urlscan.io logo urlscan.io
SecurityTrails logo

americanexpress.io Open in urlscan Pro
185.199.111.153  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.americanexpress.io/
Effective URL: https://americanexpress.io/
Submission: On August 20 via api from NL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 22 HTTP transactions. The main IP is 185.199.111.153, located in United States and belongs to FASTLY, US. The main domain is americanexpress.io.
TLS certificate: Issued by R3 on August 19th 2022. Valid for: 3 months.
This is the only time americanexpress.io was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: American Express (Financial)

Domain & IP information

IP Address AS Autonomous System
1 1 2606:50c0:800... 54113 (FASTLY)
13 185.199.111.153 54113 (FASTLY)
6 23.9.4.64 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
22 4
1    2606:50c0:8001::153 (United States)

ASN54113 (FASTLY, US)
www.americanexpress.io
13    185.199.111.153 (United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-111-153.github.com
americanexpress.io
6    23.9.4.64 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-9-4-64.deploy.static.akamaitechnologies.com
www.aexp-static.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
14 americanexpress.io
www.americanexpress.io
americanexpress.io
7 MB
6 aexp-static.com
www.aexp-static.com — Cisco Umbrella Rank: 11476
234 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 45
20 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 219
17 KB
22 4
Domain Requested by
13 americanexpress.io americanexpress.io
6 www.aexp-static.com americanexpress.io
www.aexp-static.com
2 www.google-analytics.com americanexpress.io
www.google-analytics.com
1 cdnjs.cloudflare.com americanexpress.io
1 www.americanexpress.io 1 redirects
22 5

This site contains links to these domains. Also see Links.

Domain
jobs.americanexpress.com
github.com
developer.americanexpress.com
Subject Issuer Validity Valid
americanexpress.io
R3		 2022-08-19 -
2022-11-17		 3 months crt.sh
m.americanexpress.com
DigiCert SHA2 Extended Validation Server CA		 2022-05-16 -
2023-05-15		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://americanexpress.io/
Frame ID: 37CAE41D403E7CF3131EEE89BBF47787
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

American Express Technology

Page URL History Show full URLs

  1. http://www.americanexpress.io/ HTTP 301
    https://americanexpress.io/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • aexp-static\.com
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • /(?:([\d.])+/)?highlight(?:\.min)?\.js

Page Statistics

22
Requests

100 %
HTTPS

60 %
IPv6

4
Domains

5
Subdomains

4
IPs

3
Countries

7539 kB
Transfer

7918 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.americanexpress.io/ HTTP 301
    https://americanexpress.io/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
americanexpress.io/
Redirect Chain
  • http://www.americanexpress.io/
  • https://americanexpress.io/
37 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://americanexpress.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-111-153.github.com
Software
GitHub.com /
Resource Hash
1776427ab935bdf5e4cc3cf060b4747d966ac4a5742837812e098888545f08ef

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
0
cache-control
max-age=600
content-encoding
gzip
content-length
6469
content-type
text/html; charset=utf-8
date
Sat, 20 Aug 2022 14:53:46 GMT
etag
W/"616e9680-94cc"
expires
Sat, 20 Aug 2022 15:03:29 GMT
last-modified
Tue, 19 Oct 2021 09:57:20 GMT
server
GitHub.com
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-fastly-request-id
35277d093661a58dbe1ab036b54c289f7f649639
x-github-request-id
09EA:9038:2C64E6:62D66F:6300F57A
x-origin-cache
HIT
x-proxy-cache
HIT
x-served-by
cache-ewr18122-EWR
x-timer
S1661007226.465377,VS0,VE12

