064ff4e0e0279150b418837453fa43b2f6353b06283701b67491

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Dropbox, Inc.

HTTP Headers

GET /index.php/js/core/merged-template-prepend.js?v=8b619ef2-18 HTTP/1.1
Host: cloud.koenig.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: oc_sessionPassphrase=ZjubBcTT4wdvNAzk5GEdBLFh%2BD6C4SvE4v5fk3Ew7%2F5JPwPoJkuQ0sn0YajtZd14oDXQ5TjljNZyrjzUHM4jhg%2BCKw6HDcjWNW%2FJUlWSXg1dp3peGj4JBFW1ChHIYUaA; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; ocu5nkyxm8p0=45b2p98k60hn4n04tao1lgmj7v
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 05:51:25 GMT
Server: Apache/2.4.57 (Debian)
Cache-Control: max-age=31536000, immutable
X-Request-Id: zvSdheSaXL5xp1apqgTj
Content-Security-Policy: default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'
Feature-Policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
X-Robots-Tag: noindex, nofollow
Content-Disposition: inline; filename="merged-template-prepend.js.gzip"
Content-Encoding: gzip
Expires: Sat, 29 Mar 2025 05:51:25 +0000
Pragma: cache
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 01 Mar 2024 00:07:50 GMT
ETag: "1e2f69c3c133594dc43cf323742df0d6"
Content-Length: 3098
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

cloud.koenig.cx/core/img/logo/logo.svg

185.16.61.123

200 OK

815 B

URL GET HTTP/1.1
cloud.koenig.cx/core/img/logo/logo.svg
IP
185.16.61.123:443
ASN
#197540 netcup GmbH

Requested by
https://cloud.koenig.cx/index.php/login
Certificate
IssuerLet's Encrypt
Subjectcloud.obez.de
Fingerprint83:C7:7B:A9:C1:0A:9E:AC:DC:C3:AA:83:BE:F6:A2:4C:DD:DC:E8:05
ValidityThu, 01 Feb 2024 10:14:25 GMT - Wed, 01 May 2024 10:14:24 GMT

File type
SVG Scalable Vector Graphics image
Size
815 B (815 bytes)
Hash
f82b623e4e0e9ade941268dbad4d6302
e02c08d6524f4e89fb8c609171843e5fccfc1d1c
7b762288d5b7bf4d5d3fd83c5caac1792dc525f1aab4b70968cb9fb9a113867f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Dropbox, Inc.

HTTP Headers

GET /core/img/logo/logo.svg HTTP/1.1
Host: cloud.koenig.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: oc_sessionPassphrase=ZjubBcTT4wdvNAzk5GEdBLFh%2BD6C4SvE4v5fk3Ew7%2F5JPwPoJkuQ0sn0YajtZd14oDXQ5TjljNZyrjzUHM4jhg%2BCKw6HDcjWNW%2FJUlWSXg1dp3peGj4JBFW1ChHIYUaA; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; ocu5nkyxm8p0=45b2p98k60hn4n04tao1lgmj7v
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 05:51:25 GMT
Server: Apache/2.4.57 (Debian)
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 29 Feb 2024 06:54:38 GMT
ETag: "32f-6127fbb9c6780"
Accept-Ranges: bytes
Content-Length: 815
Cache-Control: max-age=15778463
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/svg+xml

cloud.koenig.cx/index.php/apps/theming/theme/dark-highcontrast.css?plain=1&v=9e6a55b6

185.16.61.123

200 OK

1.1 kB

URL GET HTTP/1.1
cloud.koenig.cx/index.php/apps/theming/theme/dark-highcontrast.css?plain=1&v=9e6a55b6
IP
185.16.61.123:443
ASN
#197540 netcup GmbH

Requested by
https://cloud.koenig.cx/index.php/login
Certificate
IssuerLet's Encrypt
Subjectcloud.obez.de
Fingerprint83:C7:7B:A9:C1:0A:9E:AC:DC:C3:AA:83:BE:F6:A2:4C:DD:DC:E8:05
ValidityThu, 01 Feb 2024 10:14:25 GMT - Wed, 01 May 2024 10:14:24 GMT

File type
ASCII text, with very long lines (2988)
Size
1.1 kB (1091 bytes)
Hash
2fe0a7037f2b50494c790c93bc431cb0
71aa112f54854f7725b5daf0e6208ecb4149deb2
4a2a6658a3ada7b23acc138836f6de284ac5b9802707a08e1528bd83aa7d8ced

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Dropbox, Inc.

