schoolmail.zzz.com.ua Open in urlscan Pro
95.211.16.66 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://schoolmail.zzz.com.ua/deakin.edu.au.htm
Submission: On July 08 via manual (July 8th 2019, 1:57:03 am UTC) from AU

Summary HTTP 14 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 14 HTTP transactions. The main IP is 95.211.16.66, located in Delft, Netherlands and belongs to LEASEWEB-NL-AMS-01 Netherlands, NL. The main domain is schoolmail.zzz.com.ua.

This is the only time schoolmail.zzz.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	95.211.16.66 95.211.16.66	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
5	2402:6940:120... 2402:6940:1201:805::217:0	7645 (DEAKIN-AS...) (DEAKIN-AS-AP Deakin University)
14	3

2 95.211.16.66 (Delft, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

schoolmail.zzz.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2402:6940:1201:805::217:0 (Geelong, Australia)

ASN7645 (DEAKIN-AS-AP Deakin University, AU)

signon.deakin.edu.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	deakin.edu.au signon.deakin.edu.au	52 KB
2	zzz.com.ua schoolmail.zzz.com.ua	10 KB
14	2

	Domain	Requested by
5	signon.deakin.edu.au	schoolmail.zzz.com.ua
2	schoolmail.zzz.com.ua	schoolmail.zzz.com.ua
14	2

This site contains links to these domains. Also see Links.

Domain
www.zzz.com.ua
www.deakin.edu.au
policy.deakin.edu.au
support.aaf.edu.au

Subject Issuer	Validity	Valid
*.deakin.edu.au QuoVadis Global SSL ICA G3	`2018-04-13` - `2020-04-13`	2 years	crt.sh
	`1970-01-01` - `1970-01-01`	a few seconds	crt.sh

This page contains 1 frames:

Primary Page: http://schoolmail.zzz.com.ua/deakin.edu.au.htm
Frame ID: 657CF4119497F35B0C6206EB78972510
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
html //i

Page Statistics

14
Requests

36 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

62 kB
Transfer

68 kB
Size

0
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.zzz.com.ua/ru/donate/schoolmail.zzz.com.ua
Title: Нажмите здесь

Search URL Search Domain Scan URL

URL: https://www.zzz.com.ua/
Title: zzz.com.ua

Search URL Search Domain Scan URL

URL: http://www.deakin.edu.au/library/help/alumni-and-community-login-issues
Title: Community and Alumni - Login Help

Search URL Search Domain Scan URL

URL: http://www.deakin.edu.au/students/help/it-help/usernames-and-passwords
Title: I need help accessing my account

Search URL Search Domain Scan URL

URL: https://policy.deakin.edu.au/view.current.php?id=00152
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://support.aaf.edu.au/
Title: AAF Support

