www.gigaflop.com.ar
Open in
urlscan Pro
190.210.98.129
Malicious Activity!
Public Scan
Submission: On July 22 via api from US — Scanned from CA
Summary
TLS certificate: Issued by R11 on July 21st 2024. Valid for: 3 months.
This is the only time www.gigaflop.com.ar was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: American Express (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 190.210.98.129 190.210.98.129 | 16814 (NSS S.A.) (NSS S.A.) | |
2 | 104.21.234.231 104.21.234.231 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 142.251.16.95 142.251.16.95 | 15169 (GOOGLE) (GOOGLE) | |
3 | 151.101.129.229 151.101.129.229 | 54113 (FASTLY) (FASTLY) | |
4 | 23.6.68.71 23.6.68.71 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 | 23.204.209.17 23.204.209.17 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
12 | 7 |
ASN16814 (NSS S.A., AR)
PTR: panel.pindns.com
www.gigaflop.com.ar |
ASN15169 (GOOGLE, US)
PTR: bl-in-f95.1e100.net
ajax.googleapis.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-6-68-71.deploy.static.akamaitechnologies.com
www.aexp-static.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-204-209-17.deploy.static.akamaitechnologies.com
icm.aexp-static.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
aexp-static.com
www.aexp-static.com — Cisco Umbrella Rank: 17513 icm.aexp-static.com — Cisco Umbrella Rank: 22942 |
189 KB |
3 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 410 |
71 KB |
2 |
githack.com
rawcdn.githack.com — Cisco Umbrella Rank: 111045 |
92 KB |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 641 |
30 KB |
1 |
gigaflop.com.ar
www.gigaflop.com.ar |
39 KB |
12 | 5 |
Domain | Requested by | |
---|---|---|
4 | www.aexp-static.com |
www.gigaflop.com.ar
rawcdn.githack.com |
3 | cdn.jsdelivr.net |
www.gigaflop.com.ar
|
2 | rawcdn.githack.com |
www.gigaflop.com.ar
|
1 | icm.aexp-static.com |
www.gigaflop.com.ar
|
1 | ajax.googleapis.com |
www.gigaflop.com.ar
|
1 | www.gigaflop.com.ar | |
12 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
aexpfeedback.qualtrics.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
gigaflop.com.ar R11 |
2024-07-21 - 2024-10-19 |
3 months | crt.sh |
githack.com WE1 |
2024-06-27 - 2024-09-25 |
3 months | crt.sh |
upload.video.google.com WR2 |
2024-06-24 - 2024-09-16 |
3 months | crt.sh |
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3 |
2023-09-27 - 2024-10-28 |
a year | crt.sh |
m.americanexpress.com DigiCert SHA2 Extended Validation Server CA |
2024-03-06 - 2025-03-06 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.gigaflop.com.ar/old/?vol=9678&sku=91-bcad47ab5c730a367b4fab1adad238fc36a320d8c3fc3d910e00f1c466e
Frame ID: 1C4B90F915C30349BFB5E83CCADCEE20
Requests: 14 HTTP requests in this frame
Screenshot
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Amex Express Checkout (Payment processors) Expand
Detected patterns
- aexp-static\.com
React (JavaScript Frameworks) Expand
Detected patterns
- <[^>]+data-react
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Go to Home
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.gigaflop.com.ar/old/ |
87 KB 39 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
oce-font.full.css
rawcdn.githack.com/tokenaxp/min/79900af5d2d596ab04bf44298cd49c4216bff69e/ |
207 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
oce-font.css
rawcdn.githack.com/tokenaxp/min/79900af5d2d596ab04bf44298cd49c4216bff69e/ |
106 KB 70 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ |
85 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha3/dist/js/ |
79 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha3/dist/css/ |
227 KB 34 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.10.5/font/ |
92 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dls-logo-stack.svg
www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/ |
2 KB 922 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3CSC_INTL_300x190.png
icm.aexp-static.com/content/dam/one-amex/one-identity/images/ |
4 KB 4 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3be50273-0b2e-4aef-ae68-882eacd611f9-3.woff
www.aexp-static.com/nav/ngn/fonts/ |
36 KB 37 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
43 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Roboto-Regular.woff
www.aexp-static.com/cdaas/one/statics/axp-dls/5.10.1/package/dist/fonts/ |
75 KB 75 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Roboto-Light.woff
www.aexp-static.com/cdaas/one/statics/axp-dls/5.10.1/package/dist/fonts/ |
72 KB 72 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: American Express (Financial)26 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
string| lKJoCVizXQqbUI number| eLPVbSBruMoEFK number| HxyGZgjeMfNVKu number| LXqIthNPsamWdM function| HtQUNboZkCnEYB function| cuSqKCQwrpIiPF function| KojtMFhLYrsZNQ function| QxDEIPmMbqeWLt string| kRlLmYtKNEzOTW string| eixmUhyHQwrAuL object| jXLhbfQEwWOlaU number| zrAPgBWtudvMCn object| hXzyBjegkOWRvs function| $ function| jQuery number| uidEvent object| bootstrap function| _0x3f1e function| _0x5ec482 function| _0x3dbc function| _0x548f function| _0x38e0 function| _0x1b3541 function| _0x4bc6 function| _0x5042 function| _0xbe71f30 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
cdn.jsdelivr.net
icm.aexp-static.com
rawcdn.githack.com
www.aexp-static.com
www.gigaflop.com.ar
104.21.234.231
142.251.16.95
151.101.129.229
190.210.98.129
23.204.209.17
23.6.68.71
1346b2d5cfea534f11d88c101604b83970a745a00a24f1b022529cf3af6756c3
16ee7f3d53462650bbd32e263c48c0ea759574fcf620c681ad719008912c461a
18f3644f71d444e98a23bcccbd33e41a5dd356642e195559227879f10a182b19
48050d8eeb740bb31aaad9eb82bcd4a493b474c9385eeda5fc2ca2ea279cffad
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5ec6db3d6764748f167de1790472377b58d8ae922e19c0f49d83d41f11c466cd
7ef974010abfe71fb92dc3f53e3948e1e544cf6821bf9802ea0bf35fa8fe5af6
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
b1ee2c9edcb3f450400bfae23a95a9f819e3802f6becc00698d657e9781a4dee
d8824f7067cdfea38afec7e9ffaf072125266824206d69ef1f112d72153a505e
e9f9fab2d479b79aca1d3d3bf0a9fc36131752869363180bef040905a008cc1b
ea8fe021a4ace4f6786fecc418f70b658fc2dc02d136e8fe5c6ab6b62a46d5d0
eb274f5a01833e00094b44880abbef8e2697a5c25effaa217267ee9ab898fa97
fc69234936c0df004440641a5df9ee1e3c3532df5780984f0f636e85e8788519