{"report_id":"0ce959c3-aa97-4c89-88f0-4d2601c115c8","version":0,"status":"done","tags":[],"date":"2026-06-27T13:23:35Z","url":{"schema":"https","addr":"americanexpressccu.at","fqdn":"americanexpressccu.at","domain":"americanexpressccu.at","tld":"at"},"ip":{"addr":"104.207.76.157","port":0,"asn":36351,"as":"SOFTLAYER","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"americanexpressccu.at/","fqdn":"americanexpressccu.at","domain":"americanexpressccu.at","tld":"at"},"title":"American Express — Official American Express Site","dom":{"size":23692,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (503)","md5":"421e94755cba0d6966f627124240551f","sha1":"20e4ced657234a1f4e7920ff56dd98c9d4ae2df0","sha256":"c7bbc63985e92aaff34d1a01379b5ebf09def63053d4ad3c1976e2a0f9a98aaa","sha512":"21af9c5bfec41caa411900c876e9f097b2aa9809ad0beb3ff83aeede52b95364284e9a4743239f553bfdac42ccb9b14f1e24d01f49db520907698f5e2907a494","ssdeep":"384:ZNTT0tr48KP3p0A2qAIIXQiEg72jy9RjelFN+/803hSdAaGCH:ZNTT0trI3m1FIIAi7Rjelz+13Qvv","tlshash":"fab29537e550143b0a9301937b617bca61a54447a6183cb7ffac417e1fd8e8b4e7a14d","dom_hash":"domhasha1279928eba28d2387bfbd7f17c9008c","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"https","addr":"americanexpressccu.at","fqdn":"americanexpressccu.at","domain":"americanexpressccu.at","tld":"at"},"ip":{"addr":"104.207.76.157","port":0,"asn":36351,"as":"SOFTLAYER","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-01T13:23:35Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Edg/131.0.0.0","referer":"www.bing.com","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"americanexpressccu.at","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-27","alert":"Phishing Block","trigger":"americanexpressccu.at","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"americanexpressccu.at","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"americanexpressccu.at","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null},"summary":[{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-06-21T22:19:08.810882Z","alert_count":0,"request_count":5,"received_data":165525,"sent_data":3010,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-06-21T22:22:12.048317Z","alert_count":0,"request_count":1,"received_data":4916,"sent_data":587,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"americanexpressccu.at","ip":{"addr":"104.207.76.157","port":443,"asn":36351,"as":"SOFTLAYER","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-06-27T00:18:00.619552Z","last_seen":"2026-06-27T00:18:00.619552Z","alert_count":52,"request_count":13,"received_data":94152,"sent_data":7439,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:8.3.30","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"americanexpressccu.at/","fqdn":"americanexpressccu.at","domain":"americanexpressccu.at","tld":"at"},"ip":{"addr":"104.207.76.157","port":443,"asn":36351,"as":"SOFTLAYER","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"c9d994a7a7b926620e9ae210711e9930","sha1":"c811493d0a50e1ad995bec006b540341ee6712e3","sha256":"a13350cf82e2f9c6f4201251f1553eaabc9a33ebf7a11bd646c2b8760c19e13a","sha512":"42daeedbcda1f7b95b87ff8d4d1a8e6f4777ac514e4d8da6d84ab5dfccadaa22f7927fa183026f2bc389bc3be921dcf046c5f7da2e097fa60582d98b2f50c78c","ssdeep":"","tlshash":"4821dc3ea5b109330cb752efaacb67c0695100977542d5193eaccd802f48d822d719d9","size":1219,"data":"","first_seen":"2026-06-08T18:59:18.670341Z","last_seen":"2026-07-17T03:59:14.166383Z","times_seen":103,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"americanexpressccu.at/","fqdn":"americanexpressccu.at","domain":"americanexpressccu.at","tld":"at"},"ip":{"addr":"104.207.76.157","port":443,"asn":36351,"as":"SOFTLAYER","country":"United States","country_code":"US"},"introduction_type":"eventHandler","is_inline":false,"md5":"43e28c5553d54ed2964bd5147521769b","sha1":"0a2b8c3db330a47aa7b9195e6dfdf944adb9240d","sha256":"d63026c985dc46aeb316574b7bf1828080c906238e35d5e34cb80414c0e70d23","sha512":"6dda085e4196167cf64287cb675c05b09bdaa291decebd1bea2b52ccdbd380de5875dc233fa3d439559413693f1e7974f485d60a2c1541bf62a8887bf5ff9811","ssdeep":"","tlshash":"1b80000c0a20c0882a00af00e000c202a0c2200f0220238ce823bce2a83c888808fea0","size":38,"data":"","first_seen":"2023-04-10T16:02:06Z","last_seen":"2026-07-17T11:40:21.697821Z","times_seen":182422,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"fonts.gstatic.com/s/outfit/v15/QGYvz_MVcBeNP4NJtEtq.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://americanexpressccu.at/","date":"2026-06-27T13:23:12.953Z","timestamp":1782566592953,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /s/outfit/v15/QGYvz_MVcBeNP4NJtEtq.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Edg/131.0.0.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://americanexpressccu.at\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 32292\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 25 Jun 2026 02:48:41 GMT\r\nexpires: Fri, 25 Jun 2027 02:48:41 GMT\r\ncache-control: public, max-age=31536000\r\nage: 210872\r\nlast-modified: Thu, 04 Sep 2025 17:18:29 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":32292,"size_decoded":33105,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 32292, version 