www.nctcog.org Open in urlscan Pro
45.60.13.170 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://nctcog.lt.acemlna.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZ3d3cubmN0Y29nLm9yZyUyRmdldG1lZGlhJTJGNGZhMjIwOT...
Effective URL:
https://www.nctcog.org/getmedia/4fa22098-1c5a-47fb-9acb-a9d3a6e5767c/SurveyMonkey_515401486-5.pdf
Submission: On April 24 via manual (April 24th 2024, 3:01:53 pm UTC) from IN — Scanned from DE

Summary HTTP 2 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 2 HTTP transactions. The main IP is 45.60.13.170, located in United States and belongs to INCAPSULA, US. The main domain is www.nctcog.org.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on March 27th 2024. Valid for: a month.

This is the only time www.nctcog.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.7.103.64 52.7.103.64	14618 (AMAZON-AES) (AMAZON-AES)
2	45.60.13.170 45.60.13.170	19551 (INCAPSULA) (INCAPSULA)
2	1

1 52.7.103.64 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-103-64.compute-1.amazonaws.com

nctcog.lt.acemlna.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.60.13.170 (United States)

ASN19551 (INCAPSULA, US)

www.nctcog.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	nctcog.org www.nctcog.org	32 KB
1	acemlna.com 1 redirects nctcog.lt.acemlna.com	293 B
2	2

	Domain	Requested by
2	www.nctcog.org
1	nctcog.lt.acemlna.com	1 redirects
2	2

This site contains no links.

Subject Issuer	Validity	Valid
*.nctcog.org DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-27` - `2024-05-08`	a month	crt.sh

This page contains 1 frames:

Primary Page: https://www.nctcog.org/getmedia/4fa22098-1c5a-47fb-9acb-a9d3a6e5767c/SurveyMonkey_515401486-5.pdf
Frame ID: 6F4F24383909105E309AFB5FCD518D3A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://nctcog.lt.acemlna.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZ3d3cubmN0Y29nLm9yZyUyRmdldG... HTTP 302
https://www.nctcog.org/getmedia/4fa22098-1c5a-47fb-9acb-a9d3a6e5767c/SurveyMonkey_515401486-5.pdf Page URL

