americanexpress.io
Open in
urlscan Pro
185.199.109.153
Malicious Activity!
Public Scan
Submission: On October 11 via api from CA — Scanned from CA
Summary
TLS certificate: Issued by R3 on August 14th 2023. Valid for: 3 months.
This is the only time americanexpress.io was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: American Express (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
13 | 185.199.109.153 185.199.109.153 | 54113 (FASTLY) (FASTLY) | |
7 | 104.104.84.162 104.104.84.162 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 | 2606:4700::68... 2606:4700::6811:180e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2607:f8b0:400... 2607:f8b0:4004:c17::8a | 15169 (GOOGLE) (GOOGLE) | |
23 | 4 |
ASN54113 (FASTLY, US)
PTR: cdn-185-199-109-153.github.com
americanexpress.io |
ASN16625 (AKAMAI-AS, US)
PTR: a104-104-84-162.deploy.static.akamaitechnologies.com
www.aexp-static.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
americanexpress.io
americanexpress.io |
7 MB |
7 |
aexp-static.com
www.aexp-static.com — Cisco Umbrella Rank: 13269 |
276 KB |
2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42 |
21 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 250 |
17 KB |
23 | 4 |
Domain | Requested by | |
---|---|---|
13 | americanexpress.io |
americanexpress.io
|
7 | www.aexp-static.com |
americanexpress.io
www.aexp-static.com |
2 | www.google-analytics.com |
americanexpress.io
www.google-analytics.com |
1 | cdnjs.cloudflare.com |
americanexpress.io
|
23 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
aexp.eightfold.ai |
github.com |
developer.americanexpress.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
americanexpress.io R3 |
2023-08-14 - 2023-11-12 |
3 months | crt.sh |
m.americanexpress.com DigiCert EV RSA CA G2 |
2023-04-05 - 2024-04-04 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-07-03 - 2024-07-02 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-09-18 - 2023-12-11 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://americanexpress.io/
Frame ID: 8722702604B1D6D29B8C8100ED46AE8F
Requests: 23 HTTP requests in this frame
Screenshot
Page Title
American Express TechnologyDetected technologies
Amex Express Checkout (Payment processors) ExpandDetected patterns
- aexp-static\.com
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Highlight.js (Miscellaneous) Expand
Detected patterns
- /(?:([\d.])+/)?highlight(?:\.min)?\.js
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Title: Careers
Search URL Search Domain Scan URL
Title: GitHub
Search URL Search Domain Scan URL
Title: APIs
Search URL Search Domain Scan URL
Title: Access GitHub
Search URL Search Domain Scan URL
Title: Access GitHub
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
americanexpress.io/ |
38 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utils.js
americanexpress.io/assets/js/ |
599 B 399 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dls.min.css
www.aexp-static.com/cdaas/one/statics/axp-dls/5.11.3/package/dist/styles/ |
343 KB 50 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.css
americanexpress.io/assets/css/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
syntax.css
americanexpress.io/assets/css/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dls-logo-bluebox-solid.svg
www.aexp-static.com/cdaas/one/statics/axp-dls/5.8.0/package/dist/img/dls_logos/ |
3 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
highlight.css
americanexpress.io/assets/css/ |
956 B 662 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
highlight.min.js
cdnjs.cloudflare.com/ajax/libs/highlight.js/9.12.0/ |
45 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
article_hero_image.jpg
americanexpress.io/assets/img/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.jpg
americanexpress.io/_post_assets/advanced-kotlin-use-site-targets/img/ |
