www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop Open in urlscan Pro
192.81.219.228 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop/
Submission: On March 27 via manual (March 27th 2023, 12:51:30 pm UTC) from JP — Scanned from JP

Summary HTTP 12 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 12 HTTP transactions. The main IP is 192.81.219.228, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop.

This is the only time www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: American Express (Financial)

Domain & IP information

	IP Address	AS Autonomous System
7	192.81.219.228 192.81.219.228	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2606:4700:303... 2606:4700:3031::6815:1ff9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	104.71.145.60 104.71.145.60	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
12	4

7 192.81.219.228 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6815:1ff9 (United States)

ASN13335 (CLOUDFLARENET, US)

fh002.fh-008.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.71.145.60 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-71-145-60.deploy.static.akamaitechnologies.com

www.aexp-static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
icm.aexp-static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	7lwfuij00dxjbm6x.shop www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop	8 MB
4	aexp-static.com www.aexp-static.com — Cisco Umbrella Rank: 12606 icm.aexp-static.com — Cisco Umbrella Rank: 13802	15 KB
1	fh-008.xyz fh002.fh-008.xyz	538 B
12	3

	Domain	Requested by
7	www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop	www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop
3	www.aexp-static.com
1	icm.aexp-static.com
1	fh002.fh-008.xyz	www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop
12	4

This site contains links to these domains. Also see Links.

Domain
www.americanexpress.com
global.americanexpress.com
about.americanexpress.com
www.facebook.com
www.youtube.com
twitter.com

Subject Issuer	Validity	Valid
*.fh-008.xyz GTS CA 1P5	`2023-02-14` - `2023-05-15`	3 months	crt.sh
m.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2022-05-16` - `2023-05-15`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop/
Frame ID: 18D12530EF05819C1CBB370D85D65594
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

マイアカウントにログイン - クレジットカードはアメリカン・エキスプレス（アメックス）

Detected technologies

Amex Express Checkout (Payment processors) Expand

Overall confidence: 100%
Detected patterns

aexp-static\.com

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Page Statistics

12
Requests

42 %
HTTPS

33 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

7769 kB
Transfer

14414 kB
Size

1
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: https://www.americanexpress.com/ja-jp/?inav=NavLogo

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/japan/contents/sitehelp/contactus.shtml?inav=jp_utility_contact
Title: お客様サポート

Search URL Search Domain Scan URL

URL: https://global.americanexpress.com/myca/oce/japa/action/home?request_type=un_Register&Face=ja_JP
Title: オンライン・サービス新規登録

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/japan/contents/guide/online_services/smartphone_app/default.shtml

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/jp/company/about/greeting.html?inav=jp_footer_greeting
Title: ごあいさつ

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/jp/company/about/summary.html?inav=jp_footer_overview
Title: 会社概要

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/jp/company/about/business.html?inav=jp_footer_business_unit
Title: 業務内容

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/jp/company/about/blue-box-values.html?inav=jp_footer_csr
Title: 基本理念/社会貢献

Search URL Search Domain Scan URL

URL: https://about.americanexpress.com/category/press-release-category/japan?inav=jp_footer_press_release
Title: ニュースルーム

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/ja-jp/careers/?inav=jp_footer_jobs
Title: 採用情報

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/jp/services/coverage/?inav=jp_footer_poc
Title: アメックスが使えるところ

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/jp/benefits/service-security/ways-to-pay?inav=jp_footer_contactless
Title: 様々な決済方法

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/jp/customer-service/digital/amex-app.html?inav=jp_footer_smartapp
Title: アメックスアプリ

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/jp/services/online-service/?inav=jp_footer_onlineservice
Title: 会員専用サイト（オンライン・サービス）

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/jp/jp-home/service/safekey/japanese.html?inav=jp_footer_safekey
Title: アメリカン・エキスプレス・セーフキー

