Report - 104.131.24.19/univer/index.php

Report Overview

Submitted URL
104.131.24.19/univer/index.php
IP
104.131.24.19
ASN
#14061 DIGITALOCEAN-ASN
Submitted
2024-05-08 09:01:07
Access
public
Website Title
Portal de Usuarios Univer - Oftalmohelp
Final URL
www.citasuniver.com/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
20

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-05-06	1.0 kB	92 kB	104.17.25.14
use.fontawesome.com	942	2012-10-18	2017-01-30	2024-05-06	459 B	44 kB	104.21.27.152
www.citasuniver.com	unknown	unknown	No data	No data	11 kB	875 kB	13.85.15.194
stackpath.bootstrapcdn.com	2467	2012-05-25	2018-06-15	2024-05-07	985 B	88 kB	104.18.10.207
code.jquery.com	634	2005-12-10	2012-05-21	2024-05-08	449 B	90 kB	151.101.194.137
104.131.24.19	unknown	unknown	No data	No data	3.9 kB	537 kB	104.131.24.19
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-05-07	427 B	32 kB	216.58.211.10

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-08	medium	104.131.24.19	Sinkholed
2024-05-08	medium	104.131.24.19	Sinkholed
2024-05-08	medium	104.131.24.19	Sinkholed
2024-05-08	medium	104.131.24.19	Sinkholed
2024-05-08	medium	104.131.24.19	Sinkholed
2024-05-08	medium	104.131.24.19	Sinkholed
2024-05-08	medium	104.131.24.19	Sinkholed
2024-05-08	medium	104.131.24.19	Sinkholed
2024-05-08	medium	104.131.24.19	Sinkholed
2024-05-08	medium	104.131.24.19	Sinkholed

ThreatFox

No alerts detected

JavaScript (5)

	URL	Size	First Seen	Last Seen
	code.jquery.com/jquery-3.5.1.min.js	90 kB	2023-03-07	2024-05-19
Pretty URL code.jquery.com/jquery-3.5.1.min.js IP 151.101.194.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-05-19 22:13:18 Times Seen145659 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	stackpath.bootstrapcdn.com/bootstrap/4.5.0/js/bootstrap.bundle.min.js	81 kB	2023-03-07	2024-05-19
Pretty URL stackpath.bootstrapcdn.com/bootstrap/4.5.0/js/bootstrap.bundle.min.js IP 104.18.10.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:22 Last Seen2024-05-19 21:14:38 Times Seen2402 Hash 7fd2f04e75bd7ab1a79d80cdd4c33085 e02a14457b25e6df2568b772feab4387c00a4934 5edf297381b409d711bc8d27676951a59e151e783412850332519c05243d1e24 Loading...

	www.citasuniver.com/_content/BlazorInputFile/inputfile.js	9.0 kB	2023-06-02	2024-05-08
Pretty URL www.citasuniver.com/_content/BlazorInputFile/inputfile.js IP 13.85.15.194 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-02 01:11:43 Last Seen2024-05-08 11:01:14 Times Seen10 Hash acdb7451d8d6897e29dd517a23e4fa61 0cfa9374ccee1b8634bd319d61e4f98a3ad11b34 fe7f21c6b89d8be044eca31ca6b2f9ddd504de0619bf3b8fa77b32519d3b8a6b Loading...

	www.citasuniver.com/assets/js/func.min.js	933 B	2024-05-08	2024-05-08
Pretty URL www.citasuniver.com/assets/js/func.min.js IP 13.85.15.194 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 11:01:14 Last Seen2024-05-08 11:01:14 Times Seen1 Hash bfe7062eb8e861044b7255586da57b66 51009146c6c3cffc64ee4a13d0a4f0493358a55d e54469301634f2ad843beaac24ae1db6f0fa16ad215eab39376138c60bfbd7fe Loading...

	www.citasuniver.com/_framework/blazor.server.js	152 kB	2024-05-08	2024-05-15
Pretty URL www.citasuniver.com/_framework/blazor.server.js IP 13.85.15.194 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 11:01:14 Last Seen2024-05-15 06:10:47 Times Seen4 Hash 85eaf7f1fa793947faeb60030f86bb92 fbdd5ae4429cbff63cd85890e7fc3d8aeb2dc6cb a9efa6d4ec230cf317b749707c3e154ef533349dd92802874f3d8877cbad528e Loading...

HTTP Transactions (34)

URL IP Response Size

104.131.24.19/univer/index.php

104.131.24.19

5.0 kB

URL
104.131.24.19/univer/index.php
IP
104.131.24.19:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document, Unicode text, UTF-8 text
Size
5.0 kB (5045 bytes)
Hash
0c5ef4a96ee7461fa20d0c8c7c367a69
73d828bff144003b00ee0bf1d9f60f2be7bbd3fe
6e65c5eb8389ff79c9259c0c773591e809edf3508040b789d63fffe8f894adbf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /univer/index.php HTTP/1.1
Host: 104.131.24.19
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 09:00:20 GMT
Server: Apache/2.4.17 (Unix) OpenSSL/1.0.1q PHP/5.6.15 mod_perl/2.0.8-dev Perl/v5.16.3
X-Powered-By: PHP/5.6.15
Content-Length: 5045
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

104.131.24.19/univer/css/style.css

104.131.24.19

7.0 kB

URL
104.131.24.19/univer/css/style.css
IP
104.131.24.19:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text
Size
7.0 kB (6997 bytes)
Hash
262f6a0d10a75af14dc89d36bedc7703
b5c297120926ae1959cdf072f26a98e0e22a58ae
b6b00e5c1794484a9f76726f46d8e7f4dfd8524a0005b137c798274f204d887f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /univer/css/style.css HTTP/1.1
Host: 104.131.24.19
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://104.131.24.19/univer/index.php
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 09:00:21 GMT
Server: Apache/2.4.17 (Unix) OpenSSL/1.0.1q PHP/5.6.15 mod_perl/2.0.8-dev Perl/v5.16.3
Last-Modified: Tue, 07 Feb 2023 20:42:55 GMT
ETag: "1b55-5f422313517bb"
Accept-Ranges: bytes
Content-Length: 6997
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

