americanexpress.io
Open in
urlscan Pro
185.199.111.153
Malicious Activity!
Public Scan
Effective URL: https://americanexpress.io/
Submission: On August 20 via api from NL — Scanned from NL
Summary
TLS certificate: Issued by R3 on August 19th 2022. Valid for: 3 months.
This is the only time americanexpress.io was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: American Express (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2606:50c0:800... 2606:50c0:8001::153 | 54113 (FASTLY) (FASTLY) | |
13 | 185.199.111.153 185.199.111.153 | 54113 (FASTLY) (FASTLY) | |
6 | 23.9.4.64 23.9.4.64 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 | 2606:4700::68... 2606:4700::6811:190e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2a00:1450:400... 2a00:1450:4001:810::200e | 15169 (GOOGLE) (GOOGLE) | |
22 | 4 |
ASN54113 (FASTLY, US)
PTR: cdn-185-199-111-153.github.com
americanexpress.io |
ASN16625 (AKAMAI-AS, US)
PTR: a23-9-4-64.deploy.static.akamaitechnologies.com
www.aexp-static.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
americanexpress.io
1 redirects
www.americanexpress.io americanexpress.io |
7 MB |
6 |
aexp-static.com
www.aexp-static.com — Cisco Umbrella Rank: 11476 |
234 KB |
2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 45 |
20 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 219 |
17 KB |
22 | 4 |
Domain | Requested by | |
---|---|---|
13 | americanexpress.io |
americanexpress.io
|
6 | www.aexp-static.com |
americanexpress.io
www.aexp-static.com |
2 | www.google-analytics.com |
americanexpress.io
www.google-analytics.com |
1 | cdnjs.cloudflare.com |
americanexpress.io
|
1 | www.americanexpress.io | 1 redirects |
22 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
jobs.americanexpress.com |
github.com |
developer.americanexpress.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
americanexpress.io R3 |
2022-08-19 - 2022-11-17 |
3 months | crt.sh |
m.americanexpress.com DigiCert SHA2 Extended Validation Server CA |
2022-05-16 - 2023-05-15 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-08-03 - 2023-08-02 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-08-01 - 2022-10-24 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://americanexpress.io/
Frame ID: 37CAE41D403E7CF3131EEE89BBF47787
Requests: 22 HTTP requests in this frame
Screenshot
Page Title
American Express TechnologyPage URL History Show full URLs
-
http://www.americanexpress.io/
HTTP 301
https://americanexpress.io/ Page URL
Detected technologies
Amex Express Checkout (Payment processors) ExpandDetected patterns
- aexp-static\.com
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Highlight.js (Miscellaneous) Expand
Detected patterns
- /(?:([\d.])+/)?highlight(?:\.min)?\.js
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Title: Careers
Search URL Search Domain Scan URL
Title: GitHub
Search URL Search Domain Scan URL
Title: APIs
Search URL Search Domain Scan URL
Title: Access GitHub
Search URL Search Domain Scan URL
Title: Access GitHub
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.americanexpress.io/
HTTP 301
https://americanexpress.io/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
americanexpress.io/ Redirect Chain
|
37 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utils.js
americanexpress.io/assets/js/ |
599 B 428 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dls.min.css
www.aexp-static.com/cdaas/one/statics/axp-dls/5.8.0/package/dist/styles/ |
338 KB 50 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.css
americanexpress.io/assets/css/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
syntax.css
americanexpress.io/assets/css/ |
4 KB 1004 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dls-logo-bluebox-solid.svg
www.aexp-static.com/cdaas/one/statics/axp-dls/5.8.0/package/dist/img/dls_logos/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
highlight.css
americanexpress.io/assets/css/ |
956 B 707 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