HTTP Headers

GET /index.php/apps/theming/theme/dark-highcontrast.css?plain=1&v=9e6a55b6 HTTP/1.1
Host: cloud.koenig.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: oc_sessionPassphrase=ZjubBcTT4wdvNAzk5GEdBLFh%2BD6C4SvE4v5fk3Ew7%2F5JPwPoJkuQ0sn0YajtZd14oDXQ5TjljNZyrjzUHM4jhg%2BCKw6HDcjWNW%2FJUlWSXg1dp3peGj4JBFW1ChHIYUaA; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; ocu5nkyxm8p0=45b2p98k60hn4n04tao1lgmj7v
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 05:51:25 GMT
Server: Apache/2.4.57 (Debian)
Cache-Control: private, max-age=86400, must-revalidate
X-Request-Id: U6jhSRJxwxIBghE0bNMl
Content-Security-Policy: default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'
Feature-Policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
X-Robots-Tag: noindex, nofollow
Content-Disposition: inline; filename=""
Pragma: private
Expires: Sat, 30 Mar 2024 05:51:25 +0000
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1091
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css;charset=UTF-8

cloud.koenig.cx/index.php/apps/theming/theme/light-highcontrast.css?plain=1&v=9e6a55b6

185.16.61.123

200 OK

1.1 kB

URL GET HTTP/1.1
cloud.koenig.cx/index.php/apps/theming/theme/light-highcontrast.css?plain=1&v=9e6a55b6
IP
185.16.61.123:443
ASN
#197540 netcup GmbH

Requested by
https://cloud.koenig.cx/index.php/login
Certificate
IssuerLet's Encrypt
Subjectcloud.obez.de
Fingerprint83:C7:7B:A9:C1:0A:9E:AC:DC:C3:AA:83:BE:F6:A2:4C:DD:DC:E8:05
ValidityThu, 01 Feb 2024 10:14:25 GMT - Wed, 01 May 2024 10:14:24 GMT

File type
ASCII text, with very long lines (2994)
Size
1.1 kB (1065 bytes)
Hash
061cfec53fc99ced419b56ee626f76db
ca397343151a67b9b07bd4ce9d1220efba0d06ca
aa57804beae8145e77b54288fbd232a3ce1df32713ed7dde8e15351dd1f077ed

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Dropbox, Inc.

HTTP Headers

GET /index.php/apps/theming/theme/light-highcontrast.css?plain=1&v=9e6a55b6 HTTP/1.1
Host: cloud.koenig.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: oc_sessionPassphrase=ZjubBcTT4wdvNAzk5GEdBLFh%2BD6C4SvE4v5fk3Ew7%2F5JPwPoJkuQ0sn0YajtZd14oDXQ5TjljNZyrjzUHM4jhg%2BCKw6HDcjWNW%2FJUlWSXg1dp3peGj4JBFW1ChHIYUaA; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; ocu5nkyxm8p0=45b2p98k60hn4n04tao1lgmj7v
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 05:51:25 GMT
Server: Apache/2.4.57 (Debian)
Cache-Control: private, max-age=86400, must-revalidate
X-Request-Id: v1Y6RYf3ZGDyKcXdZeX0
Content-Security-Policy: default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'
Feature-Policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
X-Robots-Tag: noindex, nofollow
Content-Disposition: inline; filename=""
Pragma: private
Expires: Sat, 30 Mar 2024 05:51:25 +0000
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1065
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css;charset=UTF-8

cloud.koenig.cx/index.php/apps/theming/image/background?v=18

185.16.61.123

404 Not Found

20 kB

URL GET HTTP/1.1
cloud.koenig.cx/index.php/apps/theming/image/background?v=18
IP
185.16.61.123:443
ASN
#197540 netcup GmbH

Requested by
https://cloud.koenig.cx/index.php/login
Certificate
IssuerLet's Encrypt
Subjectcloud.obez.de
Fingerprint83:C7:7B:A9:C1:0A:9E:AC:DC:C3:AA:83:BE:F6:A2:4C:DD:DC:E8:05
ValidityThu, 01 Feb 2024 10:14:25 GMT - Wed, 01 May 2024 10:14:24 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (8480)
Size
20 kB (19538 bytes)
Hash
265cefc4a20232bd6865ae9f01514087
575898e8de3a30e24aed5abd7b017c4b3550ee51
72e8658c6b7948f3f0889de8bde80fd96fd47d458f79a7ab4e21f4f2cba02a82

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Dropbox, Inc.