Redirect headers

Accept-Ranges
bytes
Age
0
Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Sat, 20 Aug 2022 14:53:46 GMT
Location
https://americanexpress.io/
Server
GitHub.com
Vary
Accept-Encoding
Via
1.1 varnish
X-Cache
MISS
X-Cache-Hits
0
X-Fastly-Request-ID
3289bb11bc2a0055a04a3a7b8476c06b730c448c
X-GitHub-Request-Id
2B24:23E9:4FF9A8:89A367:6300F57A
X-Served-By
cache-ewr18137-EWR
X-Timer
S1661007226.125383,VS0,VE10
utils.js
americanexpress.io/assets/js/ 		599 B
428 B 		Script
General
Check archive.org
Download Go to
Full URL
https://americanexpress.io/assets/js/utils.js
Requested by
Host: americanexpress.io
URL: https://americanexpress.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-111-153.github.com
Software
GitHub.com /
Resource Hash
26880aeeefb68723fb7e060b8d78e849559eeecfc257429f57786aa0d740339b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://americanexpress.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-fastly-request-id
59f66a1556f0fb244ebfccf8b96f09586adbe729
date
Sat, 20 Aug 2022 14:53:46 GMT
content-encoding
gzip
age
0
x-cache
MISS
content-length
232
x-served-by
cache-ewr18122-EWR
access-control-allow-origin
*
last-modified
Tue, 19 Oct 2021 09:57:20 GMT
server
GitHub.com
x-github-request-id
7306:7205:52FA29:8D0222:6300F57A
x-timer
S1661007227.583413,VS0,VE13
etag
W/"616e9680-257"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
expires
Sat, 20 Aug 2022 15:03:46 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
dls.min.css
www.aexp-static.com/cdaas/one/statics/axp-dls/5.8.0/package/dist/styles/ 		338 KB
50 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.aexp-static.com/cdaas/one/statics/axp-dls/5.8.0/package/dist/styles/dls.min.css
Requested by
Host: americanexpress.io
URL: https://americanexpress.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.9.4.64 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-4-64.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
41ac94963b1184fc2af06023d156328ad328a1d8020d7c989d2cce486bbdd563

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://americanexpress.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 14:53:46 GMT
content-encoding
gzip
last-modified
Fri, 13 Apr 2018 18:46:50 GMT
etag
W/"5ad0fb1a-5463f"
vary
Origin, Accept-Encoding
content-type
text/css
cache-control
max-age=15552000
timing-allow-origin
*
content-length
50484
expires
Mon, 29 Mar 2021 21:44:55 GMT
styles.css
americanexpress.io/assets/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://americanexpress.io/assets/css/styles.css
Requested by
Host: americanexpress.io
URL: https://americanexpress.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-111-153.github.com
Software
GitHub.com /
Resource Hash
14c5aae886d3377120f54ffdc571dcd4d57a6df3e5120491fe7716c919a2b830

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://americanexpress.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-fastly-request-id
945fb6eb3ad3a93a7a50dd926eb054dc608c7b09
date
Sat, 20 Aug 2022 14:53:46 GMT
content-encoding
gzip
age
0
x-cache
MISS
content-length
1917
x-served-by
cache-ewr18122-EWR
access-control-allow-origin
*
last-modified
Tue, 19 Oct 2021 09:57:20 GMT
server
GitHub.com
x-github-request-id
FD1A:58A8:52CB79:8CAA49:6300F57A
x-timer
S1661007227.583520,VS0,VE13
etag
W/"616e9680-1a14"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
via
1.1 varnish
expires
Sat, 20 Aug 2022 15:03:46 GMT
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
x-cache-hits
0
syntax.css
americanexpress.io/assets/css/ 		4 KB
1004 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://americanexpress.io/assets/css/syntax.css
Requested by
Host: americanexpress.io
URL: https://americanexpress.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-111-153.github.com
Software
GitHub.com /
Resource Hash
485caa1b2cb51527e740bc928cdb6477159557882d29949f68ed0390ed7eba6d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://americanexpress.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-fastly-request-id
c1045367a18ed387c110d4f1796f309e05fd2e2b
date
Sat, 20 Aug 2022 14:53:46 GMT
content-encoding
gzip
age
0
x-cache
MISS
content-length
856
x-served-by
cache-ewr18122-EWR
access-control-allow-origin
*
last-modified
Tue, 19 Oct 2021 09:57:20 GMT
server
GitHub.com
x-github-request-id
8ABE:4574:536735:8D64C6:6300F57A
x-timer
S1661007227.583515,VS0,VE13
etag
W/"616e9680-f86"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
via
1.1 varnish
expires
Sat, 20 Aug 2022 15:03:46 GMT
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
x-cache-hits
0
dls-logo-bluebox-solid.svg
www.aexp-static.com/cdaas/one/statics/axp-dls/5.8.0/package/dist/img/dls_logos/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.aexp-static.com/cdaas/one/statics/axp-dls/5.8.0/package/dist/img/dls_logos/dls-logo-bluebox-solid.svg
Requested by
Host: americanexpress.io
URL: https://americanexpress.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.9.4.64 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-4-64.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c54acb431126b02f6f21433f327386a4cd637ef846267cc2cad712c47d3ce162

