urlscan.io logo urlscan.io
SecurityTrails logo

www.citas.d-sso.com Open in urlscan Pro
186.64.118.110  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.citas.d-sso.com/
Submission: On April 05 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 5 countries across 7 domains to perform 16 HTTP transactions. The main IP is 186.64.118.110, located in Chile and belongs to ZAM LTDA., CL. The main domain is www.citas.d-sso.com.
TLS certificate: Issued by R3 on April 5th 2023. Valid for: 3 months.
This is the only time www.citas.d-sso.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 186.64.118.110 52368 (ZAM LTDA.)
9 2a00:1450:400... 15169 (GOOGLE)
1 1 2400:52e0:1e0... 200325 (BUNNYCDN)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 45.153.241.70 30823 (COMBAHTON...)
2 2a00:1450:400... 15169 (GOOGLE)
1 65.21.235.194 24940 (HETZNER-AS)
16 7
1    186.64.118.110 (Chile)

ASN52368 (ZAM LTDA., CL)
PTR: mail.blue129.dnsmisitio.net
www.citas.d-sso.com
9    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2400:52e0:1e00::1053:1 (Slovenia)

ASN200325 (BUNNYCDN, SI)
cdn.rawgit.com
1    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    45.153.241.70 (Germany)

ASN30823 (COMBAHTON combahton GmbH, DE)
solevisible.com
2    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    65.21.235.194 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.194.235.21.65.clients.your-server.de
l.top4top.io
Apex Domain
Subdomains		 Transfer
9 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
46 KB
2 gstatic.com
fonts.gstatic.com
32 KB
1 top4top.io
l.top4top.io
1 solevisible.com
solevisible.com
3 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 374
6 KB
1 rawgit.com
cdn.rawgit.com — Cisco Umbrella Rank: 11957
724 B
1 d-sso.com
www.citas.d-sso.com
1 KB
16 7
Domain Requested by
9 fonts.googleapis.com www.citas.d-sso.com
2 fonts.gstatic.com fonts.googleapis.com
1 l.top4top.io www.citas.d-sso.com
1 solevisible.com www.citas.d-sso.com
1 cdn.jsdelivr.net www.citas.d-sso.com
1 cdn.rawgit.com 1 redirects
1 www.citas.d-sso.com
16 7

This site contains no links.

Subject Issuer Validity Valid
citas.d-sso.com
R3		 2023-04-05 -
2023-07-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-03-20 -
2023-06-12		 3 months crt.sh
solevisible.com
R3		 2023-02-15 -
2023-05-16		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-03-20 -
2023-06-12		 3 months crt.sh
*.top4top.co
R3		 2023-04-01 -
2023-06-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.citas.d-sso.com/
Frame ID: 48AA5D034FD860E124B2A25012A5C822
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hacked by Wedus_X12 Ft Zx-Rst1337

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

16
Requests

88 %
HTTPS

57 %
IPv6

7
Domains

7
Subdomains

7
IPs

5
Countries

87 kB
Transfer

333 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://cdn.rawgit.com/bungfrangki/efeksalju/2a7805c7/efek-salju.js HTTP 301
  • https://cdn.jsdelivr.net/gh/bungfrangki/efeksalju@2a7805c7/efek-salju.js

