wmsctk.citikold.net Open in urlscan Pro
35.160.209.112 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://wmsctk.citikold.net/
Effective URL:
https://wmsctk.citikold.net/Seguridad/Cuenta/IniciarSesion?ReturnUrl=%2F
Submission: On August 07 via automatic, source certstream-suspicious (August 7th 2024, 11:46:08 am UTC) — Scanned from US

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 9 HTTP transactions. The main IP is 35.160.209.112, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is wmsctk.citikold.net.
TLS certificate: Issued by R11 on July 29th 2024. Valid for: 3 months.

This is the only time wmsctk.citikold.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 9	35.160.209.112 35.160.209.112	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
9	2

9 35.160.209.112 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-160-209-112.us-west-2.compute.amazonaws.com

wmsctk.citikold.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	citikold.net 1 redirects wmsctk.citikold.net	3 MB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 410	4 KB
9	2

	Domain	Requested by
9	wmsctk.citikold.net	1 redirects wmsctk.citikold.net
1	cdn.jsdelivr.net	wmsctk.citikold.net
9	2

This site contains no links.

Subject Issuer	Validity	Valid
wmsctk.citikold.net R11	`2024-07-29` - `2024-10-27`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://wmsctk.citikold.net/Seguridad/Cuenta/IniciarSesion?ReturnUrl=%2F
Frame ID: 58F81BB22B495D2A43C5A1846AAB4174
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Iniciar Sesión en WMS | WMS

Page URL History Show full URLs

https://wmsctk.citikold.net/ HTTP 302
https://wmsctk.citikold.net/Seguridad/Cuenta/IniciarSesion?ReturnUrl=%2F Page URL

Detected technologies

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

9
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

3508 kB
Transfer

3518 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://wmsctk.citikold.net/ HTTP 302
https://wmsctk.citikold.net/Seguridad/Cuenta/IniciarSesion?ReturnUrl=%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request IniciarSesion Show response
wmsctk.citikold.net/Seguridad/Cuenta/
Redirect Chain

https://wmsctk.citikold.net/
https://wmsctk.citikold.net/Seguridad/Cuenta/IniciarSesion?ReturnUrl=%2F

4 KB
4 KB

114ms
114ms

Document
text/html

35.160.209.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://wmsctk.citikold.net/Seguridad/Cuenta/IniciarSesion?ReturnUrl=%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.160.209.112 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-160-209-112.us-west-2.compute.amazonaws.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

48093abc90ea2a30e3b462a388db130bd3f0435bbe6f68b2959cf893f314cf80

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: private
content-length: 3975
content-type: text/html; charset=utf-8
date: Wed, 07 Aug 2024 11:46:01 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-frame-options: SAMEORIGIN
x-powered-by: ASP.NET

Redirect headers

cache-control: private
content-length: 0
date: Wed, 07 Aug 2024 11:46:01 GMT
location: https://wmsctk.citikold.net/Seguridad/Cuenta/IniciarSesion?ReturnUrl=%2F
server: Microsoft-IIS/10.0
www-authenticate: Bearer
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

GET
H2 200 flatpickr.min.css
cdn.jsdelivr.net/npm/flatpickr/dist/ 16 KB
4 KB 99ms
31ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/flatpickr/dist/flatpickr.min.css

Requested by

Host: wmsctk.citikold.net
URL: https://wmsctk.citikold.net/Seguridad/Cuenta/IniciarSesion?ReturnUrl=%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1b34a42552c96f10e4dfaaa4a367276b03868aacff63c1ac42ffe331352bc754

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wmsctk.citikold.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 07 Aug 2024 11:46:02 GMT
x-content-type-options: nosniff
content-encoding: br
age: 3849
x-jsd-version: 4.6.13
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3308
x-served-by: cache-fra-etou8220051-FRA, cache-mia-kmia1760090-MIA
x-jsd-version-type: version
etag: W/"3f26-J8BN8VjBcy9mnostEH/TFP6t00A"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 modernizr Show response
wmsctk.citikold.net/bundles/ 11 KB
11 KB 119ms
117ms Script
text/javascript 35.160.209.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wmsctk.citikold.net/bundles/modernizr?v=inCVuEFe6J4Q07A0AcRsbJic_UE5MwpRMNGcOtk94TE1
Requested by: Host: wmsctk.citikold.net
URL: https://wmsctk.citikold.net/Seguridad/Cuenta/IniciarSesion?ReturnUrl=%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.160.209.112 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-160-209-112.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 9e83216908224ffbc39992a5e60f93ca21b8e2240ba28025ba679c4b70f7112d

