ftpadmin-update12.update.ch

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 6 HTTP transactions. The main IP is 178.209.55.16, located in Zurich, Switzerland and belongs to NINE, CH. The main domain is ftpadmin-update12.update.ch.
TLS certificate: Issued by R3 on September 15th 2021. Valid for: 3 months.

This is the only time ftpadmin-update12.update.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	178.209.55.16 178.209.55.16	29691 (NINE) (NINE)
1	172.217.20.10 172.217.20.10	15169 (GOOGLE) (GOOGLE)
2	216.58.212.163 216.58.212.163	15169 (GOOGLE) (GOOGLE)
6	3

4 178.209.55.16 (Zurich, Switzerland) 1 redirects

ASN29691 (NINE, CH)
PTR: update12.nine.ch

ftpadmin-update12.update.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.20.10 (United States)

ASN15169 (GOOGLE, US)
PTR: ham02s13-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.163 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	update.ch 1 redirects ftpadmin-update12.update.ch	43 KB
2	gstatic.com fonts.gstatic.com	32 KB
1	googleapis.com fonts.googleapis.com	1 KB
6	3

	Domain	Requested by
4	ftpadmin-update12.update.ch	1 redirects ftpadmin-update12.update.ch
2	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	ftpadmin-update12.update.ch
6	3

This site contains no links.

Subject Issuer	Validity	Valid
ftpadmin-update12.update.ch R3	`2021-09-15` - `2021-12-14`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ftpadmin-update12.update.ch/ftpadm/login
Frame ID: 3E408CF747EACA18AB3C411E3BED8EDB
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FTPAdmin2 | FTP-Administration

Page URL History Show full URLs

https://ftpadmin-update12.update.ch/ HTTP 301
https://ftpadmin-update12.update.ch/ftpadm/login Page URL

Page Statistics

6
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

76 kB
Transfer

165 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ftpadmin-update12.update.ch/ HTTP 301
https://ftpadmin-update12.update.ch/ftpadm/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
ftpadmin-update12.update.ch/ftpadm/
Redirect Chain

https://ftpadmin-update12.update.ch/
https://ftpadmin-update12.update.ch/ftpadm/login

2 KB
2 KB

26ms
25ms

Document
text/html

178.209.55.16
NINE

General

Check archive.org

Show headers Download Go to

Full URL

https://ftpadmin-update12.update.ch/ftpadm/login

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

178.209.55.16 Zurich, Switzerland, ASN29691 (NINE, CH),

Reverse DNS

update12.nine.ch

Software

thin /

Resource Hash

565c5238345aec7616f6600f4dea3208aa2bee1d0673c01855d7b176c01e41fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: ftpadmin-update12.update.ch
:scheme: https
:path: /ftpadm/login
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 16 Sep 2021 00:28:39 GMT
server: thin
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
content-type: text/html; charset=utf-8
etag: W/"565c5238345aec7616f6600f4dea3208-gzip"
cache-control: max-age=0, private, must-revalidate
x-request-id: ffa62bb1-3534-490d-9075-21a5e23262ee
x-runtime: 0.010252
set-cookie: _ftpadmin2_session=Znk0NGdsYTkyUXVaVVVsVG1jdW8wVU1DRG8wMWRxdTgyUVVLSjZDQStSNWVpT1FXQzBEa0FSOW9jQXlIRVdmNnA4T0VYVFdXSm56UGV4cDFlRHJHbWpwVGp5UDlCc2FvVHVCVDNFT3FmdzlHeVp3RDE4a0kzYndyNmdhV0hsamtMcFhhdUEzTGVKcDRQeUtBdUtZMTFIQzhubHZwTEdEYTJTdXByQVlKRi9JPS0tazhPZXJBQkUzNU00OW8wRlFPdlBadz09--895ac5f51a5eff8216c2ab8687d7b437d52802ca; path=/; HttpOnly
vary: Accept-Encoding
content-encoding: gzip

Redirect headers

date: Thu, 16 Sep 2021 00:28:39 GMT
server: Apache
location: https://ftpadmin-update12.update.ch/ftpadm/login
content-length: 256
content-type: text/html; charset=iso-8859-1

GET
H2 200 application-b7ad01510d482939c58753e9ff43647edf6bc2ad1f5f20463c8332601b3c0124.css
ftpadmin-update12.update.ch/ftpadm/assets/ 15 KB
4 KB 19ms
18ms Stylesheet
text/css 178.209.55.16
NINE

General

Check archive.org

Show headers Download Go to

Full URL: https://ftpadmin-update12.update.ch/ftpadm/assets/application-b7ad01510d482939c58753e9ff43647edf6bc2ad1f5f20463c8332601b3c0124.css
Requested by: Host: ftpadmin-update12.update.ch
URL: https://ftpadmin-update12.update.ch/ftpadm/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.209.55.16 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS: update12.nine.ch
Software: thin /
Resource Hash: b7ad01510d482939c58753e9ff43647edf6bc2ad1f5f20463c8332601b3c0124

Request headers

:path: /ftpadm/assets/application-b7ad01510d482939c58753e9ff43647edf6bc2ad1f5f20463c8332601b3c0124.css
pragma: no-cache
cookie: _ftpadmin2_session=Znk0NGdsYTkyUXVaVVVsVG1jdW8wVU1DRG8wMWRxdTgyUVVLSjZDQStSNWVpT1FXQzBEa0FSOW9jQXlIRVdmNnA4T0VYVFdXSm56UGV4cDFlRHJHbWpwVGp5UDlCc2FvVHVCVDNFT3FmdzlHeVp3RDE4a0kzYndyNmdhV0hsamtMcFhhdUEzTGVKcDRQeUtBdUtZMTFIQzhubHZwTEdEYTJTdXByQVlKRi9JPS0tazhPZXJBQkUzNU00OW8wRlFPdlBadz09--895ac5f51a5eff8216c2ab8687d7b437d52802ca
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: ftpadmin-update12.update.ch
referer: https://ftpadmin-update12.update.ch/ftpadm/login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ftpadmin-update12.update.ch/ftpadm/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 00:28:39 GMT
content-encoding: gzip
last-modified: Wed, 09 Sep 2020 13:09:26 GMT
server: thin
content-length: 3711
vary: Accept-Encoding
content-type: text/css