104.131.24.19/univer/resources/plugins/fullPage/jquery.fullPage.css

104.131.24.19

4.3 kB

URL
104.131.24.19/univer/resources/plugins/fullPage/jquery.fullPage.css
IP
104.131.24.19:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text
Size
4.3 kB (4322 bytes)
Hash
63ce1ddf2c988ad07413fb96d6e66a7e
d49b617dc1ec82950ea46c2fcd1b080925fed394
e6750cf9fa0e2dd5a664d228aca46dca5adfd3af1d47db0e34f5613e2befd757

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /univer/resources/plugins/fullPage/jquery.fullPage.css HTTP/1.1
Host: 104.131.24.19
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://104.131.24.19/univer/index.php
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 09:00:21 GMT
Server: Apache/2.4.17 (Unix) OpenSSL/1.0.1q PHP/5.6.15 mod_perl/2.0.8-dev Perl/v5.16.3
Last-Modified: Mon, 30 Aug 2021 05:43:47 GMT
ETag: "10e2-5cac0511deac0"
Accept-Ranges: bytes
Content-Length: 4322
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

104.131.24.19/univer/resources/plugins/waves-0.7.5/waves.min.css

104.131.24.19

3.9 kB

URL
104.131.24.19/univer/resources/plugins/waves-0.7.5/waves.min.css
IP
104.131.24.19:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text, with very long lines (3662)
Size
3.9 kB (3869 bytes)
Hash
decc695669c1102e4385d5c42cf22e4e
b26d49b199692a2207c36c2e536f9a4feb74a7cc
7b2428c170b34fcbb7efde4fd3abba905461ad5e5a82c3932a5d0c6325023ab0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /univer/resources/plugins/waves-0.7.5/waves.min.css HTTP/1.1
Host: 104.131.24.19
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://104.131.24.19/univer/index.php
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 09:00:21 GMT
Server: Apache/2.4.17 (Unix) OpenSSL/1.0.1q PHP/5.6.15 mod_perl/2.0.8-dev Perl/v5.16.3
Last-Modified: Mon, 30 Aug 2021 05:43:47 GMT
ETag: "f1d-5cac0511deac0"
Accept-Ranges: bytes
Content-Length: 3869
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

104.131.24.19/univer/resources/plugins/malihu-custom-scrollbar-plugin/jquery.mCustomScrollbar.min.css

104.131.24.19

43 kB

URL
104.131.24.19/univer/resources/plugins/malihu-custom-scrollbar-plugin/jquery.mCustomScrollbar.min.css
IP
104.131.24.19:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text, with very long lines (42839), with no line terminators
Size
43 kB (42839 bytes)
Hash
f59e3f4c0087b4d8ddc27bdd9c9ab92b
fac9b521062feb5250c04d62128a8c3ddb312632
247184981eb6f698a94e431a83d68c6b0df623cce57b6e29dc5a6c11e23aa195

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /univer/resources/plugins/malihu-custom-scrollbar-plugin/jquery.mCustomScrollbar.min.css HTTP/1.1
Host: 104.131.24.19
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://104.131.24.19/univer/index.php
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 09:00:21 GMT
Server: Apache/2.4.17 (Unix) OpenSSL/1.0.1q PHP/5.6.15 mod_perl/2.0.8-dev Perl/v5.16.3
Last-Modified: Mon, 30 Aug 2021 05:43:47 GMT
ETag: "a757-5cac0511deac0"
Accept-Ranges: bytes
Content-Length: 42839
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

216.58.211.10

31 kB

URL
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
216.58.211.10:0
ASN
#15169 GOOGLE

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://104.131.24.19/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 10:06:43 GMT
expires: Sat, 03 May 2025 10:06:43 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 428039
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

104.131.24.19/univer/images/templatemo_menubg.png

104.131.24.19

3.2 kB

URL
104.131.24.19/univer/images/templatemo_menubg.png
IP
104.131.24.19:0
ASN
#14061 DIGITALOCEAN-ASN

File type
PNG image data, 2400 x 70, 8-bit/color RGBA, non-interlaced
Size
3.2 kB (3233 bytes)
Hash
d297282aa4e39eac57971e2f2a08c20f
cb261396c80a4fbd11cc2ae69e903b21bd6c65a8
a04e5c7bd36a86a2d21c9faa13fe9d33272645101dc760038f01056a2840f32c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /univer/images/templatemo_menubg.png HTTP/1.1
Host: 104.131.24.19
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://104.131.24.19/univer/css/style.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 09:00:21 GMT
Server: Apache/2.4.17 (Unix) OpenSSL/1.0.1q PHP/5.6.15 mod_perl/2.0.8-dev Perl/v5.16.3
Last-Modified: Mon, 30 Aug 2021 05:43:47 GMT
ETag: "ca1-5cac0511deac0"
Accept-Ranges: bytes
Content-Length: 3233
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

104.131.24.19/univer/images/logo.png

104.131.24.19

111 kB

URL
104.131.24.19/univer/images/logo.png
IP
104.131.24.19:0
ASN
#14061 DIGITALOCEAN-ASN

File type
PNG image data, 1500 x 293, 8-bit/color RGBA, non-interlaced
Size
111 kB (110729 bytes)
Hash
c2937ed5edc80d1b95214b2d5ef9d5f5
2fc7222d812fbe8c56d6d97746876890f4d12edf
34329be275d6546321e8ca3985f2702256b89eac8c9256ee03915d25153ede8d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /univer/images/logo.png HTTP/1.1
Host: 104.131.24.19
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://104.131.24.19/univer/index.php
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 09:00:21 GMT
Server: Apache/2.4.17 (Unix) OpenSSL/1.0.1q PHP/5.6.15 mod_perl/2.0.8-dev Perl/v5.16.3
Last-Modified: Mon, 30 Aug 2021 05:43:47 GMT
ETag: "1b089-5cac0511deac0"
Accept-Ranges: bytes
Content-Length: 110729
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