highlight.min.js
cdnjs.cloudflare.com/ajax/libs/highlight.js/9.12.0/ |
45 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.jpg
americanexpress.io/_post_assets/advanced-kotlin-use-site-targets/img/ |
187 KB 187 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.jpg
americanexpress.io/_post_assets/choosing-go/img/ |
6 MB 6 MB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.jpg
americanexpress.io/_post_assets/advanced-kotlin-delegates/img/ |
185 KB 185 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hero.jpg
americanexpress.io/_post_assets/super-powered-search-via-couchbase/img/ |
57 KB 57 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hero.jpg
americanexpress.io/_post_assets/hooks-intro/img/ |
14 KB 14 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hero.jpg
americanexpress.io/_post_assets/git-bisect/img/ |
49 KB 49 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hero.jpg
americanexpress.io/_post_assets/on-the-importance-of-commit-messages/img/ |
73 KB 74 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hero.jpg
americanexpress.io/_post_assets/spread-love/img/ |
62 KB 62 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dls-logo-line.svg
www.aexp-static.com/cdaas/one/statics/axp-dls/5.8.0/package/dist/img/dls_logos/ |
3 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
1 B 207 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Roboto-Medium.woff
www.aexp-static.com/cdaas/one/statics/axp-dls/5.8.0/package/dist/fonts/ |
71 KB 72 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Roboto-Regular.woff
www.aexp-static.com/cdaas/one/statics/axp-dls/5.8.0/package/dist/fonts/ |
75 KB 76 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dls-icons.woff
www.aexp-static.com/cdaas/one/statics/axp-dls/5.8.0/package/dist/iconfont/ |
34 KB 34 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: American Express (Financial)19 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| hasClass function| addClass function| removeClass function| findLinkParent string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| hljs3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.americanexpress.io/ | Name: _ga Value: GA1.2.465937577.1661007227 |
|
.americanexpress.io/ | Name: _gid Value: GA1.2.787686686.1661007227 |
|
.americanexpress.io/ | Name: _gat Value: 1 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
americanexpress.io
cdnjs.cloudflare.com
www.aexp-static.com
www.americanexpress.io
www.google-analytics.com
185.199.111.153
23.9.4.64
2606:4700::6811:190e
2606:50c0:8001::153
2a00:1450:4001:810::200e
0c9fd2085a755a9e9c44ac7233e942b7797b1f9206aa4b142274c4705fb35cba
14c5aae886d3377120f54ffdc571dcd4d57a6df3e5120491fe7716c919a2b830
1776427ab935bdf5e4cc3cf060b4747d966ac4a5742837812e098888545f08ef
1d23cb4cbd1a5190ddca8956fea5dc6b53f752f5b0f7a071cf775338a0099255
26880aeeefb68723fb7e060b8d78e849559eeecfc257429f57786aa0d740339b
27d6b832d8ad8dcf3e18f01783553be2c5fc2ff3fe9ba2b0b838200c7709cf3c
2996ed3e0c89a7c50ae11dc3555d18491fe37cbd17e196bd2014d1368e167491
41ac94963b1184fc2af06023d156328ad328a1d8020d7c989d2cce486bbdd563
485caa1b2cb51527e740bc928cdb6477159557882d29949f68ed0390ed7eba6d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f57070fa2288244fcecadd4ed47a4eb9db8b2261efded327d5404c1637b4134
72f19e8f6c8c351268ca6245ebfedc9df9d7f7779b81382af89e40fbfb36c38e
7ef974010abfe71fb92dc3f53e3948e1e544cf6821bf9802ea0bf35fa8fe5af6
96dda67e1401d9ca83eeb80fe2efff05807c324514ac0a683072626d5560434e
a13cfacc495f37af0da4cea83e9da8c56957c616321d5176c08c1ebd87cc5a95
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
bf61b797553fed1b9e79755f5484ba96c30134b77241960d88b676232fc900f6
c54acb431126b02f6f21433f327386a4cd637ef846267cc2cad712c47d3ce162
c99e6c26e47553e0df2d25c1460721655d0e1502a6d12dab8c087e6cf0b36f7a
d5d7822393d3103ec421f72f09c7f7c78948c68da112031c0afd1c0b0da92c08
f80e96686402d783c04365af0637fe2290c9ab6dafa3552154157d2264975f4d
fc17e22241e51e856285975ce9316e8fb3262744d6716b0c5e4783170862d33c