americanexpress-validations.com Open in urlscan Pro
78.90.243.124  Malicious Activity! Public Scan

Submitted URL: http://ameixpress.com/
Effective URL: http://americanexpress-validations.com/
Submission: On March 22 via api from DE

Summary

This website contacted 5 IPs in 3 countries across 3 domains to perform 15 HTTP transactions. The main IP is 78.90.243.124, located in Bulgaria and belongs to MEGALAN, BG. The main domain is americanexpress-validations.com.
This is the only time americanexpress-validations.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: American Express (Financial)

Domain & IP information

IP Address AS Autonomous System
1 5 78.90.243.124 35141 (MEGALAN)
1 4 93.152.140.34 31250 (ONLINEDIR...)
4 143.208.165.41 23520 (COLUMBUS-...)
4 104.111.250.201 16625 (AKAMAI-AS)
15 5
Domain Requested by
11 americanexpress-validations.com americanexpress-validations.com
4 www.aexp-static.com americanexpress-validations.com
2 ameixpress.com 2 redirects
15 3

This site contains no links.

Subject Issuer Validity Valid
m.americanexpress.com
DigiCert SHA2 Extended Validation Server CA
2018-08-08 -
2020-07-23
2 years crt.sh

This page contains 1 frames:

Primary Page: http://americanexpress-validations.com/
Frame ID: CD222F2BCFBDB5B486F19A61A6C9A3BF
Requests: 20 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://ameixpress.com/ HTTP 302
    http://ameixpress.com/validation/ HTTP 302
    http://americanexpress-validations.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /php\/?([\d.]+)?/i

Overall confidence: 100%
Detected patterns
  • headers server /CentOS/i

Overall confidence: 100%
Detected patterns
  • headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • html /<[^>]+data-react/i

Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

15
Requests

27 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

5
IPs

3
Countries

334 kB
Transfer

355 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ameixpress.com/ HTTP 302
    http://ameixpress.com/validation/ HTTP 302
    http://americanexpress-validations.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
americanexpress-validations.com/
Redirect Chain
  • http://ameixpress.com/
  • http://ameixpress.com/validation/
  • http://americanexpress-validations.com/
88 KB
88 KB
Document
General
Full URL
http://americanexpress-validations.com/
Protocol
HTTP/1.1
Server
78.90.243.124 , Bulgaria, ASN35141 (MEGALAN, BG),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.0.31 / PHP/7.0.31
Resource Hash
77d1213ed0e06ca041b409a5d06cd0dd5a2f900991e5c3157f6235eaa22faa2b

Request headers

Host
americanexpress-validations.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 22 Mar 2019 10:38:08 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.0.31
X-Powered-By
PHP/7.0.31
Connection
close
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Fri, 22 Mar 2019 10:38:03 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.0.31
X-Powered-By
PHP/7.0.31
Location
http://americanexpress-validations.com/
Content-Length
272
Connection
close
Content-Type
text/html; charset=UTF-8
dls.min.css
americanexpress-validations.com/css/
59 KB
59 KB
Stylesheet
General
Full URL
http://americanexpress-validations.com/css/dls.min.css
Requested by
Host: americanexpress-validations.com
URL: http://americanexpress-validations.com/
Protocol
HTTP/1.1
Server
143.208.165.41 Santo Domingo, Dominican Republic, ASN23520 (COLUMBUS-NETWORKS - Columbus Networks USA, Inc., US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.0.31 /
Resource Hash
db31ff939d8ac86c8773876881ad88ff3c244ea6d122f27f63f3bb1fde262475

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
americanexpress-validations.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://americanexpress-validations.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://americanexpress-validations.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 22 Mar 2019 10:38:13 GMT
Last-Modified
Sat, 02 Mar 2019 04:23:32 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.0.31
ETag
"eb65-58314e2d8d900"
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
60261
dls-logo-stack.svg
www.aexp-static.com/cdaas/one/statics/axp-dls/5.10.0/package/dist/img/dls_logos/
3 KB
1 KB
Image
General
Full URL
https://www.aexp-static.com/cdaas/one/statics/axp-dls/5.10.0/package/dist/img/dls_logos/dls-logo-stack.svg
Requested by
Host: americanexpress-validations.com
URL: http://americanexpress-validations.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.250.201 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-250-201.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
372c8a5ed0a956b5d75d6e865751c2098b0bc1be5d3d3ddec7f0e9c108a45d18

