app.auth-amxpy.data.pinqyring.com Open in urlscan Pro
192.254.232.222 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://pinqyring.com/
Effective URL:
https://app.auth-amxpy.data.pinqyring.com/scl/login?token=da39a3ee5e6b4b0d3255bfef95601890afd80709
Submission Tags: @ecarlesi threat phishing Search All
Submission: On March 13 via api (March 13th 2024, 9:23:37 pm UTC) from IT — Scanned from IT

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 21 HTTP transactions. The main IP is 192.254.232.222, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is app.auth-amxpy.data.pinqyring.com.
TLS certificate: Issued by R3 on March 13th 2024. Valid for: 3 months.

This is the only time app.auth-amxpy.data.pinqyring.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: American Express (Financial)

Domain & IP information

	IP Address	AS Autonomous System
2 18	192.254.232.222 192.254.232.222	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
5	23.36.235.165 23.36.235.165	16625 (AKAMAI-AS) (AKAMAI-AS)
21	2

18 192.254.232.222 (United States) 2 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 192-254-232-222.unifiedlayer.com

pinqyring.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.auth-amxpy.data.pinqyring.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.36.235.165 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-235-165.deploy.static.akamaitechnologies.com

www.aexp-static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	pinqyring.com 2 redirects pinqyring.com app.auth-amxpy.data.pinqyring.com	125 KB
5	aexp-static.com www.aexp-static.com — Cisco Umbrella Rank: 13251	83 KB
21	2

	Domain	Requested by
17	app.auth-amxpy.data.pinqyring.com	1 redirects app.auth-amxpy.data.pinqyring.com
5	www.aexp-static.com	app.auth-amxpy.data.pinqyring.com
1	pinqyring.com	1 redirects
21	3

This site contains no links.

Subject Issuer	Validity	Valid
www.app.auth-amxpy.data.pinqyring.com R3	`2024-03-13` - `2024-06-11`	3 months	crt.sh
m.americanexpress.com DigiCert EV RSA CA G2	`2023-04-05` - `2024-04-04`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://app.auth-amxpy.data.pinqyring.com/scl/login?token=da39a3ee5e6b4b0d3255bfef95601890afd80709
Frame ID: 99FF59AB716AD9B3999784191D4C0D95
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log In to My Account | American Express

Page URL History Show full URLs

https://pinqyring.com/ HTTP 301
https://app.auth-amxpy.data.pinqyring.com/scl/ HTTP 302
https://app.auth-amxpy.data.pinqyring.com/scl/login?token=da39a3ee5e6b4b0d3255bfef95601890afd80709 Page URL

