criteriaofnaples.com
Open in
urlscan Pro
107.180.26.69
Malicious Activity!
Public Scan
Submission: On May 03 via manual from US
Summary
This is the only time criteriaofnaples.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: American Express (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 107.180.26.69 107.180.26.69 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com) | |
1 | 107.180.40.14 107.180.40.14 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com) | |
4 | 104.111.236.50 104.111.236.50 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
9 | 104.111.250.201 104.111.250.201 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
1 | 106.247.251.66 106.247.251.66 | 3786 (LGDACOM L...) (LGDACOM LG DACOM Corporation) | |
2 4 | 2a01:7c8:ec:0... 2a01:7c8:ec:0:149:210:196:91 | 20857 (TRANSIP-A...) (TRANSIP-AS Amsterdam) | |
18 | 6 |
ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-107-180-26-69.ip.secureserver.net
criteriaofnaples.com |
ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-107-180-40-14.ip.secureserver.net
comnac.com |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-236-50.deploy.static.akamaitechnologies.com
online.americanexpress.com |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-250-201.deploy.static.akamaitechnologies.com
www.aexp-static.com |
ASN3786 (LGDACOM LG DACOM Corporation, KR)
106.247.251.66 |
ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL)
www.s2.be |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
aexp-static.com
www.aexp-static.com |
124 KB |
4 |
s2.be
2 redirects
www.s2.be |
514 B |
4 |
americanexpress.com
online.americanexpress.com |
74 KB |
1 |
comnac.com
comnac.com |
63 KB |
1 |
criteriaofnaples.com
criteriaofnaples.com |
795 B |
18 | 5 |
Domain | Requested by | |
---|---|---|
9 | www.aexp-static.com |
criteriaofnaples.com
|
4 | www.s2.be |
2 redirects
criteriaofnaples.com
|
4 | online.americanexpress.com |
comnac.com
criteriaofnaples.com |
1 | comnac.com |
criteriaofnaples.com
|
1 | criteriaofnaples.com | |
18 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
online.americanexpress.com DigiCert SHA2 Extended Validation Server CA |
2019-01-10 - 2021-01-14 |
2 years | crt.sh |
m.americanexpress.com DigiCert SHA2 Extended Validation Server CA |
2018-08-08 - 2020-07-23 |
2 years | crt.sh |
www.s2.be Let's Encrypt Authority X3 |
2019-04-17 - 2019-07-16 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://criteriaofnaples.com/09993846461.html
Frame ID: B01E397BE439F0CB76EE1587DEE33DD2
Requests: 18 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 4- http://www.s2.be/aexp-static/spacer.png HTTP 301
- https://www.s2.be/aexp-static/spacer.png
- http://www.s2.be/aexp-static/spacer.png HTTP 301
- https://www.s2.be/aexp-static/spacer.png
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
09993846461.html
criteriaofnaples.com/ |
651 B 795 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bpk.js
comnac.com/ |
282 KB 63 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fuidFypDefault.css
online.americanexpress.com/myca/fuidfyp/us/resources/css/ |
19 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inav_responsive.css
www.aexp-static.com/nav/ngn/css/ |
93 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
footer.php
106.247.251.66/tr/ |
1 KB 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spacer.png
www.s2.be/aexp-static/ Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clear.gif
www.aexp-static.com/nav/ngn/img/ |
43 B 214 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_bluebox_1x.gif
www.aexp-static.com/nav/ngn/img/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spacer.png
www.s2.be/aexp-static/ Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spacer.png
online.americanexpress.com/myca/fuidfyp/us/resources/images/ |
922 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OCA_body-background.gif
online.americanexpress.com/myca/oce/us/oce/images/actreg/ |
16 KB 16 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iNav_ngi_sprite_new.gif
www.aexp-static.com/nav/ngn/img/ |
23 KB 23 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img_shdw_mainNav.png
www.aexp-static.com/nav/ngn/img/ |
143 B 338 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3be50273-0b2e-4aef-ae68-882eacd611f9-3.woff
www.aexp-static.com/nav/ngn/fonts/ |
36 KB 37 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
amex-fuid-sprite.png
online.americanexpress.com/myca/fuidfyp/us/resources/images/ |
49 KB 50 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iNav_sprite_footer.gif
www.aexp-static.com/nav/ngn/img/ |
5 KB 5 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iNav_sprite_footer1.gif
www.aexp-static.com/nav/ngn/img/ |
5 KB 6 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0fababca-4914-46dd-9b0f-efbd51f67ae8-3.woff
www.aexp-static.com/nav/ngn/fonts/ |
37 KB 37 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: American Express (Financial)9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask string| t string| x object| erp string| em number| tmp function| validate0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
comnac.com
criteriaofnaples.com
online.americanexpress.com
www.aexp-static.com
www.s2.be
104.111.236.50
104.111.250.201
106.247.251.66
107.180.26.69
107.180.40.14
2a01:7c8:ec:0:149:210:196:91
0d4e7d13d424c4569af233a3188ac42edaa093a12bced0dba6095c00047006e3
48050d8eeb740bb31aaad9eb82bcd4a493b474c9385eeda5fc2ca2ea279cffad
568d1bad8ef5d3ee9e14e5bdc304985d4d9a8d791bfe4fdb689fc2bef638466c
7f1b85f13e643de7a8dd568b6073849d777a677a7d699229b8eb2fdb787ff2b9
8a1afe334fda16d81d21995b656b62f3d746e46826a1927ca3e81d7a723b094e
9a12464e4b2e913955e124313a5ab47e63b771a41bdba9390d008212a1b52052
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3be0c1dca2d9a00d8da591e1c209fced4d3ee588efb495eed4191aa2558e658
b754eb74fa8f416b4803252f7994d7aa22d697a5eb77f0b4df8e3839f9621c9e
c05cee2eb8aacab52bba3b3dd940b68055fc11a088302418c776efa459f63884
c5728ebd8f225043ec8b85f79c9964f133136f91b9bb260eb69437ce9af4573a
d37afa566d7d52132bd91baeb14025d220f36617ff143551c6177496c3c4244f
d3c6dbfeb63c1155df3a80a04d72d9c0c95ed561d54c9694019c28eac1920c1b
d97d2b8538b1e671286e284dfe4d54808a8d307e53b10662afb8b84b14bec0c8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e599503c3bdee1fef6065e575091caef7a56b463e751886b298304379eab47b8
e989c2542a6af77569f5b65286bf132dd113c75810c71866dacba5d025d68bc5