urlscan.io logo urlscan.io
SecurityTrails logo

www.growthsteelgroup.com Open in urlscan Pro
104.248.144.120  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://gpay.novitee.org/lglwr/lglwr/hin.htm
Effective URL: https://www.growthsteelgroup.com/wp-content/sg/auth/login.php?myaccount
Submission: On December 31 via manual from SG — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 3 HTTP transactions. The main IP is 104.248.144.120, located in Singapore and belongs to DIGITALOCEAN-ASN, US. The main domain is www.growthsteelgroup.com.
TLS certificate: Issued by R3 on December 2nd 2022. Valid for: 3 months.
This is the only time www.growthsteelgroup.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 178.128.214.154 14061 (DIGITALOC...)
3 4 104.248.144.120 14061 (DIGITALOC...)
3 3
Apex Domain
Subdomains		 Transfer
4 growthsteelgroup.com
www.growthsteelgroup.com
563 KB
1 novitee.org
gpay.novitee.org
474 B
0 Failed
function sub() { [native code] }. Failed
3 3
Domain Requested by
4 www.growthsteelgroup.com 3 redirects www.growthsteelgroup.com
1 gpay.novitee.org
0 truncated Failed www.growthsteelgroup.com
3 3

This site contains no links.

Subject Issuer Validity Valid
gpay.novitee.org
R3		 2022-11-22 -
2023-02-20		 3 months crt.sh
growthsteelgroup.com
R3		 2022-12-02 -
2023-03-02		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.growthsteelgroup.com/wp-content/sg/auth/login.php?myaccount
Frame ID: 5F0B5A8168136CD68DDF3CE182D2CD29
Requests: 7 HTTP requests in this frame

Frame: https://www.growthsteelgroup.com/wp-content/sg/auth/get.php
Frame ID: 16DF8A059C357FCF69468544B4D897CA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://gpay.novitee.org/lglwr/lglwr/hin.htm Page URL
  2. https://www.growthsteelgroup.com/wp-content/sg HTTP 301
    https://www.growthsteelgroup.com/wp-content/sg/ HTTP 302
    https://www.growthsteelgroup.com/wp-content/sg/auth/index.php HTTP 302
    https://www.growthsteelgroup.com/wp-content/sg/auth/login.php?myaccount Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

3
Requests

67 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

562 kB
Transfer

1998 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://gpay.novitee.org/lglwr/lglwr/hin.htm Page URL
  2. https://www.growthsteelgroup.com/wp-content/sg HTTP 301
    https://www.growthsteelgroup.com/wp-content/sg/ HTTP 302
    https://www.growthsteelgroup.com/wp-content/sg/auth/index.php HTTP 302
    https://www.growthsteelgroup.com/wp-content/sg/auth/login.php?myaccount Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
hin.htm
gpay.novitee.org/lglwr/lglwr/ 		244 B
474 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gpay.novitee.org/lglwr/lglwr/hin.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.128.214.154 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
gpay.novitee.org
Software
nginx /
Resource Hash
fe4f04c357ea77bf785deec131f21b9c2a230586ce3932f74d3914de4c9c92ea

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Length
244
Content-Type
text/html
Date
Sat, 31 Dec 2022 08:03:48 GMT
ETag
"63afac07-f4"
Last-Modified
Sat, 31 Dec 2022 03:27:03 GMT
Server
nginx
Primary Request login.php
www.growthsteelgroup.com/wp-content/sg/auth/
Redirect Chain
  • https://www.growthsteelgroup.com/wp-content/sg
  • https://www.growthsteelgroup.com/wp-content/sg/
  • https://www.growthsteelgroup.com/wp-content/sg/auth/index.php
  • https://www.growthsteelgroup.com/wp-content/sg/auth/login.php?myaccount
2 MB
562 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.growthsteelgroup.com/wp-content/sg/auth/login.php?myaccount
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.248.144.120 , Singapore, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
gsgweb-wasabierp.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
2298193df880c9189f3fb91040160f6d80e38a9badd56d0d2f5c1547addca40b

Request headers

Referer
https://gpay.novitee.org/lglwr/lglwr/hin.htm
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sat, 31 Dec 2022 08:03:51 GMT
Keep-Alive
timeout=5, max=97
Server
Apache/2.4.18 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Sat, 31 Dec 2022 08:03:50 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=98
Location
login.php?myaccount
Pragma
no-cache
Server
Apache/2.4.18 (Ubuntu)
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d804ac7290f9fc5e15b84f93bdd4e4d0001d29754eaf128e74855d52851cb614

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
11fc5435240df6811fc13a51415447f6baee1206f685d25fbae2b1ad02180a6a

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9465ee6cfe90dd9c35f58dd7b95b85ce3744d84ed206ab8c1e28ebb9247520f1

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		0
0
truncated
/ 		0
0
get.php
www.growthsteelgroup.com/wp-content/sg/auth/ Frame 16DF 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
truncated
URL
data:truncated
Domain
truncated
URL
data:truncated
Domain
www.growthsteelgroup.com
URL
https://www.growthsteelgroup.com/wp-content/sg/auth/get.php

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange

1 Cookies

Domain/Path Name / Value
www.growthsteelgroup.com/ Name: PHPSESSID
Value: aimgm414um0mf61likhpe32ci0