HTTP Headers

GET /index.php/apps/theming/image/background?v=18 HTTP/1.1
Host: cloud.koenig.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: oc_sessionPassphrase=ZjubBcTT4wdvNAzk5GEdBLFh%2BD6C4SvE4v5fk3Ew7%2F5JPwPoJkuQ0sn0YajtZd14oDXQ5TjljNZyrjzUHM4jhg%2BCKw6HDcjWNW%2FJUlWSXg1dp3peGj4JBFW1ChHIYUaA; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; ocu5nkyxm8p0=45b2p98k60hn4n04tao1lgmj7v
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Fri, 29 Mar 2024 05:51:25 GMT
Server: Apache/2.4.57 (Debian)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Request-Id: uwby3oSTiSwN4zr9CeZQ
Content-Security-Policy: default-src 'none';base-uri 'none';manifest-src 'self';script-src 'nonce-SXdMNmhwR0FQMGNnYVN4SjZqSHVqMWttOEJOVDF2L2VQU1A0Q1lxOFViaz06UUZxN3dkVHFSZ0VaSzNrQmoyS0I5VForbVRoOG1LN3FkMWJCVHZMR0lQMD0=' blob:;style-src 'self' 'unsafe-inline';img-src 'self' data: blob: https://*.tile.openstreetmap.org;font-src 'self' data:;connect-src 'self' blob: stun.nextcloud.com:443 turn.obez.de:3478;media-src 'self' blob:;frame-src 'self';child-src blob: 'self';frame-ancestors 'self';worker-src blob: 'self';form-action 'self'
Feature-Policy: autoplay 'self';camera 'self';fullscreen 'self';geolocation 'none';microphone 'self';payment 'none'
X-Robots-Tag: noindex, nofollow
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block
Content-Length: 19538
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

cloud.koenig.cx/index.php/apps/theming/theme/dark.css?plain=1&v=9e6a55b6

185.16.61.123

200 OK

998 B

URL GET HTTP/1.1
cloud.koenig.cx/index.php/apps/theming/theme/dark.css?plain=1&v=9e6a55b6
IP
185.16.61.123:443
ASN
#197540 netcup GmbH

Requested by
https://cloud.koenig.cx/index.php/login
Certificate
IssuerLet's Encrypt
Subjectcloud.obez.de
Fingerprint83:C7:7B:A9:C1:0A:9E:AC:DC:C3:AA:83:BE:F6:A2:4C:DD:DC:E8:05
ValidityThu, 01 Feb 2024 10:14:25 GMT - Wed, 01 May 2024 10:14:24 GMT

File type
ASCII text, with very long lines (3026), with no line terminators
Size
998 B (998 bytes)
Hash
cbdb7cceb3c6722451a9e6c9acf6e55d
78fc89c21e36d49c0e36679e8afe68efc26d8830
ccb323f1f9b25fedc14b07501ed002be4f539f6d1f4f7f5216ffedbd820ee17d

HTTP Headers

GET /index.php/apps/theming/theme/dark.css?plain=1&v=9e6a55b6 HTTP/1.1
Host: cloud.koenig.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: oc_sessionPassphrase=ZjubBcTT4wdvNAzk5GEdBLFh%2BD6C4SvE4v5fk3Ew7%2F5JPwPoJkuQ0sn0YajtZd14oDXQ5TjljNZyrjzUHM4jhg%2BCKw6HDcjWNW%2FJUlWSXg1dp3peGj4JBFW1ChHIYUaA; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; ocu5nkyxm8p0=45b2p98k60hn4n04tao1lgmj7v
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 05:51:25 GMT
Server: Apache/2.4.57 (Debian)
Cache-Control: private, max-age=86400, must-revalidate
X-Request-Id: vZX9S9fWOp9agD3arQEQ
Content-Security-Policy: default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'
Feature-Policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
X-Robots-Tag: noindex, nofollow
Content-Disposition: inline; filename=""
Pragma: private
Expires: Sat, 30 Mar 2024 05:51:25 +0000
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 998
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css;charset=UTF-8

cloud.koenig.cx/dist/core-common.js?v=8b619ef2-18

185.16.61.123

200 OK

3.5 MB

URL GET HTTP/1.1
cloud.koenig.cx/dist/core-common.js?v=8b619ef2-18
IP
185.16.61.123:443
ASN
#197540 netcup GmbH

