ks.itic.occinc.com Open in urlscan Pro
12.31.197.100 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://us-west-2.protection.sophos.com/?d=occinc.com&u=aHR0cDovL2tzLml0aWMub2NjaW5jLmNvbS9pTWVudS9rcw==&i=NWFmYWViM2I5ZGI3ZmMxMzRjYmRhO...
Effective URL:
https://ks.itic.occinc.com/kslogin/login.jsp;jsessionid=F167D3C42B0D71FCC37293031F60AF65?sessionID=null&db=ks
Submission: On February 15 via manual (February 15th 2023, 8:27:18 pm UTC) — Scanned from DE

Summary HTTP 15 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 15 HTTP transactions. The main IP is 12.31.197.100, located in Enid, United States and belongs to ATT-INTERNET4, US. The main domain is ks.itic.occinc.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 11th 2022. Valid for: a year.

This is the only time ks.itic.occinc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.224.189.108 13.224.189.108	16509 (AMAZON-02) (AMAZON-02)
2 15	12.31.197.100 12.31.197.100	7018 (ATT-INTER...) (ATT-INTERNET4)
2	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
15	2

1 13.224.189.108 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-108.fra2.r.cloudfront.net

us-west-2.protection.sophos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 12.31.197.100 (Enid, United States) 2 redirects

ASN7018 (ATT-INTERNET4, US)
PTR: smtp1.ks.occinc.com

ks.itic.occinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	occinc.com 2 redirects ks.itic.occinc.com	301 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 41	20 KB
1	sophos.com 1 redirects us-west-2.protection.sophos.com — Cisco Umbrella Rank: 112807	396 B
15	3

	Domain	Requested by
15	ks.itic.occinc.com	2 redirects ks.itic.occinc.com
2	www.google-analytics.com	ks.itic.occinc.com www.google-analytics.com
1	us-west-2.protection.sophos.com	1 redirects
15	3

This site contains links to these domains. Also see Links.

Domain
www.facebook.com

Subject Issuer	Validity	Valid
occinc.com Sectigo RSA Domain Validation Secure Server CA	`2022-07-11` - `2023-08-11`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ks.itic.occinc.com/kslogin/login.jsp;jsessionid=F167D3C42B0D71FCC37293031F60AF65?sessionID=null&db=ks
Frame ID: E1FFB3F63EFD12E376540EE76CCDEE61
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ITIC

Page URL History Show full URLs

https://us-west-2.protection.sophos.com/?d=occinc.com&u=aHR0cDovL2tzLml0aWMub2NjaW5jLmNvbS9pTWVudS9rcw==&i=NWFmYWViM... HTTP 302
http://ks.itic.occinc.com/iMenu/ks HTTP 301
http://ks.itic.occinc.com/iMenu/ks/ Page URL
https://ks.itic.occinc.com/kslogin/servlet/Login?db=ks HTTP 302
https://ks.itic.occinc.com/kslogin/login.jsp;jsessionid=F167D3C42B0D71FCC37293031F60AF65?sessionID=null... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

15
Requests

93 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

320 kB
Transfer

430 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.facebook.com/Kansas811

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://us-west-2.protection.sophos.com/?d=occinc.com&u=aHR0cDovL2tzLml0aWMub2NjaW5jLmNvbS9pTWVudS9rcw==&i=NWFmYWViM2I5ZGI3ZmMxMzRjYmRhOThh&t=cW5vM0pWRU1KZHVoRitsdnYyVmdiVmxxZC83dGk5NG5VVGU4eWpvbHNUVT0=&h=00b4a1c4479049c1a16babc06b986906&s=AVNPUEhUT0NFTkNSWVBUSVayOHlsR4GYf_iL2gbmiXIPw-J0IWte16_fp51AOMV9ow HTTP 302
http://ks.itic.occinc.com/iMenu/ks HTTP 301
http://ks.itic.occinc.com/iMenu/ks/ Page URL
https://ks.itic.occinc.com/kslogin/servlet/Login?db=ks HTTP 302
https://ks.itic.occinc.com/kslogin/login.jsp;jsessionid=F167D3C42B0D71FCC37293031F60AF65?sessionID=null&db=ks Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://us-west-2.protection.sophos.com/?d=occinc.com&u=aHR0cDovL2tzLml0aWMub2NjaW5jLmNvbS9pTWVudS9rcw==&i=NWFmYWViM2I5ZGI3ZmMxMzRjYmRhOThh&t=cW5vM0pWRU1KZHVoRitsdnYyVmdiVmxxZC83dGk5NG5VVGU4eWpvbHNUVT0=&h=00b4a1c4479049c1a16babc06b986906&s=AVNPUEhUT0NFTkNSWVBUSVayOHlsR4GYf_iL2gbmiXIPw-J0IWte16_fp51AOMV9ow HTTP 302
http://ks.itic.occinc.com/iMenu/ks HTTP 301
http://ks.itic.occinc.com/iMenu/ks/