187 KB 187 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.jpg
americanexpress.io/_post_assets/choosing-go/img/ |
6 MB 6 MB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.jpg
americanexpress.io/_post_assets/advanced-kotlin-delegates/img/ |
185 KB 186 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hero.jpg
americanexpress.io/_post_assets/super-powered-search-via-couchbase/img/ |
57 KB 57 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hero.jpg
americanexpress.io/_post_assets/hooks-intro/img/ |
14 KB 14 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hero.jpg
americanexpress.io/_post_assets/on-the-importance-of-commit-messages/img/ |
73 KB 74 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hero.jpg
americanexpress.io/_post_assets/spread-love/img/ |
62 KB 62 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dls-logo-line.svg
www.aexp-static.com/cdaas/one/statics/axp-dls/5.11.3/package/dist/img/dls_logos/ |
3 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
1 B 207 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3be50273-0b2e-4aef-ae68-882eacd611f9-3.woff
www.aexp-static.com/nav/ngn/fonts/ |
36 KB 37 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Roboto-Regular.woff
www.aexp-static.com/cdaas/one/statics/axp-dls/5.11.3/package/dist/fonts/ |
75 KB 75 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dls-icons.woff
www.aexp-static.com/cdaas/one/statics/axp-dls/5.11.3/package/dist/iconfont/ |
39 KB 40 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Roboto-Medium.woff
www.aexp-static.com/cdaas/one/statics/axp-dls/5.11.3/package/dist/fonts/ |
71 KB 71 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: American Express (Financial)11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| hasClass function| addClass function| removeClass function| findLinkParent string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| hljs3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.americanexpress.io/ | Name: _ga Value: GA1.2.1034082919.1697050348 |
|
.americanexpress.io/ | Name: _gid Value: GA1.2.1189256142.1697050348 |
|
.americanexpress.io/ | Name: _gat Value: 1 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
americanexpress.io
cdnjs.cloudflare.com
www.aexp-static.com
www.google-analytics.com
104.104.84.162
185.199.109.153
2606:4700::6811:180e
2607:f8b0:4004:c17::8a
08aa290779a2cfa729656adc7080814c717da25486b5c30693d17298a68cfc28
0c9fd2085a755a9e9c44ac7233e942b7797b1f9206aa4b142274c4705fb35cba
1d23cb4cbd1a5190ddca8956fea5dc6b53f752f5b0f7a071cf775338a0099255
26880aeeefb68723fb7e060b8d78e849559eeecfc257429f57786aa0d740339b
2996ed3e0c89a7c50ae11dc3555d18491fe37cbd17e196bd2014d1368e167491
34e7b4fc63329f7c34919af28f448272ee063ae697c180d0d7d6ec29d0e3e2bf
48050d8eeb740bb31aaad9eb82bcd4a493b474c9385eeda5fc2ca2ea279cffad
485caa1b2cb51527e740bc928cdb6477159557882d29949f68ed0390ed7eba6d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f57070fa2288244fcecadd4ed47a4eb9db8b2261efded327d5404c1637b4134
7ef974010abfe71fb92dc3f53e3948e1e544cf6821bf9802ea0bf35fa8fe5af6
96dda67e1401d9ca83eeb80fe2efff05807c324514ac0a683072626d5560434e
9de7bf83aae1a1f3aea99983e793dedd01f03dd93ca2edfd0eaed58d32484fd9
a13cfacc495f37af0da4cea83e9da8c56957c616321d5176c08c1ebd87cc5a95
bf61b797553fed1b9e79755f5484ba96c30134b77241960d88b676232fc900f6
c54acb431126b02f6f21433f327386a4cd637ef846267cc2cad712c47d3ce162
c99e6c26e47553e0df2d25c1460721655d0e1502a6d12dab8c087e6cf0b36f7a
d3e04d3805f0015950846bad35383dda6ec7827a889f1232c67588d8fc0311dc
d5d7822393d3103ec421f72f09c7f7c78948c68da112031c0afd1c0b0da92c08
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e9b9984fa917de50a5941dacf09ccdacbd7c252aed02d56d7a0eb63d11240b06
f80e96686402d783c04365af0637fe2290c9ab6dafa3552154157d2264975f4d
fc17e22241e51e856285975ce9316e8fb3262744d6716b0c5e4783170862d33c