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://americanexpress.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 14:53:47 GMT
content-encoding
gzip
last-modified
Fri, 13 Apr 2018 18:46:38 GMT
etag
W/"5ad0fb0e-c95"
vary
Origin, Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=15552000
timing-allow-origin
*
content-length
1355
expires
Mon, 29 Mar 2021 21:38:38 GMT
highlight.css
americanexpress.io/assets/css/ 		956 B
707 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://americanexpress.io/assets/css/highlight.css
Requested by
Host: americanexpress.io
URL: https://americanexpress.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-111-153.github.com
Software
GitHub.com /
Resource Hash
6f57070fa2288244fcecadd4ed47a4eb9db8b2261efded327d5404c1637b4134

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://americanexpress.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-fastly-request-id
7c006bfb45d1e275b858e78fea589a49cc845cfd
date
Sat, 20 Aug 2022 14:53:46 GMT
content-encoding
gzip
age
0
x-cache
MISS
content-length
415
x-served-by
cache-ewr18122-EWR
access-control-allow-origin
*
last-modified
Tue, 19 Oct 2021 09:57:20 GMT
server
GitHub.com
x-github-request-id
9992:4101:42C37E:AD59AC:6300F57A
x-timer
S1661007227.699327,VS0,VE11
etag
W/"616e9680-3bc"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
via
1.1 varnish
expires
Sat, 20 Aug 2022 15:03:46 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
highlight.min.js
cdnjs.cloudflare.com/ajax/libs/highlight.js/9.12.0/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.12.0/highlight.min.js
Requested by
Host: americanexpress.io
URL: https://americanexpress.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc17e22241e51e856285975ce9316e8fb3262744d6716b0c5e4783170862d33c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://americanexpress.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 14:53:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3892670
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16662
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:34 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e7a-b3b3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MsBlTuF1aO6ujyS9hSw6Pfg7PMBydXW35wnQSLjTTYGFL8hwZRlbpNRm0aJNcqAOcsmqxGeuEaAKiFKHCA33kfkFqJujUDjlS98cGdavkkwNR70IP06vqW2z3dXKmr5RMPVg3jigAQ6h8%2FcPbgBV%2FEld"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
73dbf5df190a1ed2-AMS
expires
Thu, 10 Aug 2023 14:53:46 GMT
main.jpg
americanexpress.io/_post_assets/advanced-kotlin-use-site-targets/img/ 		187 KB
187 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://americanexpress.io/_post_assets/advanced-kotlin-use-site-targets/img/main.jpg
Requested by
Host: americanexpress.io
URL: https://americanexpress.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-111-153.github.com
Software
GitHub.com /
Resource Hash
c99e6c26e47553e0df2d25c1460721655d0e1502a6d12dab8c087e6cf0b36f7a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://americanexpress.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-fastly-request-id
600e17488cdb1d23b7a90900e76a2862ccd4a03f
date
Sat, 20 Aug 2022 14:53:46 GMT
via
1.1 varnish
age
0
x-cache
MISS
content-length
191127
x-served-by
cache-ewr18122-EWR
last-modified
Tue, 19 Oct 2021 09:57:20 GMT
server
GitHub.com
x-github-request-id
FB50:486E:54AA0B:8ED28F:6300F57A
x-timer
S1661007227.699723,VS0,VE23
etag
"616e9680-2ea97"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Sat, 20 Aug 2022 15:03:46 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
main.jpg
americanexpress.io/_post_assets/choosing-go/img/ 		6 MB
6 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://americanexpress.io/_post_assets/choosing-go/img/main.jpg
Requested by
Host: americanexpress.io
URL: https://americanexpress.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-111-153.github.com
Software
GitHub.com /
Resource Hash
0c9fd2085a755a9e9c44ac7233e942b7797b1f9206aa4b142274c4705fb35cba

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://americanexpress.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-fastly-request-id
2a007eca136f1cc213882ff12397366db0d91aff
date
Sat, 20 Aug 2022 14:53:46 GMT
via
1.1 varnish
age
0
x-cache
MISS
content-length
6783888
x-served-by
cache-ewr18122-EWR
last-modified
Tue, 19 Oct 2021 09:57:20 GMT
server
GitHub.com
x-github-request-id
0DFC:38FE:4C2E51:81B3B8:6300F57A
x-timer
S1661007227.699691,VS0,VE126
etag
"616e9680-678390"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Sat, 20 Aug 2022 15:03:46 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
main.jpg
americanexpress.io/_post_assets/advanced-kotlin-delegates/img/ 		185 KB
185 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://americanexpress.io/_post_assets/advanced-kotlin-delegates/img/main.jpg
Requested by
Host: americanexpress.io
URL: https://americanexpress.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-111-153.github.com
Software
GitHub.com /
Resource Hash
1d23cb4cbd1a5190ddca8956fea5dc6b53f752f5b0f7a071cf775338a0099255

