gncu-auth.myftp.org Open in urlscan Pro
34.106.201.96 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gncu-auth.myftp.org/
Effective URL:
http://gncu-auth.myftp.org/24270009398d5dca82dbd88d421e6de8/?cont=QERldmlsbWFzazA5&token=8dfb604ce1022ef3734033a5cfe92a66
Submission: On June 14 via manual (June 14th 2022, 8:41:20 pm UTC) from US — Scanned from DE

Summary HTTP 12 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 12 HTTP transactions. The main IP is 34.106.201.96, located in Salt Lake City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is gncu-auth.myftp.org.

This is the only time gncu-auth.myftp.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 9	34.106.201.96 34.106.201.96	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	199.188.200.254 199.188.200.254	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	173.203.22.2 173.203.22.2	19994 (RACKSPACE) (RACKSPACE)
12	3

9 34.106.201.96 (Salt Lake City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 96.201.106.34.bc.googleusercontent.com

gncu-auth.myftp.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 199.188.200.254 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server267-5.web-hosting.com

devilsms.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.203.22.2 (United States)

ASN19994 (RACKSPACE, US)
PTR: www.gncu.org

www.gncu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	myftp.org 2 redirects gncu-auth.myftp.org	4 MB
4	devilsms.live devilsms.live	164 KB
1	gncu.org www.gncu.org — Cisco Umbrella Rank: 710534	84 KB
12	3

	Domain	Requested by
9	gncu-auth.myftp.org	2 redirects gncu-auth.myftp.org
4	devilsms.live	gncu-auth.myftp.org devilsms.live
1	www.gncu.org	gncu-auth.myftp.org
12	3

This site contains links to these domains. Also see Links.

Domain
www.gncu.org
www.verisign.com

Subject Issuer	Validity	Valid
devilsms.live Sectigo RSA Domain Validation Secure Server CA	`2021-09-16` - `2022-09-16`	a year	crt.sh
www.gncu.org GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-09-24` - `2022-10-25`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://gncu-auth.myftp.org/24270009398d5dca82dbd88d421e6de8/?cont=QERldmlsbWFzazA5&token=8dfb604ce1022ef3734033a5cfe92a66
Frame ID: 285FA8B30B037D86C3D9EEE9FD913D68
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign-On

Page URL History Show full URLs

http://gncu-auth.myftp.org/ HTTP 302
http://gncu-auth.myftp.org/24270009398d5dca82dbd88d421e6de8?cont=QERldmlsbWFzazA5&token=8dfb604ce1022ef... HTTP 301
http://gncu-auth.myftp.org/24270009398d5dca82dbd88d421e6de8/?cont=QERldmlsbWFzazA5&token=8dfb604ce1022e... Page URL

Page Statistics

12
Requests

42 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

4052 kB
Transfer

4817 kB
Size

1
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.gncu.org/

Search URL Search Domain Scan URL

URL: https://www.gncu.org/eBranch-Banner

Search URL Search Domain Scan URL

URL: https://www.gncu.org/Resources/Fraud-and-Disputes-Resolution-Center/Reporting-Fraudulent-Activity
Title: Click here

Search URL Search Domain Scan URL

URL: https://www.verisign.com/ssl/ssl-information-center/
Title: Secure Area

Search URL Search Domain Scan URL

URL: http://www.gncu.org/privacy-policy-and-disclosures.html
Title: Privacy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gncu-auth.myftp.org/ HTTP 302
http://gncu-auth.myftp.org/24270009398d5dca82dbd88d421e6de8?cont=QERldmlsbWFzazA5&token=8dfb604ce1022ef3734033a5cfe92a66 HTTP 301
http://gncu-auth.myftp.org/24270009398d5dca82dbd88d421e6de8/?cont=QERldmlsbWFzazA5&token=8dfb604ce1022ef3734033a5cfe92a66 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
gncu-auth.myftp.org/24270009398d5dca82dbd88d421e6de8/
Redirect Chain

http://gncu-auth.myftp.org/
http://gncu-auth.myftp.org/24270009398d5dca82dbd88d421e6de8?cont=QERldmlsbWFzazA5&token=8dfb604ce1022ef3734033a5cfe92a66
http://gncu-auth.myftp.org/24270009398d5dca82dbd88d421e6de8/?cont=QERldmlsbWFzazA5&token=8dfb604ce1022ef3734033a5cfe92a66