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/jp/content/all-cards/?inav=jp_footer_pc_pr
Title: 個人のお客様向け

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/ja-jp/business/credit-cards/?inav=jp_footer_sbs_pr
Title: 中小規模企業の経営者様・個人事業主様

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/ja-jp/business/corporate-credit-cards/?inav=jp_footer_business_gcp
Title: 中堅・大規模企業様

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/jp/prepaid/gift-cards/?inav=jp_footer_giftcard
Title: 百貨店ギフトカード

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/jp/company/legal/tc.html?inav=jp_footer_cardagr
Title: 会員規約・規定集

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/jp/customer-service/contact-us/?inav=jp_footer_contact
Title: お客様サポート

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/jp/customer-service/?inav=jp_footer_customer_service
Title: よくあるご質問

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/jp/support/contact/lost-stolen.html?inav=jp_footer_lost_stolen
Title: カードの紛失・盗難時に

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/jp/sitemap.html?inav=jp_footer_sitemap
Title: サイトマップ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/americanexpressjapan

Search URL Search Domain Scan URL

URL: http://www.youtube.com/user/AmericanExpressJP

Search URL Search Domain Scan URL

URL: https://twitter.com/amexjp

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/jp/company/legal/web-rules.html?inav=jp_footer_legal_terms
Title: ウェブサイト規約

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/jp/company/legal/online-privacy-statement.html?inav=jp_footer_onlineprivacy
Title: プライバシーについて

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/jp/company/legal/privacy-policy.html?inav=jp_footer_datausage
Title: 個人情報の利用

