amex-caspua.com
Category: Phishing
To use full-featured product, you have to purchase a license for Combo Cleaner. Limited seven days free trial available. Combo Cleaner is owned and operated by RCS LT, the parent company of PCRisk.com.
Description of amex-caspua.com
The domain amex-caspua.com appears to present itself as an American Express-themed promotional website in Spanish, using "AMEX Experiences" branding and offering a "campaña de exoneración" related to card benefits, annual-fee relief, and spending goals. The page content references card enrollment and account-related incentives, which places it in the financial services space based on the visible content and third-party categorization data.
However, the domain name does not appear to match the official primary web domains typically associated with American Express, and the site heavily uses recognizable AMEX branding elements. Based on the domain structure, branding, and page presentation, it may be attempting to imitate a legitimate financial brand in order to attract cardholders or collect sensitive information.
Safety Assessment for amex-caspua.com
This domain shows several notable risk indicators at the time of this scan. It was flagged by 9 out of 91 security engines, with multiple detections describing it as phishing, malicious, suspicious, or related fraud activity. In addition, the site is only 5 days old, has no established traffic ranking, and the screenshot shows strong use of American Express branding on a non-official-looking domain. That combination may indicate a look-alike financial-services page designed to resemble a trusted brand.
At the same time, some checks were clean: the malware scan did not identify flagged files, and major threat-database checks shown here did not report active listings at the time of the scan. Even so, clean file-scan results do not outweigh the broader phishing-related signals when a newly registered domain appears to mimic a major payment brand. Based on these findings, this website may pose potential risks to visitors.
Technical Description
The site uses a valid SSL/TLS certificate issued by a mainstream certificate authority, and it is served through Cloudflare infrastructure on IP address 104.21.68.122. The nameservers also point to Cloudflare, suggesting the domain is using a reverse-proxy/CDN setup that can help with availability and conceal origin infrastructure. The certificate validity indicates encrypted transport is present, but HTTPS alone does not verify that the operator is legitimate.
From a domain-security perspective, the registration is very recent, DNSSEC appears to be unsigned, and the hosting setup is relatively generic and easy to obtain. No malicious files, external links, or iframes were identified in the provided scan snapshot, but the combination of fresh registration, brand-like naming, and multi-engine phishing detections remains a technical concern.
Share your experience with this website. Was it safe? Did you encounter any issues?