Request headers

Referer: https://wmsctk.citikold.net/Seguridad/Cuenta/IniciarSesion?ReturnUrl=%2F
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 11:46:01 GMT
last-modified: Wed, 07 Aug 2024 11:46:02 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent
content-type: text/javascript; charset=utf-8
cache-control: public
content-length: 11095
expires: Thu, 07 Aug 2025 11:46:02 GMT

GET
H2 200 Semantic
wmsctk.citikold.net/bundles/ 690 KB
690 KB 228ms
226ms Stylesheet
text/css 35.160.209.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wmsctk.citikold.net/bundles/Semantic?v=kGQb5TxCEWuntpP_vvMysRX2CQPH2X2NdOs7DcnGX0Y1
Requested by: Host: wmsctk.citikold.net
URL: https://wmsctk.citikold.net/Seguridad/Cuenta/IniciarSesion?ReturnUrl=%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.160.209.112 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-160-209-112.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 49dac6f27fbe88e1a0254b331b9ab20b45d22f21f7d86442ba21d20cf1eaa81c

Request headers

Referer: https://wmsctk.citikold.net/Seguridad/Cuenta/IniciarSesion?ReturnUrl=%2F
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 11:46:01 GMT
last-modified: Wed, 07 Aug 2024 11:46:02 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent
content-type: text/css; charset=utf-8
cache-control: public
content-length: 706102
expires: Thu, 07 Aug 2025 11:46:02 GMT

GET
H2 200 css
wmsctk.citikold.net/Content/ 4 KB
4 KB 118ms
116ms Stylesheet
text/css 35.160.209.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wmsctk.citikold.net/Content/css?v=dm2-wFQeAVrpGg5y0fVHbeR-ygInHzEe957AFkallr81
Requested by: Host: wmsctk.citikold.net
URL: https://wmsctk.citikold.net/Seguridad/Cuenta/IniciarSesion?ReturnUrl=%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.160.209.112 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-160-209-112.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f36d2ad9d29ef64551771d03f6caaeebb8792b9b224eeab2dbb8056632fef3cf

Request headers

Referer: https://wmsctk.citikold.net/Seguridad/Cuenta/IniciarSesion?ReturnUrl=%2F
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 11:46:01 GMT
last-modified: Wed, 07 Aug 2024 11:46:02 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent
content-type: text/css; charset=utf-8
cache-control: public
content-length: 4123
expires: Thu, 07 Aug 2025 11:46:02 GMT

GET
H2 200 jquery Show response
wmsctk.citikold.net/bundles/ 334 KB
334 KB 559ms
558ms Script
text/javascript 35.160.209.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wmsctk.citikold.net/bundles/jquery?v=lfxkkjiMygua4eXqr5q6nFLBKA3OgSZrhYRB-cgvYWM1
Requested by: Host: wmsctk.citikold.net
URL: https://wmsctk.citikold.net/Seguridad/Cuenta/IniciarSesion?ReturnUrl=%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.160.209.112 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-160-209-112.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 163ae435c38a6e5032d9ba407e2d0523f8b98ea35a297985bb1e1e159c4b54da

Request headers

Referer: https://wmsctk.citikold.net/Seguridad/Cuenta/IniciarSesion?ReturnUrl=%2F
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 11:46:01 GMT
last-modified: Wed, 07 Aug 2024 11:46:02 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent
content-type: text/javascript; charset=utf-8
cache-control: public
content-length: 342054
expires: Thu, 07 Aug 2025 11:46:02 GMT

GET
H2 200 SemanticJs Show response
wmsctk.citikold.net/bundles/ 2 MB
2 MB 562ms
561ms Script
text/javascript 35.160.209.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wmsctk.citikold.net/bundles/SemanticJs?v=Idedj9XgKtKxK-HMKuq9YydToLqI5hqz4jXUzTpBUl41
Requested by: Host: wmsctk.citikold.net
URL: https://wmsctk.citikold.net/Seguridad/Cuenta/IniciarSesion?ReturnUrl=%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.160.209.112 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-160-209-112.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7ec187ca837fb9961fb5ba806810d5cc2e3361510964c4d53f8e19b27e3c3214