1.0","md5":"fdf9c509a8095ffa556117f486a94a8d","sha1":"d8a316f7cbfa46e69876c925e58fbf7b7c1abf0d","sha256":"6c18d579fd87c3776be068b762cbc83fde3acb543d49eabd3ade842eb987e887","sha512":"1da75065bac5582eb357a34e82887838f2e7acfa53df36a7a6a32049aad18d26cbe15b12de3987803a3747677e0e222a964444f0bbca3163c686469729ec667b","ssdeep":"768:3kEJ6k5UQdhzhODqcJnoGp9OFjIWQhvOWXFgHV8zpKjFOpiPyWwL6W:Ik5UQdhzhO+cAjIvvO9HOKj2iPyiW","tlshash":"d7e2e1a8da90dc3bdf6653f4ade7105eb1fa7bb4897108e1de12fa6d89d12c0c4144e0","first_seen":"2025-09-07T23:43:48.051278Z","last_seen":"2026-07-17T09:46:40.585248Z","times_seen":2024,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":41,"dns":0,"connect":0,"send":0,"wait":84,"receive":36,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Outfit:wght@400;500;600;700;800\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://americanexpressccu.at/","date":"2026-06-27T13:23:12.543Z","timestamp":1782566592543,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:10 GMT","end":"Mon, 31 Aug 2026 08:38:09 GMT"},"fingerprint":{"sha1":"8A:2F:DC:6F:C0:09:07:D3:E5:9C:B7:EE:C2:C4:63:DC:59:36:B5:1B","sha256":"64:7C:E4:55:AB:5C:58:7E:89:F1:19:3B:95:DB:7B:4B:E6:75:42:2C:0C:51:2E:66:85:F5:BB:51:58:08:39:19"}}},"request":{"raw":"GET /css2?family=Outfit:wght@400;500;600;700;800\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Edg/131.0.0.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://americanexpressccu.at/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sat, 27 Jun 2026 13:23:12 GMT\r\ndate: Sat, 27 Jun 2026 13:23:12 GMT\r\ncache-control: private, max-age=86400, stale-while-revalidate=604800\r\nlast-modified: Sat, 27 Jun 2026 13:23:12 GMT\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4155,"size_decoded":1202,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"772d284301a62522b33da578be464ac1","sha1":"cf798010b9ee9b56c098b4bbf0b823f6c07b96ee","sha256":"62132c93f3c6bfb5d885a139a06c54c5e1288065f4bc73087768879eef5f1110","sha512":"e2ae1420dacb7adb48c1da96c0e93e300ed24fefba72ce6bb4b5b7e83f36dd357472e8687bd1ef4b86d87f520ba7b914cd098caf3fa97194fddb694b7fb9fada","ssdeep":"96:cOEavJc+uwOEaDNNOXavJc+uwOXaDNNOxMavJc+uwOxMaDNNOpavJc+uwOpaDNNy:zr6LrpurwtrX4rWy","tlshash":"4e81eea1082ba144db970cc122ce7e33ef1e6251744499349ffe1888acabd9a435774d","first_seen":"2026-01-22T12:09:24.703905Z","last_seen":"2026-06-27T13:23:36.330525Z","times_seen":16,"resource_available":false,"data":null}},"time_used":144,"timings":{"blocked":-1,"dns":0,"connect":31,"send":0,"wait":65,"receive":0,"ssl":48},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"americanexpressccu.at/assets/feature-compliance.webp","fqdn":"americanexpressccu.at","domain":"americanexpressccu.at","tld":"at"},"ip":{"addr":"104.207.76.157","port":443,"asn":36351,"as":"SOFTLAYER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://americanexpressccu.at/","date":"2026-06-27T13:23:12.557Z","timestamp":1782566592557,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"americanexpressccu.at","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Thu, 28 May 2026 21:08:29 GMT","end":"Wed, 26 Aug 2026 21:08:28 GMT"},"fingerprint":{"sha1":"72:BF:76:6B:D7:4A:3B:C0:0D:21:24:2E:D0:5A:87:03:26:9B:CA:7D","sha256":"CF:0C:57:30:5B:C7:7A:B0:B0:7D:E8:F2:D1:45:6D:CC:F4:13:38:D1:50:BC:65:69:90:D1:C5:1D:B8:B7:86:92"}}},"request":{"raw":"GET /assets/feature-compliance.webp HTTP/1.1\r\nHost: americanexpressccu.at\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Edg/131.0.0.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://americanexpressccu.at/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 27 Jun 2026 13:23:12 GMT\r\ncontent-type: image/webp\r\ncontent-length: 3932\r\nlast-modified: Thu, 28 May 2026 21:07:20 GMT\r\netag: \"6a18ae88-f5c\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3932,"size_decoded":4202,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 600x400, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"8d9876d6ccb371291aa6f6966d0c140f","sha1":"b5cd5e053659c96e0bfee3e6aee5aff5dc7c6f58","sha256":"2784445d4e0783010051ec87c00cf99592910789d70fa4fb8d20195ee88c5df1","sha512":"12e841a3f0f76b290fdc90959388627ee6da990273cd1ea22ad3de85e5a69417b80c82494fde3e55d1db1bb52c471198a46d8abc20e4049db2e1e9f557c5f71f","ssdeep":"","tlshash":"72816d39c9f65812e37698353432e9d8d530f2240ba9415eed325718149ddcc8fdc60d","first_seen":"2026-04-12T21:25:22.769022Z","last_seen":"2026-07-12T21:35:57.485723Z","times_seen":34,"resource_available":false,"data":null}},"time_used":515,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":515,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"americanexpressccu.at","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-27","alert":"Phishing Block","trigger":"americanexpressccu.at","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"americanexpressccu.at","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"americanexpressccu.at","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"americanexpressccu.at/assets/feature-personal.webp","fqdn":"americanexpressccu.at","domain":"americanexpressccu.at","tld":"at"},"ip":{"addr":"104.207.76.157","port":443,"asn":36351,"as":"SOFTLAYER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://americanexpressccu.at/","date":"2026-06-27T13:23:12.558Z","timestamp":1782566592558,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"americanexpressccu.at","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Thu, 28 May 2026 21:08:29 GMT","end":"Wed, 26 Aug 2026 21:08:28 GMT"},"fingerprint":{"sha1":"72:BF:76:6B:D7:4A:3B:C0:0D:21:24:2E:D0:5A:87:03:26:9B:CA:7D","sha256":"CF:0C:57:30:5B:C7:7A:B0:B0:7D:E8:F2:D1:45:6D:CC:F4:13:38:D1:50:BC:65:69:90:D1:C5:1D:B8:B7:86:92"}}},"request":{"raw":"GET /assets/feature-personal.webp HTTP/1.1\r\nHost: americanexpressccu.at\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Edg/131.0.0.