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://americanexpress.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-fastly-request-id
37f9f7aabfc59743ac9ec193754da2ee377d26d2
date
Sat, 20 Aug 2022 14:53:46 GMT
via
1.1 varnish
age
0
x-cache
MISS
content-length
189651
x-served-by
cache-ewr18122-EWR
last-modified
Tue, 19 Oct 2021 09:57:20 GMT
server
GitHub.com
x-github-request-id
4C62:631C:511078:8B308E:6300F57A
x-timer
S1661007227.699727,VS0,VE17
etag
"616e9680-2e4d3"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Sat, 20 Aug 2022 15:03:46 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
hero.jpg
americanexpress.io/_post_assets/super-powered-search-via-couchbase/img/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://americanexpress.io/_post_assets/super-powered-search-via-couchbase/img/hero.jpg
Requested by
Host: americanexpress.io
URL: https://americanexpress.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-111-153.github.com
Software
GitHub.com /
Resource Hash
bf61b797553fed1b9e79755f5484ba96c30134b77241960d88b676232fc900f6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://americanexpress.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-fastly-request-id
6effdf701250294dda505c35294db3590e6f62f1
date
Sat, 20 Aug 2022 14:53:46 GMT
via
1.1 varnish
age
0
x-cache
MISS
content-length
58043
x-served-by
cache-ewr18122-EWR
last-modified
Tue, 19 Oct 2021 09:57:20 GMT
server
GitHub.com
x-github-request-id
AA6A:0CAE:4CC6CE:84CA90:6300F57A
x-timer
S1661007227.699637,VS0,VE12
etag
"616e9680-e2bb"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Sat, 20 Aug 2022 15:03:46 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
hero.jpg
americanexpress.io/_post_assets/hooks-intro/img/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://americanexpress.io/_post_assets/hooks-intro/img/hero.jpg
Requested by
Host: americanexpress.io
URL: https://americanexpress.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-111-153.github.com
Software
GitHub.com /
Resource Hash
a13cfacc495f37af0da4cea83e9da8c56957c616321d5176c08c1ebd87cc5a95