Requested by
https://cloud.koenig.cx/index.php/login
Certificate
IssuerLet's Encrypt
Subjectcloud.obez.de
Fingerprint83:C7:7B:A9:C1:0A:9E:AC:DC:C3:AA:83:BE:F6:A2:4C:DD:DC:E8:05
ValidityThu, 01 Feb 2024 10:14:25 GMT - Wed, 01 May 2024 10:14:24 GMT

File type
JavaScript source, ASCII text, with very long lines (65467)
Size
3.5 MB (3515318 bytes)
Hash
4929e520440bd3313e088ae201b725e7
26dd06dbf3691b566c01d521e651da16d14ffcd6
c949e1d669a80075c254fef7e746a0957de3bbd838b7092d3851f62ad75ccd4b

HTTP Headers

GET /dist/core-common.js?v=8b619ef2-18 HTTP/1.1
Host: cloud.koenig.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: oc_sessionPassphrase=ZjubBcTT4wdvNAzk5GEdBLFh%2BD6C4SvE4v5fk3Ew7%2F5JPwPoJkuQ0sn0YajtZd14oDXQ5TjljNZyrjzUHM4jhg%2BCKw6HDcjWNW%2FJUlWSXg1dp3peGj4JBFW1ChHIYUaA; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; ocu5nkyxm8p0=45b2p98k60hn4n04tao1lgmj7v
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 05:51:25 GMT
Server: Apache/2.4.57 (Debian)
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 29 Feb 2024 06:54:38 GMT
ETag: "f1de66-6127fbb9c6780-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=15778463, immutable
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/javascript

cloud.koenig.cx/index.php/apps/theming/icon?v=9e6a55b6

185.16.61.123

200 OK

22 kB

URL GET HTTP/1.1
cloud.koenig.cx/index.php/apps/theming/icon?v=9e6a55b6
IP
185.16.61.123:443
ASN
#197540 netcup GmbH

Requested by
https://cloud.koenig.cx/index.php/login
Certificate
IssuerLet's Encrypt
Subjectcloud.obez.de
Fingerprint83:C7:7B:A9:C1:0A:9E:AC:DC:C3:AA:83:BE:F6:A2:4C:DD:DC:E8:05
ValidityThu, 01 Feb 2024 10:14:25 GMT - Wed, 01 May 2024 10:14:24 GMT

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Size
22 kB (21960 bytes)
Hash
29451d8b0fe01a61826a7d473ab219a0
e2654866fd16ad4bf3dc92e7005ae966e6933202
d9a80d1cecd268d1f7956f2526f602e1a3ea96a7184b5f13a1754f322a5732b4

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Dropbox, Inc.

HTTP Headers

GET /index.php/apps/theming/icon?v=9e6a55b6 HTTP/1.1
Host: cloud.koenig.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: oc_sessionPassphrase=ZjubBcTT4wdvNAzk5GEdBLFh%2BD6C4SvE4v5fk3Ew7%2F5JPwPoJkuQ0sn0YajtZd14oDXQ5TjljNZyrjzUHM4jhg%2BCKw6HDcjWNW%2FJUlWSXg1dp3peGj4JBFW1ChHIYUaA; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; ocu5nkyxm8p0=45b2p98k60hn4n04tao1lgmj7v
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 05:51:27 GMT
Server: Apache/2.4.57 (Debian)
Cache-Control: private, max-age=86400, must-revalidate
X-Request-Id: ycaC11S8XbMVicBEQAO6
Content-Security-Policy: default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'
Feature-Policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
X-Robots-Tag: noindex, nofollow
Content-Disposition: inline; filename="touchIcon-core#0027FF"
Pragma: private
Expires: Sat, 30 Mar 2024 05:51:27 +0000
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 21 Jul 2023 02:59:31 GMT
ETag: "d05053f0737ba9449413fb5c2d6296f2"
Content-Length: 21960
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

cloud.koenig.cx/index.php/apps/theming/favicon?v=9e6a55b6

185.16.61.123

200 OK

90 kB

URL GET HTTP/1.1
cloud.koenig.cx/index.php/apps/theming/favicon?v=9e6a55b6
IP
185.16.61.123:443
ASN
#197540 netcup GmbH