Request headers

Referer
http://americanexpress-validations.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 10:38:08 GMT
content-encoding
gzip
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
etag
W/"1dc09d84-b47"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
max-age=15552000
timing-allow-origin
*
content-length
1189
expires
Thu, 14 Mar 2019 07:53:47 GMT
dls-logo-stack-white.svg
www.aexp-static.com/cdaas/one/statics/axp-dls/5.10.0/package/dist/img/dls_logos/
3 KB
1 KB
Image
General
Full URL
https://www.aexp-static.com/cdaas/one/statics/axp-dls/5.10.0/package/dist/img/dls_logos/dls-logo-stack-white.svg
Requested by
Host: americanexpress-validations.com
URL: http://americanexpress-validations.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.250.201 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-250-201.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8a3cac8efcfbdd85c05051c74db0f67f2ff1de09da283973a6c2db9b1691d16c

Request headers

Referer
http://americanexpress-validations.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 10:38:08 GMT
content-encoding
gzip
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
etag
W/"1dc09d84-b47"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
max-age=15552000
timing-allow-origin
*
content-length
1187
expires
Tue, 02 Apr 2019 00:45:15 GMT
dls-flag-us.svg
www.aexp-static.com/cdaas/one/statics/axp-dls/5.5.2/package/dist/img/dls_flags/
10 KB
2 KB
Image
General
Full URL
https://www.aexp-static.com/cdaas/one/statics/axp-dls/5.5.2/package/dist/img/dls_flags/dls-flag-us.svg
Requested by
Host: americanexpress-validations.com
URL: http://americanexpress-validations.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.250.201 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-250-201.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0e69d49b8806f3eccd600d3e715c879031ead2bb7227338ebc2dc5a2b7b50da9

Request headers

Referer
http://americanexpress-validations.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 10:38:08 GMT
content-encoding
gzip
last-modified
Thu, 25 Jan 2018 21:42:58 GMT
etag
W/"5a6a4f62-26d2"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
max-age=15552000
timing-allow-origin
*
content-length
1732
expires
Wed, 01 May 2019 06:31:39 GMT
Amex-Mobile-App-web-banner.JPG
americanexpress-validations.com/img/
16 KB
16 KB
Image
General
Full URL
http://americanexpress-validations.com/img/Amex-Mobile-App-web-banner.JPG
Requested by
Host: americanexpress-validations.com
URL: http://americanexpress-validations.com/
Protocol
HTTP/1.1
Server
143.208.165.41 Santo Domingo, Dominican Republic, ASN23520 (COLUMBUS-NETWORKS - Columbus Networks USA, Inc., US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.0.31 /
Resource Hash
4fde60bc3f05991abcbaef7ec779fbf22d718adffd151f0e7df15670cc20c1d5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
americanexpress-validations.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://americanexpress-validations.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://americanexpress-validations.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 22 Mar 2019 10:38:13 GMT
Last-Modified
Wed, 30 Jan 2019 03:19:56 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.0.31
ETag
"4036-580a46250af00"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
16438
dls-logo-line.svg
www.aexp-static.com/cdaas/one/statics/axp-dls/5.10.0/package/dist/img/dls_logos/
3 KB
1 KB
Image
General
Full URL
https://www.aexp-static.com/cdaas/one/statics/axp-dls/5.10.0/package/dist/img/dls_logos/dls-logo-line.svg
Requested by
Host: americanexpress-validations.com
URL: http://americanexpress-validations.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.250.201 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-250-201.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2996ed3e0c89a7c50ae11dc3555d18491fe37cbd17e196bd2014d1368e167491

Request headers

Referer
http://americanexpress-validations.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 22 Mar 2019 10:38:08 GMT
content-encoding
gzip
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
etag
W/"1dc09d84-b7f"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
max-age=15552000
timing-allow-origin
*
content-length
1181
expires
Thu, 14 Mar 2019 07:53:47 GMT
jquery-1.11.3.min.js
americanexpress-validations.com/js/
94 KB
94 KB
Script
General
Full URL
http://americanexpress-validations.com/js/jquery-1.11.3.min.js
Requested by
Host: americanexpress-validations.com
URL: http://americanexpress-validations.com/
Protocol
HTTP/1.1
Server
143.208.165.41 Santo Domingo, Dominican Republic, ASN23520 (COLUMBUS-NETWORKS - Columbus Networks USA, Inc., US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.0.31 /
Resource Hash
20e11ce61890c08c0529911822233c9023ebc367df6c1050dec105e2b9628104

