urlscan.io logo urlscan.io
SecurityTrails logo

ftp.fau.de Open in urlscan Pro
2001:638:a000:1021:21::1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://download.gnome.org/binaries/win32/meld/3.20/Meld-3.20.4-mingw.msi
Effective URL: https://ftp.fau.de/gnome/binaries/win32/meld/3.20/Meld-3.20.4-mingw.msi
Submission: On March 22 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 1 HTTP transactions. The main IP is 2001:638:a000:1021:21::1, located in Germany and belongs to DFN Verein zur Foerderung eines Deutschen Forschungsnetzes e.V., DE. The main domain is ftp.fau.de. The Cisco Umbrella rank of the primary domain is 152164.
TLS certificate: Issued by DFN-Verein Global Issuing CA on June 5th 2021. Valid for: a year.
This is the only time ftp.fau.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Meld-3.20.4-mingw.msi 43 MB application/x-msi
MIME: Composite Document File V2 Document, Little Endian, Os: Windows, Version 10.0, MSI Installer, Title: Installation Database, Subject: Meld, Author: The Meld project, Template: Intel;1033, Revision Number: {8A71A215-E734-4A8F-9563-3C109B0434C8}, Number of Words: 2, Number of Pages: 200, Name of Creating Application: Python MSI Library
Size: 43 MB (44670976 bytes, 100% done)
Downloaded from: https://ftp.fau.de/gnome/binaries/win32/meld/3.20/Meld-3.20.4-mingw.msi

Domain & IP information

IP Address AS Autonomous System
1 1 2620:52:3:1:5... 17314 (REDHAT-HO...)
1 2001:638:a000... 680 (DFN Verei...)
1 1
Apex Domain
Subdomains		 Transfer
1 fau.de
ftp.fau.de — Cisco Umbrella Rank: 152164
1 gnome.org
download.gnome.org
2 KB
1 2
Domain Requested by
1 ftp.fau.de
1 download.gnome.org 1 redirects
1 2

This site contains no links.

Subject Issuer Validity Valid
ftp.fau.de
DFN-Verein Global Issuing CA		 2021-06-05 -
2022-07-06		 a year crt.sh

This page contains 1 frames:

Primary Page: https://ftp.fau.de/gnome/binaries/win32/meld/3.20/Meld-3.20.4-mingw.msi
Frame ID: AD3C72B2959E01C2826A1DB0AD508DD5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

Page Statistics

1
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

0 kB
Transfer

0 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Meld-3.20.4-mingw.msi
ftp.fau.de/gnome/binaries/win32/meld/3.20/
Redirect Chain
  • https://download.gnome.org/binaries/win32/meld/3.20/Meld-3.20.4-mingw.msi
  • https://ftp.fau.de/gnome/binaries/win32/meld/3.20/Meld-3.20.4-mingw.msi
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ftp.fau.de/gnome/binaries/win32/meld/3.20/Meld-3.20.4-mingw.msi
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2001:638:a000:1021:21::1 , Germany, ASN680 (DFN Verein zur Foerderung eines Deutschen Forschungsnetzes e.V., DE),
Reverse DNS
Software
Apache/2.4 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Tue, 22 Mar 2022 08:27:04 GMT
Server
Apache/2.4
Last-Modified
Fri, 13 Aug 2021 07:00:13 GMT
ETag
"2a9a000-5c96b672b77d5"
Accept-Ranges
bytes
Content-Length
44670976
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
application/x-msi

Redirect headers

Server
nginx/1.18.0
Date
Tue, 22 Mar 2022 08:27:04 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Cache-Control
private, no-cache
Link
<https://ftp1.nluug.nl/windowing/gnome/binaries/win32/meld/3.20/Meld-3.20.4-mingw.msi>; rel=duplicate; pri=1; geo=nl <https://ftp2.nluug.nl/windowing/gnome/binaries/win32/meld/3.20/Meld-3.20.4-mingw.msi>; rel=duplicate; pri=2; geo=nl <https://fr2.rpmfind.net/linux/gnome.org/binaries/win32/meld/3.20/Meld-3.20.4-mingw.msi>; rel=duplicate; pri=3; geo=fr <https://fr.rpmfind.net/linux/gnome.org/binaries/win32/meld/3.20/Meld-3.20.4-mingw.msi>; rel=duplicate; pri=4; geo=fr <https://mirrors.dotsrc.org/gnome/binaries/win32/meld/3.20/Meld-3.20.4-mingw.msi>; rel=duplicate; pri=5; geo=dk <https://ftp.acc.umu.se/pub/GNOME/binaries/win32/meld/3.20/Meld-3.20.4-mingw.msi>; rel=duplicate; pri=6; geo=se <https://ftp-nyc.osuosl.org/pub/gnome/binaries/win32/meld/3.20/Meld-3.20.4-mingw.msi>; rel=duplicate; pri=7; geo=us <https://mirror.csclub.uwaterloo.ca/gnome/binaries/win32/meld/3.20/Meld-3.20.4-mingw.msi>; rel=duplicate; pri=8; geo=ca <https://ftp-chi.osuosl.org/pub/gnome/binaries/win32/meld/3.20/Meld-3.20.4-mingw.msi>; rel=duplicate; pri=9; geo=us <https://muug.ca/mirror/gnome/binaries/win32/meld/3.20/Meld-3.20.4-mingw.msi>; rel=duplicate; pri=10; geo=ca
Location
https://ftp.fau.de/gnome/binaries/win32/meld/3.20/Meld-3.20.4-mingw.msi

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored

1 Cookies

Domain/Path Name / Value
download.gnome.org/ Name: 901e43c8d43d3ebb75ca0f4df009b7a1
Value: da7f1a126626a39fc262ec710becf579

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

download.gnome.org
ftp.fau.de
2001:638:a000:1021:21::1
2620:52:3:1:5054:ff:fe0d:ee0f