Page Statistics

2
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

32 kB
Transfer

32 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://nctcog.lt.acemlna.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZ3d3cubmN0Y29nLm9yZyUyRmdldG1lZGlhJTJGNGZhMjIwOTgtMWM1YS00N2ZiLTlhY2ItYTlkM2E2ZTU3NjdjJTJGU3VydmV5TW9ua2V5XzUxNTQwMTQ4Ni01LnBkZg==&sig=BW5z4ywytre5pcRT58GXQXYCpB4qn3jeaJhcdbJxsDoa&iat=1713967317&a=%7C%7C1000167758%7C%7C&account=nctcog.activehosted.com&email=8aHM8fslLohDiGiWnBxMCuzkFn3Br9eI%2F3PRBenPpmQO4fSfoEwbRqw1IA%3D%3D%3AWjHFGamH38798Kce5Dy0i5j3U5VjKr3w&s=acd5d9c8f8560084a5728db338ab43b4&i=3542A3677A61A50864 HTTP 302
https://www.nctcog.org/getmedia/4fa22098-1c5a-47fb-9acb-a9d3a6e5767c/SurveyMonkey_515401486-5.pdf Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request SurveyMonkey_515401486-5.pdf Show response www.nctcog.org/getmedia/4fa22098-1c5a-47fb-9acb-a9d3a6e5767c/ Redirect Chain https://nctcog.lt.acemlna.com/Prod/link-tracker?redirectUrl=aHR0cHMlM0ElMkYlMkZ3d3cubmN0Y29nLm9yZyUyRmdldG1lZGlhJTJGNGZhMjIwOTgtMWM1YS00N2ZiLTlhY2ItYTlkM2E2ZTU3NjdjJTJGU3VydmV5TW9ua2V5XzUxNTQwMTQ4N... https://www.nctcog.org/getmedia/4fa22098-1c5a-47fb-9acb-a9d3a6e5767c/SurveyMonkey_515401486-5.pdf	345 B 0	741ms 587ms	Document application/pdf	45.60.13.170 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://www.nctcog.org/getmedia/4fa22098-1c5a-47fb-9acb-a9d3a6e5767c/SurveyMonkey_515401486-5.pdf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.13.170 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `47f44ea26b1baaef63f58a74e56f952f19acb436a972c02e31c8b6029cd9e6bf` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes cache-control public, must-revalidate content-disposition inline; filename=SurveyMonkey_515401486-5.pdf content-length 72175 content-type application/pdf date Wed, 24 Apr 2024 15:01:48 GMT etag "638487809643595898" expires Wed, 24 Apr 2024 15:01:49 GMT last-modified Mon, 15 Apr 2024 17:29:24 GMT request-context appId=cid-v1:6a040403-9263-4841-9de4-11279e6271e0 server Microsoft-IIS/10.0 x-cdn Imperva x-iinfo 13-143348917-143015218 pNNy RT(1713970908246 456) q(0 0 0 26) r(1 1) U24 x-powered-by ASP.NET Redirect headers content-length 0 content-type application/json date Wed, 24 Apr 2024 15:01:48 GMT location https://www.nctcog.org/getmedia/4fa22098-1c5a-47fb-9acb-a9d3a6e5767c/SurveyMonkey_515401486-5.pdf x-amz-apigw-id WvHCeGaCIAMEckA= x-amzn-requestid 8df4e75c-05b0-4e54-bcc8-f4dda82c675a x-amzn-trace-id Root=1-66291edc-4a3b8e6a764572bd7956da6b;Parent=0ee85689305a218b;Sampled=0;lineage=12ce62b2:0 x-robots-tag noindex
GET H2	200	favicon.ico www.nctcog.org/	31 KB 32 KB	180ms 180ms	Other image/x-icon	45.60.13.170 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://www.nctcog.org/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.13.170 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `a94f8a8553caea8430dd4ca3cc01d4e318d19828f74cb65453ffb7f5d9e2f44d` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.nctcog.org/getmedia/4fa22098-1c5a-47fb-9acb-a9d3a6e5767c/SurveyMonkey_515401486-5.pdf Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 24 Apr 2024 15:01:48 GMT last-modified Wed, 02 Nov 2022 17:32:08 GMT server Microsoft-IIS/10.0 x-cdn Imperva etag "1d8eee108322126" x-powered-by ASP.NET content-type image/x-icon x-iinfo 13-143348917-143348951 nNNY RT(1713970908246 683) q(0 0 0 -1) r(0 1) U24 accept-ranges bytes content-length 32038 request-context appId=cid-v1:6a040403-9263-4841-9de4-11279e6271e0

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.nctcog.org/	1969-12-31 23:59:59	Name: ARRAffinity Value: b13bb339e1ac28f5b31d8289818f929ee76838eb63e5c727c2b61a385a402597
.www.nctcog.org/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: b13bb339e1ac28f5b31d8289818f929ee76838eb63e5c727c2b61a385a402597
.nctcog.org/	1969-12-31 23:59:59	Name: nlbi_1242627 Value: PnEXXVrVk2Y27ZuTPRUrwAAAAAD+Tct2yoE4lJ3pfNiEfh5V
.nctcog.org/	1970-01-21 04:50:47	Name: visid_incap_1242627 Value: Dywx+XRZRYSGAgYAcyfc4dweKWYAAAAAQUIPAAAAAACNj58GOR3nQPGIw+nOkOtG
.nctcog.org/	1969-12-31 23:59:59	Name: incap_ses_8077_1242627 Value: 6hj0Ng/tpQ4q1Z2RuUQXcNweKWYAAAAA6El4TERGffNetTkzk0fQAw==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

nctcog.lt.acemlna.com
www.nctcog.org
45.60.13.170
52.7.103.64
47f44ea26b1baaef63f58a74e56f952f19acb436a972c02e31c8b6029cd9e6bf
a94f8a8553caea8430dd4ca3cc01d4e318d19828f74cb65453ffb7f5d9e2f44d

www.nctcog.org Open in urlscan Pro 45.60.13.170 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

2 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

1 IPs

1 Countries

32 kBTransfer

32 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

2 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

5 Cookies

Indicators

www.nctcog.org Open in urlscan Pro
45.60.13.170 Public Scan

Screenshot
Live screenshot

Full Image

2
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

32 kB
Transfer

32 kB
Size

5
Cookies

2 HTTP transactions
0 data transactions