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop/	642 B 1 KB	553ms 192ms	Document text/html	192.81.219.228 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL http://www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop/ Protocol HTTP/1.1 Server 192.81.219.228 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash `b8afedf64fef2c473288ee12d9fb4b4ec691589287909f53db2327a718641357` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers Access-Control-Allow-Headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Accept-Language, Origin, Accept-Encoding Access-Control-Allow-Methods GET, POST, OPTIONS, DELETE Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection Upgrade, close Content-Encoding gzip Content-Length 365 Content-Type text/html; charset=utf-8 Date Mon, 27 Mar 2023 12:51:23 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Pragma no-cache Server Apache Upgrade h2 Vary Accept-Encoding
GET H/1.1	200 OK	app.0.37294223986175481676647714422.css www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop/static/css/	14 MB 7 MB	182ms 181ms	Stylesheet text/css	192.81.219.228 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL http://www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop/static/css/app.0.37294223986175481676647714422.css Requested by Host: www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop URL: http://www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop/ Protocol HTTP/1.1 Server 192.81.219.228 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash `6518b2f677f3faeceb9c473cc1a82b602cc5e67ce283b0ae3355a0c3406aa775` Request headers accept-language jp-JP,jp;q=0.9 Referer http://www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Mon, 27 Mar 2023 12:51:23 GMT Content-Encoding gzip Last-Modified Fri, 17 Feb 2023 15:28:54 GMT Server Apache ETag "dc9f89-5f4e6f8993980-gzip" Vary Accept-Encoding Transfer-Encoding chunked Upgrade h2 Content-Type text/css Connection Upgrade, close Accept-Ranges bytes
GET H/1.1	200 OK	1676647714422.0.476307158480102851676647714422.js Show response www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop/static/js/	235 KB 82 KB	315ms 167ms	Script application/javascript	192.81.219.228 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL http://www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop/static/js/1676647714422.0.476307158480102851676647714422.js Requested by Host: www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop URL: http://www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop/ Protocol HTTP/1.1 Server 192.81.219.228 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash `85458549f033a524d12ad10c6212a93ea57a1bc9c6f820b4f3b342b9fb1f16d3` Request headers accept-language jp-JP,jp;q=0.9 Referer http://www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Mon, 27 Mar 2023 12:51:23 GMT Content-Encoding gzip Last-Modified Fri, 17 Feb 2023 15:28:54 GMT Server Apache ETag "3aa95-5f4e6f8993980-gzip" Vary Accept-Encoding Transfer-Encoding chunked Upgrade h2 Content-Type application/javascript Connection Upgrade, close Accept-Ranges bytes
GET H/1.1	200 OK	app.0.476307158480102851676647714422.js Show response www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop/static/js/	3 KB 2 KB	309ms 155ms	Script application/javascript	192.81.219.228 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL http://www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop/static/js/app.0.476307158480102851676647714422.js Requested by Host: www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop URL: http://www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop/ Protocol HTTP/1.1 Server 192.81.219.228 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash `3f7645b2412302de63aa501595c3fa6b348240e80288aaca251d2f8591442157` Request headers accept-language jp-JP,jp;q=0.9 Referer http://www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Mon, 27 Mar 2023 12:51:23 GMT Content-Encoding gzip Last-Modified Fri, 17 Feb 2023 15:28:54 GMT Server Apache ETag "c83-5f4e6f8993980-gzip" Vary Accept-Encoding Upgrade h2 Content-Type application/javascript Connection Upgrade, close Accept-Ranges bytes Content-Length 1335
GET H/1.1	200 OK	4.0.40365639206455771676647714422.js Show response www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop/static/js/	996 B 856 B	330ms 171ms	Script application/javascript	192.81.219.228 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL http://www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop/static/js/4.0.40365639206455771676647714422.js Requested by Host: www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop URL: http://www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop/static/js/1676647714422.0.476307158480102851676647714422.js Protocol HTTP/1.1 Server 192.81.219.228 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash `0b587f27af8ca91e4f383d472f510cf9777dbbaf037c5460aede410c252a137b` Request headers accept-language jp-JP,jp;q=0.9 Referer http://www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Mon, 27 Mar 2023 12:51:26 GMT Content-Encoding gzip Last-Modified Fri, 17 Feb 2023 15:28:54 GMT Server Apache ETag "3e4-5f4e6f8993980-gzip" Vary Accept-Encoding Upgrade h2 Content-Type application/javascript Connection Upgrade, close Accept-Ranges bytes Content-Length 537
GET H2	200	ae-sy-v3---.php Show response fh002.fh-008.xyz/	1 B 538 B	22ms 12ms	XHR text/html	2606:4700:3031::6815:1ff9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fh002.fh-008.xyz/ae-sy-v3---.php Requested by Host: www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop URL: http://www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop/static/js/1676647714422.0.476307158480102851676647714422.