Detected technologies

Amex Express Checkout (Payment processors) Expand

Overall confidence: 100%
Detected patterns

aexp-static\.com

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Page Statistics

21
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

2
Countries

208 kB
Transfer

716 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://pinqyring.com/ HTTP 301
https://app.auth-amxpy.data.pinqyring.com/scl/ HTTP 302
https://app.auth-amxpy.data.pinqyring.com/scl/login?token=da39a3ee5e6b4b0d3255bfef95601890afd80709 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request login Show response app.auth-amxpy.data.pinqyring.com/scl/ Redirect Chain https://pinqyring.com/ https://app.auth-amxpy.data.pinqyring.com/scl/ https://app.auth-amxpy.data.pinqyring.com/scl/login?token=da39a3ee5e6b4b0d3255bfef95601890afd80709	273 KB 39 KB	388ms 387ms	Document text/html	192.254.232.222 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://app.auth-amxpy.data.pinqyring.com/scl/login?token=da39a3ee5e6b4b0d3255bfef95601890afd80709 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.254.232.222 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-254-232-222.unifiedlayer.com Software Apache / Resource Hash `49d2f39c422c5468235a530d2f9f32da14ebe86c060c55f4384e17568a8b452e` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 accept-language it-IT,it;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate content-encoding gzip content-type text/html; charset=UTF-8 date Wed, 13 Mar 2024 21:23:31 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server Apache vary Accept-Encoding Redirect headers cache-control no-store, no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 date Wed, 13 Mar 2024 21:23:30 GMT expires Thu, 19 Nov 1981 08:52:00 GMT location login?token=da39a3ee5e6b4b0d3255bfef95601890afd80709 pragma no-cache server Apache
GET H2	200	1.css app.auth-amxpy.data.pinqyring.com/scl/lib/	345 KB 72 KB	190ms 190ms	Stylesheet text/css	192.254.232.222 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://app.auth-amxpy.data.pinqyring.com/scl/lib/1.css Requested by Host: app.auth-amxpy.data.pinqyring.com URL: https://app.auth-amxpy.data.pinqyring.com/scl/login?token=da39a3ee5e6b4b0d3255bfef95601890afd80709 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.254.232.222 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-254-232-222.unifiedlayer.com Software Apache / Resource Hash `3488e209e7ecf29039fda4dfc5a98bfabb7a682c79bdb0d3e848dc5509fdc776` Request headers accept-language it-IT,it;q=0.9 Referer https://app.auth-amxpy.data.pinqyring.com/scl/login?token=da39a3ee5e6b4b0d3255bfef95601890afd80709 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Wed, 13 Mar 2024 21:23:31 GMT content-encoding gzip last-modified Fri, 25 Aug 2023 00:29:14 GMT server Apache accept-ranges bytes vary Accept-Encoding content-type text/css
GET H2	200	dls-logo-bluebox-solid.svg www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/	2 KB 1 KB	245ms 80ms	Image image/svg+xml	23.36.235.165 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/dls-logo-bluebox-solid.svg Requested by Host: app.auth-amxpy.data.pinqyring.com URL: https://app.auth-amxpy.data.pinqyring.com/scl/login?token=da39a3ee5e6b4b0d3255bfef95601890afd80709 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-36-235-165.deploy.static.akamaitechnologies.com Software / Resource Hash `028f643755987211bf2f3add6c62ae1870a888cf2f4fe3040a4fac7dce2543ab` Request headers accept-language it-IT,it;q=0.9 Referer https://app.auth-amxpy.data.pinqyring.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Wed, 13 Mar 2024 21:23:31 GMT content-encoding gzip last-modified Thu, 31 Oct 2019 17:37:19 GMT etag W/"5dbb1bcf-962" vary Origin, Accept-Encoding content-type image/svg+xml cache-control max-age=31536000, must-revalidate timing-allow-origin * content-length 989