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.citas.d-sso.com/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.citas.d-sso.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
186.64.118.110 , Chile, ASN52368 (ZAM LTDA., CL),
Reverse DNS
mail.blue129.dnsmisitio.net
Software
Apache /
Resource Hash
577efa744bd7f3a0778b63599e8742999e0a40a6bfda27adf09b84011ab3a829
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=604800, must-revalidate
content-encoding
gzip
content-type
text/html
date
Wed, 05 Apr 2023 22:50:46 GMT
etag
"510c4f5-d4b-5cb430b882168-gzip"
expires
Wed, 05 Apr 2023 22:50:46 GMT
last-modified
Sun, 05 Sep 2021 17:41:40 GMT
server
Apache
strict-transport-security
max-age=63072000; includeSubdomains;
vary
Accept-Encoding
css2
fonts.googleapis.com/ 		391 B
713 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Graduate&display=swap
Requested by
Host: www.citas.d-sso.com
URL: https://www.citas.d-sso.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4a6ec2fbc8dc315ff2b987bbbe53ff9bdaad78dc08cc85e80cb1d876ebbfb91e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.citas.d-sso.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 05 Apr 2023 22:50:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 05 Apr 2023 22:50:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 05 Apr 2023 22:50:47 GMT
css
fonts.googleapis.com/ 		366 B
344 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Iceberg:400,700
Requested by
Host: www.citas.d-sso.com
URL: https://www.citas.d-sso.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
15ea7160fc885ba58137a9db57015af83364eda7b293562703cca949fbe8a29f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.citas.d-sso.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 05 Apr 2023 22:50:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 05 Apr 2023 22:50:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 05 Apr 2023 22:50:47 GMT
css
fonts.googleapis.com/ 		52 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Dokdo|Gloria+Hallelujah|Indie+Flower|Permanent+Marker
Requested by
Host: www.citas.d-sso.com
URL: https://www.citas.d-sso.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
50247dae9e3ae218035b2beb3a3fdb3443b529cea475e8c6b53bd4547dd350dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.citas.d-sso.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 05 Apr 2023 22:50:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 05 Apr 2023 22:50:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 05 Apr 2023 22:50:47 GMT
css
fonts.googleapis.com/ 		689 B
432 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Righteous
Requested by
Host: www.citas.d-sso.com
URL: https://www.citas.d-sso.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
93f2e640c462e1d1c60e8d923fccedb2ce549c460db4838e5108879b2d77aaf2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.citas.d-sso.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 05 Apr 2023 22:50:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 05 Apr 2023 22:04:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 05 Apr 2023 22:50:47 GMT
css
fonts.googleapis.com/ 		3 KB
726 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Fredericka+the+Great|Kaushan+Script|Press+Start+2P|Rationale
Requested by
Host: www.citas.d-sso.com
URL: https://www.citas.d-sso.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c199e8183f19c989efdee3370d5c6a6f694f7643d6e7577daf83cd09f2ca87fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.citas.d-sso.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 05 Apr 2023 22:50:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 05 Apr 2023 22:50:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 05 Apr 2023 22:50:47 GMT
css
fonts.googleapis.com/ 		359 B
362 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Chewy
Requested by
Host: www.citas.d-sso.com
URL: https://www.citas.d-sso.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0369418a52b7455a0deb774d9bad1a5affbd5348f73aa20f39eec85f3629fac9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.citas.d-sso.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 05 Apr 2023 22:50:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 05 Apr 2023 22:34:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 05 Apr 2023 22:50:47 GMT
css
fonts.googleapis.com/ 		391 B
363 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Londrina+Sketch
Requested by
Host: www.citas.d-sso.com
URL: https://www.citas.d-sso.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7f4c4ed3a4c0bbc7e37119682c196dec11961686259c71d3e57e4bfaa2a6e398
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.citas.d-sso.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 05 Apr 2023 22:50:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 05 Apr 2023 22:50:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 05 Apr 2023 22:50:47 GMT
css
fonts.googleapis.com/ 		1 KB
473 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Permanent+Marker|Righteous
Requested by
Host: www.citas.d-sso.com
URL: https://www.citas.d-sso.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f364ee819b76f5bd38645c46436fa53b57820d00d779250f697c503f06b7a27a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.citas.d-sso.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 05 Apr 2023 22:50:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 05 Apr 2023 22:50:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 05 Apr 2023 22:50:47 GMT
css2
fonts.googleapis.com/ 		111 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Reggae+One&display=swap
Requested by
Host: www.citas.d-sso.com
URL: https://www.citas.d-sso.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
37b6f352e1c388b638ce54485f11df3bc48b9510241f1b35bb6a30618a907ec8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.citas.d-sso.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 05 Apr 2023 22:50:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 05 Apr 2023 22:42:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 05 Apr 2023 22:50:47 GMT
efek-salju.js
cdn.jsdelivr.net/gh/bungfrangki/efeksalju@2a7805c7/
Redirect Chain
  • https://cdn.rawgit.com/bungfrangki/efeksalju/2a7805c7/efek-salju.js
  • https://cdn.jsdelivr.net/gh/bungfrangki/efeksalju@2a7805c7/efek-salju.js
16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/bungfrangki/efeksalju@2a7805c7/efek-salju.js
Requested by
Host: www.citas.d-sso.com
URL: https://www.citas.d-sso.com/
Protocol
H2
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f5ed77faf29839c9d46e57e4b4a39b84edc143818579a7e0db1f61f9c58f084
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.citas.d-sso.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Wed, 05 Apr 2023 22:50:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
41633
x-jsd-version
2a7805c7
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230083-FRA, cache-yyz4557-YYZ
x-jsd-version-type
branch
server
cloudflare
etag
W/"3e74-+UH++c/vmoJn5o/iit08ZPyZab0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=md0BEkGEu4%2FwUJCGH%2Fhfpw%2BGfwYhqyNTVawKfNSXqm%2BSlMaJuB4GB9w%2FXR1%2BVYCYXKp9T%2Fl5mVqu3LaM0CNUpa%2BkvOcsMXXZ0TFLLkIFirWWmRmgFrycmKTocu2hH0S9bcX1VV%2Be5KT2%2B%2F78OIQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7b355a1cc96fbbf5-FRA