104.131.24.19/univer/images/templatemo_header_blanco.png

104.131.24.19

17 kB

URL
104.131.24.19/univer/images/templatemo_header_blanco.png
IP
104.131.24.19:0
ASN
#14061 DIGITALOCEAN-ASN

File type
PNG image data, 2400 x 1000, 8-bit/color RGBA, non-interlaced
Size
17 kB (17254 bytes)
Hash
ce2b4ae98395710703312e5335160480
3c0f09550a2b9cbc81278ebc01921ed730d44ed5
8dbb23f936026cc484a19521ccacdbc497bc11f15c31344435a0903f6ea5ffc1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /univer/images/templatemo_header_blanco.png HTTP/1.1
Host: 104.131.24.19
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://104.131.24.19/univer/css/style.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 09:00:21 GMT
Server: Apache/2.4.17 (Unix) OpenSSL/1.0.1q PHP/5.6.15 mod_perl/2.0.8-dev Perl/v5.16.3
Last-Modified: Mon, 30 Aug 2021 05:43:47 GMT
ETag: "4366-5cac0511deac0"
Accept-Ranges: bytes
Content-Length: 17254
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png

104.131.24.19/favicon.ico

104.131.24.19

31 kB

URL
104.131.24.19/favicon.ico
IP
104.131.24.19:0
ASN
#14061 DIGITALOCEAN-ASN

File type
MS Windows icon resource - 3 icons, 64x64, 32 bits/pixel, 48x48, 32 bits/pixel
Size
31 kB (30894 bytes)
Hash
6eb4a43cb64c97f76562af703893c8fd
c50c4273b9d2433c6069454f971ed6653e07c126
1d7c95c5eea00a8083a95810f902682f9e26e7fbb7876b022a403642d776d0c9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 104.131.24.19
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://104.131.24.19/univer/index.php
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 09:00:22 GMT
Server: Apache/2.4.17 (Unix) OpenSSL/1.0.1q PHP/5.6.15 mod_perl/2.0.8-dev Perl/v5.16.3
Last-Modified: Fri, 11 May 2007 12:40:36 GMT
ETag: "78ae-4303112ee9900"
Accept-Ranges: bytes
Content-Length: 30894
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive

104.131.24.19/univer/images/service/gafas-grafico-ojos-sobre-fondo-blanco_1387-378.jpg

104.131.24.19

308 kB

URL
104.131.24.19/univer/images/service/gafas-grafico-ojos-sobre-fondo-blanco_1387-378.jpg
IP
104.131.24.19:0
ASN
#14061 DIGITALOCEAN-ASN

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=2, software=GIMP 2.10.8, datetime=2019:01:16 17:42:07], progressive, precision 8, 2000x800, components 3
Size
308 kB (308322 bytes)
Hash
d8e95fa6b2e6e3d34421a6e8e415ab3f
fbd18db1d1a53672217249e4ec2010bb3ef97797
d112b7f929ea4515ecbef8a1db468a727f2fe221c5deb3411b6dd29928a6ec7a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /univer/images/service/gafas-grafico-ojos-sobre-fondo-blanco_1387-378.jpg HTTP/1.1
Host: 104.131.24.19
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://104.131.24.19/univer/css/style.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 08 May 2024 09:00:21 GMT
Server: Apache/2.4.17 (Unix) OpenSSL/1.0.1q PHP/5.6.15 mod_perl/2.0.8-dev Perl/v5.16.3
Last-Modified: Mon, 30 Aug 2021 05:43:47 GMT
ETag: "4b462-5cac0511deac0"
Accept-Ranges: bytes
Content-Length: 308322
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/all.min.css

104.17.25.14

200 OK

10 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/all.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.citasuniver.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (58392)
Size
10 kB (10301 bytes)
Hash
76cb46c10b6c0293433b371bae2414b2
0038dc97c79451578b7bd48af60ba62282b4082b
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84

HTTP Headers

GET /ajax/libs/font-awesome/5.13.0/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.citasuniver.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 09:00:44 GMT
content-type: text/css; charset=utf-8
content-length: 10301
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e60-e4d2"
last-modified: Mon, 04 May 2020 16:10:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 660846
expires: Mon, 28 Apr 2025 09:00:44 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WLXrNb7s8gR1V%2BpQao8i6c9tBkRDXhDoSPJSF9GwXibV%2FukyQ6EGtUJHr6dq7LzheiRkv08Gwi%2FsJV6u8Jj2ZJILodJENnZtgAFntAJNUnadUWFEdKFhk9xtg9hgYBFaBKqLfGHJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 880842d75f02b50c-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.7.0/css/all.css

104.21.27.152

43 kB

URL
use.fontawesome.com/releases/v5.7.0/css/all.css
IP
104.21.27.152:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (54456)
Size
43 kB (42832 bytes)
Hash
251d28bd755f5269a4531df8a81d5664
c0f035b41b23c6e8fab735f618aa3cff0897b4f9
afdc6bf2de981ffd7d370b76f44e7580572f197efbe214b9cfa4005d189d8eae

HTTP Headers

GET /releases/v5.7.0/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://104.131.24.19
DNT: 1
Connection: keep-alive
Referer: http://104.131.24.19/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 09:00:42 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
etag: W/"251d28bd755f5269a4531df8a81d5664"
last-modified: Fri, 22 Sep 2023 01:45:47 GMT
vary: Origin, Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M1qVN%2FeCjeAWrIjcPA%2BtNqG%2F8AwxjPvMt6mo8zxKvyDROF4wDbg714GORsDrL7sngaYjZ54MAUewtyf3oGCq9r44C%2BWglfJWtPGV13N274mQVaeqsFv0wHmMyUMvEIEaYYjq9gSP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880842cab96cb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.citasuniver.com/assets/lib/sb-admin-pro/js/scripts.min.js

