mmsr-us.zohostatic.online
Open in
urlscan Pro
173.82.232.206
Malicious Activity!
Public Scan
Submission: On August 29 via api from JP — Scanned from US
Summary
TLS certificate: Issued by R3 on August 14th 2023. Valid for: 3 months.
This is the only time mmsr-us.zohostatic.online was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: American Express (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
27 | 173.82.232.206 173.82.232.206 | 35916 (MULTA-ASN1) (MULTA-ASN1) | |
1 | 104.106.252.143 104.106.252.143 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 | 104.81.136.155 104.81.136.155 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 | 104.106.252.87 104.106.252.87 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
32 | 5 |
ASN35916 (MULTA-ASN1, US)
PTR: mlpg598.cn
mmsr-us.zohostatic.online |
ASN16625 (AKAMAI-AS, US)
PTR: a104-106-252-143.deploy.static.akamaitechnologies.com
www.americanexpress.com |
ASN16625 (AKAMAI-AS, US)
PTR: a104-81-136-155.deploy.static.akamaitechnologies.com
www.aexp-static.com |
ASN16625 (AKAMAI-AS, US)
PTR: a104-106-252-87.deploy.static.akamaitechnologies.com
one-xp.americanexpress.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
27 |
zohostatic.online
mmsr-us.zohostatic.online |
454 KB |
2 |
americanexpress.com
www.americanexpress.com — Cisco Umbrella Rank: 15429 one-xp.americanexpress.com — Cisco Umbrella Rank: 25203 apigw.americanexpress.com Failed |
16 KB |
1 |
aexp-static.com
www.aexp-static.com — Cisco Umbrella Rank: 12994 |
56 KB |
32 | 3 |
Domain | Requested by | |
---|---|---|
27 | mmsr-us.zohostatic.online |
mmsr-us.zohostatic.online
|
1 | one-xp.americanexpress.com |
mmsr-us.zohostatic.online
|
1 | www.aexp-static.com |
mmsr-us.zohostatic.online
|
1 | www.americanexpress.com |
mmsr-us.zohostatic.online
|
0 | apigw.americanexpress.com Failed |
mmsr-us.zohostatic.online
|
32 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
soho.monster R3 |
2023-08-14 - 2023-11-12 |
3 months | crt.sh |
www.americanexpress.com DigiCert SHA2 Extended Validation Server CA |
2023-08-03 - 2024-08-01 |
a year | crt.sh |
m.americanexpress.com DigiCert EV RSA CA G2 |
2023-04-05 - 2024-04-04 |
a year | crt.sh |
www.standforsmall.com DigiCert SHA2 Extended Validation Server CA |
2023-07-31 - 2024-07-29 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://mmsr-us.zohostatic.online/
Frame ID: 50D1E3B47A96E15C7C9BCCC768E1CFC3
Requests: 37 HTTP requests in this frame
Screenshot
Page Title
American Express Credit Cards, Rewards & BankingDetected technologies
Amex Express Checkout (Payment processors) ExpandDetected patterns
- aexp-static\.com
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
mmsr-us.zohostatic.online/ |
440 KB 55 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dls.min1.css
mmsr-us.zohostatic.online/css/ |
311 KB 51 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.css
mmsr-us.zohostatic.online/css/ |
18 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app_top.js
mmsr-us.zohostatic.online/js/ |
193 KB 64 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.min.a995c654248c3b6f73a6d139577720c9.css
mmsr-us.zohostatic.online/css/ |
11 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dls-logo-bluebox-solid.svg
mmsr-us.zohostatic.online/img/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dls-logo-stack.svg
mmsr-us.zohostatic.online/img/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dls-logo-stack-white.svg
mmsr-us.zohostatic.online/img/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dls-flag-us.svg
mmsr-us.zohostatic.online/img/ |
5 KB 6 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
navScript.js
mmsr-us.zohostatic.online/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
72pxTrophy_DirectRetBank22_AmericanExpress.webp
mmsr-us.zohostatic.online/img/ |
2 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Consumer-SBS_Promo-Banner-11-11-15.webp
mmsr-us.zohostatic.online/img/ |
9 KB 9 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
us-en-hp-promo-card-selection.webp
mmsr-us.zohostatic.online/img/ |
8 KB 8 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Consumer-SBS_Promo-Banner-11-11-15.jpg
mmsr-us.zohostatic.online/content/dam/amex/en-us/homepage/promo/ |
548 B 548 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
us-en-hp-promo-card-selection.png
mmsr-us.zohostatic.online/content/dam/amex/en-us/homepage/promo/ |
548 B 548 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dls-flag-us.svg
mmsr-us.zohostatic.online/img/ |
5 KB 6 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
business-tagline-white.png
mmsr-us.zohostatic.online/content/dam/amex/en-us/homepage/hero-new/ |
548 B 548 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en-us-hilton-business-card.png
mmsr-us.zohostatic.online/content/dam/amex/en-us/homepage/hero-new/ |
548 B 548 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
us-en-hp-promo2-all-apauto-spring-promo.jpg
mmsr-us.zohostatic.online/content/dam/amex/en-us/homepage/promo/ |