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:1ff9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b` Request headers Accept application/json, text/plain, / Referer http://www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop/ accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 12:51:26 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4QsoYsp5viO%2BJJNBss%2BbYeGKbQviCnqcwtir24k%2Bj%2FztfEmcW%2B08sL6YjGpRrgRb5X4ovk9n1t%2Bns5TqIQkQh%2Fd8Rl9%2FxmrhctU741ZEKQM523sAczA5fm4IYP4jaIyp71Wmmveznhsdktu3gb8%2B"}],"group":"cf-nel","max_age":604800} access-control-allow-methods POST access-control-allow-origin * content-type text/html;charset=utf-8 access-control-allow-credentials true cf-ray 7ae7c3ca5dafaf5a-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	jump.php Show response www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop/	2 B 483 B	330ms 171ms	XHR text/html	192.81.219.228 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL http://www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop/jump.php Requested by Host: www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop URL: http://www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop/static/js/1676647714422.0.476307158480102851676647714422.js Protocol HTTP/1.1 Server 192.81.219.228 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash `d8463bd3ba4b10e5916f65fa7b0c1f9f91f67ca40cc25b48810fb2f5a3340488` Request headers Accept application/json, text/plain, / Referer http://www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop/ accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Pragma no-cache Date Mon, 27 Mar 2023 12:51:26 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding Access-Control-Allow-Methods * Upgrade h2 Access-Control-Allow-Origin * Content-Type text/html;charset=utf-8 Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Access-Control-Allow-Credentials true Connection Upgrade, close Content-Length 22 Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H/1.1	200 OK	3.0.40365639206455771676647714422.js Show response www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop/static/js/	36 KB 8 KB	326ms 168ms	Script application/javascript	192.81.219.228 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL http://www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop/static/js/3.0.40365639206455771676647714422.js Requested by Host: www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop URL: http://www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop/static/js/1676647714422.0.476307158480102851676647714422.js Protocol HTTP/1.1 Server 192.81.219.228 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Apache / Resource Hash `d80eaf59a5da534c4b0a678b607d1aff07d96a2715cca4fb6f317ed2733e7a7f` Request headers accept-language jp-JP,jp;q=0.9 Referer http://www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Date Mon, 27 Mar 2023 12:51:27 GMT Content-Encoding gzip Last-Modified Fri, 17 Feb 2023 15:28:54 GMT Server Apache ETag "8fd2-5f4e6f8993980-gzip" Vary Accept-Encoding Upgrade h2 Content-Type application/javascript Connection Upgrade, close Accept-Ranges bytes Content-Length 8211
GET H2	200	dls-logo-stack.svg www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/	2 KB 931 B	22ms 10ms	Image image/svg+xml	104.71.145.60 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/dls-logo-stack.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.71.145.60 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-71-145-60.deploy.static.akamaitechnologies.com Software / Resource Hash `fc69234936c0df004440641a5df9ee1e3c3532df5780984f0f636e85e8788519` Request headers accept-language jp-JP,jp;q=0.9 Referer http://www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 12:51:27 GMT content-encoding gzip last-modified Thu, 31 Oct 2019 17:37:19 GMT etag W/"5dbb1bcf-66e" vary Origin, Accept-Encoding content-type image/svg+xml cache-control max-age=31536000, must-revalidate timing-allow-origin * content-length 743
GET H2	200	dls-logo-stack-white.svg www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/	2 KB 930 B	42ms 30ms	Image image/svg+xml	104.71.145.60 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/dls-logo-stack-white.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.71.145.60 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-71-145-60.deploy.static.akamaitechnologies.com Software / Resource Hash `56b8e90244c34621e294d3357edfef9a1467e501773ed21b25dc6367ab3d7803` Request headers accept-language jp-JP,jp;q=0.9 Referer http://www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 12:51:27 GMT content-encoding gzip last-modified Thu, 31 Oct 2019 17:37:19 GMT etag W/"5dbb1bcf-66b" vary Origin, Accept-Encoding content-type image/svg+xml cache-control max-age=31536000, must-revalidate timing-allow-origin * content-length 742
GET H2	200	JP%20Default%20image_mobile%20app.jpg icm.aexp-static.com/content/dam/PZN/Default/JP/	12 KB 12 KB	33ms 20ms	Image image/webp	104.71.145.60 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://icm.aexp-static.com/content/dam/PZN/Default/JP/JP%20Default%20image_mobile%20app.jpg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.71.145.60 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-71-145-60.deploy.static.akamaitechnologies.com Software Akamai Image Manager / Resource Hash `759b1da080b03f5104dc5bf2fc7cbe688fc10846ffdeb78c406db3df62b18f0d` Request headers accept-language jp-JP,jp;q=0.9 Referer http://www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers unused62 8096267 date Mon, 27 Mar 2023 12:51:27 GMT last-modified Mon, 21 Sep 2020 01:47:04 GMT server Akamai Image Manager etag "76f3-56333b611e968-gzip" content-type image/webp access-control-allow-origin * cache-control private, no-transform, max-age=31084 content-length 12060 expires Mon, 27 Mar 2023 21:29:31 GMT
GET H2	200	dls-logo-line.svg www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.7.1/package/dist/img/logos/	2 KB 912 B	41ms 29ms	Image image/svg+xml	104.71.145.60 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.7.1/package/dist/img/logos/dls-logo-line.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.71.145.60 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-71-145-60.deploy.static.akamaitechnologies.com Software / Resource Hash `c39e8554624a4b74e596d2bfa96bdd4d30dbc395532ab32e67591c0e929080e9` Request headers accept-language jp-JP,jp;q=0.9 Referer http://www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers date Mon, 27 Mar 2023 12:51:27 GMT content-encoding gzip last-modified Fri, 18 Oct 2019 19:50:49 GMT etag W/"5daa1799-693" vary Origin, Accept-Encoding content-type image/svg+xml cache-control max-age=15552000 timing-allow-origin * content-length 712 expires Mon, 21 Dec 2020 02:49:51 GMT
GET DATA	200 OK	truncated /	644 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `428a13dcd90b9a52dac690a578092e1b24e6121952668d4bcf001a6287c880dd` Request headers accept-language jp-JP,jp;q=0.9 Referer http://www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	984 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `5cb5e693ba5e56c274a113f77c50becb662d18324b2ed681432f60ee4761de3d` Request headers accept-language jp-JP,jp;q=0.9 Referer http://www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `677a6a5da6f0e85f66c5232fc39ffd285ed010a9498c40cdd7e56d2ff0b7e7da` Request headers accept-language jp-JP,jp;q=0.9 Referer http://www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36 Response headers Content-Type image/png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: American Express (Financial)