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
ks.itic.occinc.com/iMenu/ks/
Redirect Chain

https://us-west-2.protection.sophos.com/?d=occinc.com&u=aHR0cDovL2tzLml0aWMub2NjaW5jLmNvbS9pTWVudS9rcw==&i=NWFmYWViM2I5ZGI3ZmMxMzRjYmRhOThh&t=cW5vM0pWRU1KZHVoRitsdnYyVmdiVmxxZC83dGk5NG5VVGU4eWpvbHN...
http://ks.itic.occinc.com/iMenu/ks
http://ks.itic.occinc.com/iMenu/ks/

265 B
543 B

137ms
137ms

Document
text/html

12.31.197.100
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: http://ks.itic.occinc.com/iMenu/ks/
Protocol: HTTP/1.1
Server: 12.31.197.100 Enid, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS: smtp1.ks.occinc.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 89dd2d949bbfa716dc2be95e51ec68793a1510b864f1bf91dc46d8f778aef8cc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 207
Content-Type: text/html
Date: Wed, 15 Feb 2023 20:27:14 GMT
ETag: "109-5549ea03f4248-gzip"
Keep-Alive: timeout=5, max=99
Last-Modified: Tue, 18 Jul 2017 21:59:13 GMT
Server: Apache/2.4.18 (Ubuntu)
Vary: Accept-Encoding

Redirect headers

Connection: Keep-Alive
Content-Length: 327
Content-Type: text/html; charset=iso-8859-1
Date: Wed, 15 Feb 2023 20:27:14 GMT
Keep-Alive: timeout=5, max=100
Location: http://ks.itic.occinc.com/iMenu/ks/
Server: Apache/2.4.18 (Ubuntu)

GET
H/1.1

200

Primary Request login.jsp;jsessionid=F167D3C42B0D71FCC37293031F60AF65 Show response
ks.itic.occinc.com/kslogin/
Redirect Chain

https://ks.itic.occinc.com/kslogin/servlet/Login?db=ks
https://ks.itic.occinc.com/kslogin/login.jsp;jsessionid=F167D3C42B0D71FCC37293031F60AF65?sessionID=null&db=ks

11 KB
4 KB

155ms
155ms

Document
text/html

12.31.197.100
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://ks.itic.occinc.com/kslogin/login.jsp;jsessionid=F167D3C42B0D71FCC37293031F60AF65?sessionID=null&db=ks
Requested by: Host: ks.itic.occinc.com
URL: http://ks.itic.occinc.com/iMenu/ks/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 12.31.197.100 Enid, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS: smtp1.ks.occinc.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: dfe4c33865d8206f3b1d0e11144d367965f10aa444cbdb1504c29db768b16100

Request headers

Referer: http://ks.itic.occinc.com/iMenu/ks/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1000
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 3302
Content-Type: text/html;charset=ISO-8859-1
Date: Wed, 15 Feb 2023 20:27:14 GMT
Keep-Alive: timeout=5, max=99
Server: Apache/2.4.18 (Ubuntu)
Vary: Accept-Encoding

Redirect headers

Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1000
Connection: Keep-Alive
Content-Length: 0
Date: Wed, 15 Feb 2023 20:27:14 GMT
Keep-Alive: timeout=5, max=100
Location: ../login.jsp;jsessionid=F167D3C42B0D71FCC37293031F60AF65?sessionID=null&db=ks
Server: Apache/2.4.18 (Ubuntu)

GET
H/1.1 200 skin.css
ks.itic.occinc.com/kslogin/assets/css/ 39 KB
7 KB 136ms
136ms Stylesheet
text/css 12.31.197.100
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://ks.itic.occinc.com/kslogin/assets/css/skin.css?1
Requested by: Host: ks.itic.occinc.com
URL: https://ks.itic.occinc.com/kslogin/login.jsp;jsessionid=F167D3C42B0D71FCC37293031F60AF65?sessionID=null&db=ks
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 12.31.197.100 Enid, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS: smtp1.ks.occinc.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: adbdd5be7533ba6b458e61d222c4f9f90985b19e02ae8cc699ec977ad44aa705

