auth.novcu.com
Open in
urlscan Pro
160.119.69.251
Public Scan
URL:
https://auth.novcu.com/
Submission: On February 05 via automatic, source certstream-suspicious
Submission: On February 05 via automatic, source certstream-suspicious
Summary
This website contacted 3 IPs
in 2 countries
across 3 domains to perform 13 HTTP transactions.
The main IP is 160.119.69.251, located in
South Africa and
belongs to HOSTMEM, NL.
The main domain is auth.novcu.com.
TLS certificate: Issued by R3 on February 5th 2021. Valid for: 3 months.
This is the only time auth.novcu.com was scanned on urlscan.io!
TLS certificate: Issued by R3 on February 5th 2021. Valid for: 3 months.
This is the only time auth.novcu.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 11 | 160.119.69.251 160.119.69.251 | 212032 (HOSTMEM) (HOSTMEM) | |
| 1 | 240e:e1:a900:... 240e:e1:a900:50::25 | 4812 (CHINANET-...) (CHINANET-SH-AP China Telecom (Group)) | |
| 13 | 3 |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 11 |
novcu.com
auth.novcu.com |
981 KB |
| 1 |
qlogo.cn
q.qlogo.cn |
4 KB |
| 0 |
111ttt.cn
Failed
mp.111ttt.cn Failed |
|
| 13 | 3 |
| Domain | Requested by | |
|---|---|---|
| 11 | auth.novcu.com |
auth.novcu.com
|
| 1 | q.qlogo.cn |
auth.novcu.com
|
| 0 | mp.111ttt.cn Failed |
auth.novcu.com
|
| 13 | 3 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| auth.novcu.com R3 |
2021-02-05 - 2021-05-06 |
3 months | crt.sh |
| *.qpic.cn GlobalSign Organization Validation CA - SHA256 - G2 |
2020-06-16 - 2021-06-17 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://auth.novcu.com/
Frame ID: 06425A04EC53D595C79BB9CED559D327
Requests: 1 HTTP requests in this frame
Frame:
https://auth.novcu.com/index/v3/
Frame ID: 67F48678C73B11210C07046AF421445D
Requests: 12 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
auth.novcu.com/ |
719 B 655 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
auth.novcu.com/index/v3/ Frame 67F4 |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main.css
auth.novcu.com/index/v3/css/ Frame 67F4 |
14 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
headimg_dl
q.qlogo.cn/ Frame 67F4 |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
auth.novcu.com/index/v3/js/ Frame 67F4 |
115 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
su.js
auth.novcu.com/index/v3/js/ Frame 67F4 |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
snowfall.js
auth.novcu.com/index/v3/js/ Frame 67F4 |
287 B 500 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cursor.png
auth.novcu.com/index/v3/img/ Frame 67F4 |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main.css
auth.novcu.com/index/v3/css/ Frame 67F4 |
14 KB 14 KB |
Image
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bg.jpg
auth.novcu.com/index/v3/img/ Frame 67F4 |
792 KB 793 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1kBpid.png
auth.novcu.com/index/v3/img/ Frame 67F4 |
112 KB 112 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
6836375.mp3
mp.111ttt.cn/mp3music/ Frame 67F4 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1.png
auth.novcu.com/index/v3/img/ Frame 67F4 |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- mp.111ttt.cn
- URL
- https://mp.111ttt.cn/mp3music/6836375.mp3
Verdicts & Comments Add Verdict or Comment
10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| auth.novcu.com/ | Name: PHPSESSID Value: tp1v2tnb6cl2e7gnmj0utki653 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
auth.novcu.com
mp.111ttt.cn
q.qlogo.cn
mp.111ttt.cn
160.119.69.251
240e:e1:a900:50::25
40d70f16941be70f3c70b32be7876639c07b22c9c01e85a75fa6b7822484a89c
5c2c87397482d94dc61a1a2c2f99353215fb0aaee442127d51b2e315e5d029db
71225c5ac766737321a15574687b7471d9a38818ba41a0b35dcb2c80d672464e
745a73f0bbb3baad5417746565201333f4554b8c75be85806817dd2a90520c77
840d027784cc5737f18bb5384dcac365236364f9b3b08e0b8fe13b12d7b93e1d
a68563b86133cd38de8ebb7a0e64b844ed960168318c78c127f6be3821cf2016
bae9b2e84d4e8b807d1e75e0fa42c50e9246110af6feaf951d98b9591f0a5f82
bd5a3278f54f3a977dda3f06f21bc1e1bd451c5a44a91e1aea94a2d4db60e851
cd125bb2882921fb5b271caab5dc792f72c0fcd88be831cb10ed0f8ab1e02d2e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1dcadbce1e20bc681ba16b67eac20a8cafdcdc0784725403a9d7490ca67546b
f90a338231aa9eedc45392b9b2c2a55077ba332dbe736552e8c986367f3bd4d4