11 KB
12 KB

182ms
182ms

Document
text/html

34.106.201.96
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: http://gncu-auth.myftp.org/24270009398d5dca82dbd88d421e6de8/?cont=QERldmlsbWFzazA5&token=8dfb604ce1022ef3734033a5cfe92a66
Protocol: HTTP/1.1
Server: 34.106.201.96 Salt Lake City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 96.201.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 0f7c6b228e75045951a592fa37d348f0525bf8e09eea94ffb1f96fc99e33be21

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Tue, 14 Jun 2022 20:41:13 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=98
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked

Redirect headers

Connection: Keep-Alive
Content-Length: 333
Content-Type: text/html; charset=iso-8859-1
Date: Tue, 14 Jun 2022 20:41:13 GMT
Keep-Alive: timeout=5, max=99
Location: http://gncu-auth.myftp.org/24270009398d5dca82dbd88d421e6de8/?cont=QERldmlsbWFzazA5&token=8dfb604ce1022ef3734033a5cfe92a66
Server: Apache

GET
H2 200 css.css
devilsms.live/css/all/gncu/ 692 KB
96 KB 689ms
190ms Stylesheet
text/css 199.188.200.254
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://devilsms.live/css/all/gncu/css.css
Requested by: Host: gncu-auth.myftp.org
URL: http://gncu-auth.myftp.org/24270009398d5dca82dbd88d421e6de8/?cont=QERldmlsbWFzazA5&token=8dfb604ce1022ef3734033a5cfe92a66
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.200.254 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server267-5.web-hosting.com
Software: LiteSpeed /
Resource Hash: 4feeb45e85c9c12830911a6b894ade06b4ec653cd6659a14e0c2e4dc43ad0645

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gncu-auth.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:41:14 GMT
content-encoding: br
last-modified: Tue, 10 May 2022 13:57:46 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 97954
expires: Tue, 21 Jun 2022 20:41:14 GMT

GET
H/1.1 200
OK custom.js Show response
gncu-auth.myftp.org/24270009398d5dca82dbd88d421e6de8/Scripts/Mvc/ 4 MB
4 MB 323ms
162ms Script
application/javascript 34.106.201.96
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: http://gncu-auth.myftp.org/24270009398d5dca82dbd88d421e6de8/Scripts/Mvc/custom.js?v=4UqetvIuItquy4KUCQYaVVCUs4ZmVf4Aa7lACyUdaWI1
Requested by: Host: gncu-auth.myftp.org
URL: http://gncu-auth.myftp.org/24270009398d5dca82dbd88d421e6de8/?cont=QERldmlsbWFzazA5&token=8dfb604ce1022ef3734033a5cfe92a66
Protocol: HTTP/1.1
Server: 34.106.201.96 Salt Lake City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 96.201.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: e1e03135c8fb7f35f0c0b067a41066e8b7351595ee2650a25d147e351676e754

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gncu-auth.myftp.org/24270009398d5dca82dbd88d421e6de8/?cont=QERldmlsbWFzazA5&token=8dfb604ce1022ef3734033a5cfe92a66
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 20:41:13 GMT
Last-Modified: Tue, 14 Jun 2022 20:41:13 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3782445

GET
H/1.1 200
OK ScriptResource.js Show response
gncu-auth.myftp.org/24270009398d5dca82dbd88d421e6de8/Scripts/ 5 KB
5 KB 320ms
160ms Script
application/javascript 34.106.201.96
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: http://gncu-auth.myftp.org/24270009398d5dca82dbd88d421e6de8/Scripts/ScriptResource.js
Requested by: Host: gncu-auth.myftp.org
URL: http://gncu-auth.myftp.org/24270009398d5dca82dbd88d421e6de8/?cont=QERldmlsbWFzazA5&token=8dfb604ce1022ef3734033a5cfe92a66
Protocol: HTTP/1.1
Server: 34.106.201.96 Salt Lake City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 96.201.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: c7b1aee286f12d3812fee0e66ff67488dd3a627e86f9cc340e01af3e9d161b8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gncu-auth.myftp.org/24270009398d5dca82dbd88d421e6de8/?cont=QERldmlsbWFzazA5&token=8dfb604ce1022ef3734033a5cfe92a66
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 20:41:13 GMT
Last-Modified: Tue, 14 Jun 2022 20:41:13 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4703