Requested by
https://cloud.koenig.cx/index.php/login
Certificate
IssuerLet's Encrypt
Subjectcloud.obez.de
Fingerprint83:C7:7B:A9:C1:0A:9E:AC:DC:C3:AA:83:BE:F6:A2:4C:DD:DC:E8:05
ValidityThu, 01 Feb 2024 10:14:25 GMT - Wed, 01 May 2024 10:14:24 GMT

File type
MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Size
90 kB (90022 bytes)
Hash
d82d6de57180d5a4af2c90811d582583
d37dd2cb0866647e24bf8830f2882d685e251667
322d51718affed2c98954ff9af0ae4382265608ad1413c6493de934dcfe3cd92

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Dropbox, Inc.

HTTP Headers

GET /index.php/apps/theming/favicon?v=9e6a55b6 HTTP/1.1
Host: cloud.koenig.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: oc_sessionPassphrase=ZjubBcTT4wdvNAzk5GEdBLFh%2BD6C4SvE4v5fk3Ew7%2F5JPwPoJkuQ0sn0YajtZd14oDXQ5TjljNZyrjzUHM4jhg%2BCKw6HDcjWNW%2FJUlWSXg1dp3peGj4JBFW1ChHIYUaA; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; ocu5nkyxm8p0=45b2p98k60hn4n04tao1lgmj7v
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 05:51:27 GMT
Server: Apache/2.4.57 (Debian)
Cache-Control: private, max-age=86400, must-revalidate
X-Request-Id: 7ZwWOXUvd6MrSDsauHv5
Content-Security-Policy: default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'
Feature-Policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
X-Robots-Tag: noindex, nofollow
Content-Disposition: inline; filename="favIcon-core#0027FF"
Pragma: private
Expires: Sat, 30 Mar 2024 05:51:27 +0000
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 21 Jul 2023 02:59:31 GMT
ETag: "64e053ef08e5a70dc480f94f82029e5f"
Content-Length: 90022
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/x-icon

cloud.koenig.cx/core/img/loading-dark.gif

185.16.61.123

200 OK

4.7 kB

URL GET HTTP/1.1
cloud.koenig.cx/core/img/loading-dark.gif
IP
185.16.61.123:443
ASN
#197540 netcup GmbH

Requested by
https://cloud.koenig.cx/index.php/login
Certificate
IssuerLet's Encrypt
Subjectcloud.obez.de
Fingerprint83:C7:7B:A9:C1:0A:9E:AC:DC:C3:AA:83:BE:F6:A2:4C:DD:DC:E8:05
ValidityThu, 01 Feb 2024 10:14:25 GMT - Wed, 01 May 2024 10:14:24 GMT

File type
GIF image data, version 89a, 32 x 32
Size
4.7 kB (4683 bytes)
Hash
7446c22d8ed8b7b4641adc5dc30f39d2
1ccb798de57db7a5d8996c3eac5ffc3c6b0c5147
93b795ec06aebf7141dbfb46cf6fa51fb964d2a5c0646303eb135b38d007a0a9

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Dropbox, Inc.

HTTP Headers

GET /core/img/loading-dark.gif HTTP/1.1
Host: cloud.koenig.cx
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: oc_sessionPassphrase=ZjubBcTT4wdvNAzk5GEdBLFh%2BD6C4SvE4v5fk3Ew7%2F5JPwPoJkuQ0sn0YajtZd14oDXQ5TjljNZyrjzUHM4jhg%2BCKw6HDcjWNW%2FJUlWSXg1dp3peGj4JBFW1ChHIYUaA; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true; ocu5nkyxm8p0=45b2p98k60hn4n04tao1lgmj7v
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 05:51:29 GMT
Server: Apache/2.4.57 (Debian)
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 29 Feb 2024 06:54:38 GMT
ETag: "124b-6127fbb9c6780"
Accept-Ranges: bytes
Content-Length: 4683
Cache-Control: max-age=15778463
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/gif

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML