gate.customintercept.com Open in urlscan Pro
138.197.69.238 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://l.paciolanmail.com/rts/go2.aspx?h=51084&tp=i-1NGB-Eo-1nT-1K5Sx-24-3Vc9-1c-1JxoC-l6kLveWADR-Gbuyw
Effective URL:
https://gate.customintercept.com/Northwestern_RyanField
Submission: On November 07 via manual (November 7th 2021, 7:16:01 am UTC) from IN — Scanned from DE

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 9 HTTP transactions. The main IP is 138.197.69.238, located in Clifton, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is gate.customintercept.com.
TLS certificate: Issued by R3 on October 27th 2021. Valid for: 3 months.

This is the only time gate.customintercept.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	63.148.46.72 63.148.46.72	53316 (ASN-CHEET...) (ASN-CHEETA-MAIL)
9	138.197.69.238 138.197.69.238	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
9	1

1 63.148.46.72 (United States) 1 redirects

ASN53316 (ASN-CHEETA-MAIL, US)
PTR: rts.eccmp.com

l.paciolanmail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 138.197.69.238 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: gate.customintercept.com

gate.customintercept.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	customintercept.com gate.customintercept.com	66 KB
1	paciolanmail.com 1 redirects l.paciolanmail.com	415 B
9	2

	Domain	Requested by
9	gate.customintercept.com	gate.customintercept.com
1	l.paciolanmail.com	1 redirects
9	2

This site contains no links.

Subject Issuer	Validity	Valid
gate.customintercept.com R3	`2021-10-27` - `2022-01-25`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://gate.customintercept.com/Northwestern_RyanField
Frame ID: B77B92AB0E052A88AEA1A3A58377B15F
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

New Ryan Field Study

Page URL History Show full URLs

http://l.paciolanmail.com/rts/go2.aspx?h=51084&tp=i-1NGB-Eo-1nT-1K5Sx-24-3Vc9-1c-1JxoC-l6kLveWADR-Gbuyw HTTP 302
https://gate.customintercept.com/Northwestern_RyanField Page URL

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

66 kB
Transfer

182 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://l.paciolanmail.com/rts/go2.aspx?h=51084&tp=i-1NGB-Eo-1nT-1K5Sx-24-3Vc9-1c-1JxoC-l6kLveWADR-Gbuyw HTTP 302
https://gate.customintercept.com/Northwestern_RyanField Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Northwestern_RyanField Show response gate.customintercept.com/ Redirect Chain http://l.paciolanmail.com/rts/go2.aspx?h=51084&tp=i-1NGB-Eo-1nT-1K5Sx-24-3Vc9-1c-1JxoC-l6kLveWADR-Gbuyw https://gate.customintercept.com/Northwestern_RyanField	3 KB 2 KB	331ms 110ms	Document text/html	138.197.69.238 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://gate.customintercept.com/Northwestern_RyanField Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 138.197.69.238 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS gate.customintercept.com Software Apache/2.4.18 (Ubuntu) / Resource Hash `743f10487e12333ec2ae70d0ec0ddc4a3da581b5b592e190359c8c31e86b4688` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Date Sun, 07 Nov 2021 07:15:57 GMT Server Apache/2.4.18 (Ubuntu) Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate Pragma no-cache Vary Accept-Encoding Content-Encoding gzip Content-Length 1160 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html; charset=UTF-8 Redirect headers Cache-Control private Content-Type text/html; charset=utf-8 Location https://gate.customintercept.com/Northwestern_RyanField Server Microsoft-IIS/8.0 X-Powered-By ASP.NET Date Sun, 07 Nov 2021 07:15:56 GMT Connection close Vary Accept-Encoding Content-Encoding gzip Content-Length 528
GET H/1.1	200 OK	cssReset.css gate.customintercept.com/css/	582 B 698 B	98ms 98ms	Stylesheet text/css	138.197.69.238 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://gate.customintercept.com/css/cssReset.css Requested by Host: gate.customintercept.com URL: https://gate.customintercept.com/Northwestern_RyanField Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 138.197.69.238 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS gate.customintercept.com Software Apache/2.4.18 (Ubuntu) / Resource Hash `246fa364a8c1e933cc3b5d29f82bdf4466d158e9763e41ac64722a6f7a0be3d6` Request headers Accept-Language de-DE,de;q=0.9 Referer https://gate.customintercept.com/Northwestern_RyanField User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Sun, 07 Nov 2021 07:15:57 GMT Content-Encoding gzip Last-Modified Tue, 24 Jan 2017 20:39:02 GMT Server Apache/2.4.18 (Ubuntu) ETag "246-546dd1b43501c-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 363
GET H/1.1	200 OK	loginStyle.css gate.customintercept.com/css/	1 KB 829 B	198ms 97ms	Stylesheet text/css	138.197.69.238 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://gate.customintercept.com/css/loginStyle.css Requested by Host: gate.customintercept.com URL: https://gate.customintercept.com/Northwestern_RyanField Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 138.197.69.238 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS gate.customintercept.com Software Apache/2.4.18 (Ubuntu) / Resource Hash `2db9bf7d437bb8761cb435030db6612e8e0919022940091508042eac76eb2769` Request headers Accept-Language de-DE,de;q=0.9 Referer https://gate.customintercept.com/Northwestern_RyanField User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Sun, 07 Nov 2021 07:15:57 GMT Content-Encoding gzip Last-Modified Tue, 24 Jan 2017 20:39:02 GMT Server Apache/2.4.18 (Ubuntu) ETag "58f-546dd1b4071bc-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 494
GET H/1.1	200 OK	jquery.fancybox-1.3.4.css gate.customintercept.com/thirdParty/fancybox/	9 KB 2 KB	292ms 98ms	Stylesheet text/css	138.197.69.238 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://gate.customintercept.com/thirdParty/fancybox/jquery.fancybox-1.3.4.css Requested by Host: gate.customintercept.com URL: https://gate.customintercept.com/Northwestern_RyanField Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 138.197.69.238 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS gate.customintercept.com Software Apache/2.4.18 (Ubuntu) / Resource Hash `9739afa0c06938f51fc08ee0df97f53937142077f315a2bd169c1bc348f0a753` Request headers Accept-Language de-DE,de;q=0.9 Referer https://gate.customintercept.com/Northwestern_RyanField User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Sun, 07 Nov 2021 07:15:57 GMT Content-Encoding gzip Last-Modified Tue, 24 Jan 2017 20:39:52 GMT Server Apache/2.4.18 (Ubuntu) ETag "2325-546dd1e38169f-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 1880
GET H/1.1	200 OK	jquery-1.8.0.min.js Show response gate.customintercept.com/thirdParty/	90 KB 33 KB	297ms 102ms	Script application/javascript	138.197.69.238 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://gate.customintercept.com/thirdParty/jquery-1.8.0.min.js Requested by Host: gate.customintercept.com URL: https://gate.customintercept.com/Northwestern_RyanField Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 138.197.69.238 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS gate.customintercept.com Software Apache/2.4.18 (Ubuntu) / Resource Hash `8c574e0a06396dfa7064b8b460e0e4a8d5d0748c4aa66eb2e4efdfcb46da4b31` Request headers Accept-Language de-DE,de;q=0.9 Referer https://gate.customintercept.com/Northwestern_RyanField User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Sun, 07 Nov 2021 07:15:57 GMT Content-Encoding gzip Last-Modified Tue, 24 Jan 2017 20:39:49 GMT Server Apache/2.4.18 (Ubuntu) ETag "1698b-546dd1e0e08fd-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 33064
GET H/1.1	200 OK	jquery.form.js Show response gate.customintercept.com/thirdParty/	41 KB 12 KB	293ms 99ms	Script application/javascript	138.197.69.238 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://gate.customintercept.com/thirdParty/jquery.form.js Requested by Host: gate.customintercept.com URL: https://gate.customintercept.com/Northwestern_RyanField Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 138.197.69.238 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS gate.customintercept.com Software Apache/2.4.18 (Ubuntu) / Resource Hash `3551e685fe26a448a8a98f57f617241ea2e5c7f42bd786bfda4f454f6d0a6d3b` Request headers Accept-Language de-DE,de;q=0.9 Referer https://gate.customintercept.com/Northwestern_RyanField User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Sun, 07 Nov 2021 07:15:57 GMT Content-Encoding gzip Last-Modified Tue, 24 Jan 2017 20:39:49 GMT Server Apache/2.4.18 (Ubuntu) ETag "a3b3-546dd1e09b39d-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 11814
GET H/1.1	200 OK	jquery.fancybox-1.3.4.js Show response gate.customintercept.com/thirdParty/fancybox/	29 KB 8 KB	295ms 101ms	Script application/javascript	138.197.69.238 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://gate.customintercept.com/thirdParty/fancybox/jquery.fancybox-1.3.4.js Requested by Host: gate.customintercept.com URL: https://gate.customintercept.com/Northwestern_RyanField Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 138.197.69.238 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS gate.customintercept.com Software Apache/2.4.18 (Ubuntu) / Resource Hash `550da296bfff54193e141d0934e2dcb71a210b975c547eb56bdd96f3adab2281` Request headers Accept-Language de-DE,de;q=0.9 Referer https://gate.customintercept.com/Northwestern_RyanField User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Sun, 07 Nov 2021 07:15:57 GMT Content-Encoding gzip Last-Modified Tue, 24 Jan 2017 20:39:52 GMT Server Apache/2.4.18 (Ubuntu) ETag "72d6-546dd1e3df29f-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 7525
GET H/1.1	200 OK	scripts.js Show response gate.customintercept.com/js/	1 KB 944 B	293ms 98ms	Script application/javascript	138.197.69.238 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://gate.customintercept.com/js/scripts.js Requested by Host: gate.customintercept.com URL: https://gate.customintercept.com/Northwestern_RyanField Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 138.197.69.238 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS gate.customintercept.com Software Apache/2.4.18 (Ubuntu) / Resource Hash `e4586c1d82d445654ae6f3451e088262521b45ec7e3ace1478f511246e970071` Request headers Accept-Language de-DE,de;q=0.9 Referer https://gate.customintercept.com/Northwestern_RyanField User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Sun, 07 Nov 2021 07:15:57 GMT Content-Encoding gzip Last-Modified Tue, 24 Jan 2017 20:39:06 GMT Server Apache/2.4.18 (Ubuntu) ETag "548-546dd1b785a3f-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 594
GET H/1.1	200 OK	nw_logo.png gate.customintercept.com/Northwestern_RyanField/unprotected/	7 KB 7 KB	108ms 108ms	Image image/png	138.197.69.238 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://gate.customintercept.com/Northwestern_RyanField/unprotected/nw_logo.png Requested by Host: gate.customintercept.com URL: https://gate.customintercept.com/Northwestern_RyanField Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 138.197.69.238 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS gate.customintercept.com Software Apache/2.4.18 (Ubuntu) / Resource Hash `ffebbd841c0351063655d49e0f1e71a80df730f0fa9fd1131cc893d628647296` Request headers Accept-Language de-DE,de;q=0.9 Referer https://gate.customintercept.com/Northwestern_RyanField User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Pragma no-cache Date Sun, 07 Nov 2021 07:15:57 GMT Server Apache/2.4.18 (Ubuntu) Content-Type image/png Cache-Control no-store, no-cache, must-revalidate Connection close Content-Length 7336 Expires Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			l.paciolanmail.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: narnwdbtnvbgbapq25jytgqc
			gate.customintercept.com/	1969-12-31 23:59:59	Name: GateKeeper3 Value: lu6nee5g50pmfgpfhpl8bkgh70

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

gate.customintercept.com
l.paciolanmail.com
138.197.69.238
63.148.46.72
246fa364a8c1e933cc3b5d29f82bdf4466d158e9763e41ac64722a6f7a0be3d6
2db9bf7d437bb8761cb435030db6612e8e0919022940091508042eac76eb2769
3551e685fe26a448a8a98f57f617241ea2e5c7f42bd786bfda4f454f6d0a6d3b
550da296bfff54193e141d0934e2dcb71a210b975c547eb56bdd96f3adab2281
743f10487e12333ec2ae70d0ec0ddc4a3da581b5b592e190359c8c31e86b4688
8c574e0a06396dfa7064b8b460e0e4a8d5d0748c4aa66eb2e4efdfcb46da4b31
9739afa0c06938f51fc08ee0df97f53937142077f315a2bd169c1bc348f0a753
e4586c1d82d445654ae6f3451e088262521b45ec7e3ace1478f511246e970071
ffebbd841c0351063655d49e0f1e71a80df730f0fa9fd1131cc893d628647296

gate.customintercept.com Open in urlscan Pro 138.197.69.238 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

9 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

1 IPs

1 Countries

66 kBTransfer

182 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

2 Cookies

Indicators

gate.customintercept.com Open in urlscan Pro
138.197.69.238 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

66 kB
Transfer

182 kB
Size

2
Cookies

9 HTTP transactions
0 data transactions