13.85.15.194

404 Not Found

0 B

URL GET HTTP/2
www.citasuniver.com/assets/lib/sb-admin-pro/js/scripts.min.js
IP
13.85.15.194:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.citasuniver.com/
Certificate
IssuerDigiCert, Inc.
Subjectwww.citasuniver.com
Fingerprint4F:5F:8B:3E:E6:FA:B9:E5:57:F6:03:97:21:51:0D:C3:43:DC:A7:DA
ValidityTue, 07 May 2024 00:00:00 GMT - Thu, 07 Nov 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /assets/lib/sb-admin-pro/js/scripts.min.js HTTP/1.1
Host: www.citasuniver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.citasuniver.com/
Cookie: ARRAffinity=4bc07886eb6aeed156c06822f1bfca19e2942b10ca315a492d93cb78c689218b; ARRAffinitySameSite=4bc07886eb6aeed156c06822f1bfca19e2942b10ca315a492d93cb78c689218b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Wed, 08 May 2024 09:00:44 GMT
server: Microsoft-IIS/10.0
content-length: 0
strict-transport-security: max-age=2592000
x-powered-by: ASP.NET
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/webfonts/fa-solid-900.woff2

104.17.25.14

200 OK

79 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/webfonts/fa-solid-900.woff2
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.citasuniver.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 79444, version 331.524
Size
79 kB (79444 bytes)
Hash
b15db15f746f29ffa02638cb455b8ec0
75a88815c47a249eadb5f0edc1675957f860cca7
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7

HTTP Headers

GET /ajax/libs/font-awesome/5.13.0/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.citasuniver.com
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 09:00:44 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 79444
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e60-13654"
last-modified: Mon, 04 May 2020 16:10:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 45679
expires: Mon, 28 Apr 2025 09:00:44 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CUoszI1ykcvNtS9MeEu6nRDijI9Nqmbamrkf8VEzkU4Zp0NLJvK3nbalZo6W5%2FEHw4%2BdJaamQZwySlkFxSwufuqRa%2FrgxzMiVcX1%2FlPSt4c3NvYmaYFdw8rOXoaCCeAZlOAOxfxg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 880842da4cd456c1-OSL
alt-svc: h3=":443"; ma=86400

stackpath.bootstrapcdn.com/bootstrap/4.5.0/js/bootstrap.bundle.min.js

104.18.10.207

200 OK

48 kB

URL GET HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.5.0/js/bootstrap.bundle.min.js
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.citasuniver.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
JavaScript source, ASCII text, with very long lines (65297)
Size
48 kB (47563 bytes)
Hash
7fd2f04e75bd7ab1a79d80cdd4c33085
e02a14457b25e6df2568b772feab4387c00a4934
5edf297381b409d711bc8d27676951a59e151e783412850332519c05243d1e24

HTTP Headers

GET /bootstrap/4.5.0/js/bootstrap.bundle.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.citasuniver.com
DNT: 1
Connection: keep-alive
Referer: https://www.citasuniver.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 09:00:44 GMT
content-type: application/javascript; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"7fd2f04e75bd7ab1a79d80cdd4c33085"
last-modified: Mon, 25 Jan 2021 22:04:10 GMT
cdn-cachedat: 03/18/2024 13:46:37
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1053
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: f9839d97f061be306413b44bd5f3f012
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 880842d74ca156ca-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.citasuniver.com/assets/lib/sb-admin-pro/assets/fonts/metropolis/Metropolis-Medium.otf

13.85.15.194

200 OK

23 kB

URL GET HTTP/2
www.citasuniver.com/assets/lib/sb-admin-pro/assets/fonts/metropolis/Metropolis-Medium.otf
IP
13.85.15.194:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.citasuniver.com/
Certificate
IssuerDigiCert, Inc.
Subjectwww.citasuniver.com
Fingerprint4F:5F:8B:3E:E6:FA:B9:E5:57:F6:03:97:21:51:0D:C3:43:DC:A7:DA
ValidityTue, 07 May 2024 00:00:00 GMT - Thu, 07 Nov 2024 23:59:59 GMT

File type
OpenType font data
Size
23 kB (23240 bytes)
Hash
f4bca87fd0d19e61c27dc96299c75f8c
8d5181b06452ce20ac337391dc60b9dd07b083de
9110dda4baca06a6615fe50c473de0945a557dc53476e39efbf5b53c97f7a6d1

HTTP Headers

GET /assets/lib/sb-admin-pro/assets/fonts/metropolis/Metropolis-Medium.otf HTTP/1.1
Host: www.citasuniver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.citasuniver.com/assets/lib/sb-admin-pro/css/styles.min.css
Cookie: ARRAffinity=4bc07886eb6aeed156c06822f1bfca19e2942b10ca315a492d93cb78c689218b; ARRAffinitySameSite=4bc07886eb6aeed156c06822f1bfca19e2942b10ca315a492d93cb78c689218b
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: font/otf
date: Wed, 08 May 2024 09:00:44 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "1da9e2a12ad43c8"
last-modified: Sat, 04 May 2024 13:50:50 GMT
content-length: 23240
strict-transport-security: max-age=2592000
x-powered-by: ASP.NET
X-Firefox-Spdy: h2

www.citasuniver.com/assets/lib/sb-admin-pro/css/styles.min.css

13.85.15.194

200 OK

95 kB

URL GET HTTP/2
www.citasuniver.com/assets/lib/sb-admin-pro/css/styles.min.css
IP
13.85.15.194:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.citasuniver.com/
Certificate
IssuerDigiCert, Inc.
Subjectwww.citasuniver.com
Fingerprint4F:5F:8B:3E:E6:FA:B9:E5:57:F6:03:97:21:51:0D:C3:43:DC:A7:DA
ValidityTue, 07 May 2024 00:00:00 GMT - Thu, 07 Nov 2024 23:59:59 GMT

File type
gzip compressed data, max speed, from FAT filesystem (MS-DOS, OS/2, NT)
Size
95 kB (94942 bytes)
Hash
e6646c12ca0653d505ee2f47bf1da297
dcaa01c5a94ee5bc042b8e10e7fd2f92d4f85227
13b538663d6b26f2a3ff12e001552f692cd1134e251285ce7e10dada1a6ed667