548 B 548 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
42 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dls-logo-line.svg
mmsr-us.zohostatic.online/img/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
644 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
8 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
764 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
984 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jdp-savings-awards-10-27-22.jpeg
mmsr-us.zohostatic.online/img/ |
51 KB 51 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
us-en-hp-mt2-cta-pr-findabusinesscard.webp
mmsr-us.zohostatic.online/img/ |
10 KB 10 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
us-en-hp-mt2-credit-secure.webp
mmsr-us.zohostatic.online/img/ |
15 KB 15 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
us-en-hp-mt-benefits.webp
mmsr-us.zohostatic.online/img/ |
12 KB 12 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ws-bg-light-grey.png
www.americanexpress.com/content/dam/amex/common/homepage/images/ |
15 KB 16 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dls-icons.woff
mmsr-us.zohostatic.online/iconfont/ |
44 KB 44 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3be50273-0b2e-4aef-ae68-882eacd611f9-3.woff
mmsr-us.zohostatic.online/fonts/ |
36 KB 36 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dls-icons.woff
www.aexp-static.com/cdaas/one/statics/@americanexpress/static-assets/2.25.0/package/dist/iconfont/ |
55 KB 56 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
325e6ad0-38fb-4bad-861c-d965eab101d5-3.woff
mmsr-us.zohostatic.online/fonts/ |
68 KB 68 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
find
one-xp.americanexpress.com/variant/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
pzn-offers
apigw.americanexpress.com/acqpzn/en-us/both/hp/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
find
one-xp.americanexpress.com/variant/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- apigw.americanexpress.com
- URL
- https://apigw.americanexpress.com/acqpzn/en-us/both/hp/pzn-offers?reffrom=&res=1600X1200&nba=1600X1200&vse=https%3A%2F%2Fmmsr-us.zohostatic.online%2F&maxTouchPoints=0&hardwareConcurrency=4&deviceMemory=8&ctgrp=3&plugins=Chrome%20PDF%20Plugin%3BChrome%20PDF%20Viewer%3BNative%20Client
- Domain
- one-xp.americanexpress.com
- URL
- https://one-xp.americanexpress.com/variant/find
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: American Express (Financial)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture object| webpackChunk_americanexpress_homepage_frontend object| s undefined| __satelliteLoaded object| AmexNavigation object| oneapp0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
9 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
apigw.americanexpress.com
mmsr-us.zohostatic.online
one-xp.americanexpress.com
www.aexp-static.com
www.americanexpress.com
apigw.americanexpress.com
one-xp.americanexpress.com
104.106.252.143
104.106.252.87
104.81.136.155
173.82.232.206
028f643755987211bf2f3add6c62ae1870a888cf2f4fe3040a4fac7dce2543ab
3002b7789afb7f37a8fe978ef834996ac8de9eab73e86e7c1a58a31c1f7acbc0
32f4b489cd19d542d622f0df4b05ef6231454eda01f36c83b375e1818880e7c1
428a13dcd90b9a52dac690a578092e1b24e6121952668d4bcf001a6287c880dd
48050d8eeb740bb31aaad9eb82bcd4a493b474c9385eeda5fc2ca2ea279cffad
56b8e90244c34621e294d3357edfef9a1467e501773ed21b25dc6367ab3d7803
572010b354323302d96e3a13851b8015d1bafed7629f7388df1eecb6de8edad3
586f5cb99b7332a9dbfe00c6875e043caecbc3da2efe066ebceab72a27fa931e
5c5381a437e62da458e251201a5c46af59e750b8f40470b77d00ce9fcf08fc6b
5cb5e693ba5e56c274a113f77c50becb662d18324b2ed681432f60ee4761de3d
5e60a20da0f769a6260d4ed755d615da930b87c62436f807a6ff32d000017d18
677a6a5da6f0e85f66c5232fc39ffd285ed010a9498c40cdd7e56d2ff0b7e7da
6c2307e5fa4f3725b00710176eeab8c23abbcd4acfd6f7c70389acc9d08d82f0
7295697b686df7a6ac551a11bf1e276dbfb57460930e2bf13efda3a7ffb15ea2
75e2a6c3d351f98ed070a05974c38d9cc1a17b24cf9ec98bf874e27fabb3faff
a13361cb57d75a61571b370df2d00e456da969b694aac45161704effa3bd522c
a36606cd2a0a6b69a0fccc4e7d002db08d8e8474f54534443f59370bfb15323d
b1f37b2f1cc26ef70671e3c2d345cffdcc06f02e72fcd6063c350094265426b9
c000ce3efd67b43d573f0270ec30bb3854908f0672a8e08a6809a3680b7b8542
c39e8554624a4b74e596d2bfa96bdd4d30dbc395532ab32e67591c0e929080e9
c5929a841c8d1ebd7866a5518301ccbecc142efe232d348991b08b887a840b56
c78b29b915aa2dc7c1022f4a006780940116242f17ffc4a968bb913a13c7b537
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d94d1ea3fed357425b8b06c9180de00d3f29a715151868609d9687682235a469
d99883a334b0d0684cc11e47cabddfbd1da66f1d6206f87ecdf1340cc29a503f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f71b3b6216cdb2e06a7716d48d96ad9b8ccf3b69f03134d4a0cb89b8c9dcf63b
f86723492a9dde9c9cbb9b636472d096f4d37170e088f2285a6b44bb2328436f
faec7011ca07615dfd0977197afa2da59f85049d0307966c2da76a956efc8837
fc69234936c0df004440641a5df9ee1e3c3532df5780984f0f636e85e8788519