esta-apply.us.com
Open in
urlscan Pro
104.156.58.63
Public Scan
Submission Tags: @phishunt_io
Submission: On December 19 via api from DE — Scanned from US
Summary
TLS certificate: Issued by R3 on December 18th 2022. Valid for: 3 months.
This is the only time esta-apply.us.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 4 | 104.156.58.63 104.156.58.63 | 29802 (HVC-AS) (HVC-AS) | |
10 | 151.139.128.10 151.139.128.10 | 20446 (STACKPATH...) (STACKPATH-CDN) | |
3 | 2606:4700::68... 2606:4700::6811:190e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2600:9000:24f... 2600:9000:24f0:4e00:f:fd8f:b000:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 108.138.106.124 108.138.106.124 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 54.234.82.237 54.234.82.237 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 18.164.96.87 18.164.96.87 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 108.138.128.58 108.138.128.58 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2606:4700::68... 2606:4700::6810:7b60 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 52.49.37.246 52.49.37.246 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 54.220.154.0 54.220.154.0 | 16509 (AMAZON-02) (AMAZON-02) | |
25 | 12 |
ASN29802 (HVC-AS, US)
PTR: server.xamark.com
esta-apply.us.com |
ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
m3s2g6n8.stackpathcdn.com | |
images.dmca.com |
ASN16509 (AMAZON-02, US)
d1l6p2sc9645hc.cloudfront.net |
ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-124.jfk50.r.cloudfront.net
static.hotjar.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-234-82-237.compute-1.amazonaws.com
data.gosquared.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-87.jfk50.r.cloudfront.net
script.hotjar.com |
ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-58.jfk50.r.cloudfront.net
vars.hotjar.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-37-246.eu-west-1.compute.amazonaws.com
in.hotjar.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-154-0.eu-west-1.compute.amazonaws.com
ws30.hotjar.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
stackpathcdn.com
m3s2g6n8.stackpathcdn.com |
563 KB |
6 |
hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 643 script.hotjar.com — Cisco Umbrella Rank: 811 vars.hotjar.com — Cisco Umbrella Rank: 936 in.hotjar.com — Cisco Umbrella Rank: 1734 ws30.hotjar.com — Cisco Umbrella Rank: 66381 |
74 KB |
4 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 211 www.cloudflare.com — Cisco Umbrella Rank: 5290 |
63 KB |
4 |
us.com
1 redirects
esta-apply.us.com |
408 KB |
1 |
gosquared.com
data.gosquared.com — Cisco Umbrella Rank: 42049 |
77 B |
1 |
cloudfront.net
d1l6p2sc9645hc.cloudfront.net |
5 KB |
1 |
dmca.com
images.dmca.com — Cisco Umbrella Rank: 12988 |
9 KB |
25 | 7 |
Domain | Requested by | |
---|---|---|
9 | m3s2g6n8.stackpathcdn.com |
esta-apply.us.com
m3s2g6n8.stackpathcdn.com |
4 | esta-apply.us.com |
1 redirects
esta-apply.us.com
|
3 | cdnjs.cloudflare.com |
esta-apply.us.com
|
2 | in.hotjar.com |
script.hotjar.com
|
1 | ws30.hotjar.com |
script.hotjar.com
|
1 | www.cloudflare.com |
cdnjs.cloudflare.com
|
1 | vars.hotjar.com |
static.hotjar.com
|
1 | script.hotjar.com |
static.hotjar.com
|
1 | data.gosquared.com |
d1l6p2sc9645hc.cloudfront.net
|
1 | static.hotjar.com |
esta-apply.us.com
|
1 | d1l6p2sc9645hc.cloudfront.net |
esta-apply.us.com
|
1 | images.dmca.com |
esta-apply.us.com
|
25 | 12 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.cbp.gov |
uscode.house.gov |
www.govinfo.gov |
www.congress.gov |
travel.state.gov |
www.uscis.gov |
Subject Issuer | Validity | Valid | |
---|---|---|---|
whm.esta-apply.us.com R3 |
2022-12-18 - 2023-03-18 |
3 months | crt.sh |
*.stackpathcdn.com Sectigo RSA Domain Validation Secure Server CA |
2022-05-04 - 2023-05-31 |
a year | crt.sh |
images.dmca.com R3 |
2022-11-14 - 2023-02-12 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-08-03 - 2023-08-02 |
a year | crt.sh |
*.cloudfront.net Amazon |
2022-02-01 - 2023-01-31 |
a year | crt.sh |
*.hotjar.com Amazon |
2022-10-25 - 2023-11-23 |
a year | crt.sh |
gosquared.com Amazon |
2022-10-24 - 2023-11-23 |
a year | crt.sh |
www.cloudflare.com Cloudflare Inc ECC CA-3 |
2022-09-27 - 2023-09-26 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://esta-apply.us.com/application/
Frame ID: 2EEED138963204C8B6850A542B874583
Requests: 26 HTTP requests in this frame
Frame:
https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
Frame ID: 7DFF80EB9ED911E253B68223D343BD26
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Online Application — ESTA Apply AssistancePage URL History Show full URLs
-
https://esta-apply.us.com/application
HTTP 301
https://esta-apply.us.com/application/ Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Hotjar (Analytics) Expand
Detected patterns
- //static\.hotjar\.com/
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Title: Visa Waiver Program
Search URL Search Domain Scan URL
Title: INA 217, 8 U.S.C. 1187
Search URL Search Domain Scan URL
Title: CFR Title 8, Subchapter B, Part 217
Search URL Search Domain Scan URL
Title: Travel Promotion Act of 2009
Search URL Search Domain Scan URL
Title: travel.state.gov
Search URL Search Domain Scan URL
Title: uscis.gov
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://esta-apply.us.com/application
HTTP 301
https://esta-apply.us.com/application/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
25 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
esta-apply.us.com/application/ Redirect Chain
|
297 KB 298 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.min.css
m3s2g6n8.stackpathcdn.com/application/assets/css/ |
175 KB 32 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
theme.min.css
m3s2g6n8.stackpathcdn.com/application/assets/css/ |
619 KB 77 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
intlTelInput.min.js
esta-apply.us.com/application/assets/js/ |
87 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utils.js
m3s2g6n8.stackpathcdn.com/application/assets/js/ |
245 KB 58 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
esta-application.js
m3s2g6n8.stackpathcdn.com/application/assets/js/ |
184 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
esta-apply-logo.svg
esta-apply.us.com/application/assets/img/ |
21 KB 22 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ssl.png
m3s2g6n8.stackpathcdn.com/application/assets/img/ |
29 KB 29 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dmca-badge-w250-5x1-09.png
images.dmca.com/Badges/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ |
86 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
cdnjs.cloudflare.com/ajax/libs/bootstrap/5.2.3/js/ |
59 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.bundle.min.js
cdnjs.cloudflare.com/ajax/libs/bootstrap/5.2.3/js/ |
79 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
theme.min.js
m3s2g6n8.stackpathcdn.com/application/assets/js/ |
57 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
passport-sample.png
m3s2g6n8.stackpathcdn.com/application/assets/img/ |
192 KB 192 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gosquared.js
d1l6p2sc9645hc.cloudfront.net/ |
10 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-3265036.js
static.hotjar.com/c/ |
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
93 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
183 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
219223da086a755e2996d49d593d3cf6.woff2
m3s2g6n8.stackpathcdn.com/application/assets/fonts/ |
26 KB 27 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap-icons%EF%B9%968d200481aa7f02a2d63a331fc782cfaf.woff2
m3s2g6n8.stackpathcdn.com/application/assets/css/fonts/ |
110 KB 110 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pv
data.gosquared.com/ |
8 B 77 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.bc1117deb4413903e9ac.js
script.hotjar.com/ |
264 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
box-5e66f98b4ee957db209dc6f63e3d59dd.html
vars.hotjar.com/ Frame 7DFF |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
trace
www.cloudflare.com/cdn-cgi/ |
329 B 465 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
visit-data
in.hotjar.com/api/v2/client/sites/3265036/ |
148 B 322 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
content
ws30.hotjar.com/api/v2/sites/3265036/recordings/ |
66 B 258 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
visit-data
in.hotjar.com/api/v2/client/sites/3265036/ |
148 B 321 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
74 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| oncontentvisibilityautostatechange object| hs_config object| intlTelInputGlobals function| intlTelInput object| intlTelInputUtils object| application function| load_function function| cloudflare_ping function| loading function| uploadPassportPhoto function| attach_passport function| delete_uploaded_passport function| pre_populate_passport_data function| add_previous_name_record function| add_other_issuing_country_record function| add_other_citizenship_country_record function| add_other_citizenship_country_before_record function| remove_previous_name_record function| remove_other_issuing_country_record function| remove_other_citizenship_country_record function| remove_other_citizenship_country_before_record function| move_to_step function| validate_step function| trigger_feedback function| feedback_reset function| is_email function| go function| save_step function| citizenship_country_selected function| country_a3_to_a2 function| country_a2_to_a3 function| country_a3_to_phone function| country_a2_to_phone function| prefill_form function| country_selected function| employer_country_selected function| trigger_eligibility_modal function| trigger_eligibility_switch function| sync_application_to_cloud function| sanitize function| rfc3986EncodeURIComponent function| pull_from_cloud function| prefill_form_from_cloud object| $phone_number_validator object| $employer_phone_number_validator object| $us_contact_phone_number_validator object| $emergency_contact_phone_number_validator object| $eligibility_modal object| $cloudflare_ping boolean| $applicant_event boolean| $passport_event boolean| $personal_event boolean| $social_event boolean| $employment_event boolean| $travel_event boolean| $eligibility_event boolean| $certification_event boolean| $cart_event boolean| $paid_event function| _gs function| hj object| _hjSettings function| $ function| jQuery number| uidEvent object| bootstrap object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| isObject function| mergeDeep9 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
esta-apply.us.com/ | Name: PHPSESSID Value: 7ea0e462926b437a89f7b6370866889f |
|
esta-apply.us.com/ | Name: gs_v_GSN-349734-J Value: |
|
esta-apply.us.com/ | Name: gs_u_GSN-349734-J Value: b8ad591905dae175f2a5424c20f37d3d:2567:5000:1671427256301 |
|
.esta-apply.us.com/ | Name: _hjSessionUser_3265036 Value: eyJpZCI6IjgyNDVmZmFlLWI0YmMtNTAwNy1hOWY3LTNmMGQ1YjkwZjQ0ZCIsImNyZWF0ZWQiOjE2NzE0MjcyNTY0NzMsImV4aXN0aW5nIjpmYWxzZX0= |
|
.esta-apply.us.com/ | Name: _hjFirstSeen Value: 1 |
|
esta-apply.us.com/ | Name: _hjIncludedInSessionSample Value: 1 |
|
.esta-apply.us.com/ | Name: _hjSession_3265036 Value: eyJpZCI6IjdlN2ExZGYyLWVmNjAtNDlmMi1hOTk5LWI3YmU2Y2Q3MTkwMyIsImNyZWF0ZWQiOjE2NzE0MjcyNTY2NzksImluU2FtcGxlIjp0cnVlfQ== |
|
esta-apply.us.com/ | Name: _hjIncludedInPageviewSample Value: 1 |
|
.esta-apply.us.com/ | Name: _hjAbsoluteSessionInProgress Value: 0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
d1l6p2sc9645hc.cloudfront.net
data.gosquared.com
esta-apply.us.com
images.dmca.com
in.hotjar.com
m3s2g6n8.stackpathcdn.com
script.hotjar.com
static.hotjar.com
vars.hotjar.com
ws30.hotjar.com
www.cloudflare.com
104.156.58.63
108.138.106.124
108.138.128.58
151.139.128.10
18.164.96.87
2600:9000:24f0:4e00:f:fd8f:b000:93a1
2606:4700::6810:7b60
2606:4700::6811:190e
52.49.37.246
54.220.154.0
54.234.82.237
0134375b1ced2e2b36e9a34753f87b48b49dab1ce589ec8a2932764d31ada657
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
1232f4a50a1519803d3c742d48dc7b2ce1dd3160b770eb0090d38f3faa57d05d
1b5bc090c0d56902da3e233e5e852204a2ab220296d1573fe69003619759e8e8
21ee66bbd3152900fe23af32f8781cbe1425716da85b3bfcf4deef4edaf00f4d
2c70f3d32d8ed2924ff688ad77a9b8f65663a433b5b0e5f4ba38879956961652
41b7ebade329b1b751ef4067aadb8cee15a28624b727905c20d72ee967bc8c2e
4238bd5272d46560602bc3b4045b660cf0d65c23f901c06d3432a5ea09022a27
4825ee15d4f767e7719ed6cbe69966abf6dc970d0dd776f865e6c18bfb7f907e
53d3f2331f338e23f4449f952a9ac5a7b2a904e30dc5b9c360eb89993b1a86fe
6cecec824a491ffe4bd1a94a3a04216c104e6e1da7659874593aff1dc7680dc1
784e37f6094cae44a378f0c921cbfb15cc959c412ace32fcb23501ff50341fec
7f8a5022df3199d1c0cfdc94abc6b80b1227adfbd5b36ebce0507a9e8a6df4e5
83a5768ed31f263b76a96d0805126ea2b1948be54381be542017fea2bec24b60
9520018fa5d81f4e4dc9d06afb576f90cbbaba209cfcc6cb60e1464647f7890b
9bcd4d0f29dc6556ebeeff44eaa0965f0c7f7308ee58394708cce2f698cca1b0
9ce9b78f53c8303ddfd5a0bdbb8c4e3e9c8eac2dedacdde93065dc908fba5e28
9d4e5c022d52caba75f29a29803840b4baae4b84d97ea7c71659c5d7820c5225
9e9df77ccc38933f0502ce6dd83cbb60e9f620f4109d40c0f5bde2202a2c3933
a35e3a9a0748bb6338f8235cabcc6e9419d52d3db7ab4b991738d76902c83ef4
c24a65ac901ef285ee99d016d2eaebcdbadf171639d8857dd7ff6a9458ab2b6c
c370df157eeffdb7c5130c8ff3941b177e488997f507b72f9325af920017639f
c69bf1ccae5f13b5aa4345dcfeb209a8148ad0bfa1e0678b93792aae0429c764
cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc
d06657c38d018f7c74023873c04e52108b3640cd6598d772bfb04f1a19c8d039
edd788535e039ca8e1c3106a629175d9e17903bcd5f61f8f0a0fdb721df4f85d