HTTP Headers

GET /assets/lib/sb-admin-pro/css/styles.min.css HTTP/1.1
Host: www.citasuniver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.citasuniver.com/
Cookie: ARRAffinity=4bc07886eb6aeed156c06822f1bfca19e2942b10ca315a492d93cb78c689218b; ARRAffinitySameSite=4bc07886eb6aeed156c06822f1bfca19e2942b10ca315a492d93cb78c689218b
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css
date: Wed, 08 May 2024 09:00:44 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "1da9e2a12a82636"
last-modified: Sat, 04 May 2024 13:50:50 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
x-powered-by: ASP.NET
X-Firefox-Spdy: h2

www.citasuniver.com/assets/lib/sb-admin-pro/assets/fonts/metropolis/Metropolis-Regular.otf

13.85.15.194

200 OK

23 kB

URL GET HTTP/2
www.citasuniver.com/assets/lib/sb-admin-pro/assets/fonts/metropolis/Metropolis-Regular.otf
IP
13.85.15.194:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.citasuniver.com/
Certificate
IssuerDigiCert, Inc.
Subjectwww.citasuniver.com
Fingerprint4F:5F:8B:3E:E6:FA:B9:E5:57:F6:03:97:21:51:0D:C3:43:DC:A7:DA
ValidityTue, 07 May 2024 00:00:00 GMT - Thu, 07 Nov 2024 23:59:59 GMT

File type
OpenType font data
Size
23 kB (23124 bytes)
Hash
f7b5e589f88206b4bd5cb1408c5362e6
dc10ba3cd5aea203f7d0f5af99e72163514a55d5
6f8992eb58eeced41efea7076be4d468ac678f9778420438fab4a3358aa2b462

HTTP Headers

GET /assets/lib/sb-admin-pro/assets/fonts/metropolis/Metropolis-Regular.otf HTTP/1.1
Host: www.citasuniver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.citasuniver.com/assets/lib/sb-admin-pro/css/styles.min.css
Cookie: ARRAffinity=4bc07886eb6aeed156c06822f1bfca19e2942b10ca315a492d93cb78c689218b; ARRAffinitySameSite=4bc07886eb6aeed156c06822f1bfca19e2942b10ca315a492d93cb78c689218b
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: font/otf
date: Wed, 08 May 2024 09:00:44 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "1da9e2a12ad4354"
last-modified: Sat, 04 May 2024 13:50:50 GMT
content-length: 23124
strict-transport-security: max-age=2592000
x-powered-by: ASP.NET
X-Firefox-Spdy: h2

www.citasuniver.com/assets/img/logo_univer_svi.png

13.85.15.194

200 OK

473 kB

URL GET HTTP/2
www.citasuniver.com/assets/img/logo_univer_svi.png
IP
13.85.15.194:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.citasuniver.com/
Certificate
IssuerDigiCert, Inc.
Subjectwww.citasuniver.com
Fingerprint4F:5F:8B:3E:E6:FA:B9:E5:57:F6:03:97:21:51:0D:C3:43:DC:A7:DA
ValidityTue, 07 May 2024 00:00:00 GMT - Thu, 07 Nov 2024 23:59:59 GMT

File type
PNG image data, 5052 x 986, 8-bit/color RGBA, non-interlaced
Size
473 kB (472847 bytes)
Hash
9fe035dc5aa96f57769982514e568586
500553d27594968b15c71a86d782b542575a5361
18e6412051f5178c418ab7d1c30a6e2716702b44d313e6bd9ab25da8ee4cc907

HTTP Headers

GET /assets/img/logo_univer_svi.png HTTP/1.1
Host: www.citasuniver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.citasuniver.com/
Cookie: ARRAffinity=4bc07886eb6aeed156c06822f1bfca19e2942b10ca315a492d93cb78c689218b; ARRAffinitySameSite=4bc07886eb6aeed156c06822f1bfca19e2942b10ca315a492d93cb78c689218b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
date: Wed, 08 May 2024 09:00:44 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "1da9e2a12aa2e0f"
last-modified: Sat, 04 May 2024 13:50:50 GMT
content-length: 472847
strict-transport-security: max-age=2592000
x-powered-by: ASP.NET
X-Firefox-Spdy: h2

www.citasuniver.com/assets/lib/sb-admin-pro/js/scripts.min.js

13.85.15.194

404 Not Found

0 B

URL GET HTTP/2
www.citasuniver.com/assets/lib/sb-admin-pro/js/scripts.min.js
IP
13.85.15.194:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.citasuniver.com/
Certificate
IssuerDigiCert, Inc.
Subjectwww.citasuniver.com
Fingerprint4F:5F:8B:3E:E6:FA:B9:E5:57:F6:03:97:21:51:0D:C3:43:DC:A7:DA
ValidityTue, 07 May 2024 00:00:00 GMT - Thu, 07 Nov 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /assets/lib/sb-admin-pro/js/scripts.min.js HTTP/1.1
Host: www.citasuniver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.citasuniver.com/
Cookie: ARRAffinity=4bc07886eb6aeed156c06822f1bfca19e2942b10ca315a492d93cb78c689218b; ARRAffinitySameSite=4bc07886eb6aeed156c06822f1bfca19e2942b10ca315a492d93cb78c689218b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Wed, 08 May 2024 09:00:44 GMT
server: Microsoft-IIS/10.0
content-length: 0
strict-transport-security: max-age=2592000
x-powered-by: ASP.NET
X-Firefox-Spdy: h2

www.citasuniver.com/favicon.ico

13.85.15.194

200 OK

32 kB

URL GET HTTP/2
www.citasuniver.com/favicon.ico
IP
13.85.15.194:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.citasuniver.com/
Certificate
IssuerDigiCert, Inc.
Subjectwww.citasuniver.com
Fingerprint4F:5F:8B:3E:E6:FA:B9:E5:57:F6:03:97:21:51:0D:C3:43:DC:A7:DA
ValidityTue, 07 May 2024 00:00:00 GMT - Thu, 07 Nov 2024 23:59:59 GMT

File type
MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Size
32 kB (32038 bytes)
Hash
4859e39ae6c0f1f428f2126a6bb32bd9
1c0c85678ae963bc96d0b7fbe1eb89074cf1fbe0
a94f8a8553caea8430dd4ca3cc01d4e318d19828f74cb65453ffb7f5d9e2f44d