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop/	1969-12-31 23:59:59	Name: PHPSESSID Value: sn3aschlujsgcmlsl56gk6hnj1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fh002.fh-008.xyz
icm.aexp-static.com
www.aexp-static.com
www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop
104.71.145.60
192.81.219.228
2606:4700:3031::6815:1ff9
0b587f27af8ca91e4f383d472f510cf9777dbbaf037c5460aede410c252a137b
3f7645b2412302de63aa501595c3fa6b348240e80288aaca251d2f8591442157
428a13dcd90b9a52dac690a578092e1b24e6121952668d4bcf001a6287c880dd
56b8e90244c34621e294d3357edfef9a1467e501773ed21b25dc6367ab3d7803
5cb5e693ba5e56c274a113f77c50becb662d18324b2ed681432f60ee4761de3d
6518b2f677f3faeceb9c473cc1a82b602cc5e67ce283b0ae3355a0c3406aa775
677a6a5da6f0e85f66c5232fc39ffd285ed010a9498c40cdd7e56d2ff0b7e7da
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
759b1da080b03f5104dc5bf2fc7cbe688fc10846ffdeb78c406db3df62b18f0d
85458549f033a524d12ad10c6212a93ea57a1bc9c6f820b4f3b342b9fb1f16d3
b8afedf64fef2c473288ee12d9fb4b4ec691589287909f53db2327a718641357
c39e8554624a4b74e596d2bfa96bdd4d30dbc395532ab32e67591c0e929080e9
d80eaf59a5da534c4b0a678b607d1aff07d96a2715cca4fb6f317ed2733e7a7f
d8463bd3ba4b10e5916f65fa7b0c1f9f91f67ca40cc25b48810fb2f5a3340488
fc69234936c0df004440641a5df9ee1e3c3532df5780984f0f636e85e8788519

www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop Open in urlscan Pro 192.81.219.228 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

12 Requests

42 %HTTPS

33 %IPv6

3 Domains

4 Subdomains

4 IPs

2 Countries

7769 kBTransfer

14414 kBSize

1 Cookies

30 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

12 JavaScript Global Variables

1 Cookies

Indicators

www.americaooxprecs.co.jp.7lwfuij00dxjbm6x.shop Open in urlscan Pro
192.81.219.228 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

42 %
HTTPS

33 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

7769 kB
Transfer

14414 kB
Size

1
Cookies

12 HTTP transactions
3 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!