GET
H/1.1 200
OK logo.png
gncu-auth.myftp.org/24270009398d5dca82dbd88d421e6de8/App_Themes/Retail/img/Custom/ 28 KB
29 KB 159ms
159ms Image
image/png 34.106.201.96
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gncu-auth.myftp.org/24270009398d5dca82dbd88d421e6de8/App_Themes/Retail/img/Custom/logo.png
Requested by: Host: gncu-auth.myftp.org
URL: http://gncu-auth.myftp.org/24270009398d5dca82dbd88d421e6de8/?cont=QERldmlsbWFzazA5&token=8dfb604ce1022ef3734033a5cfe92a66
Protocol: HTTP/1.1
Server: 34.106.201.96 Salt Lake City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 96.201.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 673b5de2ec4977b47385a569fe893014362fae68ec2e2d26cb35db27fd2fccd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gncu-auth.myftp.org/24270009398d5dca82dbd88d421e6de8/?cont=QERldmlsbWFzazA5&token=8dfb604ce1022ef3734033a5cfe92a66
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 20:41:15 GMT
Last-Modified: Tue, 14 Jun 2022 20:41:13 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 29007

GET
H/1.1 200
OK eBranchLoginPage.jpg
www.gncu.org/gncu/media/Misc-Images/ 84 KB
84 KB 779ms
143ms Image
image/jpeg 173.203.22.2
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gncu.org/gncu/media/Misc-Images/eBranchLoginPage.jpg

Requested by

Host: gncu-auth.myftp.org
URL: http://gncu-auth.myftp.org/24270009398d5dca82dbd88d421e6de8/?cont=QERldmlsbWFzazA5&token=8dfb604ce1022ef3734033a5cfe92a66

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

173.203.22.2 , United States, ASN19994 (RACKSPACE, US),

Reverse DNS

www.gncu.org

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

b1a9f6e603c4d573c239a00b57ed8933ee681de6ed566bf2751fe51689908db6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gncu-auth.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 20:41:16 GMT
Last-Modified: Thu, 19 May 2022 17:45:16 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "dc607a33a86bd81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 85966
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK NCUA.gif
gncu-auth.myftp.org/24270009398d5dca82dbd88d421e6de8/App_Themes/Retail/img/Custom/ 3 KB
3 KB 161ms
160ms Image
image/gif 34.106.201.96
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gncu-auth.myftp.org/24270009398d5dca82dbd88d421e6de8/App_Themes/Retail/img/Custom/NCUA.gif
Requested by: Host: gncu-auth.myftp.org
URL: http://gncu-auth.myftp.org/24270009398d5dca82dbd88d421e6de8/?cont=QERldmlsbWFzazA5&token=8dfb604ce1022ef3734033a5cfe92a66
Protocol: HTTP/1.1
Server: 34.106.201.96 Salt Lake City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 96.201.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 738d3d56b2ffe437dec6db3685f757cad0adbd2d79b18e5010aeed53c9cc705e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gncu-auth.myftp.org/24270009398d5dca82dbd88d421e6de8/?cont=QERldmlsbWFzazA5&token=8dfb604ce1022ef3734033a5cfe92a66
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 20:41:16 GMT
Last-Modified: Tue, 14 Jun 2022 20:41:13 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2627

GET
H/1.1 200
OK EQHS.png
gncu-auth.myftp.org/24270009398d5dca82dbd88d421e6de8/App_Themes/Retail/img/Custom/ 4 KB
4 KB 159ms
159ms Image
image/png 34.106.201.96
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gncu-auth.myftp.org/24270009398d5dca82dbd88d421e6de8/App_Themes/Retail/img/Custom/EQHS.png
Requested by: Host: gncu-auth.myftp.org
URL: http://gncu-auth.myftp.org/24270009398d5dca82dbd88d421e6de8/?cont=QERldmlsbWFzazA5&token=8dfb604ce1022ef3734033a5cfe92a66
Protocol: HTTP/1.1
Server: 34.106.201.96 Salt Lake City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 96.201.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 67d6757d16c7148d23fe4e3644db854c3ae808962ce55e8581baf11c9f0e2f86

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gncu-auth.myftp.org/24270009398d5dca82dbd88d421e6de8/?cont=QERldmlsbWFzazA5&token=8dfb604ce1022ef3734033a5cfe92a66
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 20:41:16 GMT
Last-Modified: Tue, 14 Jun 2022 20:41:13 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 3753

GET
H/1.1 200
OK loading.gif
gncu-auth.myftp.org/24270009398d5dca82dbd88d421e6de8/App_Themes/Admin/img/ 58 KB
58 KB 159ms
159ms Image
image/gif 34.106.201.96
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gncu-auth.myftp.org/24270009398d5dca82dbd88d421e6de8/App_Themes/Admin/img/loading.gif
Requested by: Host: gncu-auth.myftp.org
URL: http://gncu-auth.myftp.org/24270009398d5dca82dbd88d421e6de8/?cont=QERldmlsbWFzazA5&token=8dfb604ce1022ef3734033a5cfe92a66
Protocol: HTTP/1.1
Server: 34.106.201.96 Salt Lake City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 96.201.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: b46a16c0893d788d9c8371a47475201e4cc1ae3342e46fe9a88e708a2be0a8b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gncu-auth.myftp.org/24270009398d5dca82dbd88d421e6de8/?cont=QERldmlsbWFzazA5&token=8dfb604ce1022ef3734033a5cfe92a66
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 20:41:16 GMT
Last-Modified: Tue, 14 Jun 2022 20:41:13 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 58913

GET
H2 200 cleave.js Show response
devilsms.live/ 91 KB
18 KB 189ms
188ms Script
application/javascript 199.188.200.254
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://devilsms.live/cleave.js
Requested by: Host: gncu-auth.myftp.org
URL: http://gncu-auth.myftp.org/24270009398d5dca82dbd88d421e6de8/?cont=QERldmlsbWFzazA5&token=8dfb604ce1022ef3734033a5cfe92a66
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.200.254 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server267-5.web-hosting.com
Software: LiteSpeed /
Resource Hash: f97d8e2f7cc9b436d478f1168d22b9ae3c292d97d2d5285c4ccd01f3bbef47f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gncu-auth.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:41:15 GMT
content-encoding: br
last-modified: Sun, 30 Jan 2022 13:07:42 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 18428
expires: Tue, 21 Jun 2022 20:41:15 GMT

GET
H2 200 clve-min.js Show response
devilsms.live/ 147 KB
50 KB 187ms
187ms Script
application/javascript 199.188.200.254
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://devilsms.live/clve-min.js
Requested by: Host: gncu-auth.myftp.org
URL: http://gncu-auth.myftp.org/24270009398d5dca82dbd88d421e6de8/?cont=QERldmlsbWFzazA5&token=8dfb604ce1022ef3734033a5cfe92a66
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.200.254 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server267-5.web-hosting.com
Software: LiteSpeed /
Resource Hash: 28899904b99b7dc185a3ee4ef8a53a522ae488db692a9ee4d45ddfc07dc04a24

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://gncu-auth.myftp.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:41:15 GMT
content-encoding: br
last-modified: Mon, 07 Feb 2022 11:17:03 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 51069
expires: Tue, 21 Jun 2022 20:41:15 GMT

GET
H2 404 icons.png
devilsms.live/css/all/gncu/img/ 0
0 194ms
194ms Image
text/html 199.188.200.254
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://devilsms.live/css/all/gncu/img/icons.png
Requested by: Host: devilsms.live
URL: https://devilsms.live/css/all/gncu/css.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 199.188.200.254 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server267-5.web-hosting.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://devilsms.live/css/all/gncu/css.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			gncu-auth.myftp.org/	1969-12-31 23:59:59	Name: PHPSESSID Value: 217b69a2029e86bcdfd297d4c180ff67

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://devilsms.live/css/all/gncu/img/icons.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

devilsms.live
gncu-auth.myftp.org
www.gncu.org
173.203.22.2
199.188.200.254
34.106.201.96
0f7c6b228e75045951a592fa37d348f0525bf8e09eea94ffb1f96fc99e33be21
28899904b99b7dc185a3ee4ef8a53a522ae488db692a9ee4d45ddfc07dc04a24
4feeb45e85c9c12830911a6b894ade06b4ec653cd6659a14e0c2e4dc43ad0645
673b5de2ec4977b47385a569fe893014362fae68ec2e2d26cb35db27fd2fccd7
67d6757d16c7148d23fe4e3644db854c3ae808962ce55e8581baf11c9f0e2f86
738d3d56b2ffe437dec6db3685f757cad0adbd2d79b18e5010aeed53c9cc705e
b1a9f6e603c4d573c239a00b57ed8933ee681de6ed566bf2751fe51689908db6
b46a16c0893d788d9c8371a47475201e4cc1ae3342e46fe9a88e708a2be0a8b0
c7b1aee286f12d3812fee0e66ff67488dd3a627e86f9cc340e01af3e9d161b8f
e1e03135c8fb7f35f0c0b067a41066e8b7351595ee2650a25d147e351676e754
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f97d8e2f7cc9b436d478f1168d22b9ae3c292d97d2d5285c4ccd01f3bbef47f5

gncu-auth.myftp.org Open in urlscan Pro 34.106.201.96 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

12 Requests

42 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

1 Countries

4052 kBTransfer

4817 kBSize

1 Cookies

5 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

gncu-auth.myftp.org Open in urlscan Pro
34.106.201.96 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

42 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

4052 kB
Transfer

4817 kB
Size

1
Cookies

12 HTTP transactions
0 data transactions