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.citasuniver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.citasuniver.com/
Cookie: ARRAffinity=4bc07886eb6aeed156c06822f1bfca19e2942b10ca315a492d93cb78c689218b; ARRAffinitySameSite=4bc07886eb6aeed156c06822f1bfca19e2942b10ca315a492d93cb78c689218b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/x-icon
date: Wed, 08 May 2024 09:00:44 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "1da9e2a12ad6426"
last-modified: Sat, 04 May 2024 13:50:50 GMT
content-length: 32038
strict-transport-security: max-age=2592000
x-powered-by: ASP.NET
X-Firefox-Spdy: h2

www.citasuniver.com/_blazor/initializers

13.85.15.194

200 OK

442 B

URL GET HTTP/2
www.citasuniver.com/_blazor/initializers
IP
13.85.15.194:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.citasuniver.com/
Certificate
IssuerDigiCert, Inc.
Subjectwww.citasuniver.com
Fingerprint4F:5F:8B:3E:E6:FA:B9:E5:57:F6:03:97:21:51:0D:C3:43:DC:A7:DA
ValidityTue, 07 May 2024 00:00:00 GMT - Thu, 07 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (318), with no line terminators
Size
442 B (442 bytes)
Hash
ad5de36177433f02a4465b8777f80cd3
a1e09a8fe4608f1992b2ed39bc774b192ceb1c30
bc235ae9e2756326185923001bbfc8db13be4aed5a2852de3a6e725d64d73f50

HTTP Headers

GET /_blazor/initializers HTTP/1.1
Host: www.citasuniver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.citasuniver.com/
DNT: 1
Connection: keep-alive
Cookie: ARRAffinity=4bc07886eb6aeed156c06822f1bfca19e2942b10ca315a492d93cb78c689218b; ARRAffinitySameSite=4bc07886eb6aeed156c06822f1bfca19e2942b10ca315a492d93cb78c689218b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Wed, 08 May 2024 09:00:44 GMT
server: Microsoft-IIS/10.0
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=2592000
x-powered-by: ASP.NET
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css

104.18.10.207

200 OK

39 kB

URL GET HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.citasuniver.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
ASCII text, with very long lines (65324)
Size
39 kB (39022 bytes)
Hash
3afe15e976734d9daac26310110c4594
4f14a09a606c99a11f8fda15564ef66f70402826
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c

HTTP Headers

GET /bootstrap/4.5.0/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.citasuniver.com
DNT: 1
Connection: keep-alive
Referer: https://www.citasuniver.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 09:00:44 GMT
content-type: text/css; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"3afe15e976734d9daac26310110c4594"
last-modified: Mon, 25 Jan 2021 22:04:10 GMT
cdn-cachedat: 03/18/2024 12:28:50
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: fcafa00608d0337aecbc3af0f1cbc1e1
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 880842d74c9f56ca-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.5.1.min.js

151.101.194.137

200 OK

90 kB

URL GET HTTP/2
code.jquery.com/jquery-3.5.1.min.js
IP
151.101.194.137:443
ASN
#54113 FASTLY

Requested by
https://www.citasuniver.com/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
90 kB (89476 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

HTTP Headers

GET /jquery-3.5.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.citasuniver.com
DNT: 1
Connection: keep-alive
Referer: https://www.citasuniver.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d84"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 08 May 2024 09:00:44 GMT
age: 1015016
x-served-by: cache-lga21981-LGA, cache-hel1410030-HEL
x-cache: HIT, HIT
x-cache-hits: 64, 317593
x-timer: S1715158844.124842,VS0,VE0
vary: Accept-Encoding
content-length: 30879
X-Firefox-Spdy: h2

www.citasuniver.com/_content/BlazorInputFile/inputfile.js

13.85.15.194

200 OK

9.0 kB

URL GET HTTP/2
www.citasuniver.com/_content/BlazorInputFile/inputfile.js
IP
13.85.15.194:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.citasuniver.com/
Certificate
IssuerDigiCert, Inc.
Subjectwww.citasuniver.com
Fingerprint4F:5F:8B:3E:E6:FA:B9:E5:57:F6:03:97:21:51:0D:C3:43:DC:A7:DA
ValidityTue, 07 May 2024 00:00:00 GMT - Thu, 07 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (9421), with no line terminators
Size
9.0 kB (9015 bytes)
Hash
0bedbd66ea132746608c5292a07f8b5f
7fd87aa89388912c971fff9642192085c2a2d976
a13447589244c476559d412bb661de49e8f0d2125196ac8e5466be1b95591575

HTTP Headers

GET /_content/BlazorInputFile/inputfile.js HTTP/1.1
Host: www.citasuniver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.citasuniver.com/
Cookie: ARRAffinity=4bc07886eb6aeed156c06822f1bfca19e2942b10ca315a492d93cb78c689218b; ARRAffinitySameSite=4bc07886eb6aeed156c06822f1bfca19e2942b10ca315a492d93cb78c689218b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript
date: Wed, 08 May 2024 09:00:44 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "1d61d57e8da5437"
last-modified: Tue, 28 Apr 2020 12:24:06 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
x-powered-by: ASP.NET
X-Firefox-Spdy: h2

www.citasuniver.com/_framework/blazor.server.js

13.85.15.194

200 OK

152 kB

URL GET HTTP/2
www.citasuniver.com/_framework/blazor.server.js
IP
13.85.15.194:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.citasuniver.com/
Certificate
IssuerDigiCert, Inc.
Subjectwww.citasuniver.com
Fingerprint4F:5F:8B:3E:E6:FA:B9:E5:57:F6:03:97:21:51:0D:C3:43:DC:A7:DA
ValidityTue, 07 May 2024 00:00:00 GMT - Thu, 07 Nov 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
152 kB (151952 bytes)
Hash
85eaf7f1fa793947faeb60030f86bb92
fbdd5ae4429cbff63cd85890e7fc3d8aeb2dc6cb
a9efa6d4ec230cf317b749707c3e154ef533349dd92802874f3d8877cbad528e

