master.amex-carta-verde-landing-amazon.n3.caffeina.host
Open in
urlscan Pro
88.99.57.41
Malicious Activity!
Public Scan
Effective URL: https://master.amex-carta-verde-landing-amazon.n3.caffeina.host/
Submission: On June 16 via automatic, source openphish — Scanned from DE
Summary
TLS certificate: Issued by R3 on June 5th 2022. Valid for: 3 months.
This is the only time master.amex-carta-verde-landing-amazon.n3.caffeina.host was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: American Express (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 13 | 88.99.57.41 88.99.57.41 | 24940 (HETZNER-AS) (HETZNER-AS) | |
1 | 2a00:1450:400... 2a00:1450:4001:80f::2008 | 15169 (GOOGLE) (GOOGLE) | |
4 | 96.16.140.130 96.16.140.130 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
17 | 3 |
ASN24940 (HETZNER-AS, DE)
PTR: static.88-99-57-41.clients.your-server.de
master.amex-carta-verde-landing-amazon.n3.caffeina.host |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16625 (AKAMAI-AS, US)
PTR: a96-16-140-130.deploy.static.akamaitechnologies.com
www.aexp-static.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
caffeina.host
1 redirects
master.amex-carta-verde-landing-amazon.n3.caffeina.host |
759 KB |
4 |
aexp-static.com
www.aexp-static.com — Cisco Umbrella Rank: 12269 |
123 KB |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 96 |
32 KB |
17 | 3 |
Domain | Requested by | |
---|---|---|
13 | master.amex-carta-verde-landing-amazon.n3.caffeina.host |
1 redirects
master.amex-carta-verde-landing-amazon.n3.caffeina.host
|
4 | www.aexp-static.com |
master.amex-carta-verde-landing-amazon.n3.caffeina.host
|
1 | www.googletagmanager.com |
master.amex-carta-verde-landing-amazon.n3.caffeina.host
|
17 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
master.amex-carta-verde-landing-amazon.n3.caffeina.host R3 |
2022-06-05 - 2022-09-03 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-05-30 - 2022-08-22 |
3 months | crt.sh |
m.americanexpress.com DigiCert SHA2 Extended Validation Server CA |
2022-05-16 - 2023-05-15 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://master.amex-carta-verde-landing-amazon.n3.caffeina.host/
Frame ID: EB80C88ED0F793FB88BE7642EE03A6B8
Requests: 17 HTTP requests in this frame
Screenshot
Page Title
American Express | 150€ di Buoni Regalo Amazon.itPage URL History Show full URLs
-
http://master.amex-carta-verde-landing-amazon.n3.caffeina.host/
HTTP 301
https://master.amex-carta-verde-landing-amazon.n3.caffeina.host/ Page URL
Detected technologies
Amex Express Checkout (Payment processors) ExpandDetected patterns
- aexp-static\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- googletagmanager\.com/gtm\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://master.amex-carta-verde-landing-amazon.n3.caffeina.host/
HTTP 301
https://master.amex-carta-verde-landing-amazon.n3.caffeina.host/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
master.amex-carta-verde-landing-amazon.n3.caffeina.host/ Redirect Chain
|
48 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-8d5f85e939.css
master.amex-carta-verde-landing-amazon.n3.caffeina.host/css/ |
12 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-44c23f90e5.modern.js
master.amex-carta-verde-landing-amazon.n3.caffeina.host/js/ |
208 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dls.min.css
master.amex-carta-verde-landing-amazon.n3.caffeina.host/amex-dls/styles/ |
304 KB 41 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
amex-promo-hero.png
master.amex-carta-verde-landing-amazon.n3.caffeina.host/assets/ |
401 KB 403 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
carta-verde-table-2x.png
master.amex-carta-verde-landing-amazon.n3.caffeina.host/assets/ |
148 KB 149 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
81 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dls-flag-it.svg
www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.15.1/package/dist/img/flags/ |
230 B 362 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dls.min.js
master.amex-carta-verde-landing-amazon.n3.caffeina.host/amex-dls/scripts/ |
110 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
travel-1.webp
master.amex-carta-verde-landing-amazon.n3.caffeina.host/assets/ |
8 KB 9 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
travel-2.webp
master.amex-carta-verde-landing-amazon.n3.caffeina.host/assets/ |
12 KB 13 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
travel-3.webp
master.amex-carta-verde-landing-amazon.n3.caffeina.host/assets/ |
11 KB 12 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
travel-4.webp
master.amex-carta-verde-landing-amazon.n3.caffeina.host/assets/ |
20 KB 20 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0fababca-4914-46dd-9b0f-efbd51f67ae8-3.woff
www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.15.1/package/dist/fonts/ |
37 KB 37 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dls-icons.woff
www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.15.1/package/dist/iconfont/ |
49 KB 49 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3be50273-0b2e-4aef-ae68-882eacd611f9-3.woff
www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.15.1/package/dist/fonts/ |
36 KB 37 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lazysizes.modern.js
master.amex-carta-verde-landing-amazon.n3.caffeina.host/js/independent/ |
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: American Express (Financial)18 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| dataLayer function| webpackHotUpdate object| DLS object| gsapVersions object| ModalSystem object| APP object| _gsap function| _scrollTop function| _scrollLeft object| lazySizes object| google_tag_manager0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
master.amex-carta-verde-landing-amazon.n3.caffeina.host
www.aexp-static.com
www.googletagmanager.com
2a00:1450:4001:80f::2008
88.99.57.41
96.16.140.130
0d624e8d7fe04410f1c5b63264232eb3c3785bba16d702c7adeb889e2985facc
104da204b0f6497079f16345f6e1554a6640bde436f7a13893904d8da0b11710
1a8f15719c296c1ac39fb12b09fa7b5e9a208ecb394b74e324951049bef2bbd3
2efa5b9284e25803f3e95df7132f854e8aef724bb000fc80a201439ffebe4d82
36087898274e5be5d01177e2cc80d44ef4dc7f17b958bfed86aa6f9bab068e0c
48050d8eeb740bb31aaad9eb82bcd4a493b474c9385eeda5fc2ca2ea279cffad
568d1bad8ef5d3ee9e14e5bdc304985d4d9a8d791bfe4fdb689fc2bef638466c
591e0bab31d7e73e818a9974e5195bd2e0d1dcba59caffc3decc882a5310f926
59ee80207c9cc6954e9f1792ef2193038b9cf24addd24d6af9ba97fbfb5e86d3
6700f9707b5a41c2521a91fec057298f47296e382c09603172c8b3dc3b110c4f
68f41ea0ef800d976ad0dcaccefbd0bf4acb006f2b171b99bd893c56dcd9f625
693769477a25f7784fa0f6da1a66a7fa3483ff08cc5eeaf1db63100d410d3c91
726f5b6ad7313a9c73eadd5de9f115225e8095af14e54c81c23b9fc8f8cf6113
7656ee6a33aba4e60b7e94047483fbdea087cc48fc1b4b3f298d803afcef5c4c
a2ed184181654aa338c5c2bac67da257949b9476f90727ca83fd0357a1636444
d804b7570505ba4992e5a0aeb5b41db37c96f6e816c26c08bd79bf35f0f40f24
e91398367f15de4beeffb1055e5eab6b1759c57cc7b6369fdd425a41ce05083d