GET H2	200	dls-logo-stack.svg www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/	2 KB 922 B	244ms 79ms	Image image/svg+xml	23.36.235.165 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/dls-logo-stack.svg Requested by Host: app.auth-amxpy.data.pinqyring.com URL: https://app.auth-amxpy.data.pinqyring.com/scl/login?token=da39a3ee5e6b4b0d3255bfef95601890afd80709 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-36-235-165.deploy.static.akamaitechnologies.com Software / Resource Hash `fc69234936c0df004440641a5df9ee1e3c3532df5780984f0f636e85e8788519` Request headers accept-language it-IT,it;q=0.9 Referer https://app.auth-amxpy.data.pinqyring.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Wed, 13 Mar 2024 21:23:31 GMT content-encoding gzip last-modified Thu, 31 Oct 2019 17:37:19 GMT etag W/"5dbb1bcf-66e" vary Origin, Accept-Encoding content-type image/svg+xml cache-control max-age=31536000, must-revalidate timing-allow-origin * content-length 743
GET H2	200	dls-logo-stack-white.svg www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/	2 KB 921 B	243ms 79ms	Image image/svg+xml	23.36.235.165 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.aexp-static.com/cdaas/one/statics/axp-static-assets/1.8.0/package/dist/img/logos/dls-logo-stack-white.svg Requested by Host: app.auth-amxpy.data.pinqyring.com URL: https://app.auth-amxpy.data.pinqyring.com/scl/login?token=da39a3ee5e6b4b0d3255bfef95601890afd80709 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-36-235-165.deploy.static.akamaitechnologies.com Software / Resource Hash `56b8e90244c34621e294d3357edfef9a1467e501773ed21b25dc6367ab3d7803` Request headers accept-language it-IT,it;q=0.9 Referer https://app.auth-amxpy.data.pinqyring.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Wed, 13 Mar 2024 21:23:31 GMT content-encoding gzip last-modified Thu, 31 Oct 2019 17:37:19 GMT etag W/"5dbb1bcf-66b" vary Origin, Accept-Encoding content-type image/svg+xml cache-control max-age=31536000, must-revalidate timing-allow-origin * content-length 742
GET H2	200	dls-logo-line.svg app.auth-amxpy.data.pinqyring.com/scl/lib/	2 KB 2 KB	323ms 322ms	Image image/svg+xml	192.254.232.222 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://app.auth-amxpy.data.pinqyring.com/scl/lib/dls-logo-line.svg Requested by Host: app.auth-amxpy.data.pinqyring.com URL: https://app.auth-amxpy.data.pinqyring.com/scl/login?token=da39a3ee5e6b4b0d3255bfef95601890afd80709 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.254.232.222 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-254-232-222.unifiedlayer.com Software Apache / Resource Hash `c39e8554624a4b74e596d2bfa96bdd4d30dbc395532ab32e67591c0e929080e9` Request headers accept-language it-IT,it;q=0.9 Referer https://app.auth-amxpy.data.pinqyring.com/scl/login?token=da39a3ee5e6b4b0d3255bfef95601890afd80709 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Wed, 13 Mar 2024 21:23:31 GMT last-modified Wed, 26 Jan 2022 20:33:10 GMT server Apache accept-ranges bytes content-length 1683 content-type image/svg+xml
GET H2	200	face.png app.auth-amxpy.data.pinqyring.com/scl/lib/	644 B 697 B	325ms 324ms	Image image/png	192.254.232.222 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://app.auth-amxpy.data.pinqyring.com/scl/lib/face.png Requested by Host: app.auth-amxpy.data.pinqyring.com URL: https://app.auth-amxpy.data.pinqyring.com/scl/login?token=da39a3ee5e6b4b0d3255bfef95601890afd80709 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.254.232.222 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-254-232-222.unifiedlayer.com Software Apache / Resource Hash `428a13dcd90b9a52dac690a578092e1b24e6121952668d4bcf001a6287c880dd` Request headers accept-language it-IT,it;q=0.9 Referer https://app.auth-amxpy.data.pinqyring.com/scl/login?token=da39a3ee5e6b4b0d3255bfef95601890afd80709 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Wed, 13 Mar 2024 21:23:31 GMT last-modified Wed, 26 Jan 2022 20:33:42 GMT server Apache accept-ranges bytes content-length 644 content-type image/png
GET H2	200	twit.png app.auth-amxpy.data.pinqyring.com/scl/lib/	1 KB 1 KB	327ms 327ms	Image image/png	192.254.232.222 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://app.auth-amxpy.data.pinqyring.com/scl/lib/twit.png Requested by Host: app.auth-amxpy.data.pinqyring.com URL: https://app.auth-amxpy.data.pinqyring.com/scl/login?token=da39a3ee5e6b4b0d3255bfef95601890afd80709 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.254.232.222 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-254-232-222.unifiedlayer.com Software Apache / Resource Hash `677a6a5da6f0e85f66c5232fc39ffd285ed010a9498c40cdd7e56d2ff0b7e7da` Request headers accept-language it-IT,it;q=0.9 Referer https://app.auth-amxpy.data.pinqyring.com/scl/login?token=da39a3ee5e6b4b0d3255bfef95601890afd80709 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Wed, 13 Mar 2024 21:23:31 GMT last-modified Wed, 26 Jan 2022 20:33:54 GMT server Apache accept-ranges bytes content-length 1061 content-type image/png