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request deakin.edu.au.htm Show response schoolmail.zzz.com.ua/	10 KB 3 KB	95ms 30ms	Document text/html	95.211.16.66 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL http://schoolmail.zzz.com.ua/deakin.edu.au.htm Protocol HTTP/1.1 Server 95.211.16.66 Delft, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software nginx / Resource Hash `909762593a5e80105e28cc90d9c306994ff42f3a0319d589f5d4f60e384e6182` Request headers Host schoolmail.zzz.com.ua Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Server nginx Date Mon, 08 Jul 2019 01:56:42 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Keep-Alive timeout=20 Vary Accept-Encoding Content-Encoding gzip
GET H/1.1	200 OK	font-awesome.min.css signon.deakin.edu.au/css/	30 KB 30 KB	1889ms 314ms	Stylesheet text/css	2402:6940:1201:805::217:0 DEAKIN-AS-AP Deak...
General Check archive.org Show headers Download Go to Full URL https://signon.deakin.edu.au/css/font-awesome.min.css Requested by Host: schoolmail.zzz.com.ua URL: http://schoolmail.zzz.com.ua/deakin.edu.au.htm Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2402:6940:1201:805::217:0 Geelong, Australia, ASN7645 (DEAKIN-AS-AP Deakin University, AU), Reverse DNS Software / Resource Hash `799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd` Request headers Referer http://schoolmail.zzz.com.ua/deakin.edu.au.htm User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Last-Modified Wed, 26 Jun 2019 21:12:20 GMT Accept-Ranges bytes Content-Length 31000 Content-Type text/css
GET H/1.1	200 OK	sso.min.css signon.deakin.edu.au/css/	10 KB 10 KB	1890ms 315ms	Stylesheet text/css	2402:6940:1201:805::217:0 DEAKIN-AS-AP Deak...
General Check archive.org Show headers Download Go to Full URL https://signon.deakin.edu.au/css/sso.min.css Requested by Host: schoolmail.zzz.com.ua URL: http://schoolmail.zzz.com.ua/deakin.edu.au.htm Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2402:6940:1201:805::217:0 Geelong, Australia, ASN7645 (DEAKIN-AS-AP Deakin University, AU), Reverse DNS Software / Resource Hash `92cc7da9b3c9a5b5a280318617395374548c152892bd470667f5760b0ed85bf5` Request headers Referer http://schoolmail.zzz.com.ua/deakin.edu.au.htm User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Last-Modified Wed, 26 Jun 2019 21:12:20 GMT Accept-Ranges bytes Content-Length 10444 Content-Type text/css
GET H/1.1	200 OK	signon_lib.js Show response signon.deakin.edu.au/js/	767 B 913 B	1898ms 316ms	Script application/javascript	2402:6940:1201:805::217:0 DEAKIN-AS-AP Deak...
General Check archive.org Show headers Download Go to Full URL https://signon.deakin.edu.au/js/signon_lib.js Requested by Host: schoolmail.zzz.com.ua URL: http://schoolmail.zzz.com.ua/deakin.edu.au.htm Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2402:6940:1201:805::217:0 Geelong, Australia, ASN7645 (DEAKIN-AS-AP Deakin University, AU), Reverse DNS Software / Resource Hash `34f169a0cb95772d9393cb8c238f038821819ea52217bea194bcbf4a33cd41c0` Request headers Referer http://schoolmail.zzz.com.ua/deakin.edu.au.htm User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Last-Modified Wed, 26 Jun 2019 21:12:20 GMT Accept-Ranges bytes Content-Length 767 Content-Type application/javascript
GET H/1.1	200 OK	bg-img.js Show response signon.deakin.edu.au/js/	2 KB 2 KB	1907ms 317ms	Script application/javascript	2402:6940:1201:805::217:0 DEAKIN-AS-AP Deak...
General Check archive.org Show headers Download Go to Full URL https://signon.deakin.edu.au/js/bg-img.js Requested by Host: schoolmail.zzz.com.ua URL: http://schoolmail.zzz.com.ua/deakin.edu.au.htm Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2402:6940:1201:805::217:0 Geelong, Australia, ASN7645 (DEAKIN-AS-AP Deakin University, AU), Reverse DNS Software / Resource Hash `21d6e6c5d2fb352159db8efaa93c879cc9bb33eef0ef39256e80b7ab07b3dc01` Request headers Referer http://schoolmail.zzz.com.ua/deakin.edu.au.htm User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Last-Modified Wed, 26 Jun 2019 21:12:20 GMT Accept-Ranges bytes Content-Length 2395 Content-Type application/javascript
GET H/1.1	200 OK	deakin-logo-keyline-cropped.svg signon.deakin.edu.au/img/	8 KB 8 KB	312ms 312ms	Image image/svg+xml	2402:6940:1201:805::217:0 DEAKIN-AS-AP Deak...
General Check archive.org Show headers Download Go to Show image Full URL https://signon.deakin.edu.au/img/deakin-logo-keyline-cropped.svg Requested by Host: schoolmail.zzz.com.ua URL: http://schoolmail.zzz.com.ua/deakin.edu.au.htm Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2402:6940:1201:805::217:0 Geelong, Australia, ASN7645 (DEAKIN-AS-AP Deakin University, AU), Reverse DNS Software / Resource Hash `78d152014f2cf9857b872fb60aa21975d71eb2a752050f0ef6607fc93b3429e1` Request headers Referer https://signon.deakin.edu.au/css/sso.min.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Last-Modified Wed, 26 Jun 2019 21:12:20 GMT Accept-Ranges bytes Content-Length 7895 Content-Type image/svg+xml
GET		OpenSans-Regular.woff signon.deakin.edu.au/fonts/	0 0

GET		OpenSans-Semibold.woff signon.deakin.edu.au/fonts/	0 0

GET		fontawesome-webfont.woff2 signon.deakin.edu.au/fonts/	0 0

GET H/1.1	404 Not Found	bg-image_09.jpg schoolmail.zzz.com.ua/img/bg/	7 KB 7 KB	265ms 264ms	Image text/html	95.211.16.66 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Show image Full URL http://schoolmail.zzz.com.ua/img/bg/bg-image_09.jpg Requested by Host: schoolmail.zzz.com.ua URL: http://schoolmail.zzz.com.ua/deakin.edu.au.htm Protocol HTTP/1.1 Security , , Server 95.211.16.66 Delft, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software nginx / Resource Hash `370f1643141524d99fa4374a406644141f8151cf8c252371991e34f75b9f3198` Request headers Referer http://schoolmail.zzz.com.ua/deakin.edu.au.htm User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 08 Jul 2019 01:56:45 GMT Content-Encoding gzip Server nginx Vary Accept-Encoding Content-Type text/html Transfer-Encoding chunked Connection keep-alive Keep-Alive timeout=20
GET		OpenSans-Regular.ttf signon.deakin.edu.au/fonts/	0 0

GET		OpenSans-Semibold.ttf signon.deakin.edu.au/fonts/	0 0

GET		fontawesome-webfont.woff signon.deakin.edu.au/fonts/	0 0

GET		fontawesome-webfont.ttf signon.deakin.edu.au/fonts/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: signon.deakin.edu.au
URL: https://signon.deakin.edu.au/fonts/OpenSans-Regular.woff

Domain: signon.deakin.edu.au
URL: https://signon.deakin.edu.au/fonts/OpenSans-Semibold.woff

Domain: signon.deakin.edu.au
URL: https://signon.deakin.edu.au/fonts/fontawesome-webfont.woff2?v=4.7.0

Domain: signon.deakin.edu.au
URL: https://signon.deakin.edu.au/fonts/OpenSans-Regular.ttf

Domain: signon.deakin.edu.au
URL: https://signon.deakin.edu.au/fonts/OpenSans-Semibold.ttf

Domain: signon.deakin.edu.au
URL: https://signon.deakin.edu.au/fonts/fontawesome-webfont.woff?v=4.7.0

Domain: signon.deakin.edu.au
URL: https://signon.deakin.edu.au/fonts/fontawesome-webfont.ttf?v=4.7.0

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

schoolmail.zzz.com.ua
signon.deakin.edu.au
signon.deakin.edu.au
2402:6940:1201:805::217:0
95.211.16.66
21d6e6c5d2fb352159db8efaa93c879cc9bb33eef0ef39256e80b7ab07b3dc01
34f169a0cb95772d9393cb8c238f038821819ea52217bea194bcbf4a33cd41c0
370f1643141524d99fa4374a406644141f8151cf8c252371991e34f75b9f3198
78d152014f2cf9857b872fb60aa21975d71eb2a752050f0ef6607fc93b3429e1
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
909762593a5e80105e28cc90d9c306994ff42f3a0319d589f5d4f60e384e6182
92cc7da9b3c9a5b5a280318617395374548c152892bd470667f5760b0ed85bf5

schoolmail.zzz.com.ua Open in urlscan Pro 95.211.16.66 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

14 Requests

36 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

62 kBTransfer

68 kBSize

0 Cookies

6 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

0 Cookies

Indicators

schoolmail.zzz.com.ua Open in urlscan Pro
95.211.16.66 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

36 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

62 kB
Transfer

68 kB
Size

0
Cookies

14 HTTP transactions
0 data transactions