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://americanexpressccu.at/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 27 Jun 2026 13:23:12 GMT\r\ncontent-type: image/webp\r\ncontent-length: 4210\r\nlast-modified: Thu, 28 May 2026 21:07:22 GMT\r\netag: \"6a18ae8a-1072\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4210,"size_decoded":4481,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 600x400, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"aa9ebc59aec121e51956fffacab96972","sha1":"d075938c18275e5c0cf95825754e0df8d4594c3a","sha256":"f4eeda4c7b267ff74fee7ad23e553116c185af2d4755018ba42a8d16af9c642d","sha512":"f2b7b1152e89e2954c83dd19c56f0a8abad78facd5785782136f3fc99778bace68a86b10683d399c76510ce9707f6fa95483648a20302aa665f4a263c6a9e0f7","ssdeep":"96:amcA64uj3f92kVeIgO3LX06tKBFddNPaDC6U6Uln:Dsp2BrN6UbPIC6lUln","tlshash":"e7914bd6ae934d0ec0a1e9bc50e542513f48c4c921023882f72dbe744e7a55e12f1bbe","first_seen":"2026-04-12T21:25:22.770059Z","last_seen":"2026-07-12T21:35:57.481654Z","times_seen":34,"resource_available":false,"data":null}},"time_used":518,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":518,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"americanexpressccu.at","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-27","alert":"Phishing Block","trigger":"americanexpressccu.at","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"americanexpressccu.at","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"americanexpressccu.at","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"americanexpressccu.at/assets/accreditation-occ.webp","fqdn":"americanexpressccu.at","domain":"americanexpressccu.at","tld":"at"},"ip":{"addr":"104.207.76.157","port":443,"asn":36351,"as":"SOFTLAYER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://americanexpressccu.at/","date":"2026-06-27T13:23:12.561Z","timestamp":1782566592561,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"americanexpressccu.at","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Thu, 28 May 2026 21:08:29 GMT","end":"Wed, 26 Aug 2026 21:08:28 GMT"},"fingerprint":{"sha1":"72:BF:76:6B:D7:4A:3B:C0:0D:21:24:2E:D0:5A:87:03:26:9B:CA:7D","sha256":"CF:0C:57:30:5B:C7:7A:B0:B0:7D:E8:F2:D1:45:6D:CC:F4:13:38:D1:50:BC:65:69:90:D1:C5:1D:B8:B7:86:92"}}},"request":{"raw":"GET /assets/accreditation-occ.webp HTTP/1.1\r\nHost: americanexpressccu.at\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Edg/131.0.0.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://americanexpressccu.at/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 27 Jun 2026 13:23:12 GMT\r\ncontent-type: image/webp\r\ncontent-length: 1076\r\nlast-modified: Thu, 28 May 2026 21:07:17 GMT\r\netag: \"6a18ae85-434\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1076,"size_decoded":1346,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 130x70, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"d0d3af6097bdbb4958d4f971188547f9","sha1":"5cc72adf2a779dbd4c9f7a4bb683f648c5fa3c5e","sha256":"1cf909b8d7a56ba7579aab31eeafd5ca49e3b0f37b12f7b023243bc5652aafee","sha512":"1db2ff6566ac209b276a377c2c1da216e347b6cf79b9f459fe7562e722fe5b5ef612590aa566102acff084e09ca8848993ffd77c5c439fe65a004cf98b7721f0","ssdeep":"","tlshash":"ac11e995d13061823c9fac464fbe82f80c0905903b0767447e5d4ef0a8727dbe0544dd","first_seen":"2026-04-12T21:25:22.77632Z","last_seen":"2026-07-12T21:35:57.484738Z","times_seen":34,"resource_available":false,"data":null}},"time_used":669,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":669,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"americanexpressccu.at","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"americanexpressccu.at","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-27","alert":"Phishing Block","trigger":"americanexpressccu.at","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"americanexpressccu.at","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/outfit/v15/QGYvz_MVcBeNP4NJtEtq.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://americanexpressccu.at/","date":"2026-06-27T13:23:12.949Z","timestamp":1782566592949,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /s/outfit/v15/QGYvz_MVcBeNP4NJtEtq.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Edg/131.0.0.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://americanexpressccu.at\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 32292\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 25 Jun 2026 02:48:41 GMT\r\nexpires: Fri, 25 Jun 2027 02:48:41 GMT\r\ncache-control: public, max-age=31536000\r\nage: 210872\r\nlast-modified: Thu, 04 Sep 2025 17:18:29 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":32292,"size_decoded":33105,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 32292, version 1.0","md5":"fdf9c509a8095ffa556117f486a94a8d","sha1":"d8a316f7cbfa46e69876c925e58fbf7b7c1abf0d","sha256":"6c18d579fd87c3776be068b762cbc83fde3acb543d49eabd3ade842eb987e887","sha512":"1da75065bac5582eb357a34e82887838f2e7acfa53df36a7a6a32049aad18d26cbe15b12de3987803a3747677e0e222a964444f0bbca3163c686469729ec667b","ssdeep":"768:3kEJ6k5UQdhzhODqcJnoGp9OFjIWQhvOWXFgHV8zpKjFOpiPyWwL6W:Ik5UQdhzhO+cAjIvvO9HOKj2iPyiW","tlshash":"d7e2e1a8da90dc3bdf6653f4ade7105eb1fa7bb4897108e1de12fa6d89d12c0c4144e0","first_seen":"2025-09-07T23:43:48.051278Z","last_seen":"2026-07-17T09:46:40.585248Z","times_seen":2024,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":43,"dns":0,"connect":0,"send":0,"wait":53,"receive":57,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"americanexpressccu.at/assets/favicon.ico","fqdn":"americanexpressccu.at","domain":"americanexpressccu.at","tld":"at"},"ip":{"addr":"104.207.76.157","port":443,"asn":36351,"as":"SOFTLAYER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://americanexpressccu.at/","date":"2026-06-27T13:23:13.239Z","timestamp":1782566593239,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"americanexpressccu.at","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Thu, 28 May 2026 21:08:29 GMT","end":"Wed, 26 Aug 2026 21:08:28 GMT"},"fingerprint":{"sha1":"72:BF:76:6B:D7:4A:3B:C0:0D:21:24:2E:D0:5A:87:03:26:9B:CA:7D","sha256":"CF:0C:57:30:5B:C7:7A:B0:B0:7D:E8:F2:D1:45:6D:CC:F4:13:38:D1:50:BC:65:69:90:D1:C5:1D:B8:B7:86:92"}}},"request":{"raw":"GET /assets/favicon.ico HTTP/1.1\r\nHost: americanexpressccu.at\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Edg/131.0.0.