GET H2	200	insta.png app.auth-amxpy.data.pinqyring.com/scl/lib/	8 KB 8 KB	326ms 326ms	Image image/png	192.254.232.222 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://app.auth-amxpy.data.pinqyring.com/scl/lib/insta.png Requested by Host: app.auth-amxpy.data.pinqyring.com URL: https://app.auth-amxpy.data.pinqyring.com/scl/login?token=da39a3ee5e6b4b0d3255bfef95601890afd80709 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.254.232.222 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-254-232-222.unifiedlayer.com Software Apache / Resource Hash `c000ce3efd67b43d573f0270ec30bb3854908f0672a8e08a6809a3680b7b8542` Request headers accept-language it-IT,it;q=0.9 Referer https://app.auth-amxpy.data.pinqyring.com/scl/login?token=da39a3ee5e6b4b0d3255bfef95601890afd80709 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Wed, 13 Mar 2024 21:23:31 GMT last-modified Wed, 26 Jan 2022 20:34:02 GMT server Apache accept-ranges bytes content-length 8284 content-type image/png
GET H2	200	link.png app.auth-amxpy.data.pinqyring.com/scl/lib/	764 B 817 B	328ms 328ms	Image image/png	192.254.232.222 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://app.auth-amxpy.data.pinqyring.com/scl/lib/link.png Requested by Host: app.auth-amxpy.data.pinqyring.com URL: https://app.auth-amxpy.data.pinqyring.com/scl/login?token=da39a3ee5e6b4b0d3255bfef95601890afd80709 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.254.232.222 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-254-232-222.unifiedlayer.com Software Apache / Resource Hash `5c5381a437e62da458e251201a5c46af59e750b8f40470b77d00ce9fcf08fc6b` Request headers accept-language it-IT,it;q=0.9 Referer https://app.auth-amxpy.data.pinqyring.com/scl/login?token=da39a3ee5e6b4b0d3255bfef95601890afd80709 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Wed, 13 Mar 2024 21:23:31 GMT last-modified Wed, 26 Jan 2022 20:34:08 GMT server Apache accept-ranges bytes content-length 764 content-type image/png
GET H2	200	yt.png app.auth-amxpy.data.pinqyring.com/scl/lib/	984 B 1 KB	324ms 323ms	Image image/png	192.254.232.222 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://app.auth-amxpy.data.pinqyring.com/scl/lib/yt.png Requested by Host: app.auth-amxpy.data.pinqyring.com URL: https://app.auth-amxpy.data.pinqyring.com/scl/login?token=da39a3ee5e6b4b0d3255bfef95601890afd80709 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.254.232.222 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-254-232-222.unifiedlayer.com Software Apache / Resource Hash `5cb5e693ba5e56c274a113f77c50becb662d18324b2ed681432f60ee4761de3d` Request headers accept-language it-IT,it;q=0.9 Referer https://app.auth-amxpy.data.pinqyring.com/scl/login?token=da39a3ee5e6b4b0d3255bfef95601890afd80709 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Wed, 13 Mar 2024 21:23:31 GMT last-modified Wed, 26 Jan 2022 20:34:18 GMT server Apache accept-ranges bytes content-length 984 content-type image/png
GET H2	200	dls-icons.woff www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.2.0/package/dist/iconfont/	44 KB 44 KB	134ms 52ms	Font font/woff	23.36.235.165 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.2.0/package/dist/iconfont/dls-icons.woff?v=2.1.0 Requested by Host: app.auth-amxpy.data.pinqyring.com URL: https://app.auth-amxpy.data.pinqyring.com/scl/login?token=da39a3ee5e6b4b0d3255bfef95601890afd80709 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-36-235-165.deploy.static.akamaitechnologies.com Software / Resource Hash `6c2307e5fa4f3725b00710176eeab8c23abbcd4acfd6f7c70389acc9d08d82f0` Request headers Referer https://app.auth-amxpy.data.pinqyring.com/ Origin https://app.auth-amxpy.data.pinqyring.com accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Wed, 13 Mar 2024 21:23:32 GMT last-modified Mon, 06 Jan 2020 21:18:42 GMT etag "5e13a432-ae08" vary Origin, Accept-Encoding access-control-allow-methods GET content-type font/woff access-control-allow-origin * cache-control max-age=31536000, must-revalidate accept-ranges bytes timing-allow-origin * content-length 44552