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://americanexpress.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-fastly-request-id
1f496104a5a9945e15cc27efa61886fd26ad9e02
date
Sat, 20 Aug 2022 14:53:46 GMT
via
1.1 varnish
age
0
x-cache
MISS
content-length
13966
x-served-by
cache-ewr18122-EWR
last-modified
Tue, 19 Oct 2021 09:57:20 GMT
server
GitHub.com
x-github-request-id
C97E:4220:4BC2BF:8509B7:6300F57A
x-timer
S1661007227.700081,VS0,VE11
etag
"616e9680-368e"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Sat, 20 Aug 2022 15:03:46 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
hero.jpg
americanexpress.io/_post_assets/git-bisect/img/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://americanexpress.io/_post_assets/git-bisect/img/hero.jpg
Requested by
Host: americanexpress.io
URL: https://americanexpress.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-111-153.github.com
Software
GitHub.com /
Resource Hash
27d6b832d8ad8dcf3e18f01783553be2c5fc2ff3fe9ba2b0b838200c7709cf3c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://americanexpress.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-fastly-request-id
ac211234d648d46c8bb810a3cca44201687a9bdc
date
Sat, 20 Aug 2022 14:53:46 GMT
via
1.1 varnish
age
0
x-cache
MISS
content-length
50375
x-served-by
cache-ewr18122-EWR
last-modified
Tue, 19 Oct 2021 09:57:20 GMT
server
GitHub.com
x-github-request-id
98B6:8E3D:20B052:558E99:6300F57A
x-timer
S1661007227.700067,VS0,VE12
etag
"616e9680-c4c7"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Sat, 20 Aug 2022 15:03:46 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
hero.jpg
americanexpress.io/_post_assets/on-the-importance-of-commit-messages/img/ 		73 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://americanexpress.io/_post_assets/on-the-importance-of-commit-messages/img/hero.jpg
Requested by
Host: americanexpress.io
URL: https://americanexpress.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-111-153.github.com
Software
GitHub.com /
Resource Hash
f80e96686402d783c04365af0637fe2290c9ab6dafa3552154157d2264975f4d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://americanexpress.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-fastly-request-id
a7aba3ae3f4df04420cd0a9d872dda61746def27
date
Sat, 20 Aug 2022 14:53:46 GMT
via
1.1 varnish
age
0
x-cache
MISS
content-length
75252
x-served-by
cache-ewr18122-EWR
last-modified
Tue, 19 Oct 2021 09:57:20 GMT
server
GitHub.com
x-github-request-id
B92A:7205:52FA2F:8D0229:6300F57A
x-timer
S1661007227.700012,VS0,VE15
etag
"616e9680-125f4"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Sat, 20 Aug 2022 15:03:46 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
hero.jpg
americanexpress.io/_post_assets/spread-love/img/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://americanexpress.io/_post_assets/spread-love/img/hero.jpg
Requested by
Host: americanexpress.io
URL: https://americanexpress.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-111-153.github.com
Software
GitHub.com /
Resource Hash
96dda67e1401d9ca83eeb80fe2efff05807c324514ac0a683072626d5560434e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://americanexpress.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-fastly-request-id
2086f6e95962d48c645ddbe7b9f8a993c28efef1
date
Sat, 20 Aug 2022 14:53:46 GMT
via
1.1 varnish
age
0
x-cache
MISS
content-length
63132
x-served-by
cache-ewr18122-EWR
last-modified
Tue, 19 Oct 2021 09:57:20 GMT
server
GitHub.com
x-github-request-id
D202:4741:55865E:9009BF:6300F57A
x-timer
S1661007227.700034,VS0,VE12
etag
"616e9680-f69c"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Sat, 20 Aug 2022 15:03:46 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
dls-logo-line.svg
www.aexp-static.com/cdaas/one/statics/axp-dls/5.8.0/package/dist/img/dls_logos/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.aexp-static.com/cdaas/one/statics/axp-dls/5.8.0/package/dist/img/dls_logos/dls-logo-line.svg
Requested by
Host: americanexpress.io
URL: https://americanexpress.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.9.4.64 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-4-64.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2996ed3e0c89a7c50ae11dc3555d18491fe37cbd17e196bd2014d1368e167491

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://americanexpress.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 14:53:46 GMT
content-encoding
gzip
last-modified
Fri, 13 Apr 2018 18:46:38 GMT
etag
W/"5ad0fb0e-b7f"
vary
Origin, Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=15552000
timing-allow-origin
*
content-length
1181
expires
Wed, 03 Mar 2021 00:07:27 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: americanexpress.io
URL: https://americanexpress.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://americanexpress.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6706
date
Sat, 20 Aug 2022 13:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 20 Aug 2022 15:02:00 GMT
collect
www.google-analytics.com/j/ 		1 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=43543663&t=pageview&_s=1&dl=https%3A%2F%2Famericanexpress.io%2F&ul=en-us&de=UTF-8&dt=American%20Express%20Technology&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=520618082&gjid=1319134886&cid=465937577.1661007227&tid=UA-99877773-1&_gid=787686686.1661007227&_r=1&z=1521796110
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://americanexpress.io/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 20 Aug 2022 14:53:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://americanexpress.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
Roboto-Medium.woff
www.aexp-static.com/cdaas/one/statics/axp-dls/5.8.0/package/dist/fonts/ 		71 KB
72 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.aexp-static.com/cdaas/one/statics/axp-dls/5.8.0/package/dist/fonts/Roboto-Medium.woff
Requested by
Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/statics/axp-dls/5.8.0/package/dist/styles/dls.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.9.4.64 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-4-64.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d5d7822393d3103ec421f72f09c7f7c78948c68da112031c0afd1c0b0da92c08

Request headers

Referer
https://www.aexp-static.com/cdaas/one/statics/axp-dls/5.8.0/package/dist/styles/dls.min.css
Origin
https://americanexpress.io
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 14:53:47 GMT
last-modified
Fri, 13 Apr 2018 18:46:38 GMT
etag
"5ad0fb0e-11cfc"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=15552000
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length
72956
expires
Tue, 02 Mar 2021 17:27:36 GMT
Roboto-Regular.woff
www.aexp-static.com/cdaas/one/statics/axp-dls/5.8.0/package/dist/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.aexp-static.com/cdaas/one/statics/axp-dls/5.8.0/package/dist/fonts/Roboto-Regular.woff
Requested by
Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/statics/axp-dls/5.8.0/package/dist/styles/dls.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.9.4.64 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-4-64.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7ef974010abfe71fb92dc3f53e3948e1e544cf6821bf9802ea0bf35fa8fe5af6