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://americanexpressccu.at/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 27 Jun 2026 13:23:13 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 3884\r\nlast-modified: Thu, 28 May 2026 21:07:20 GMT\r\netag: \"6a18ae88-f2c\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3884,"size_decoded":4156,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 16x16 with PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced, 32 bits/pixel","md5":"4b87d898e131a5792b180bce692cbfee","sha1":"dffbae801c7a5a5afc8462011ebecbcad8f3b201","sha256":"0254a47ff3e4221e80ed6f1e032a7bd0f6acd7c1af02f6630743571dae9f4893","sha512":"e2e4230790a0e01049974047447f89ae95621a0bd8349e9458f2879c8e64c06db472f47fcd3bb6ca81742e6de8fec8f7478cc3627e1086e509c113d21e3b78b9","ssdeep":"","tlshash":"a4816dd930d07879399c84ebc95c2945c1a1a00e5de2ff4dce805a3b0f7b01908b2ae2","first_seen":"2026-06-27T00:18:04.836868Z","last_seen":"2026-06-27T13:23:36.335312Z","times_seen":3,"resource_available":false,"data":null}},"time_used":515,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":515,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-27","alert":"Phishing Block","trigger":"americanexpressccu.at","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"americanexpressccu.at","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"americanexpressccu.at","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"americanexpressccu.at","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"americanexpressccu.at/assets/cover.webp","fqdn":"americanexpressccu.at","domain":"americanexpressccu.at","tld":"at"},"ip":{"addr":"104.207.76.157","port":443,"asn":36351,"as":"SOFTLAYER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://americanexpressccu.at/","date":"2026-06-27T13:23:12.552Z","timestamp":1782566592552,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"americanexpressccu.at","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Thu, 28 May 2026 21:08:29 GMT","end":"Wed, 26 Aug 2026 21:08:28 GMT"},"fingerprint":{"sha1":"72:BF:76:6B:D7:4A:3B:C0:0D:21:24:2E:D0:5A:87:03:26:9B:CA:7D","sha256":"CF:0C:57:30:5B:C7:7A:B0:B0:7D:E8:F2:D1:45:6D:CC:F4:13:38:D1:50:BC:65:69:90:D1:C5:1D:B8:B7:86:92"}}},"request":{"raw":"GET /assets/cover.webp HTTP/1.1\r\nHost: americanexpressccu.at\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Edg/131.0.0.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://americanexpressccu.at/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 27 Jun 2026 13:23:12 GMT\r\ncontent-type: image/webp\r\ncontent-length: 9860\r\nlast-modified: Thu, 28 May 2026 21:07:18 GMT\r\netag: \"6a18ae86-2684\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9860,"size_decoded":10131,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1200x630, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"db7b42bc705a4d4c3bb76ea5dca0e607","sha1":"d7c2b9287da497f69f3b6b27d6671f80cc108ef0","sha256":"c7925b3b6c17858af50d5c0869a9f617b96546999b7f0b3ac7fecb2f21cf5b1e","sha512":"f5899ded854dbaa848a320b90e1718cb5cc5e70814bba1c38cf6e742ed166e1e3b75ee7e86249ac1455dcd69ebae8a9b0d9a6dce09298134a36c873ddef19907","ssdeep":"192:A/z2tdvRa8fwuFPYzU8OCQecKDdlAhZKfik0SeVHJs5CgQYQyD1amIrB:A72HvRxf/oU8OwcyihZKfike9JKCKJ1w","tlshash":"5f12cf0e8367b92dcad052f4c0ab5ee48a2d0e8241e53ecfe0666366643b54dd5f1b38","first_seen":"2026-06-27T00:18:04.854484Z","last_seen":"2026-06-27T13:23:36.336215Z","times_seen":3,"resource_available":false,"data":null}},"time_used":519,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":519,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"americanexpressccu.at","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-27","alert":"Phishing Block","trigger":"americanexpressccu.at","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"americanexpressccu.at","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"americanexpressccu.at","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"americanexpressccu.at/assets/site-icon.webp","fqdn":"americanexpressccu.at","domain":"americanexpressccu.at","tld":"at"},"ip":{"addr":"104.207.76.157","port":443,"asn":36351,"as":"SOFTLAYER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://americanexpressccu.at/","date":"2026-06-27T13:23:12.555Z","timestamp":1782566592555,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"americanexpressccu.at","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Thu, 28 May 2026 21:08:29 GMT","end":"Wed, 26 Aug 2026 21:08:28 GMT"},"fingerprint":{"sha1":"72:BF:76:6B:D7:4A:3B:C0:0D:21:24:2E:D0:5A:87:03:26:9B:CA:7D","sha256":"CF:0C:57:30:5B:C7:7A:B0:B0:7D:E8:F2:D1:45:6D:CC:F4:13:38:D1:50:BC:65:69:90:D1:C5:1D:B8:B7:86:92"}}},"request":{"raw":"GET /assets/site-icon.webp HTTP/1.1\r\nHost: americanexpressccu.at\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Edg/131.0.0.