urlscan.io logo urlscan.io
SecurityTrails logo

qa.gsa-middleware.citikold.com Open in urlscan Pro
20.109.84.220  Public Scan

Go To Rescan Add Verdict Report
URL: https://qa.gsa-middleware.citikold.com/
Submission: On January 19 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 20.109.84.220, located in Boydton, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is qa.gsa-middleware.citikold.com.
TLS certificate: Issued by R3 on January 19th 2024. Valid for: 3 months.
This is the only time qa.gsa-middleware.citikold.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 20.109.84.220 8075 (MICROSOFT...)
11 1
Apex Domain
Subdomains		 Transfer
11 citikold.com
qa.gsa-middleware.citikold.com
375 KB
11 1
Domain Requested by
11 qa.gsa-middleware.citikold.com qa.gsa-middleware.citikold.com
11 1

This site contains links to these domains. Also see Links.

Domain
asp.net
go.microsoft.com
Subject Issuer Validity Valid
qa.gsa-middleware.citikold.com
R3		 2024-01-19 -
2024-04-18		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://qa.gsa-middleware.citikold.com/
Frame ID: 9A492B1CEA208DCDC21E44A823374F9C
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home Page

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

11
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

375 kB
Transfer

578 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
qa.gsa-middleware.citikold.com/ 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://qa.gsa-middleware.citikold.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.109.84.220 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
804796991cdf6179ab034fea2933f452cc3db0b74ebbb6910ccf3dfca8d38e37

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private
content-length
3729
content-type
text/html; charset=utf-8
date
Fri, 19 Jan 2024 22:01:20 GMT
server
Microsoft-IIS/10.0
server-timing
dtSInfo;desc="0", dtRpid;desc="1655359890"
x-aspnet-version
4.0.30319
x-aspnetmvc-version
5.2
x-oneagent-js-injection
true
x-powered-by
ASP.NET
x-ruxit-js-agent
true
ruxitagentjs_ICA2NQVfqru_10281231207105659.js
qa.gsa-middleware.citikold.com/ 		283 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qa.gsa-middleware.citikold.com/ruxitagentjs_ICA2NQVfqru_10281231207105659.js
Requested by
Host: qa.gsa-middleware.citikold.com
URL: https://qa.gsa-middleware.citikold.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.109.84.220 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
80bf0b9987562ec444ec812fb29f45d5cfc32c2ba7f9de6a9190836582d225b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qa.gsa-middleware.citikold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 22:01:20 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2010 07:01:40 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
content-length
107429
expires
Sat, 18 Jan 2025 22:01:20 GMT
css
qa.gsa-middleware.citikold.com/Content/ 		118 KB
118 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://qa.gsa-middleware.citikold.com/Content/css?v=wsY4eiW9QSpK69Gagy2TurKDaD2CKhsHpIFio-6wrMo1
Requested by
Host: qa.gsa-middleware.citikold.com
URL: https://qa.gsa-middleware.citikold.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.109.84.220 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d5f4a85e1c7dd0acbd2593631c5e8e1bcc9454ed9a0ff7a6ff68d6adc5e97c13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qa.gsa-middleware.citikold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 22:01:20 GMT
last-modified
Fri, 19 Jan 2024 22:01:19 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
etag
"1705701680:dtagent10281231207105659xRwY"
x-powered-by
ASP.NET
vary
User-Agent
content-type
text/css; charset=utf-8
cache-control
public
server-timing
dtSInfo;desc="0", dtRpid;desc="-798101317"
content-length
120346
expires
Sat, 18 Jan 2025 22:01:20 GMT
modernizr
qa.gsa-middleware.citikold.com/bundles/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qa.gsa-middleware.citikold.com/bundles/modernizr?v=inCVuEFe6J4Q07A0AcRsbJic_UE5MwpRMNGcOtk94TE1
Requested by
Host: qa.gsa-middleware.citikold.com
URL: https://qa.gsa-middleware.citikold.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.109.84.220 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9e83216908224ffbc39992a5e60f93ca21b8e2240ba28025ba679c4b70f7112d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qa.gsa-middleware.citikold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 22:01:20 GMT
last-modified
Fri, 19 Jan 2024 22:01:19 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
etag
"1705701680:dtagent10281231207105659xRwY"
x-powered-by
ASP.NET
vary
User-Agent
content-type
text/javascript; charset=utf-8
cache-control
public
server-timing
dtSInfo;desc="0", dtRpid;desc="-1009399345"
content-length
11095
expires
Sat, 18 Jan 2025 22:01:20 GMT
jquery
qa.gsa-middleware.citikold.com/bundles/ 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qa.gsa-middleware.citikold.com/bundles/jquery?v=2u0aRenDpYxArEyILB59ETSCA2cfQkSMlxb6jbMBqf81
Requested by
Host: qa.gsa-middleware.citikold.com
URL: https://qa.gsa-middleware.citikold.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.109.84.220 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
16f78d5ed1dab9917629766d9b0376c849bc8efae63767ea2ed054f83368252b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qa.gsa-middleware.citikold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 22:01:20 GMT
last-modified
Fri, 19 Jan 2024 22:01:19 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
etag
"1705701680:dtagent10281231207105659xRwY"
x-powered-by
ASP.NET
vary
User-Agent
content-type
text/javascript; charset=utf-8
cache-control
public
server-timing
dtSInfo;desc="0", dtRpid;desc="574088629"
content-length
86924
expires
Sat, 18 Jan 2025 22:01:20 GMT
bootstrap
qa.gsa-middleware.citikold.com/bundles/ 		36 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qa.gsa-middleware.citikold.com/bundles/bootstrap?v=lescQEuG5u4jd-GcVDBcbpUOSyTDIg0Kk9zHDX55GCw1
Requested by
Host: qa.gsa-middleware.citikold.com
URL: https://qa.gsa-middleware.citikold.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.109.84.220 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
72c93f899b0c28052a481f2e4177bfc6d400c3a10f51585cfbf079e9706aa003