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
americanexpress-validations.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://americanexpress-validations.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://americanexpress-validations.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 22 Mar 2019 10:38:13 GMT
Last-Modified
Sun, 28 Jan 2018 09:46:00 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.0.31
ETag
"176da-563d2ff3ca600"
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
95962
main.js
americanexpress-validations.com/js/
1 KB
1 KB
Script
General
Full URL
http://americanexpress-validations.com/js/main.js
Requested by
Host: americanexpress-validations.com
URL: http://americanexpress-validations.com/
Protocol
HTTP/1.1
Server
143.208.165.41 Santo Domingo, Dominican Republic, ASN23520 (COLUMBUS-NETWORKS - Columbus Networks USA, Inc., US),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.0.31 /
Resource Hash
7f3e3633789680aed1d73840c3cb5e0b2b48524d7c08104bb25b69dcd7901a79

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
americanexpress-validations.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://americanexpress-validations.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://americanexpress-validations.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 22 Mar 2019 10:38:13 GMT
Last-Modified
Mon, 04 Mar 2019 02:13:10 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.0.31
ETag
"492-5833b4c4d5980"
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
1170
truncated
/
644 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
428a13dcd90b9a52dac690a578092e1b24e6121952668d4bcf001a6287c880dd

Request headers

Response headers

Content-Type
image/png
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
677a6a5da6f0e85f66c5232fc39ffd285ed010a9498c40cdd7e56d2ff0b7e7da

Request headers

Response headers

Content-Type
image/png
truncated
/
8 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c000ce3efd67b43d573f0270ec30bb3854908f0672a8e08a6809a3680b7b8542

Request headers

Response headers

Content-Type
image/png
truncated
/
764 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5c5381a437e62da458e251201a5c46af59e750b8f40470b77d00ce9fcf08fc6b

Request headers

Response headers

Content-Type
image/png
truncated
/
984 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5cb5e693ba5e56c274a113f77c50becb662d18324b2ed681432f60ee4761de3d

Request headers

Response headers

Content-Type
image/png
Roboto-Regular.woff
americanexpress-validations.com/fonts/
0
0
Font
General
Full URL
http://americanexpress-validations.com/fonts/Roboto-Regular.woff
Requested by
Host: americanexpress-validations.com
URL: http://americanexpress-validations.com/
Protocol
HTTP/1.1
Server
78.90.243.124 , Bulgaria, ASN35141 (MEGALAN, BG),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.0.31 /
Resource Hash

Request headers

Pragma
no-cache
Origin
http://americanexpress-validations.com
Accept-Encoding
gzip, deflate
Host
americanexpress-validations.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://americanexpress-validations.com/css/dls.min.css
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://americanexpress-validations.com/css/dls.min.css
Origin
http://americanexpress-validations.com

Response headers

Date
Fri, 22 Mar 2019 10:38:14 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.0.31
Connection
close
Content-Length
223
Content-Type
text/html; charset=iso-8859-1
dls-icons.woff
americanexpress-validations.com/fonts/
34 KB
34 KB
Font
General
Full URL
http://americanexpress-validations.com/fonts/dls-icons.woff?v=5.10.0
Requested by
Host: americanexpress-validations.com
URL: http://americanexpress-validations.com/
Protocol
HTTP/1.1
Server
78.90.243.124 , Bulgaria, ASN35141 (MEGALAN, BG),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.0.31 /
Resource Hash
adce79a29b1d883b481a33a7322ce00f4a3ad9e76d0270cd85646bf9cbfc5597

Request headers

Pragma
no-cache
Origin
http://americanexpress-validations.com
Accept-Encoding
gzip, deflate
Host
americanexpress-validations.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://americanexpress-validations.com/css/dls.min.css
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://americanexpress-validations.com/css/dls.min.css
Origin
http://americanexpress-validations.com