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://americanexpressccu.at/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 27 Jun 2026 13:23:12 GMT\r\ncontent-type: image/webp\r\ncontent-length: 546\r\nlast-modified: Thu, 28 May 2026 21:07:23 GMT\r\netag: \"6a18ae8b-222\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":546,"size_decoded":815,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 38x38, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"3f920f239e3dcd9e8bf921416f1ed70a","sha1":"2158658edb298e8b4df0880fbace1ee2ea0df9ca","sha256":"c962342294ba4a0c68b69e27f1de721ca52330211f1af89ed8e768ed9b9a2cac","sha512":"d3d12ec191e0e8b0c801b550d453d73dc1a2c875408f562216afb7cff5be2c6cb67074dee70db1dcfbab1c746205c5c61dd8a0e1bb6d447afb1ac6f4c729a373","ssdeep":"","tlshash":"3af0e106d14400ce66cc9c5f9c1b6258b4c39625352de9a1e7d1ca227835144769789a","first_seen":"2026-06-27T00:18:04.855837Z","last_seen":"2026-06-27T13:23:36.338859Z","times_seen":3,"resource_available":false,"data":null}},"time_used":516,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":516,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-27","alert":"Phishing Block","trigger":"americanexpressccu.at","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"americanexpressccu.at","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"americanexpressccu.at","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"americanexpressccu.at","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"americanexpressccu.at/assets/feature-business.webp","fqdn":"americanexpressccu.at","domain":"americanexpressccu.at","tld":"at"},"ip":{"addr":"104.207.76.157","port":443,"asn":36351,"as":"SOFTLAYER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://americanexpressccu.at/","date":"2026-06-27T13:23:12.559Z","timestamp":1782566592559,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"americanexpressccu.at","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Thu, 28 May 2026 21:08:29 GMT","end":"Wed, 26 Aug 2026 21:08:28 GMT"},"fingerprint":{"sha1":"72:BF:76:6B:D7:4A:3B:C0:0D:21:24:2E:D0:5A:87:03:26:9B:CA:7D","sha256":"CF:0C:57:30:5B:C7:7A:B0:B0:7D:E8:F2:D1:45:6D:CC:F4:13:38:D1:50:BC:65:69:90:D1:C5:1D:B8:B7:86:92"}}},"request":{"raw":"GET /assets/feature-business.webp HTTP/1.1\r\nHost: americanexpressccu.at\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Edg/131.0.0.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://americanexpressccu.at/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 27 Jun 2026 13:23:12 GMT\r\ncontent-type: image/webp\r\ncontent-length: 2988\r\nlast-modified: Thu, 28 May 2026 21:07:20 GMT\r\netag: \"6a18ae88-bac\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2988,"size_decoded":3258,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 600x400, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"40ff8e1bb46b9670e18baa7d703abe86","sha1":"75655e25bde9fea724d27e9a99bcb203fd3dfc4b","sha256":"613f0c64aa92137a398675fa860256391905aebce52da78933bbb21e83e487c5","sha512":"d312c48ec6659f8fda3b96474f69f2f70607ce547b3650ac0835eb3e996d594b4f4d903dd5d1e815e1c8d450db41f34aac7de6e5b5b2ba0ca8c41dcafaf6f331","ssdeep":"","tlshash":"a7514ac3e5db5914c77049371023c2a8f4626260c7985e7baed11a1f719b0bafdf5271","first_seen":"2026-04-12T21:25:22.777231Z","last_seen":"2026-07-12T21:35:57.482152Z","times_seen":34,"resource_available":false,"data":null}},"time_used":517,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":517,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-27","alert":"Phishing Block","trigger":"americanexpressccu.at","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"americanexpressccu.at","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"americanexpressccu.at","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"americanexpressccu.at","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/outfit/v15/QGYvz_MVcBeNP4NJtEtq.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://americanexpressccu.at/","date":"2026-06-27T13:23:12.945Z","timestamp":1782566592945,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /s/outfit/v15/QGYvz_MVcBeNP4NJtEtq.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Edg/131.0.0.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://americanexpressccu.at\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 32292\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 25 Jun 2026 02:48:41 GMT\r\nexpires: Fri, 25 Jun 2027 02:48:41 GMT\r\ncache-control: public, max-age=31536000\r\nage: 210872\r\nlast-modified: Thu, 04 Sep 2025 17:18:29 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":32292,"size_decoded":33105,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 32292, version 1.0","md5":"fdf9c509a8095ffa556117f486a94a8d","sha1":"d8a316f7cbfa46e69876c925e58fbf7b7c1abf0d","sha256":"6c18d579fd87c3776be068b762cbc83fde3acb543d49eabd3ade842eb987e887","sha512":"1da75065bac5582eb357a34e82887838f2e7acfa53df36a7a6a32049aad18d26cbe15b12de3987803a3747677e0e222a964444f0bbca3163c686469729ec667b","ssdeep":"768:3kEJ6k5UQdhzhODqcJnoGp9OFjIWQhvOWXFgHV8zpKjFOpiPyWwL6W:Ik5UQdhzhO+cAjIvvO9HOKj2iPyiW","tlshash":"d7e2e1a8da90dc3bdf6653f4ade7105eb1fa7bb4897108e1de12fa6d89d12c0c4144e0","first_seen":"2025-09-07T23:43:48.051278Z","last_seen":"2026-07-17T09:46:40.585248Z","times_seen":2024,"resource_available":false,"data":null}},"time_used":169,"timings":{"blocked":-1,"dns":0,"connect":47,"send":0,"wait":40,"receive":82,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/outfit/v15/QGYvz_MVcBeNP4NJtEtq.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://americanexpressccu.at/","date":"2026-06-27T13:23:12.950Z","timestamp":1782566592950,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /s/outfit/v15/QGYvz_MVcBeNP4NJtEtq.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Edg/131.0.0.