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qa.gsa-middleware.citikold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 22:01:20 GMT
last-modified
Fri, 19 Jan 2024 22:01:19 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
etag
"1705701680:dtagent10281231207105659xRwY"
x-powered-by
ASP.NET
vary
User-Agent
content-type
text/javascript; charset=utf-8
cache-control
public
server-timing
dtSInfo;desc="0", dtRpid;desc="261173419"
content-length
36801
expires
Sat, 18 Jan 2025 22:01:20 GMT
ruxitagentjs_D_10281231207105659.js
qa.gsa-middleware.citikold.com/ 		42 KB
16 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://qa.gsa-middleware.citikold.com/ruxitagentjs_D_10281231207105659.js
Requested by
Host: qa.gsa-middleware.citikold.com
URL: https://qa.gsa-middleware.citikold.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.109.84.220 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
757897be220168d6e40c6f5663c3f9fa4a57bb9f79c843a731789b3606b7a8a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qa.gsa-middleware.citikold.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 22:01:20 GMT
content-encoding
gzip
last-modified
Wed, 03 Mar 2010 07:01:40 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
content-length
15951
expires
Sat, 18 Jan 2025 22:01:20 GMT
rb_bf51893hva
qa.gsa-middleware.citikold.com/ 		118 B
196 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://qa.gsa-middleware.citikold.com/rb_bf51893hva?type=js3&sn=v_4_srv_2_sn_606E753027E9CB11A13FD527097D02AF_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_0&svrid=2&flavor=post&vi=LWUBHMMPKKIVTRVPRFMJOQPCCMBTCJLA-0&modifiedSince=1705458796877&rf=https%3A%2F%2Fqa.gsa-middleware.citikold.com%2F&bp=3&app=ea7c4b59f27d43eb&crc=3627329324&en=jsmf47ln&end=1
Requested by
Host: qa.gsa-middleware.citikold.com
URL: https://qa.gsa-middleware.citikold.com/ruxitagentjs_ICA2NQVfqru_10281231207105659.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.109.84.220 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
274ca9745e977831f7e61b697fbf42eeee87eb46b22336277bacc12a2152019d

Request headers

Referer
https://qa.gsa-middleware.citikold.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 19 Jan 2024 22:01:22 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
118
content-type
text/plain; charset=utf-8
rb_bf51893hva
qa.gsa-middleware.citikold.com/ 		118 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://qa.gsa-middleware.citikold.com/rb_bf51893hva?type=js3&sn=v_4_srv_2_sn_606E753027E9CB11A13FD527097D02AF_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_0&svrid=2&flavor=post&vi=LWUBHMMPKKIVTRVPRFMJOQPCCMBTCJLA-0&contentType=srBm&modifiedSince=1705458796877&rf=https%3A%2F%2Fqa.gsa-middleware.citikold.com%2F&bp=3&app=ea7c4b59f27d43eb&v=10281231207105660&crc=3219996993&en=jsmf47ln&end=1
Requested by
Host: qa.gsa-middleware.citikold.com
URL: https://qa.gsa-middleware.citikold.com/ruxitagentjs_ICA2NQVfqru_10281231207105659.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.109.84.220 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
274ca9745e977831f7e61b697fbf42eeee87eb46b22336277bacc12a2152019d

Request headers

Referer
https://qa.gsa-middleware.citikold.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/octet-stream

Response headers

date
Fri, 19 Jan 2024 22:01:23 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
118
content-type
text/plain; charset=utf-8
rb_bf51893hva
qa.gsa-middleware.citikold.com/ 		118 B
151 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://qa.gsa-middleware.citikold.com/rb_bf51893hva?type=js3&sn=v_4_srv_2_sn_606E753027E9CB11A13FD527097D02AF_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_0&svrid=2&flavor=post&vi=LWUBHMMPKKIVTRVPRFMJOQPCCMBTCJLA-0&contentType=srTe&modifiedSince=1705458796877&rf=https%3A%2F%2Fqa.gsa-middleware.citikold.com%2F&bp=3&app=ea7c4b59f27d43eb&v=10281231207105660&crc=703836091&en=jsmf47ln&end=1
Requested by
Host: qa.gsa-middleware.citikold.com
URL: https://qa.gsa-middleware.citikold.com/ruxitagentjs_ICA2NQVfqru_10281231207105659.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.109.84.220 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
274ca9745e977831f7e61b697fbf42eeee87eb46b22336277bacc12a2152019d

Request headers

Referer
https://qa.gsa-middleware.citikold.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 19 Jan 2024 22:01:23 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
118
content-type
text/plain; charset=utf-8
rb_bf51893hva
qa.gsa-middleware.citikold.com/ 		118 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://qa.gsa-middleware.citikold.com/rb_bf51893hva?type=js3&sn=v_4_srv_2_sn_606E753027E9CB11A13FD527097D02AF_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_0&svrid=2&flavor=post&vi=LWUBHMMPKKIVTRVPRFMJOQPCCMBTCJLA-0&modifiedSince=1705458796877&rf=https%3A%2F%2Fqa.gsa-middleware.citikold.com%2F&bp=3&app=ea7c4b59f27d43eb&crc=146358883&en=jsmf47ln&end=1
Requested by
Host: qa.gsa-middleware.citikold.com
URL: https://qa.gsa-middleware.citikold.com/ruxitagentjs_ICA2NQVfqru_10281231207105659.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.109.84.220 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
274ca9745e977831f7e61b697fbf42eeee87eb46b22336277bacc12a2152019d

Request headers

Referer
https://qa.gsa-middleware.citikold.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 19 Jan 2024 22:01:24 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
118
content-type
text/plain; charset=utf-8

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dT_ object| dtrum object| dynatrace object| html5 object| Modernizr function| $ function| jQuery

5 Cookies

Domain/Path Name / Value
.citikold.com/ Name: dtCookie
Value: v_4_srv_2_sn_606E753027E9CB11A13FD527097D02AF_perc_100000_ol_0_mul_1_app-3Aea7c4b59f27d43eb_1_rcs-3Acss_0
.citikold.com/ Name: rxVisitor
Value: 1705701680741KLFNBORM9484RRB2PBN6KOVAU6AT5KH3
.citikold.com/ Name: dtSa
Value: -
.citikold.com/ Name: dtPC
Value: 2$501680740_823h-vLWUBHMMPKKIVTRVPRFMJOQPCCMBTCJLA-0e0
.citikold.com/ Name: rxvt
Value: 1705703483203|1705701680742