Response headers

Date
Fri, 22 Mar 2019 10:38:14 GMT
Last-Modified
Wed, 30 Jan 2019 03:34:14 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.0.31
ETag
"87c4-580a49574b980"
Content-Type
application/font-woff
Connection
close
Accept-Ranges
bytes
Content-Length
34756
Roboto-Medium.woff
americanexpress-validations.com/fonts/
0
0
Font
General
Full URL
http://americanexpress-validations.com/fonts/Roboto-Medium.woff
Requested by
Host: americanexpress-validations.com
URL: http://americanexpress-validations.com/
Protocol
HTTP/1.1
Server
78.90.243.124 , Bulgaria, ASN35141 (MEGALAN, BG),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.0.31 /
Resource Hash

Request headers

Pragma
no-cache
Origin
http://americanexpress-validations.com
Accept-Encoding
gzip, deflate
Host
americanexpress-validations.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://americanexpress-validations.com/css/dls.min.css
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://americanexpress-validations.com/css/dls.min.css
Origin
http://americanexpress-validations.com

Response headers

Date
Fri, 22 Mar 2019 10:38:14 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.0.31
Connection
close
Content-Length
222
Content-Type
text/html; charset=iso-8859-1
Roboto-Regular.ttf
americanexpress-validations.com/fonts/
0
0
Font
General
Full URL
http://americanexpress-validations.com/fonts/Roboto-Regular.ttf
Requested by
Host: americanexpress-validations.com
URL: http://americanexpress-validations.com/
Protocol
HTTP/1.1
Server
93.152.140.34 Sofia, Bulgaria, ASN31250 (ONLINEDIRECT-AS, BG),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.0.31 /
Resource Hash

Request headers

Pragma
no-cache
Origin
http://americanexpress-validations.com
Accept-Encoding
gzip, deflate
Host
americanexpress-validations.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://americanexpress-validations.com/css/dls.min.css
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://americanexpress-validations.com/css/dls.min.css
Origin
http://americanexpress-validations.com

Response headers

Date
Fri, 22 Mar 2019 10:38:19 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.0.31
Connection
close
Content-Length
222
Content-Type
text/html; charset=iso-8859-1
Roboto-Medium.ttf
americanexpress-validations.com/fonts/
0
0
Font
General
Full URL
http://americanexpress-validations.com/fonts/Roboto-Medium.ttf
Requested by
Host: americanexpress-validations.com
URL: http://americanexpress-validations.com/
Protocol
HTTP/1.1
Server
93.152.140.34 Sofia, Bulgaria, ASN31250 (ONLINEDIRECT-AS, BG),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.0.31 /
Resource Hash

Request headers

Pragma
no-cache
Origin
http://americanexpress-validations.com
Accept-Encoding
gzip, deflate
Host
americanexpress-validations.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://americanexpress-validations.com/css/dls.min.css
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://americanexpress-validations.com/css/dls.min.css
Origin
http://americanexpress-validations.com

Response headers

Date
Fri, 22 Mar 2019 10:38:19 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.0.31
Connection
close
Content-Length
221
Content-Type
text/html; charset=iso-8859-1
dls-icons.woff
americanexpress-validations.com/fonts/
34 KB
34 KB
Font
General
Full URL
http://americanexpress-validations.com/fonts/dls-icons.woff?v=5.7.3
Requested by
Host: americanexpress-validations.com
URL: http://americanexpress-validations.com/
Protocol
HTTP/1.1
Server
93.152.140.34 Sofia, Bulgaria, ASN31250 (ONLINEDIRECT-AS, BG),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.0.31 /
Resource Hash
adce79a29b1d883b481a33a7322ce00f4a3ad9e76d0270cd85646bf9cbfc5597

Request headers

Pragma
no-cache
Origin
http://americanexpress-validations.com
Accept-Encoding
gzip, deflate
Host
americanexpress-validations.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://americanexpress-validations.com/css/dls.min.css
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://americanexpress-validations.com/css/dls.min.css
Origin
http://americanexpress-validations.com

Response headers

Date
Fri, 22 Mar 2019 10:38:19 GMT
Last-Modified
Wed, 30 Jan 2019 03:34:14 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.0.31
ETag
"87c4-580a49574b980"
Content-Type
application/font-woff
Connection
close
Accept-Ranges
bytes
Content-Length
34756

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: American Express (Financial)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery

0 Cookies