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://americanexpressccu.at\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 32292\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 25 Jun 2026 02:48:41 GMT\r\nexpires: Fri, 25 Jun 2027 02:48:41 GMT\r\ncache-control: public, max-age=31536000\r\nage: 210872\r\nlast-modified: Thu, 04 Sep 2025 17:18:29 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":32292,"size_decoded":33105,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 32292, version 1.0","md5":"fdf9c509a8095ffa556117f486a94a8d","sha1":"d8a316f7cbfa46e69876c925e58fbf7b7c1abf0d","sha256":"6c18d579fd87c3776be068b762cbc83fde3acb543d49eabd3ade842eb987e887","sha512":"1da75065bac5582eb357a34e82887838f2e7acfa53df36a7a6a32049aad18d26cbe15b12de3987803a3747677e0e222a964444f0bbca3163c686469729ec667b","ssdeep":"768:3kEJ6k5UQdhzhODqcJnoGp9OFjIWQhvOWXFgHV8zpKjFOpiPyWwL6W:Ik5UQdhzhO+cAjIvvO9HOKj2iPyiW","tlshash":"d7e2e1a8da90dc3bdf6653f4ade7105eb1fa7bb4897108e1de12fa6d89d12c0c4144e0","first_seen":"2025-09-07T23:43:48.051278Z","last_seen":"2026-07-17T09:46:40.585248Z","times_seen":2024,"resource_available":false,"data":null}},"time_used":159,"timings":{"blocked":43,"dns":0,"connect":0,"send":0,"wait":67,"receive":49,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"americanexpressccu.at/assets/apple-touch-icon.png","fqdn":"americanexpressccu.at","domain":"americanexpressccu.at","tld":"at"},"ip":{"addr":"104.207.76.157","port":443,"asn":36351,"as":"SOFTLAYER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://americanexpressccu.at/","date":"2026-06-27T13:23:13.237Z","timestamp":1782566593237,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"americanexpressccu.at","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Thu, 28 May 2026 21:08:29 GMT","end":"Wed, 26 Aug 2026 21:08:28 GMT"},"fingerprint":{"sha1":"72:BF:76:6B:D7:4A:3B:C0:0D:21:24:2E:D0:5A:87:03:26:9B:CA:7D","sha256":"CF:0C:57:30:5B:C7:7A:B0:B0:7D:E8:F2:D1:45:6D:CC:F4:13:38:D1:50:BC:65:69:90:D1:C5:1D:B8:B7:86:92"}}},"request":{"raw":"GET /assets/apple-touch-icon.png HTTP/1.1\r\nHost: americanexpressccu.at\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Edg/131.0.0.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://americanexpressccu.at/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 27 Jun 2026 13:23:13 GMT\r\ncontent-type: image/png\r\nlast-modified: Thu, 28 May 2026 21:07:17 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a18ae85-5c60\"\r\nexpires: Mon, 27 Jul 2026 13:23:13 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":23648,"size_decoded":23964,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced","md5":"f1b5623713d86816db799fe5f3094565","sha1":"4069e659404f9553f8432c6b52da66bdd6bbdade","sha256":"b3734e615ac2f290524a498be4bce98ff7fdd6cb137e5c8532b843b79873a811","sha512":"cac180abb975bd9d0c07aac25dbe70315ada048803bd35155c59d3d56a80f9630d5cb779269c2740122f4401d80f4cecff69ba83d2cca7031c944c58815e85e9","ssdeep":"384:akWTfqlty8a0jmRXRTLrDo8npUZbtT55QNaAVL368gkkhVWBxfUU9ukwQBCqqdq5:arLOyAqXRTTpUTaDhFkhVWPMBzqwzMJ","tlshash":"dfb2e180f4b32cb813c466b764ca344ec9a80812ddf4f3955404ef77aee646b96a63f1","first_seen":"2026-06-27T00:18:04.847124Z","last_seen":"2026-06-27T13:23:36.34452Z","times_seen":3,"resource_available":false,"data":null}},"time_used":516,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":516,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"americanexpressccu.at","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"americanexpressccu.at","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"americanexpressccu.at","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-27","alert":"Phishing Block","trigger":"americanexpressccu.at","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"americanexpressccu.at/assets/styles.css","fqdn":"americanexpressccu.at","domain":"americanexpressccu.at","tld":"at"},"ip":{"addr":"104.207.76.157","port":443,"asn":36351,"as":"SOFTLAYER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://americanexpressccu.at/","date":"2026-06-27T13:23:12.546Z","timestamp":1782566592546,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"americanexpressccu.at","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Thu, 28 May 2026 21:08:29 GMT","end":"Wed, 26 Aug 2026 21:08:28 GMT"},"fingerprint":{"sha1":"72:BF:76:6B:D7:4A:3B:C0:0D:21:24:2E:D0:5A:87:03:26:9B:CA:7D","sha256":"CF:0C:57:30:5B:C7:7A:B0:B0:7D:E8:F2:D1:45:6D:CC:F4:13:38:D1:50:BC:65:69:90:D1:C5:1D:B8:B7:86:92"}}},"request":{"raw":"GET /assets/styles.css HTTP/1.1\r\nHost: americanexpressccu.at\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Edg/131.0.0.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://americanexpressccu.at/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=0\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 27 Jun 2026 13:23:12 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 28 May 2026 21:07:23 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a18ae8b-36fd\"\r\nexpires: Sun, 28 Jun 2026 01:23:12 GMT\r\ncache-control: max-age=43200\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":14077,"size_decoded":3838,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (14075), with no line terminators","md5":"e35b57a3f5b4a5633ab708308525c9f1","sha1":"3591fe82cf71ed67c213fc95ade5998bec1e5397","sha256":"aa1fc0e0e9057badc7185fbf637e1dde51debd3f02dc93322888ef4bf05641cb","sha512":"b9e27cc94d69edf424602ca5c82acd81e7aba68bdba9ba7397e3a7d73a30d578da0d30a552301cfeccd193d94317d5304ef1693a15585d797ec29de0a15ce59e","ssdeep":"192:+N02nVmiI53XSBu0bkBgB7n4BG36yrHGMq2eAnBprmwNjCS0vUECn3kaloun6FJF:+35GgB1qMKAnBpzG8x9jY","tlshash":"cb52e669b260b12ce81bd92af7d462ad52309010c9230fadf45ba561c9c73f706b3f4e","first_seen":"2026-06-27T00:18:04.839526Z","last_seen":"2026-06-27T13:23:36.359376Z","times_seen":3,"resource_available":false,"data":null}},"time_used":347,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":347,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"americanexpressccu.at","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"americanexpressccu.at","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"americanexpressccu.at","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-27","alert":"Phishing