Redirect headers

date
Wed, 05 Apr 2023 22:50:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cdn-edgestorageid
1047
age
51136
x-cache
MISS, HIT
cdn-cachedat
04/05/2023 22:50:47
cdn-pullzone
201235
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443", h3-29=":443", h3-27=":443"
content-length
106
x-served-by
cache-fra-eddf8230037-FRA, cache-chi-kigq8000078-CHI
server
BunnyCDN-DE1-1053
cdn-proxyver
1.03
cdn-requestpullcode
301
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
location
https://cdn.jsdelivr.net/gh/bungfrangki/efeksalju@2a7805c7/efek-salju.js
access-control-allow-origin
*
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
access-control-expose-headers
*
cache-control
public, max-age=2592000
cdn-cache
EXPIRED
cdn-requestid
b864682e72a8e680f0d11d1d46b0a818
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
301
cdn-requestpullsuccess
True
css
fonts.googleapis.com/ 		0
0
bg_effect_up.gif
solevisible.com/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://solevisible.com/images/bg_effect_up.gif
Requested by
Host: www.citas.d-sso.com
URL: https://www.citas.d-sso.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.153.241.70 , Germany, ASN30823 (COMBAHTON combahton GmbH, DE),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
bad4b5ab863931a6f8c0156687617640782e500f9b156841b1f79bfd3a051634

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.citas.d-sso.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Wed, 05 Apr 2023 22:50:47 GMT
Last-Modified
Wed, 24 Aug 2016 21:07:14 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"8e8-53ad7aa5aa480"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2280
8QIJdijAiM7o-qnZiI8Eqg.woff2
fonts.gstatic.com/s/iceberg/v20/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/iceberg/v20/8QIJdijAiM7o-qnZiI8Eqg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Iceberg:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ae20a756a69cedd96230ef245feab6b5198814dfa01db1d9b197de0fe10d04c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.citas.d-sso.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 04 Apr 2023 18:53:12 GMT
x-content-type-options
nosniff
age
100655
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12328
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:21:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Apr 2024 18:53:12 GMT
uK_94ruUb-k-wn52KjI.woff2
fonts.gstatic.com/s/chewy/v18/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/chewy/v18/uK_94ruUb-k-wn52KjI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Chewy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fb894030e4ade4d9f76ede985bc96d468bcb923fcd4b908a5d8e38178819dc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.citas.d-sso.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 04 Apr 2023 12:54:19 GMT
x-content-type-options
nosniff
age
122188
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19920
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:00:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Apr 2024 12:54:19 GMT
m_20601zbif0.mp3
l.top4top.io/ 		112 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://l.top4top.io/m_20601zbif0.mp3
Requested by
Host: www.citas.d-sso.com
URL: https://www.citas.d-sso.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
65.21.235.194 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.194.235.21.65.clients.your-server.de
Software
nginx /
Resource Hash

Request headers

Referer
https://www.citas.d-sso.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Range
bytes=0-

Response headers

x-file-id
x40263083x
date
Wed, 05 Apr 2023 22:50:47 GMT
last-modified
Sun, 22 Aug 2021 21:07:53 GMT
server
nginx
etag
"6122bca9-674a1e"
content-type
audio/mpeg
Content-Range
bytes 0-6769181/6769182
cache-control
max-age=7200
content-disposition
inline; filename="Lagu%20php%20lirik%20reggae.mp3"
Content-Length
6769182
expires
Thu, 06 Apr 2023 00:50:47 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Iceland:400,700

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| snowStorm function| SnowStorm object| x function| playAudio function| pauseAudio

0 Cookies

2 Console Messages

Source Level URL
Text
security error URL: https://www.citas.d-sso.com/(Line 11)
Message:
Mixed Content: The page at 'https://www.citas.d-sso.com/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Iceland:400,700'. This request has been blocked; the content must be served over HTTPS.
security warning URL: https://www.citas.d-sso.com/(Line 39)
Message:
Mixed Content: The page at 'https://www.citas.d-sso.com/' was loaded over HTTPS, but requested an insecure element 'http://solevisible.com/images/bg_effect_up.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubdomains;