www.zitschool12.ru Open in urlscan Pro
185.98.7.129  Malicious Activity! Public Scan

Submitted URL: http://www.ap.piombinoelba.it/sites/default/files/styles/package/error.php
Effective URL: http://www.zitschool12.ru/media/posted/Rewards/rev.html
Submission: On July 19 via manual from AU

Summary

This website contacted 5 IPs in 4 countries across 5 domains to perform 28 HTTP transactions. The main IP is 185.98.7.129, located in Kazakhstan and belongs to HOSTER-KZ Hoster.KZ - hosting and domain services in Kazakhstan, KZ. The main domain is www.zitschool12.ru.
This is the only time www.zitschool12.ru was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: American Express (Financial)

Domain & IP information

IP Address AS Autonomous System
1 156.54.137.238 20746 (ASN-IDC T...)
9 185.98.7.129 200532 (HOSTER-KZ...)
10 104.108.41.78 16625 (AKAMAI-AS)
6 104.108.32.230 16625 (AKAMAI-AS)
2 8.20.172.116 13832 (AS13832)
28 5
Domain Requested by
10 rewards.americanexpress.com www.zitschool12.ru
9 www.zitschool12.ru www.ap.piombinoelba.it
www.zitschool12.ru
6 www.aexp-static.com www.zitschool12.ru
2 as00.estara.com www.zitschool12.ru
as00.estara.com
1 www.ap.piombinoelba.it
28 5
Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://www.zitschool12.ru/media/posted/Rewards/rev.html
Frame ID: 12B2443686B8BBD535F5AB97C22203F2
Requests: 28 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://www.ap.piombinoelba.it/sites/default/files/styles/package/error.php Page URL
  2. http://www.zitschool12.ru/media/posted/Rewards/rev.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • headers server /Red Hat/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • script /\/s[_-]code.*\.js/i
  • env /^s_(?:account|objectID|code|INST)$/i

Page Statistics

28
Requests

0 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

5
IPs

4
Countries

156 kB
Transfer

350 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.ap.piombinoelba.it/sites/default/files/styles/package/error.php Page URL
  2. http://www.zitschool12.ru/media/posted/Rewards/rev.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
error.php
www.ap.piombinoelba.it/sites/default/files/styles/package/
203 B
435 B
Document
General
Full URL
http://www.ap.piombinoelba.it/sites/default/files/styles/package/error.php
Protocol
HTTP/1.1
Server
156.54.137.238 , Italy, ASN20746 (ASN-IDC T.NO.OM.I.NC, IT),
Reverse DNS
Software
Apache/2.2.15 (Red Hat) / PHP/5.3.3
Resource Hash

Request headers

Host
www.ap.piombinoelba.it
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
12B2443686B8BBD535F5AB97C22203F2

Response headers

Date
Thu, 19 Jul 2018 00:47:04 GMT
Server
Apache/2.2.15 (Red Hat)
X-Powered-By
PHP/5.3.3
Content-Length
203
Keep-Alive
timeout=15, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Primary Request rev.html
www.zitschool12.ru/media/posted/Rewards/
47 KB
12 KB
Document
General
Full URL
http://www.zitschool12.ru/media/posted/Rewards/rev.html
Requested by
Host: www.ap.piombinoelba.it
URL: http://www.ap.piombinoelba.it/sites/default/files/styles/package/error.php
Protocol
HTTP/1.1
Server
185.98.7.129 , Kazakhstan, ASN200532 (HOSTER-KZ Hoster.KZ - hosting and domain services in Kazakhstan, KZ),
Reverse DNS
pkz15.hoster.kz
Software
nginx / PleskLin
Resource Hash
a40c6d2367754b26ed88a6bb3525c0dd1f53cc58be0ebfdb64a9d4cb5e7c1271

Request headers

Host
www.zitschool12.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://www.ap.piombinoelba.it/sites/default/files/styles/package/error.php
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
12B2443686B8BBD535F5AB97C22203F2
Referer
http://www.ap.piombinoelba.it/sites/default/files/styles/package/error.php

Response headers

Server
nginx
Date
Thu, 19 Jul 2018 00:46:09 GMT
Content-Type
text/html; charset=UTF-8
Last-Modified
Tue, 10 Jul 2018 10:12:10 GMT
Transfer-Encoding
chunked
Connection
keep-alive
ETag
W/"5b44867a-ba29"
X-Powered-By
PleskLin
Content-Encoding
gzip
expresscommon.css
rewards.americanexpress.com/loyalty/redemption/rewards/cart/express/css/
30 KB
6 KB
Stylesheet
General
Full URL
https://rewards.americanexpress.com/loyalty/redemption/rewards/cart/express/css/expresscommon.css
Requested by
Host: www.zitschool12.ru
URL: http://www.zitschool12.ru/media/posted/Rewards/rev.html
Protocol
SPDY
Server
104.108.41.78 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-41-78.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
93fc543a45b44b6b9f3831a1dd893cef84684a87cbf2455b6358ad4d3040757e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
http://www.zitschool12.ru/media/posted/Rewards/rev.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 14 Feb 2018 18:45:30 GMT
date
Thu, 19 Jul 2018 00:46:10 GMT
vary
Accept-Encoding
content-type
text/css
status
200
accept-ranges
bytes
content-length
5862
s_code_mr.js
www.zitschool12.ru/media/posted/Rewards/navigation/shared/nav/
0
0
Script
General
Full URL
http://www.zitschool12.ru/media/posted/Rewards/navigation/shared/nav/s_code_mr.js
Requested by
Host: www.zitschool12.ru
URL: http://www.zitschool12.ru/media/posted/Rewards/rev.html
Protocol
HTTP/1.1
Server
185.98.7.129 , Kazakhstan, ASN200532 (HOSTER-KZ Hoster.KZ - hosting and domain services in Kazakhstan, KZ),
Reverse DNS
pkz15.hoster.kz
Software
nginx /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.zitschool12.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.zitschool12.ru/media/posted/Rewards/rev.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.zitschool12.ru/media/posted/Rewards/rev.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 19 Jul 2018 00:46:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 May 2018 03:20:06 GMT
Server
nginx
ETag
W/"400-56c5e4fdab0ac"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Connection
keep-alive
clear.gif
rewards.americanexpress.com/loyalty/rewards/cart/shop/images/
43 B
229 B
Image
General
Full URL
https://rewards.americanexpress.com/loyalty/rewards/cart/shop/images/clear.gif
Requested by
Host: www.zitschool12.ru
URL: http://www.zitschool12.ru/media/posted/Rewards/rev.html
Protocol
SPDY
Server
104.108.41.78 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-41-78.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
82e400c090fb5260267fa339b115e8fe2cb3171303e252844d9756f252f39099
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
http://www.zitschool12.ru/media/posted/Rewards/rev.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
last-modified
Mon, 22 Jan 2018 21:10:30 GMT
date
Thu, 19 Jul 2018 00:46:10 GMT
content-type
image/gif
status
200
cache-control
private, must-revalidate, max-age=71246
accept-ranges
bytes
content-length
43
inav_ngi_nested.css
www.aexp-static.com/nav/ngn/css/
90 KB
13 KB
Stylesheet
General
Full URL
https://www.aexp-static.com/nav/ngn/css/inav_ngi_nested.css
Requested by
Host: www.zitschool12.ru
URL: http://www.zitschool12.ru/media/posted/Rewards/rev.html
Protocol
SPDY
Server
104.108.32.230 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-32-230.deploy.static.akamaitechnologies.com
Software
IBM_HTTP_Server /
Resource Hash
a498f0c375000b2bdc1130fe5865ba161baa0c552571d6eeb5d898417a305b58
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

Referer
http://www.zitschool12.ru/media/posted/Rewards/rev.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=15552000;
content-encoding
gzip
last-modified
Tue, 26 Jun 2018 01:01:21 GMT
server
IBM_HTTP_Server
status
200
date
Thu, 19 Jul 2018 00:46:10 GMT
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
content-length
12856
logo_bluebox.gif
www.aexp-static.com/nav/ngn/img/
4 KB
4 KB
Image
General
Full URL
https://www.aexp-static.com/nav/ngn/img/logo_bluebox.gif
Requested by
Host: www.zitschool12.ru
URL: http://www.zitschool12.ru/media/posted/Rewards/rev.html
Protocol
SPDY
Server
104.108.32.230 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-32-230.deploy.static.akamaitechnologies.com
Software
IBM_HTTP_Server /
Resource Hash
b754eb74fa8f416b4803252f7994d7aa22d697a5eb77f0b4df8e3839f9621c9e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

Referer
http://www.zitschool12.ru/media/posted/Rewards/rev.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=15552000;
last-modified
Wed, 11 Apr 2018 19:45:02 GMT
server
IBM_HTTP_Server
date
Thu, 19 Jul 2018 00:46:10 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=7776000
accept-ranges
bytes
timing-allow-origin
*
content-length
4424
clear.gif
www.aexp-static.com/nav/ngn/img/
43 B
214 B
Image
General
Full URL
https://www.aexp-static.com/nav/ngn/img/clear.gif
Requested by
Host: www.zitschool12.ru
URL: http://www.zitschool12.ru/media/posted/Rewards/rev.html
Protocol
SPDY
Server
104.108.32.230 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-32-230.deploy.static.akamaitechnologies.com
Software
IBM_HTTP_Server /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

Referer
http://www.zitschool12.ru/media/posted/Rewards/rev.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=15552000;
last-modified
Thu, 02 Mar 2017 09:23:00 GMT
server
IBM_HTTP_Server
date
Thu, 19 Jul 2018 00:46:10 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=7776000
accept-ranges
bytes
timing-allow-origin
*
content-length
43
clear.gif
rewards.americanexpress.com/loyalty/redemption/rewards/cart/shop/images/
43 B
230 B
Image
General
Full URL
https://rewards.americanexpress.com/loyalty/redemption/rewards/cart/shop/images/clear.gif
Requested by
Host: www.zitschool12.ru
URL: http://www.zitschool12.ru/media/posted/Rewards/rev.html
Protocol
SPDY
Server
104.108.41.78 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-41-78.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
82e400c090fb5260267fa339b115e8fe2cb3171303e252844d9756f252f39099
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
http://www.zitschool12.ru/media/posted/Rewards/rev.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 14 Feb 2018 18:45:30 GMT
date
Thu, 19 Jul 2018 00:46:10 GMT
content-type
image/gif
status
200
cache-control
private, must-revalidate, max-age=31533
accept-ranges
bytes
content-length
43
jquery.js
www.zitschool12.ru/media/posted/Rewards/loyalty/redemption/rewards/cart/express/js/
0
0
Script
General
Full URL
http://www.zitschool12.ru/media/posted/Rewards/loyalty/redemption/rewards/cart/express/js/jquery.js
Requested by
Host: www.zitschool12.ru
URL: http://www.zitschool12.ru/media/posted/Rewards/rev.html
Protocol
HTTP/1.1
Server
185.98.7.129 , Kazakhstan, ASN200532 (HOSTER-KZ Hoster.KZ - hosting and domain services in Kazakhstan, KZ),
Reverse DNS
pkz15.hoster.kz
Software
nginx /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.zitschool12.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.zitschool12.ru/media/posted/Rewards/rev.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.zitschool12.ru/media/posted/Rewards/rev.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 19 Jul 2018 00:46:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 May 2018 03:20:06 GMT
Server
nginx
ETag
W/"400-56c5e4fdab0ac"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Connection
keep-alive
layouts.js
www.zitschool12.ru/loyalty/redemption/rewards/cart/express/js/
0
0
Script
General
Full URL
http://www.zitschool12.ru/loyalty/redemption/rewards/cart/express/js/layouts.js
Requested by
Host: www.zitschool12.ru
URL: http://www.zitschool12.ru/media/posted/Rewards/rev.html
Protocol
HTTP/1.1
Server
185.98.7.129 , Kazakhstan, ASN200532 (HOSTER-KZ Hoster.KZ - hosting and domain services in Kazakhstan, KZ),
Reverse DNS
pkz15.hoster.kz
Software
nginx /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.zitschool12.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.zitschool12.ru/media/posted/Rewards/rev.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.zitschool12.ru/media/posted/Rewards/rev.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 19 Jul 2018 00:46:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 May 2018 03:20:06 GMT
Server
nginx
ETag
W/"400-56c5e4fdab0ac"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Connection
keep-alive
cidcheckcontent.css
rewards.americanexpress.com/loyalty/redemption/rewards/cart/shop/css/
4 KB
2 KB
Stylesheet
General
Full URL
https://rewards.americanexpress.com/loyalty/redemption/rewards/cart/shop/css/cidcheckcontent.css
Requested by
Host: www.zitschool12.ru
URL: http://www.zitschool12.ru/media/posted/Rewards/rev.html
Protocol
SPDY
Server
104.108.41.78 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-41-78.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
801278de3a8c03503c196f3bedf6f979ceddb8210638e76dcf49cd811829724b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
http://www.zitschool12.ru/media/posted/Rewards/rev.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 14 Feb 2018 18:45:30 GMT
date
Thu, 19 Jul 2018 00:46:10 GMT
vary
Accept-Encoding
content-type
text/css
status
200
accept-ranges
bytes
content-length
1750
Amex_CID.png
rewards.americanexpress.com/loyalty/rewards/acctmgmt/images/
7 KB
8 KB
Image
General
Full URL
https://rewards.americanexpress.com/loyalty/rewards/acctmgmt/images/Amex_CID.png
Requested by
Host: www.zitschool12.ru
URL: http://www.zitschool12.ru/media/posted/Rewards/rev.html
Protocol
SPDY
Server
104.108.41.78 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-41-78.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
aaf9f77fccfd151089d074ed25f5ac3ec51a21a4bd7f253c301bac4500f28a03
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
http://www.zitschool12.ru/media/posted/Rewards/rev.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
last-modified
Mon, 22 Jan 2018 21:10:30 GMT
date
Thu, 19 Jul 2018 00:46:10 GMT
content-type
image/png
status
200
cache-control
private, must-revalidate, max-age=59684
accept-ranges
bytes
content-length
7558
Amex_CSC.png
rewards.americanexpress.com/loyalty/rewards/acctmgmt/images/
6 KB
6 KB
Image
General
Full URL
https://rewards.americanexpress.com/loyalty/rewards/acctmgmt/images/Amex_CSC.png
Requested by
Host: www.zitschool12.ru
URL: http://www.zitschool12.ru/media/posted/Rewards/rev.html
Protocol
SPDY
Server
104.108.41.78 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-41-78.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
641e856a6f9353b820697aa83e7919aabf9f97d0e83c62156abe8426b164e128
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
http://www.zitschool12.ru/media/posted/Rewards/rev.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
last-modified
Mon, 22 Jan 2018 21:10:30 GMT
date
Thu, 19 Jul 2018 00:46:10 GMT
content-type
image/png
status
200
cache-control
private, must-revalidate, max-age=59611
accept-ranges
bytes
content-length
6331
img_mr_basic.gif
rewards.americanexpress.com/loyalty/redemption/rewards/cart/shop/images/
2 KB
2 KB
Image
General
Full URL
https://rewards.americanexpress.com/loyalty/redemption/rewards/cart/shop/images/img_mr_basic.gif
Requested by
Host: www.zitschool12.ru
URL: http://www.zitschool12.ru/media/posted/Rewards/rev.html
Protocol
SPDY
Server
104.108.41.78 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-41-78.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ea4a220863723b001d8302dd02ed2cb9950a85192f26053615104cebc788fc64
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
http://www.zitschool12.ru/media/posted/Rewards/rev.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 14 Feb 2018 18:45:30 GMT
date
Thu, 19 Jul 2018 00:46:10 GMT
content-type
image/gif
status
200
cache-control
private, must-revalidate, max-age=59660
accept-ranges
bytes
content-length
1822
shoppingcart_contents.js
www.zitschool12.ru/loyalty/redemption/rewards/cart/shop/js/
0
0
Script
General
Full URL
http://www.zitschool12.ru/loyalty/redemption/rewards/cart/shop/js/shoppingcart_contents.js
Requested by
Host: www.zitschool12.ru
URL: http://www.zitschool12.ru/media/posted/Rewards/rev.html
Protocol
HTTP/1.1
Server
185.98.7.129 , Kazakhstan, ASN200532 (HOSTER-KZ Hoster.KZ - hosting and domain services in Kazakhstan, KZ),
Reverse DNS
pkz15.hoster.kz
Software
nginx /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.zitschool12.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.zitschool12.ru/media/posted/Rewards/rev.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.zitschool12.ru/media/posted/Rewards/rev.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 19 Jul 2018 00:46:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 May 2018 03:20:06 GMT
Server
nginx
ETag
W/"400-56c5e4fdab0ac"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Connection
keep-alive
commonFunctions.js
www.zitschool12.ru/media/posted/Rewards/v/ngn/js/
0
0
Script
General
Full URL
http://www.zitschool12.ru/media/posted/Rewards/v/ngn/js/commonFunctions.js
Requested by
Host: www.zitschool12.ru
URL: http://www.zitschool12.ru/media/posted/Rewards/rev.html
Protocol
HTTP/1.1
Server
185.98.7.129 , Kazakhstan, ASN200532 (HOSTER-KZ Hoster.KZ - hosting and domain services in Kazakhstan, KZ),
Reverse DNS
pkz15.hoster.kz
Software
nginx /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.zitschool12.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.zitschool12.ru/media/posted/Rewards/rev.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.zitschool12.ru/media/posted/Rewards/rev.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 19 Jul 2018 00:46:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 May 2018 03:20:06 GMT
Server
nginx
ETag
W/"400-56c5e4fdab0ac"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Connection
keep-alive
left_arrow.gif
rewards.americanexpress.com/loyalty/redemption/rewards/cart/shop/images/
231 B
418 B
Image
General
Full URL
https://rewards.americanexpress.com/loyalty/redemption/rewards/cart/shop/images/left_arrow.gif
Requested by
Host: www.zitschool12.ru
URL: http://www.zitschool12.ru/media/posted/Rewards/rev.html
Protocol
SPDY
Server
104.108.41.78 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-41-78.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b12de721b00549cb961bce8202d81fc352b69f8b6373fbc8e6f7d0516a24793b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
http://www.zitschool12.ru/media/posted/Rewards/rev.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 14 Feb 2018 18:45:30 GMT
date
Thu, 19 Jul 2018 00:46:10 GMT
content-type
image/gif
status
200
cache-control
private, must-revalidate, max-age=31597
accept-ranges
bytes
content-length
231
atgsvcs.js
www.zitschool12.ru/media/posted/Rewards/atgsvcs.com/js/
0
0
Script
General
Full URL
http://www.zitschool12.ru/media/posted/Rewards/atgsvcs.com/js/atgsvcs.js
Requested by
Host: www.zitschool12.ru
URL: http://www.zitschool12.ru/media/posted/Rewards/rev.html
Protocol
HTTP/1.1
Server
185.98.7.129 , Kazakhstan, ASN200532 (HOSTER-KZ Hoster.KZ - hosting and domain services in Kazakhstan, KZ),
Reverse DNS
pkz15.hoster.kz
Software
nginx /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.zitschool12.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.zitschool12.ru/media/posted/Rewards/rev.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.zitschool12.ru/media/posted/Rewards/rev.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 19 Jul 2018 00:46:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 May 2018 03:20:06 GMT
Server
nginx
ETag
W/"400-56c5e4fdab0ac"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Connection
keep-alive
iNav_ngi_sprite_new.gif
www.aexp-static.com/nav/ngn/img/
23 KB
23 KB
Image
General
Full URL
https://www.aexp-static.com/nav/ngn/img/iNav_ngi_sprite_new.gif?ver=0111_01
Requested by
Host: www.zitschool12.ru
URL: http://www.zitschool12.ru/media/posted/Rewards/rev.html
Protocol
SPDY
Server
104.108.32.230 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-32-230.deploy.static.akamaitechnologies.com
Software
IBM_HTTP_Server /
Resource Hash
0d4e7d13d424c4569af233a3188ac42edaa093a12bced0dba6095c00047006e3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

Referer
https://www.aexp-static.com/nav/ngn/css/inav_ngi_nested.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=15552000;
last-modified
Thu, 02 Mar 2017 09:26:29 GMT
server
IBM_HTTP_Server
date
Thu, 19 Jul 2018 00:46:10 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=7776000
accept-ranges
bytes
timing-allow-origin
*
content-length
23367
img_shdw_mainNav.png
www.aexp-static.com/nav/ngn/img/
143 B
315 B
Image
General
Full URL
https://www.aexp-static.com/nav/ngn/img/img_shdw_mainNav.png
Requested by
Host: www.zitschool12.ru
URL: http://www.zitschool12.ru/media/posted/Rewards/rev.html
Protocol
SPDY
Server
104.108.32.230 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-32-230.deploy.static.akamaitechnologies.com
Software
IBM_HTTP_Server /
Resource Hash
d3c6dbfeb63c1155df3a80a04d72d9c0c95ed561d54c9694019c28eac1920c1b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

Referer
https://www.aexp-static.com/nav/ngn/css/inav_ngi_nested.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=15552000;
last-modified
Thu, 02 Mar 2017 09:24:34 GMT
server
IBM_HTTP_Server
date
Thu, 19 Jul 2018 00:46:10 GMT
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=7776000
accept-ranges
bytes
timing-allow-origin
*
content-length
143
cidSprite.gif
rewards.americanexpress.com/loyalty/rewards/cart/shop/images/
18 KB
18 KB
Image
General
Full URL
https://rewards.americanexpress.com/loyalty/rewards/cart/shop/images/cidSprite.gif
Requested by
Host: www.zitschool12.ru
URL: http://www.zitschool12.ru/media/posted/Rewards/rev.html
Protocol
SPDY
Server
104.108.41.78 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-41-78.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7fc622e13c9914c35e1cecfebfb5e422d7a6874d5c3adb9706e2e7c7954f622c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://rewards.americanexpress.com/loyalty/redemption/rewards/cart/shop/css/cidcheckcontent.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
last-modified
Mon, 22 Jan 2018 21:10:30 GMT
date
Thu, 19 Jul 2018 00:46:10 GMT
content-type
image/gif
status
200
cache-control
private, must-revalidate, max-age=71216
accept-ranges
bytes
content-length
18201
commonsprite.gif
rewards.americanexpress.com/loyalty/rewards/cart/shop/images/
31 KB
31 KB
Image
General
Full URL
https://rewards.americanexpress.com/loyalty/rewards/cart/shop/images/commonsprite.gif
Requested by
Host: www.zitschool12.ru
URL: http://www.zitschool12.ru/media/posted/Rewards/rev.html
Protocol
SPDY
Server
104.108.41.78 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-41-78.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cf5f4862c77aa8ccb461cb4d3343fd653dd27719292b63952abe849814be417a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://rewards.americanexpress.com/loyalty/redemption/rewards/cart/shop/css/cidcheckcontent.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
last-modified
Mon, 22 Jan 2018 21:10:30 GMT
date
Thu, 19 Jul 2018 00:46:10 GMT
content-type
image/gif
status
200
cache-control
private, must-revalidate, max-age=71279
accept-ranges
bytes
content-length
31763
commonFunctions.js
www.zitschool12.ru/media/posted/Rewards/v/ngn/js/
0
0
Script
General
Full URL
http://www.zitschool12.ru/media/posted/Rewards/v/ngn/js/commonFunctions.js
Requested by
Host: www.zitschool12.ru
URL: http://www.zitschool12.ru/media/posted/Rewards/rev.html
Protocol
HTTP/1.1
Server
185.98.7.129 , Kazakhstan, ASN200532 (HOSTER-KZ Hoster.KZ - hosting and domain services in Kazakhstan, KZ),
Reverse DNS
pkz15.hoster.kz
Software
nginx /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.zitschool12.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.zitschool12.ru/media/posted/Rewards/rev.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.zitschool12.ru/media/posted/Rewards/rev.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 19 Jul 2018 00:46:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 May 2018 03:20:06 GMT
Server
nginx
ETag
W/"400-56c5e4fdab0ac"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Connection
keep-alive
iNav_ngi_sprite_footer.gif
www.aexp-static.com/nav/ngn/img/
934 B
1 KB
Image
General
Full URL
https://www.aexp-static.com/nav/ngn/img/iNav_ngi_sprite_footer.gif
Requested by
Host: www.zitschool12.ru
URL: http://www.zitschool12.ru/media/posted/Rewards/rev.html
Protocol
SPDY
Server
104.108.32.230 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-32-230.deploy.static.akamaitechnologies.com
Software
IBM_HTTP_Server /
Resource Hash
194b37addb793c71c33302afb3239216455121d66303067e15904eedd0a66b12
Security Headers
Name Value
Strict-Transport-Security max-age=15552000;

Request headers

Referer
https://www.aexp-static.com/nav/ngn/css/inav_ngi_nested.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=15552000;
last-modified
Thu, 02 Mar 2017 09:26:29 GMT
server
IBM_HTTP_Server
date
Thu, 19 Jul 2018 00:46:10 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=7776000
accept-ranges
bytes
timing-allow-origin
*
content-length
934
atgsvcs.js
www.zitschool12.ru/media/posted/Rewards/atgsvcs.com/js/
0
0
Script
General
Full URL
http://www.zitschool12.ru/media/posted/Rewards/atgsvcs.com/js/atgsvcs.js
Requested by
Host: www.zitschool12.ru
URL: http://www.zitschool12.ru/media/posted/Rewards/rev.html
Protocol
HTTP/1.1
Server
185.98.7.129 , Kazakhstan, ASN200532 (HOSTER-KZ Hoster.KZ - hosting and domain services in Kazakhstan, KZ),
Reverse DNS
pkz15.hoster.kz
Software
nginx /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.zitschool12.ru
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.zitschool12.ru/media/posted/Rewards/rev.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.zitschool12.ru/media/posted/Rewards/rev.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 19 Jul 2018 00:46:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 May 2018 03:20:06 GMT
Server
nginx
ETag
W/"400-56c5e4fdab0ac"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Connection
keep-alive
lr.php
as00.estara.com/fs/
84 KB
26 KB
Script
General
Full URL
http://as00.estara.com/fs/lr.php?onload=1&accountid=200106296883
Requested by
Host: www.zitschool12.ru
URL: http://www.zitschool12.ru/media/posted/Rewards/rev.html
Protocol
HTTP/1.1
Server
8.20.172.116 , United States, ASN13832 (AS13832 - Oracle Corporation, US),
Reverse DNS
Software
Apache /
Resource Hash
3a243051182e5d233e94aae231932d50fc1b600525eee085f1b4df46ef4310a4

Request headers

Referer
http://www.zitschool12.ru/media/posted/Rewards/rev.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 19 Jul 2018 00:48:07 GMT
Content-Encoding
gzip
Last-Modified
Thu, 19 Jul 2018 00:48:07 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
CP="NON DSP COR CUR OUR LEG PHY COM", policyref="http://as00.estara.com/w3c/p3p.xml"
Cache-Control
private
Connection
Keep-Alive
Content-Type
text/javascript
Keep-Alive
timeout=2, max=100
Expires
Thu, 19 Jul 2018 03:48:07 GMT
rules.php
as00.estara.com/fs/
2 KB
1 KB
Script
General
Full URL
http://as00.estara.com/fs/rules.php?accountid=200106296883&title=&referrer=http%3A%2F%2Fwww.ap.piombinoelba.it%2Fsites%2Fdefault%2Ffiles%2Fstyles%2Fpackage%2Ferror.php&w=1600&h=1200&d=24&platform=Linux%20x86_64&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_13_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F67.0.3396.87%20Safari%2F537.36&cs=UTF-8&estara_fsguid=5D00B6C84AD733C8F1273924B871F0D0&estara_firsttime=1531961287&location=http%3A%2F%2Fwww.zitschool12.ru%2Fmedia%2Fposted%2FRewards%2Frev.html&dnc=1531961171250640518
Requested by
Host: as00.estara.com
URL: http://as00.estara.com/fs/lr.php?onload=1&accountid=200106296883
Protocol
HTTP/1.1
Server
8.20.172.116 , United States, ASN13832 (AS13832 - Oracle Corporation, US),
Reverse DNS
Software
Apache /
Resource Hash
57928699e6722a2b66f8419a0d72d41e88cf46f2dfa7e3371b5faacb31607224

Request headers

Referer
http://www.zitschool12.ru/media/posted/Rewards/rev.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 19 Jul 2018 00:48:08 GMT
Content-Encoding
gzip
Server
Apache
P3P
CP="NON DSP COR CUR OUR LEG PHY COM", policyref="http://as00.estara.com/w3c/p3p.xml"
Cache-Control
private
Connection
Keep-Alive
Content-Type
text/javascript; charset=UTF-8
Keep-Alive
timeout=2, max=99
Content-Length
718

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: American Express (Financial)

179 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| omn_hierarchy string| omn_pagename string| excludeOmniture function| submitFormContinue function| eStara_quick_append function| eStara_loadlr undefined| s_code function| focustomsg function| getErrorMsg_CIDContent function| onBlurError function| gotocontinue number| eStara_interval object| eStara_restriction object| eStara_obscuration number| eStara_tmp_iframe number| eStara_fd_iframe number| eStara_fs_level object| eStara_urids_to_log object| eStara_urids_to_cookie number| eStara_max_forms_to_check string| eStara_debug_str string| eStara_highlight_s string| eStara_highlight_e number| eStara_scroll number| eStara_clear object| eStara_ButtonJSFunctions object| eStara_GuiJSFunctions object| eStara_LinkMap object| eStara_ButtonMap boolean| g_buttonJSRun boolean| g_guiJSRun object| ATG_ppss object| eStara_ua object| eStara_CoBrowseSession number| eStara_revision function| eStara_set_revision undefined| eStara_init_form_data function| eStara_get_dom_document function| eStara_urlencode function| eStara_urldecode function| eStara_add_include function| eStara_cleanup function| eStara_append function| eStara_getpageid function| eStara_getCobrowseSession function| eStara_create_iframe function| eStara_upload_form function| get_cbb_html function| eStara_fd_post function| eStara_build_form_action object| eStara_rule_regex object| eStara_form_element function| eStara_on_all_forms function| eStara_build_form_as_string function| eStara_build_form_data function| eStara_build_url function| eStara_escapeQuote function| eStara_location function| eStara_appendChild function| eStara_def function| eStara_debug function| eStara_debug_alert function| eStara_report_issue function| eStara_page_dump function| eStara_show_hide_report function| eStara_show_hide_debug function| eStara_array_push_unique function| eStara_simplify_value function| eStara_install_onclick function| eStara_get_radio function| eStara_reset_radio function| eStara_set_radio function| eStara_set_element function| eStara_setform function| eStara_replace_links function| eStara_replace_inputs function| eStara_cleanup_onclick function| eStara_disable_all function| eStara_reset_data boolean| eStara_mouseDown_installed function| eStara_mouseDown object| eStara_toolkit_objs object| eStara_put_image number| eStara_offset_x number| eStara_offset_y number| eStara_obj_type object| eStara_img_types function| eStara_draw_image function| eStara_in_box function| eStara_down_image function| eStara_handle_mouse function| eStara_getElementsById function| eStara_clear_images function| eStara_removeNode function| eStara_swapImage function| eStara_create_image function| eStara_add_var_fields function| insertSizedDiv function| eStara_get_scrollTop function| eStara_skroll function| eStara_scrollToPos function| eStara_ruleReplaceText function| eStara_removeExtraTags function| eStara_escape function| eStara_getFontEl function| eStara_klear function| eStara_findAll function| eStara_highlightIt function| eStara_getVisibleFrames function| eStara_getCoBrowseFrames function| eStara_checkCoBrowseFrames function| eStara_stopCobrowse function| eStara_startCoBrowseInFrames function| eStara_startCobrowseInFrame function| eStara_getNameForFrame function| eStara_isFrame function| eStara_cobrowseRunningInFrame function| eStara_hiliteElements function| eStara_hiliteFrames function| eStara_hiliteCoBrowseFrames function| eStara_watchIframes function| eStara_adjustInnerHtmlForFrames function| eStara_addParamToURL function| eStara_adjustInnerHtmlForFrame function| eStara_do_JSFunctions function| eStara_startCobrowseButton_List function| eStara_startCobrowseButton function| eStara_startCobrowseGUI_List function| eStara_startCobrowseGUI function| eStara_Date function| eStara_base64_encode function| eStara_upload_form_api function| eStara_pagepeek_api number| eStara_startCobrowseButtonNoFunc function| wv_init function| wv_ishookdone function| wv_sethookdone function| wv_hookonmousemove function| wv_hookonkeydown function| wv_hookonunload function| wv_hookonscroll function| wv_hookonresize function| parse_args function| wv_timeoutlink function| wv_showlayer function| wv_findpos function| wv_movelayer function| wv_exitlink function| wv_hoverlink function| wv_getscrollx function| wv_getscrolly function| wv_getwindowwidth function| wv_getwindowheight function| wv_getpagewidth function| wv_getpageheight function| wv_getstyle function| eStaraCookieSet function| eStaraCookieGet function| eStaraCookieDelete string| cookiePath function| eStaraCookiePathSet function| eStaraCookieDictionarySet function| eStaraCookieDictionaryGet function| eStaraCookieDictionaryGetKeys function| eStaraCookieDictionaryDelete function| eStaraCookieDictionaryEncode function| eStaraCookieDictionaryDecode function| replace_nl function| eStara_logerr string| eStara_fsguid string| eStara_base_url function| eStara_beginlr object| esconsole number| eStara_debug_level object| eStara_form_data function| eStaraCookie string| eStara_lr_accountid function| eStara_check_cookies function| eStara_log_rule_action

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

as00.estara.com
rewards.americanexpress.com
www.aexp-static.com
www.ap.piombinoelba.it
www.zitschool12.ru
104.108.32.230
104.108.41.78
156.54.137.238
185.98.7.129
8.20.172.116
0d4e7d13d424c4569af233a3188ac42edaa093a12bced0dba6095c00047006e3
194b37addb793c71c33302afb3239216455121d66303067e15904eedd0a66b12
3a243051182e5d233e94aae231932d50fc1b600525eee085f1b4df46ef4310a4
57928699e6722a2b66f8419a0d72d41e88cf46f2dfa7e3371b5faacb31607224
641e856a6f9353b820697aa83e7919aabf9f97d0e83c62156abe8426b164e128
7fc622e13c9914c35e1cecfebfb5e422d7a6874d5c3adb9706e2e7c7954f622c
801278de3a8c03503c196f3bedf6f979ceddb8210638e76dcf49cd811829724b
82e400c090fb5260267fa339b115e8fe2cb3171303e252844d9756f252f39099
93fc543a45b44b6b9f3831a1dd893cef84684a87cbf2455b6358ad4d3040757e
a40c6d2367754b26ed88a6bb3525c0dd1f53cc58be0ebfdb64a9d4cb5e7c1271
a498f0c375000b2bdc1130fe5865ba161baa0c552571d6eeb5d898417a305b58
aaf9f77fccfd151089d074ed25f5ac3ec51a21a4bd7f253c301bac4500f28a03
b12de721b00549cb961bce8202d81fc352b69f8b6373fbc8e6f7d0516a24793b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b754eb74fa8f416b4803252f7994d7aa22d697a5eb77f0b4df8e3839f9621c9e
cf5f4862c77aa8ccb461cb4d3343fd653dd27719292b63952abe849814be417a
d3c6dbfeb63c1155df3a80a04d72d9c0c95ed561d54c9694019c28eac1920c1b
ea4a220863723b001d8302dd02ed2cb9950a85192f26053615104cebc788fc64