Block","trigger":"americanexpressccu.at","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"americanexpressccu.at/assets/accreditation-cfpb.webp","fqdn":"americanexpressccu.at","domain":"americanexpressccu.at","tld":"at"},"ip":{"addr":"104.207.76.157","port":443,"asn":36351,"as":"SOFTLAYER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://americanexpressccu.at/","date":"2026-06-27T13:23:12.560Z","timestamp":1782566592560,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"americanexpressccu.at","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Thu, 28 May 2026 21:08:29 GMT","end":"Wed, 26 Aug 2026 21:08:28 GMT"},"fingerprint":{"sha1":"72:BF:76:6B:D7:4A:3B:C0:0D:21:24:2E:D0:5A:87:03:26:9B:CA:7D","sha256":"CF:0C:57:30:5B:C7:7A:B0:B0:7D:E8:F2:D1:45:6D:CC:F4:13:38:D1:50:BC:65:69:90:D1:C5:1D:B8:B7:86:92"}}},"request":{"raw":"GET /assets/accreditation-cfpb.webp HTTP/1.1\r\nHost: americanexpressccu.at\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Edg/131.0.0.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://americanexpressccu.at/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 27 Jun 2026 13:23:12 GMT\r\ncontent-type: image/webp\r\ncontent-length: 772\r\nlast-modified: Thu, 28 May 2026 21:07:16 GMT\r\netag: \"6a18ae84-304\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":772,"size_decoded":1041,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 130x70, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"1f79c7f2a3634df2a72b3f0b08d267ae","sha1":"402e5e15779f075a8ca4963b9b45458943a8c68e","sha256":"fe85680be6769c9f89dfe976bb55e9997c0f54a34e5d6da07317922499a35306","sha512":"71a9df2d5f385eb209a837a2fd50e0b30cf8202f9bd07bc4a2a9902a8eb1d15a7b87456350a6ff0d5dfd9d5861bbf2b564e75206383c0c869af91def78ccd6fe","ssdeep":"","tlshash":"8e0175099394ecae88e7d9099f9c84fdf36692410c498e68d469d2616624848384f214","first_seen":"2026-04-12T21:25:22.775355Z","last_seen":"2026-07-12T21:35:57.481101Z","times_seen":34,"resource_available":false,"data":null}},"time_used":516,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":516,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"americanexpressccu.at","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"americanexpressccu.at","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"americanexpressccu.at","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-27","alert":"Phishing Block","trigger":"americanexpressccu.at","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"americanexpressccu.at/assets/accreditation-fdic.webp","fqdn":"americanexpressccu.at","domain":"americanexpressccu.at","tld":"at"},"ip":{"addr":"104.207.76.157","port":443,"asn":36351,"as":"SOFTLAYER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://americanexpressccu.at/","date":"2026-06-27T13:23:12.564Z","timestamp":1782566592564,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"americanexpressccu.at","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Thu, 28 May 2026 21:08:29 GMT","end":"Wed, 26 Aug 2026 21:08:28 GMT"},"fingerprint":{"sha1":"72:BF:76:6B:D7:4A:3B:C0:0D:21:24:2E:D0:5A:87:03:26:9B:CA:7D","sha256":"CF:0C:57:30:5B:C7:7A:B0:B0:7D:E8:F2:D1:45:6D:CC:F4:13:38:D1:50:BC:65:69:90:D1:C5:1D:B8:B7:86:92"}}},"request":{"raw":"GET /assets/accreditation-fdic.webp HTTP/1.1\r\nHost: americanexpressccu.at\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Edg/131.0.0.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://americanexpressccu.at/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 27 Jun 2026 13:23:12 GMT\r\ncontent-type: image/webp\r\ncontent-length: 888\r\nlast-modified: Thu, 28 May 2026 21:07:16 GMT\r\netag: \"6a18ae84-378\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":888,"size_decoded":1157,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 130x70, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"dce621c7064dc13c2e8e82c980dc764c","sha1":"a34c6394f998953998d776854621c5e38522408f","sha256":"125445852fc8d4e8cc36fb0b322c692d8554042e7273812b92a9549826eb513d","sha512":"8b540c5705cb6afbc10e6fc139a46f673f63266a8c5d183cc863befe5409c7f70f039d218213888fcdc42dc3ac63fd0e8a5ed6c8d7b219ccb70345bb16bf297a","ssdeep":"","tlshash":"c111dab7eb3b8434c434b909b1b53abe539ec087e40090292cc78ddc0cb24d19026dc6","first_seen":"2026-04-12T21:25:22.773303Z","last_seen":"2026-07-12T21:35:57.485241Z","times_seen":34,"resource_available":false,"data":null}},"time_used":667,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":667,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"americanexpressccu.at","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-27","alert":"Phishing Block","trigger":"americanexpressccu.at","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"americanexpressccu.at","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"americanexpressccu.at","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"americanexpressccu.at/assets/accreditation-ehl.webp","fqdn":"americanexpressccu.at","domain":"americanexpressccu.at","tld":"at"},"ip":{"addr":"104.207.76.157","port":443,"asn":36351,"as":"SOFTLAYER","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://americanexpressccu.at/","date":"2026-06-27T13:23:12.565Z","timestamp":1782566592565,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"americanexpressccu.at","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Thu, 28 May 2026 21:08:29 GMT","end":"Wed, 26 Aug 2026 21:08:28 GMT"},"fingerprint":{"sha1":"72:BF:76:6B:D7:4A:3B:C0:0D:21:24:2E:D0:5A:87:03:26:9B:CA:7D","sha256":"CF:0C:57:30:5B:C7:7A:B0:B0:7D:E8:F2:D1:45:6D:CC:F4:13:38:D1:50:BC:65:69:90:D1:C5:1D:B8:B7:86:92"}}},"request":{"raw":"GET /assets/accreditation-ehl.webp HTTP/1.1\r\nHost: americanexpressccu.at\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Edg/131.0.0.