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ks.itic.occinc.com/kslogin/login.jsp;jsessionid=F167D3C42B0D71FCC37293031F60AF65?sessionID=null&db=ks
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 20:27:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Sep 2022 03:21:40 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: W/"40360-1663125700000-gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1000
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 6990
Keep-Alive: timeout=5, max=98

GET
H/1.1 200 keith.css
ks.itic.occinc.com/kslogin/assets/css/ 10 KB
3 KB 273ms
134ms Stylesheet
text/css 12.31.197.100
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://ks.itic.occinc.com/kslogin/assets/css/keith.css?1
Requested by: Host: ks.itic.occinc.com
URL: https://ks.itic.occinc.com/kslogin/login.jsp;jsessionid=F167D3C42B0D71FCC37293031F60AF65?sessionID=null&db=ks
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 12.31.197.100 Enid, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS: smtp1.ks.occinc.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: c14d415732c5aa2bf2f6c97a11917e276463371c41dced9c378d094e6879b7b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ks.itic.occinc.com/kslogin/login.jsp;jsessionid=F167D3C42B0D71FCC37293031F60AF65?sessionID=null&db=ks
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 20:27:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Sep 2022 03:21:40 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: W/"10646-1663125700000-gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1000
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 2194
Keep-Alive: timeout=5, max=97

GET
H/1.1 200 findusonfacebook.gif
ks.itic.occinc.com/kslogin/images/ 1 KB
2 KB 396ms
134ms Image
image/gif 12.31.197.100
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ks.itic.occinc.com/kslogin/images/findusonfacebook.gif
Requested by: Host: ks.itic.occinc.com
URL: https://ks.itic.occinc.com/kslogin/login.jsp;jsessionid=F167D3C42B0D71FCC37293031F60AF65?sessionID=null&db=ks
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 12.31.197.100 Enid, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS: smtp1.ks.occinc.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 2e3b0fe673623343b9947c6130d631a0aada6603c31d4bd5b2e795fdfa77d5c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ks.itic.occinc.com/kslogin/login.jsp;jsessionid=F167D3C42B0D71FCC37293031F60AF65?sessionID=null&db=ks
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 20:27:15 GMT
Last-Modified: Wed, 14 Sep 2022 03:21:40 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: W/"1447-1663125700000"
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 1447
Keep-Alive: timeout=5, max=96

GET
H/1.1 200 mobile.css
ks.itic.occinc.com/kslogin/assets/css/ 47 KB
8 KB 402ms
140ms Stylesheet
text/css 12.31.197.100
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://ks.itic.occinc.com/kslogin/assets/css/mobile.css?1
Requested by: Host: ks.itic.occinc.com
URL: https://ks.itic.occinc.com/kslogin/login.jsp;jsessionid=F167D3C42B0D71FCC37293031F60AF65?sessionID=null&db=ks
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 12.31.197.100 Enid, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS: smtp1.ks.occinc.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 5c175f7da624dc9535385921d952af77ee7bc534ff24708ce9ca58413d9487eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ks.itic.occinc.com/kslogin/login.jsp;jsessionid=F167D3C42B0D71FCC37293031F60AF65?sessionID=null&db=ks
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 20:27:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Sep 2022 03:21:40 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: W/"47883-1663125700000-gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 1000
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 7944
Keep-Alive: timeout=5, max=100

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 51ms
17ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: ks.itic.occinc.com
URL: https://ks.itic.occinc.com/kslogin/login.jsp;jsessionid=F167D3C42B0D71FCC37293031F60AF65?sessionID=null&db=ks

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ks.itic.occinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 15 Feb 2023 18:43:15 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 6240
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Wed, 15 Feb 2023 20:43:15 GMT

GET
H/1.1 200 header.jpg
ks.itic.occinc.com/kslogin/assets/images/ 1 KB
2 KB 278ms
138ms Image
image/jpeg 12.31.197.100
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ks.itic.occinc.com/kslogin/assets/images/header.jpg
Requested by: Host: ks.itic.occinc.com
URL: https://ks.itic.occinc.com/kslogin/assets/css/skin.css?1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 12.31.197.100 Enid, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS: smtp1.ks.occinc.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 43f8ecbc3bfd3d5148b22ff51f9e181265269e484d8e0053976e30f548372dab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ks.itic.occinc.com/kslogin/assets/css/skin.css?1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 20:27:15 GMT
Last-Modified: Wed, 14 Sep 2022 03:21:40 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: W/"1459-1663125700000"
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 1459
Keep-Alive: timeout=5, max=99