HTTP Headers

GET /_framework/blazor.server.js HTTP/1.1
Host: www.citasuniver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.citasuniver.com/
Cookie: ARRAffinity=4bc07886eb6aeed156c06822f1bfca19e2942b10ca315a492d93cb78c689218b; ARRAffinitySameSite=4bc07886eb6aeed156c06822f1bfca19e2942b10ca315a492d93cb78c689218b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript
date: Wed, 08 May 2024 09:00:44 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
cache-control: no-cache
content-encoding: gzip
etag: "1daa0356fcabb10"
last-modified: Tue, 07 May 2024 04:17:13 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
x-powered-by: ASP.NET
X-Firefox-Spdy: h2

www.citasuniver.com/

13.85.15.194

200 OK

10 kB

URL User Request GET HTTP/2
www.citasuniver.com/
IP
13.85.15.194:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Certificate
IssuerDigiCert, Inc.
Subjectwww.citasuniver.com
Fingerprint4F:5F:8B:3E:E6:FA:B9:E5:57:F6:03:97:21:51:0D:C3:43:DC:A7:DA
ValidityTue, 07 May 2024 00:00:00 GMT - Thu, 07 Nov 2024 23:59:59 GMT

File type

Size
10 kB (10101 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: www.citasuniver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://104.131.24.19/
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=utf-8
date: Wed, 08 May 2024 09:00:42 GMT
server: Microsoft-IIS/10.0
cache-control: no-cache, no-store, max-age=0
content-encoding: gzip
set-cookie: ARRAffinity=4bc07886eb6aeed156c06822f1bfca19e2942b10ca315a492d93cb78c689218b;Path=/;HttpOnly;Secure;Domain=www.citasuniver.com
ARRAffinitySameSite=4bc07886eb6aeed156c06822f1bfca19e2942b10ca315a492d93cb78c689218b;Path=/;HttpOnly;SameSite=None;Secure;Domain=www.citasuniver.com
vary: Accept-Encoding
strict-transport-security: max-age=2592000
x-powered-by: ASP.NET
X-Firefox-Spdy: h2

www.citasuniver.com/assets/css/site.min.css

13.85.15.194

200 OK

3.7 kB

URL GET HTTP/2
www.citasuniver.com/assets/css/site.min.css
IP
13.85.15.194:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.citasuniver.com/
Certificate
IssuerDigiCert, Inc.
Subjectwww.citasuniver.com
Fingerprint4F:5F:8B:3E:E6:FA:B9:E5:57:F6:03:97:21:51:0D:C3:43:DC:A7:DA
ValidityTue, 07 May 2024 00:00:00 GMT - Thu, 07 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (3738), with no line terminators
Size
3.7 kB (3736 bytes)
Hash
0d5587314e1a58b36d0473e82a6c4d68
8a1e45c98f3fca81681c3489d9519b6803a4c505
d507cb06d305bc674bd3a0a1911647c8f5a2f310a790a2d893ab9c4f057cd1cd

HTTP Headers

GET /assets/css/site.min.css HTTP/1.1
Host: www.citasuniver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.citasuniver.com/
Cookie: ARRAffinity=4bc07886eb6aeed156c06822f1bfca19e2942b10ca315a492d93cb78c689218b; ARRAffinitySameSite=4bc07886eb6aeed156c06822f1bfca19e2942b10ca315a492d93cb78c689218b
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
date: Wed, 08 May 2024 09:00:44 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "1da9e2a12ad1798"
last-modified: Sat, 04 May 2024 13:50:50 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
x-powered-by: ASP.NET
X-Firefox-Spdy: h2

www.citasuniver.com/assets/js/func.min.js

13.85.15.194

200 OK

933 B

URL GET HTTP/2
www.citasuniver.com/assets/js/func.min.js
IP
13.85.15.194:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.citasuniver.com/
Certificate
IssuerDigiCert, Inc.
Subjectwww.citasuniver.com
Fingerprint4F:5F:8B:3E:E6:FA:B9:E5:57:F6:03:97:21:51:0D:C3:43:DC:A7:DA
ValidityTue, 07 May 2024 00:00:00 GMT - Thu, 07 Nov 2024 23:59:59 GMT

File type
ASCII text, with very long lines (967), with no line terminators
Size
933 B (933 bytes)
Hash
6d173187cdef627abeee9c28b2e894f2
685ff241aa788e5310593a8b8b2bfa492954e6ed
0f0bc5cf86fcf8b4272d71b4093be1e9e34fb252ac3438591708c1f16ef0b9e7

HTTP Headers

GET /assets/js/func.min.js HTTP/1.1
Host: www.citasuniver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.citasuniver.com/
Cookie: ARRAffinity=4bc07886eb6aeed156c06822f1bfca19e2942b10ca315a492d93cb78c689218b; ARRAffinitySameSite=4bc07886eb6aeed156c06822f1bfca19e2942b10ca315a492d93cb78c689218b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript
date: Wed, 08 May 2024 09:00:44 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
content-encoding: gzip
etag: "1da9e2a12ad1aa5"
last-modified: Sat, 04 May 2024 13:50:50 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
x-powered-by: ASP.NET
X-Firefox-Spdy: h2

www.citasuniver.com/assets/lib/sb-admin-pro/assets/fonts/metropolis/Metropolis-SemiBold.otf

13.85.15.194

200 OK

24 kB

URL GET HTTP/2
www.citasuniver.com/assets/lib/sb-admin-pro/assets/fonts/metropolis/Metropolis-SemiBold.otf
IP
13.85.15.194:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.citasuniver.com/
Certificate
IssuerDigiCert, Inc.
Subjectwww.citasuniver.com
Fingerprint4F:5F:8B:3E:E6:FA:B9:E5:57:F6:03:97:21:51:0D:C3:43:DC:A7:DA
ValidityTue, 07 May 2024 00:00:00 GMT - Thu, 07 Nov 2024 23:59:59 GMT

File type
OpenType font data
Size
24 kB (23480 bytes)
Hash
2556a4f74e2c523893e6928d6e300f1c
4ebfc059e586c91d024d359f0ed3fc64d9ec4d2c
1d58419be905f3a3d9f145a295e52d2cf863b89a19150c7e009ea56cdc823e67