Request headers

Referer: https://wmsctk.citikold.net/Seguridad/Cuenta/IniciarSesion?ReturnUrl=%2F
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 11:46:01 GMT
last-modified: Wed, 07 Aug 2024 11:46:02 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: User-Agent
content-type: text/javascript; charset=utf-8
cache-control: public
content-length: 2452473
expires: Thu, 07 Aug 2025 11:46:02 GMT

GET
H2 200 icons.woff2
wmsctk.citikold.net/Content/Fonts/ 39 KB
39 KB 188ms
188ms Font
application/font-woff2 35.160.209.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wmsctk.citikold.net/Content/Fonts/icons.woff2
Requested by: Host: wmsctk.citikold.net
URL: https://wmsctk.citikold.net/bundles/Semantic?v=kGQb5TxCEWuntpP_vvMysRX2CQPH2X2NdOs7DcnGX0Y1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.160.209.112 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-160-209-112.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 434466b59545a8a1cac6ddb38197cdc6b35995a98c3f3812fb88d61b1c300dd3

Request headers

Referer: https://wmsctk.citikold.net/bundles/Semantic?v=kGQb5TxCEWuntpP_vvMysRX2CQPH2X2NdOs7DcnGX0Y1
Origin: https://wmsctk.citikold.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 11:46:02 GMT
last-modified: Wed, 22 Jun 2022 16:28:24 GMT
server: Microsoft-IIS/10.0
etag: "084f9175586d81:0"
x-powered-by: ASP.NET
content-type: application/font-woff2
accept-ranges: bytes
content-length: 40148

GET
H2 200 favicon.ico
wmsctk.citikold.net/Content/Images/ 25 KB
25 KB 115ms
114ms Other
image/x-icon 35.160.209.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wmsctk.citikold.net/Content/Images/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.160.209.112 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-160-209-112.us-west-2.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0f6e705518783d04c17da2d7e01b7629247390425aa1eb965611ea95af51b877

Request headers

Referer: https://wmsctk.citikold.net/Seguridad/Cuenta/IniciarSesion?ReturnUrl=%2F
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 11:46:02 GMT
last-modified: Tue, 30 Jul 2024 15:16:46 GMT
server: Microsoft-IIS/10.0
etag: "083d47d93e2da1:0"
x-powered-by: ASP.NET
content-type: image/x-icon
accept-ranges: bytes
content-length: 25927

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			wmsctk.citikold.net/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: fc9_PjsUK1O6td__i3qtY0UlvyUNwTVdG1bjZNFCyIAod_6xkYkR_qjf8gnPYL5hRT_b1MZg5UYjUXS9lyId3Rw2yi-66-hQutKymsE0zEY1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://wmsctk.citikold.net/Seguridad/Cuenta/IniciarSesion?ReturnUrl=%2F Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
wmsctk.citikold.net
2a04:4e42::485
35.160.209.112
0f6e705518783d04c17da2d7e01b7629247390425aa1eb965611ea95af51b877
163ae435c38a6e5032d9ba407e2d0523f8b98ea35a297985bb1e1e159c4b54da
1b34a42552c96f10e4dfaaa4a367276b03868aacff63c1ac42ffe331352bc754
434466b59545a8a1cac6ddb38197cdc6b35995a98c3f3812fb88d61b1c300dd3
48093abc90ea2a30e3b462a388db130bd3f0435bbe6f68b2959cf893f314cf80
49dac6f27fbe88e1a0254b331b9ab20b45d22f21f7d86442ba21d20cf1eaa81c
7ec187ca837fb9961fb5ba806810d5cc2e3361510964c4d53f8e19b27e3c3214
9e83216908224ffbc39992a5e60f93ca21b8e2240ba28025ba679c4b70f7112d
f36d2ad9d29ef64551771d03f6caaeebb8792b9b224eeab2dbb8056632fef3cf

wmsctk.citikold.net Open in urlscan Pro 35.160.209.112 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

3508 kBTransfer

3518 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

1 Cookies

1 Console Messages

Security Headers

Indicators

wmsctk.citikold.net Open in urlscan Pro
35.160.209.112 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

3508 kB
Transfer

3518 kB
Size

1
Cookies

9 HTTP transactions
0 data transactions