GET
H2 200 application-21035d2a336afb166a42dd6f27796b2f5f4e0fae00279eb835e6865686439215.js Show response
ftpadmin-update12.update.ch/ftpadm/assets/ 111 KB
38 KB 19ms
19ms Script
application/javascript 178.209.55.16
NINE

General

Check archive.org

Show headers Download Go to

Full URL: https://ftpadmin-update12.update.ch/ftpadm/assets/application-21035d2a336afb166a42dd6f27796b2f5f4e0fae00279eb835e6865686439215.js
Requested by: Host: ftpadmin-update12.update.ch
URL: https://ftpadmin-update12.update.ch/ftpadm/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.209.55.16 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS: update12.nine.ch
Software: thin /
Resource Hash: 21035d2a336afb166a42dd6f27796b2f5f4e0fae00279eb835e6865686439215

Request headers

:path: /ftpadm/assets/application-21035d2a336afb166a42dd6f27796b2f5f4e0fae00279eb835e6865686439215.js
pragma: no-cache
cookie: _ftpadmin2_session=Znk0NGdsYTkyUXVaVVVsVG1jdW8wVU1DRG8wMWRxdTgyUVVLSjZDQStSNWVpT1FXQzBEa0FSOW9jQXlIRVdmNnA4T0VYVFdXSm56UGV4cDFlRHJHbWpwVGp5UDlCc2FvVHVCVDNFT3FmdzlHeVp3RDE4a0kzYndyNmdhV0hsamtMcFhhdUEzTGVKcDRQeUtBdUtZMTFIQzhubHZwTEdEYTJTdXByQVlKRi9JPS0tazhPZXJBQkUzNU00OW8wRlFPdlBadz09--895ac5f51a5eff8216c2ab8687d7b437d52802ca
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ftpadmin-update12.update.ch
referer: https://ftpadmin-update12.update.ch/ftpadm/login
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ftpadmin-update12.update.ch/ftpadm/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 00:28:39 GMT
content-encoding: gzip
last-modified: Wed, 09 Sep 2020 13:09:26 GMT
server: thin
content-length: 38506
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 103ms
43ms Stylesheet
text/css 172.217.20.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700

Requested by

Host: ftpadmin-update12.update.ch
URL: https://ftpadmin-update12.update.ch/ftpadm/assets/application-b7ad01510d482939c58753e9ff43647edf6bc2ad1f5f20463c8332601b3c0124.css

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

172.217.20.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ham02s13-in-f10.1e100.net

Software

ESF /

Resource Hash

8bc9e609af323982c3582a3bbb2e55037a01d89369f11527c041876acd1aa96e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ftpadmin-update12.update.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 00:28:39 GMT
server: ESF
date: Thu, 16 Sep 2021 00:28:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Sep 2021 00:28:39 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 16 KB
16 KB 29ms
6ms Font
font/woff2 216.58.212.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.163 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f3.1e100.net

Software

sffe /

Resource Hash

a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ftpadmin-update12.update.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 01:22:16 GMT
x-content-type-options: nosniff
age: 169583
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16112
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:09 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Sep 2022 01:22:16 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 15 KB
16 KB 33ms
11ms Font
font/woff2 216.58.212.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.163 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f3.1e100.net

Software

sffe /

Resource Hash

24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ftpadmin-update12.update.ch
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 14:38:52 GMT
x-content-type-options: nosniff
age: 294587
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15764
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:17 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Sep 2022 14:38:52 GMT

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ftpadmin-update12.update.ch/	1969-12-31 23:59:59	Name: _ftpadmin2_session Value: Znk0NGdsYTkyUXVaVVVsVG1jdW8wVU1DRG8wMWRxdTgyUVVLSjZDQStSNWVpT1FXQzBEa0FSOW9jQXlIRVdmNnA4T0VYVFdXSm56UGV4cDFlRHJHbWpwVGp5UDlCc2FvVHVCVDNFT3FmdzlHeVp3RDE4a0kzYndyNmdhV0hsamtMcFhhdUEzTGVKcDRQeUtBdUtZMTFIQzhubHZwTEdEYTJTdXByQVlKRi9JPS0tazhPZXJBQkUzNU00OW8wRlFPdlBadz09--895ac5f51a5eff8216c2ab8687d7b437d52802ca

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
ftpadmin-update12.update.ch
172.217.20.10
178.209.55.16
216.58.212.163
21035d2a336afb166a42dd6f27796b2f5f4e0fae00279eb835e6865686439215
24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03
565c5238345aec7616f6600f4dea3208aa2bee1d0673c01855d7b176c01e41fc
8bc9e609af323982c3582a3bbb2e55037a01d89369f11527c041876acd1aa96e
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
b7ad01510d482939c58753e9ff43647edf6bc2ad1f5f20463c8332601b3c0124

ftpadmin-update12.update.ch Open in urlscan Pro 178.209.55.16 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

6 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

76 kBTransfer

165 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

ftpadmin-update12.update.ch Open in urlscan Pro
178.209.55.16 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

76 kB
Transfer

165 kB
Size

1
Cookies

6 HTTP transactions
0 data transactions