HTTP Headers

GET /assets/lib/sb-admin-pro/assets/fonts/metropolis/Metropolis-SemiBold.otf HTTP/1.1
Host: www.citasuniver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.citasuniver.com/assets/lib/sb-admin-pro/css/styles.min.css
Cookie: ARRAffinity=4bc07886eb6aeed156c06822f1bfca19e2942b10ca315a492d93cb78c689218b; ARRAffinitySameSite=4bc07886eb6aeed156c06822f1bfca19e2942b10ca315a492d93cb78c689218b
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: font/otf
date: Wed, 08 May 2024 09:00:44 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "1da9e2a12ad42b8"
last-modified: Sat, 04 May 2024 13:50:50 GMT
content-length: 23480
strict-transport-security: max-age=2592000
x-powered-by: ASP.NET
X-Firefox-Spdy: h2

www.citasuniver.com/assets/lib/sb-admin-pro/assets/fonts/metropolis/Metropolis-Bold.otf

13.85.15.194

200 OK

24 kB

URL GET HTTP/2
www.citasuniver.com/assets/lib/sb-admin-pro/assets/fonts/metropolis/Metropolis-Bold.otf
IP
13.85.15.194:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.citasuniver.com/
Certificate
IssuerDigiCert, Inc.
Subjectwww.citasuniver.com
Fingerprint4F:5F:8B:3E:E6:FA:B9:E5:57:F6:03:97:21:51:0D:C3:43:DC:A7:DA
ValidityTue, 07 May 2024 00:00:00 GMT - Thu, 07 Nov 2024 23:59:59 GMT

File type
OpenType font data
Size
24 kB (23664 bytes)
Hash
dea4998b081c6c1133a3b5b08ff2218c
335e5e57450f52a95b5bc3cd03d91071ef389c28
a470d16eb70e97992529479e751032e8cfd0146043d2245ad63d312a6991de63

HTTP Headers

GET /assets/lib/sb-admin-pro/assets/fonts/metropolis/Metropolis-Bold.otf HTTP/1.1
Host: www.citasuniver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.citasuniver.com/assets/lib/sb-admin-pro/css/styles.min.css
Cookie: ARRAffinity=4bc07886eb6aeed156c06822f1bfca19e2942b10ca315a492d93cb78c689218b; ARRAffinitySameSite=4bc07886eb6aeed156c06822f1bfca19e2942b10ca315a492d93cb78c689218b
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: font/otf
date: Wed, 08 May 2024 09:00:44 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "1da9e2a12ad4570"
last-modified: Sat, 04 May 2024 13:50:50 GMT
content-length: 23664
strict-transport-security: max-age=2592000
x-powered-by: ASP.NET
X-Firefox-Spdy: h2

www.citasuniver.com/_blazor?id=3viGDSc_oP-0qjzV0HQItg

13.85.15.194

101 Switching Protocols

0 B

URL GET HTTP/1.1
www.citasuniver.com/_blazor?id=3viGDSc_oP-0qjzV0HQItg
IP
13.85.15.194:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.citasuniver.com/
Certificate
IssuerDigiCert, Inc.
Subjectwww.citasuniver.com
Fingerprint4F:5F:8B:3E:E6:FA:B9:E5:57:F6:03:97:21:51:0D:C3:43:DC:A7:DA
ValidityTue, 07 May 2024 00:00:00 GMT - Thu, 07 Nov 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /_blazor?id=3viGDSc_oP-0qjzV0HQItg HTTP/1.1
Host: www.citasuniver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.citasuniver.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: K15Kx4b3huJQi6BolEpGUQ==
DNT: 1
Connection: keep-alive, Upgrade
Cookie: ARRAffinity=4bc07886eb6aeed156c06822f1bfca19e2942b10ca315a492d93cb78c689218b; ARRAffinitySameSite=4bc07886eb6aeed156c06822f1bfca19e2942b10ca315a492d93cb78c689218b
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Date: Wed, 08 May 2024 09:00:45 GMT
Server: Microsoft-IIS/10.0
Upgrade: websocket
Strict-Transport-Security: max-age=2592000
Sec-WebSocket-Accept: oyWVQ8slgR4+a8cfe7tghslbSQ8=
X-Powered-By: ASP.NET

www.citasuniver.com/_blazor/negotiate?negotiateVersion=1

13.85.15.194

200 OK

316 B

URL POST HTTP/2
www.citasuniver.com/_blazor/negotiate?negotiateVersion=1
IP
13.85.15.194:443
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.citasuniver.com/
Certificate
IssuerDigiCert, Inc.
Subjectwww.citasuniver.com
Fingerprint4F:5F:8B:3E:E6:FA:B9:E5:57:F6:03:97:21:51:0D:C3:43:DC:A7:DA
ValidityTue, 07 May 2024 00:00:00 GMT - Thu, 07 Nov 2024 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (356), with no line terminators
Size
316 B (316 bytes)
Hash
056be4b474e2dc987b1e5af3d8652442
af7c1b66668f222389f97f2c25c50cb7656fdb5e
b7eabe8bcd99da6313673c06b47c37f7cf80ce427bbf97f6e27810804054b1c5

HTTP Headers

POST /_blazor/negotiate?negotiateVersion=1 HTTP/1.1
Host: www.citasuniver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.citasuniver.com/
X-Requested-With: XMLHttpRequest
X-SignalR-User-Agent: Microsoft SignalR/0.0 (0.0.0-DEV_BUILD; Unknown OS; Browser; Unknown Runtime Version)
Origin: https://www.citasuniver.com
DNT: 1
Connection: keep-alive
Cookie: ARRAffinity=4bc07886eb6aeed156c06822f1bfca19e2942b10ca315a492d93cb78c689218b; ARRAffinitySameSite=4bc07886eb6aeed156c06822f1bfca19e2942b10ca315a492d93cb78c689218b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/2 200 OK
content-type: application/json
date: Wed, 08 May 2024 09:00:45 GMT
server: Microsoft-IIS/10.0
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=2592000
x-powered-by: ASP.NET
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (34)

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL

IP