GET H2	200	3be50273-0b2e-4aef-ae68-882eacd611f9-3.woff www.aexp-static.com/nav/ngn/fonts/	36 KB 37 KB	170ms 88ms	Font font/woff	23.36.235.165 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://www.aexp-static.com/nav/ngn/fonts/3be50273-0b2e-4aef-ae68-882eacd611f9-3.woff Requested by Host: app.auth-amxpy.data.pinqyring.com URL: https://app.auth-amxpy.data.pinqyring.com/scl/lib/1.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.36.235.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-36-235-165.deploy.static.akamaitechnologies.com Software / Resource Hash `48050d8eeb740bb31aaad9eb82bcd4a493b474c9385eeda5fc2ca2ea279cffad` Request headers Referer https://app.auth-amxpy.data.pinqyring.com/ Origin https://app.auth-amxpy.data.pinqyring.com accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Wed, 13 Mar 2024 21:23:32 GMT last-modified Wed, 15 Aug 2018 20:46:09 GMT etag "5b749111-9121" access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS, HEAD content-type font/woff access-control-allow-origin * cache-control max-age=15552000 access-control-allow-credentials true accept-ranges bytes timing-allow-origin * access-control-allow-headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With content-length 37153 expires Mon, 25 Jan 2021 11:07:20 GMT
GET H2	404	dls-icons.woff app.auth-amxpy.data.pinqyring.com/scl/iconfont/	0 0	183ms 182ms	Font text/html	192.254.232.222 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://app.auth-amxpy.data.pinqyring.com/scl/iconfont/dls-icons.woff Requested by Host: app.auth-amxpy.data.pinqyring.com URL: https://app.auth-amxpy.data.pinqyring.com/scl/lib/1.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.254.232.222 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-254-232-222.unifiedlayer.com Software Apache / Resource Hash Request headers Referer https://app.auth-amxpy.data.pinqyring.com/scl/lib/1.css Origin https://app.auth-amxpy.data.pinqyring.com accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Wed, 13 Mar 2024 21:23:32 GMT content-encoding gzip last-modified Wed, 10 Jan 2024 09:26:13 GMT server Apache vary Accept-Encoding content-type text/html accept-ranges bytes content-length 462
GET H2	404	Roboto-Regular.woff app.auth-amxpy.data.pinqyring.com/scl/fonts/	0 0	181ms 181ms	Font text/html	192.254.232.222 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://app.auth-amxpy.data.pinqyring.com/scl/fonts/Roboto-Regular.woff Requested by Host: app.auth-amxpy.data.pinqyring.com URL: https://app.auth-amxpy.data.pinqyring.com/scl/lib/1.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.254.232.222 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-254-232-222.unifiedlayer.com Software Apache / Resource Hash Request headers Referer https://app.auth-amxpy.data.pinqyring.com/scl/lib/1.css Origin https://app.auth-amxpy.data.pinqyring.com accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Wed, 13 Mar 2024 21:23:32 GMT content-encoding gzip last-modified Wed, 10 Jan 2024 09:26:13 GMT server Apache vary Accept-Encoding content-type text/html accept-ranges bytes content-length 462
GET H2	404	Roboto-Medium.woff app.auth-amxpy.data.pinqyring.com/scl/fonts/	0 0	186ms 186ms	Font text/html	192.254.232.222 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://app.auth-amxpy.data.pinqyring.com/scl/fonts/Roboto-Medium.woff Requested by Host: app.auth-amxpy.data.pinqyring.com URL: https://app.auth-amxpy.data.pinqyring.com/scl/lib/1.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.254.232.222 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-254-232-222.unifiedlayer.com Software Apache / Resource Hash Request headers Referer https://app.auth-amxpy.data.pinqyring.com/scl/lib/1.css Origin https://app.auth-amxpy.data.pinqyring.com accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Wed, 13 Mar 2024 21:23:32 GMT content-encoding gzip last-modified Wed, 10 Jan 2024 09:26:13 GMT server Apache vary Accept-Encoding content-type text/html accept-ranges bytes content-length 462
GET H2	404	Roboto-Light.woff app.auth-amxpy.data.pinqyring.com/scl/fonts/	0 0	181ms 181ms	Font text/html	192.254.232.222 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://app.auth-amxpy.data.pinqyring.com/scl/fonts/Roboto-Light.woff Requested by Host: app.auth-amxpy.data.pinqyring.com URL: https://app.auth-amxpy.data.pinqyring.com/scl/lib/1.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.254.232.222 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-254-232-222.unifiedlayer.com Software Apache / Resource Hash Request headers Referer https://app.auth-amxpy.data.pinqyring.com/scl/lib/1.css Origin https://app.auth-amxpy.data.pinqyring.com accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Wed, 13 Mar 2024 21:23:32 GMT content-encoding gzip last-modified Wed, 10 Jan 2024 09:26:13 GMT server Apache vary Accept-Encoding content-type text/html accept-ranges bytes content-length 462
GET H2	404	dls-icons.ttf app.auth-amxpy.data.pinqyring.com/scl/iconfont/	0 0	183ms 183ms	Font text/html	192.254.232.222 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://app.auth-amxpy.data.pinqyring.com/scl/iconfont/dls-icons.ttf Requested by Host: app.auth-amxpy.data.pinqyring.com URL: https://app.auth-amxpy.data.pinqyring.com/scl/lib/1.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.254.232.222 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-254-232-222.unifiedlayer.com Software Apache / Resource Hash Request headers Referer https://app.auth-amxpy.data.pinqyring.com/scl/lib/1.css Origin https://app.auth-amxpy.data.pinqyring.com accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Wed, 13 Mar 2024 21:23:32 GMT content-encoding gzip last-modified Wed, 10 Jan 2024 09:26:13 GMT server Apache vary Accept-Encoding content-type text/html accept-ranges bytes content-length 462
GET H2	404	Roboto-Regular.ttf app.auth-amxpy.data.pinqyring.com/scl/fonts/	0 0	182ms 182ms	Font text/html	192.254.232.222 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://app.auth-amxpy.data.pinqyring.com/scl/fonts/Roboto-Regular.ttf Requested by Host: app.auth-amxpy.data.pinqyring.com URL: https://app.auth-amxpy.data.pinqyring.com/scl/lib/1.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.254.232.222 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-254-232-222.unifiedlayer.com Software Apache / Resource Hash Request headers Referer https://app.auth-amxpy.data.pinqyring.com/scl/lib/1.css Origin https://app.auth-amxpy.data.pinqyring.com accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Wed, 13 Mar 2024 21:23:32 GMT content-encoding gzip last-modified Wed, 10 Jan 2024 09:26:13 GMT server Apache vary Accept-Encoding content-type text/html accept-ranges bytes content-length 462
GET H2	404	Roboto-Light.ttf app.auth-amxpy.data.pinqyring.com/scl/fonts/	0 0	193ms 193ms	Font text/html	192.254.232.222 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://app.auth-amxpy.data.pinqyring.com/scl/fonts/Roboto-Light.ttf Requested by Host: app.auth-amxpy.data.pinqyring.com URL: https://app.auth-amxpy.data.pinqyring.com/scl/lib/1.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.254.232.222 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-254-232-222.unifiedlayer.com Software Apache / Resource Hash Request headers Referer https://app.auth-amxpy.data.pinqyring.com/scl/lib/1.css Origin https://app.auth-amxpy.data.pinqyring.com accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Wed, 13 Mar 2024 21:23:32 GMT content-encoding gzip last-modified Wed, 10 Jan 2024 09:26:13 GMT server Apache vary Accept-Encoding content-type text/html accept-ranges bytes content-length 462
GET H2	404	Roboto-Medium.ttf app.auth-amxpy.data.pinqyring.com/scl/fonts/	0 0	184ms 184ms	Font text/html	192.254.232.222 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://app.auth-amxpy.data.pinqyring.com/scl/fonts/Roboto-Medium.ttf Requested by Host: app.auth-amxpy.data.pinqyring.com URL: https://app.auth-amxpy.data.pinqyring.com/scl/lib/1.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.254.232.222 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 192-254-232-222.unifiedlayer.com Software Apache / Resource Hash Request headers Referer https://app.auth-amxpy.data.pinqyring.com/scl/lib/1.css Origin https://app.auth-amxpy.data.pinqyring.com accept-language it-IT,it;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers date Wed, 13 Mar 2024 21:23:32 GMT content-encoding gzip last-modified Wed, 10 Jan 2024 09:26:13 GMT server Apache vary Accept-Encoding content-type text/html accept-ranges bytes content-length 462