GET
H/1.1 200 mainSprite.png
ks.itic.occinc.com/kslogin/assets/images/ 179 KB
179 KB 409ms
137ms Image
image/png 12.31.197.100
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ks.itic.occinc.com/kslogin/assets/images/mainSprite.png
Requested by: Host: ks.itic.occinc.com
URL: https://ks.itic.occinc.com/kslogin/assets/css/skin.css?1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 12.31.197.100 Enid, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS: smtp1.ks.occinc.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: b9a7e41d614b2a3a335e1ebb9b4c46d9be5bc56881244d614b493fd09c69c0ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ks.itic.occinc.com/kslogin/assets/css/skin.css?1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 20:27:15 GMT
Last-Modified: Wed, 14 Sep 2022 03:21:40 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: W/"183094-1663125700000"
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 183094
Keep-Alive: timeout=5, max=100

GET
H/1.1 200 logSide.gif
ks.itic.occinc.com/kslogin/assets/images/ 3 KB
3 KB 408ms
136ms Image
image/gif 12.31.197.100
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ks.itic.occinc.com/kslogin/assets/images/logSide.gif
Requested by: Host: ks.itic.occinc.com
URL: https://ks.itic.occinc.com/kslogin/assets/css/skin.css?1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 12.31.197.100 Enid, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS: smtp1.ks.occinc.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: b76fbf6bee21e2e43b217dfa53e796b920db62bf163fa41a311210970e54f957

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ks.itic.occinc.com/kslogin/assets/css/skin.css?1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 20:27:15 GMT
Last-Modified: Wed, 14 Sep 2022 03:21:40 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: W/"2807-1663125700000"
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 2807
Keep-Alive: timeout=5, max=100

GET
H/1.1 200 logMid.gif
ks.itic.occinc.com/kslogin/assets/images/ 1 KB
2 KB 415ms
137ms Image
image/gif 12.31.197.100
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ks.itic.occinc.com/kslogin/assets/images/logMid.gif
Requested by: Host: ks.itic.occinc.com
URL: https://ks.itic.occinc.com/kslogin/assets/css/keith.css?1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 12.31.197.100 Enid, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS: smtp1.ks.occinc.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 37a29ffbbabdc0674739d22e8b5ddab3984da9fd307828542ae2d6a395d29ef8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ks.itic.occinc.com/kslogin/assets/css/keith.css?1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 20:27:15 GMT
Last-Modified: Wed, 14 Sep 2022 03:21:40 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: W/"1437-1663125700000"
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 1437
Keep-Alive: timeout=5, max=98

GET
H/1.1 200 spriteTwo.png
ks.itic.occinc.com/kslogin/assets/images/ 39 KB
40 KB 257ms
134ms Image
image/png 12.31.197.100
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ks.itic.occinc.com/kslogin/assets/images/spriteTwo.png
Requested by: Host: ks.itic.occinc.com
URL: https://ks.itic.occinc.com/kslogin/assets/css/skin.css?1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 12.31.197.100 Enid, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS: smtp1.ks.occinc.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: bf36161d2cbcdb2b1e37ddc516bc9ed08bffb9925864cd7f18d3d297bb914f21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ks.itic.occinc.com/kslogin/assets/css/skin.css?1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 20:27:15 GMT
Last-Modified: Wed, 14 Sep 2022 03:21:40 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: W/"39933-1663125700000"
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 39933
Keep-Alive: timeout=5, max=95

GET
H/1.1 200 gotham-bold-webfont.woff
ks.itic.occinc.com/kslogin/assets/fonts/ 24 KB
24 KB 148ms
142ms Font
application/x-font-woff 12.31.197.100
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://ks.itic.occinc.com/kslogin/assets/fonts/gotham-bold-webfont.woff
Requested by: Host: ks.itic.occinc.com
URL: https://ks.itic.occinc.com/kslogin/assets/css/skin.css?1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 12.31.197.100 Enid, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS: smtp1.ks.occinc.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 59dadb0c5171cd808e825a25d3ce394bf12d33b865c63f7d04ee0a755731abfe

Request headers

Referer: https://ks.itic.occinc.com/kslogin/assets/css/skin.css?1
Origin: https://ks.itic.occinc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 20:27:15 GMT
Last-Modified: Wed, 14 Sep 2022 03:21:40 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: W/"24208-1663125700000"
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: application/x-font-woff
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 24208
Keep-Alive: timeout=5, max=100