Request headers

Referer
https://www.aexp-static.com/cdaas/one/statics/axp-dls/5.8.0/package/dist/styles/dls.min.css
Origin
https://americanexpress.io
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 14:53:47 GMT
last-modified
Fri, 13 Apr 2018 18:46:38 GMT
etag
"5ad0fb0e-12bf8"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=15552000
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length
76792
expires
Tue, 02 Mar 2021 18:54:47 GMT
dls-icons.woff
www.aexp-static.com/cdaas/one/statics/axp-dls/5.8.0/package/dist/iconfont/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.aexp-static.com/cdaas/one/statics/axp-dls/5.8.0/package/dist/iconfont/dls-icons.woff?v=5.8.0
Requested by
Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/one/statics/axp-dls/5.8.0/package/dist/styles/dls.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.9.4.64 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-4-64.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
72f19e8f6c8c351268ca6245ebfedc9df9d7f7779b81382af89e40fbfb36c38e

Request headers

Referer
https://www.aexp-static.com/cdaas/one/statics/axp-dls/5.8.0/package/dist/styles/dls.min.css
Origin
https://americanexpress.io
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 14:53:47 GMT
last-modified
Fri, 13 Apr 2018 18:46:40 GMT
etag
"5ad0fb10-87c4"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=15552000
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length
34756
expires
Tue, 02 Mar 2021 18:40:31 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: American Express (Financial)

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| hasClass function| addClass function| removeClass function| findLinkParent string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| hljs

3 Cookies

Domain/Path Name / Value
.americanexpress.io/ Name: _ga
Value: GA1.2.465937577.1661007227
.americanexpress.io/ Name: _gid
Value: GA1.2.787686686.1661007227
.americanexpress.io/ Name: _gat
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

americanexpress.io
cdnjs.cloudflare.com
www.aexp-static.com
www.americanexpress.io
www.google-analytics.com
185.199.111.153
23.9.4.64
2606:4700::6811:190e
2606:50c0:8001::153
2a00:1450:4001:810::200e
0c9fd2085a755a9e9c44ac7233e942b7797b1f9206aa4b142274c4705fb35cba
14c5aae886d3377120f54ffdc571dcd4d57a6df3e5120491fe7716c919a2b830
1776427ab935bdf5e4cc3cf060b4747d966ac4a5742837812e098888545f08ef
1d23cb4cbd1a5190ddca8956fea5dc6b53f752f5b0f7a071cf775338a0099255
26880aeeefb68723fb7e060b8d78e849559eeecfc257429f57786aa0d740339b
27d6b832d8ad8dcf3e18f01783553be2c5fc2ff3fe9ba2b0b838200c7709cf3c
2996ed3e0c89a7c50ae11dc3555d18491fe37cbd17e196bd2014d1368e167491
41ac94963b1184fc2af06023d156328ad328a1d8020d7c989d2cce486bbdd563
485caa1b2cb51527e740bc928cdb6477159557882d29949f68ed0390ed7eba6d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f57070fa2288244fcecadd4ed47a4eb9db8b2261efded327d5404c1637b4134
72f19e8f6c8c351268ca6245ebfedc9df9d7f7779b81382af89e40fbfb36c38e
7ef974010abfe71fb92dc3f53e3948e1e544cf6821bf9802ea0bf35fa8fe5af6
96dda67e1401d9ca83eeb80fe2efff05807c324514ac0a683072626d5560434e
a13cfacc495f37af0da4cea83e9da8c56957c616321d5176c08c1ebd87cc5a95
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
bf61b797553fed1b9e79755f5484ba96c30134b77241960d88b676232fc900f6
c54acb431126b02f6f21433f327386a4cd637ef846267cc2cad712c47d3ce162
c99e6c26e47553e0df2d25c1460721655d0e1502a6d12dab8c087e6cf0b36f7a
d5d7822393d3103ec421f72f09c7f7c78948c68da112031c0afd1c0b0da92c08
f80e96686402d783c04365af0637fe2290c9ab6dafa3552154157d2264975f4d
fc17e22241e51e856285975ce9316e8fb3262744d6716b0c5e4783170862d33c