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: American Express (Financial)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			app.auth-amxpy.data.pinqyring.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 849c204e0aa95217496c0d42ee99751e

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://app.auth-amxpy.data.pinqyring.com/scl/iconfont/dls-icons.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://app.auth-amxpy.data.pinqyring.com/scl/fonts/Roboto-Regular.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://app.auth-amxpy.data.pinqyring.com/scl/fonts/Roboto-Light.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://app.auth-amxpy.data.pinqyring.com/scl/fonts/Roboto-Medium.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://app.auth-amxpy.data.pinqyring.com/scl/fonts/Roboto-Regular.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://app.auth-amxpy.data.pinqyring.com/scl/iconfont/dls-icons.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://app.auth-amxpy.data.pinqyring.com/scl/fonts/Roboto-Medium.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://app.auth-amxpy.data.pinqyring.com/scl/fonts/Roboto-Light.ttf Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.auth-amxpy.data.pinqyring.com
pinqyring.com
www.aexp-static.com
192.254.232.222
23.36.235.165
028f643755987211bf2f3add6c62ae1870a888cf2f4fe3040a4fac7dce2543ab
3488e209e7ecf29039fda4dfc5a98bfabb7a682c79bdb0d3e848dc5509fdc776
428a13dcd90b9a52dac690a578092e1b24e6121952668d4bcf001a6287c880dd
48050d8eeb740bb31aaad9eb82bcd4a493b474c9385eeda5fc2ca2ea279cffad
49d2f39c422c5468235a530d2f9f32da14ebe86c060c55f4384e17568a8b452e
56b8e90244c34621e294d3357edfef9a1467e501773ed21b25dc6367ab3d7803
5c5381a437e62da458e251201a5c46af59e750b8f40470b77d00ce9fcf08fc6b
5cb5e693ba5e56c274a113f77c50becb662d18324b2ed681432f60ee4761de3d
677a6a5da6f0e85f66c5232fc39ffd285ed010a9498c40cdd7e56d2ff0b7e7da
6c2307e5fa4f3725b00710176eeab8c23abbcd4acfd6f7c70389acc9d08d82f0
c000ce3efd67b43d573f0270ec30bb3854908f0672a8e08a6809a3680b7b8542
c39e8554624a4b74e596d2bfa96bdd4d30dbc395532ab32e67591c0e929080e9
fc69234936c0df004440641a5df9ee1e3c3532df5780984f0f636e85e8788519

app.auth-amxpy.data.pinqyring.com Open in urlscan Pro 192.254.232.222 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

100 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

2 IPs

2 Countries

208 kBTransfer

716 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

1 Cookies

8 Console Messages

Indicators

app.auth-amxpy.data.pinqyring.com Open in urlscan Pro
192.254.232.222 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

2
Countries

208 kB
Transfer

716 kB
Size

1
Cookies

21 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!