GET
H/1.1 200 gotham-book-webfont.woff
ks.itic.occinc.com/kslogin/assets/fonts/ 25 KB
25 KB 144ms
138ms Font
application/x-font-woff 12.31.197.100
ATT-INTERNET4

General

Check archive.org

Show headers Download Go to

Full URL: https://ks.itic.occinc.com/kslogin/assets/fonts/gotham-book-webfont.woff
Requested by: Host: ks.itic.occinc.com
URL: https://ks.itic.occinc.com/kslogin/assets/css/skin.css?1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 12.31.197.100 Enid, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS: smtp1.ks.occinc.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: ec0e9902f414437598dbb62632105b22b0e7daa91ad697a5d2edb33c3b35913e

Request headers

Referer: https://ks.itic.occinc.com/kslogin/assets/css/skin.css?1
Origin: https://ks.itic.occinc.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36

Response headers

Date: Wed, 15 Feb 2023 20:27:15 GMT
Last-Modified: Wed, 14 Sep 2022 03:21:40 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: W/"25244-1663125700000"
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: application/x-font-woff
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token
Content-Length: 25244
Keep-Alive: timeout=5, max=100

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
209 B 18ms
17ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1697022713&t=pageview&_s=1&dl=https%3A%2F%2Fks.itic.occinc.com%2Fkslogin%2Flogin.jsp%3Bjsessionid%3DF167D3C42B0D71FCC37293031F60AF65%3FsessionID%3Dnull%26db%3Dks&ul=en-us&de=windows-1252&dt=ITIC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1960882050&gjid=1237769135&cid=1077880110.1676492836&tid=UA-53066203-3&_gid=1476529697.1676492836&_r=1&_slc=1&z=479992999

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ks.itic.occinc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 15 Feb 2023 20:27:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ks.itic.occinc.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ks.itic.occinc.com/kslogin/servlet	1970-01-20 09:42:59	Name: itic_login_db Value: ks
ks.itic.occinc.com/kslogin	1969-12-31 23:59:59	Name: JSESSIONID Value: F167D3C42B0D71FCC37293031F60AF65
.occinc.com/	1970-01-20 19:17:32	Name: _ga Value: GA1.2.1077880110.1676492836
.occinc.com/	1970-01-20 09:42:59	Name: _gid Value: GA1.2.1476529697.1676492836
.occinc.com/	1970-01-20 09:41:32	Name: _gat Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ks.itic.occinc.com
us-west-2.protection.sophos.com
www.google-analytics.com
12.31.197.100
13.224.189.108
2001:4860:4802:32::178
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2e3b0fe673623343b9947c6130d631a0aada6603c31d4bd5b2e795fdfa77d5c0
37a29ffbbabdc0674739d22e8b5ddab3984da9fd307828542ae2d6a395d29ef8
43f8ecbc3bfd3d5148b22ff51f9e181265269e484d8e0053976e30f548372dab
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59dadb0c5171cd808e825a25d3ce394bf12d33b865c63f7d04ee0a755731abfe
5c175f7da624dc9535385921d952af77ee7bc534ff24708ce9ca58413d9487eb
89dd2d949bbfa716dc2be95e51ec68793a1510b864f1bf91dc46d8f778aef8cc
adbdd5be7533ba6b458e61d222c4f9f90985b19e02ae8cc699ec977ad44aa705
b76fbf6bee21e2e43b217dfa53e796b920db62bf163fa41a311210970e54f957
b9a7e41d614b2a3a335e1ebb9b4c46d9be5bc56881244d614b493fd09c69c0ec
bf36161d2cbcdb2b1e37ddc516bc9ed08bffb9925864cd7f18d3d297bb914f21
c14d415732c5aa2bf2f6c97a11917e276463371c41dced9c378d094e6879b7b3
dfe4c33865d8206f3b1d0e11144d367965f10aa444cbdb1504c29db768b16100
ec0e9902f414437598dbb62632105b22b0e7daa91ad697a5d2edb33c3b35913e

ks.itic.occinc.com Open in urlscan Pro 12.31.197.100 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

93 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

2 IPs

1 Countries

320 kBTransfer

430 kBSize

5 Cookies

1 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

5 Cookies

Indicators

ks.itic.occinc.com Open in urlscan Pro
12.31.197.100 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

93 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

320 kB
Transfer

430 kB
Size

5
Cookies

15 HTTP transactions
0 data transactions