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://americanexpressccu.at/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 27 Jun 2026 13:23:12 GMT\r\ncontent-type: image/webp\r\ncontent-length: 886\r\nlast-modified: Thu, 28 May 2026 21:07:16 GMT\r\netag: \"6a18ae84-376\"\r\nstrict-transport-security: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":886,"size_decoded":1155,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 130x70, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"c5678032b83803d963de77a6aa4b7018","sha1":"8c5e6f7748e8b6f9436cfe871dc964389df39d6f","sha256":"bf70cd0fa52a8441a4a894f747041794f0d865b10d2613c93628d087f218389a","sha512":"977f6608a6e35e4aee3f60fff2f3b8b2ba4acd81af62fef4ff83b82ac163278bdb2a89b8ca08bafb116a80710bc3f64f9c0995e111219214f5dcd01fd20d312a","ssdeep":"","tlshash":"1a11e66e20d047766e77f8c2a8d8ac020894c166783ad8074c9cd3fc483a534b53e28b","first_seen":"2026-04-12T21:25:22.766949Z","last_seen":"2026-07-12T21:35:57.480031Z","times_seen":34,"resource_available":false,"data":null}},"time_used":666,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":666,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"americanexpressccu.at","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"americanexpressccu.at","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-27","alert":"Phishing Block","trigger":"americanexpressccu.at","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"americanexpressccu.at","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"americanexpressccu.at/","fqdn":"americanexpressccu.at","domain":"americanexpressccu.at","tld":"at"},"ip":{"addr":"104.207.76.157","port":443,"asn":36351,"as":"SOFTLAYER","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-06-27T13:23:10.626Z","timestamp":1782566590626,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"americanexpressccu.at","organization":""},"issuer":{"commonName":"YR1","organization":"Let's Encrypt"},"validity":{"start":"Thu, 28 May 2026 21:08:29 GMT","end":"Wed, 26 Aug 2026 21:08:28 GMT"},"fingerprint":{"sha1":"72:BF:76:6B:D7:4A:3B:C0:0D:21:24:2E:D0:5A:87:03:26:9B:CA:7D","sha256":"CF:0C:57:30:5B:C7:7A:B0:B0:7D:E8:F2:D1:45:6D:CC:F4:13:38:D1:50:BC:65:69:90:D1:C5:1D:B8:B7:86:92"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: americanexpressccu.at\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Edg/131.0.0.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sat, 27 Jun 2026 13:23:11 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: PHP/8.3.30\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP:8.3.30","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":23749,"size_decoded":6226,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (503)","md5":"c262bfc884e803224f4e900a395b73b9","sha1":"d887da66b5ec4ca973c8d3a50628174cf9da5a41","sha256":"b9d45f0b02994c8d27c6824059ed2f960eac5968238546f7c5ebdf52720a5c78","sha512":"7110c89ea3b1c6fe249279083fa432fef45897caf0fe57e7f2d09057ddad54f0bba6eb364e1a6713480496c528ece1dbeb3a4b4aad8bcc214a4e6b21b63e643e","ssdeep":"384:IcTT0tr48KP3p0A2lAIIKQiEgqjjV9RjelFN+b803hSdAaXC1:IcTT0trI3m1mII/i+Rjelz+B3Qvc","tlshash":"eeb29437e550243b0a9301937a617bcaa1a44447a6083cb7ffac457e1fd8e8b4e7a18d","first_seen":"2026-06-27T00:18:04.852211Z","last_seen":"2026-06-27T13:23:36.363906Z","times_seen":3,"resource_available":true,"data":null}},"time_used":1530,"timings":{"blocked":-1,"dns":303,"connect":179,"send":0,"wait":347,"receive":0,"ssl":701},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"americanexpressccu.at","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"americanexpressccu.at","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-06-27","alert":"Sinkholed","trigger":"americanexpressccu.at","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-06-27","alert":"Phishing Block","trigger":"americanexpressccu.at","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/outfit/v15/QGYvz_MVcBeNP4NJtEtq.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://americanexpressccu.at/","date":"2026-06-27T13:23:12.947Z","timestamp":1782566592947,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 08 Jun 2026 08:38:09 GMT","end":"Mon, 31 Aug 2026 08:38:08 GMT"},"fingerprint":{"sha1":"AD:F1:0B:84:58:92:40:26:B7:10:85:A1:EA:3E:80:1E:FD:E6:A8:F3","sha256":"8F:94:50:CA:96:9B:D0:F9:09:5A:E2:3D:DC:C3:5D:F5:E0:80:CB:17:17:30:2C:CF:86:BD:FB:8B:1B:0B:6D:DE"}}},"request":{"raw":"GET /s/outfit/v15/QGYvz_MVcBeNP4NJtEtq.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Edg/131.0.0.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: identity\r\nOrigin: https://americanexpressccu.at\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=5\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 32292\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 25 Jun 2026 02:48:41 GMT\r\nexpires: Fri, 25 Jun 2027 02:48:41 GMT\r\ncache-control: public, max-age=31536000\r\nage: 210872\r\nlast-modified: Thu, 04 Sep 2025 17:18:29 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":32292,"size_decoded":33105,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 32292, version 1.0","md5":"fdf9c509a8095ffa556117f486a94a8d","sha1":"d8a316f7cbfa46e69876c925e58fbf7b7c1abf0d","sha256":"6c18d579fd87c3776be068b762cbc83fde3acb543d49eabd3ade842eb987e887","sha512":"1da75065bac5582eb357a34e82887838f2e7acfa53df36a7a6a32049aad18d26cbe15b12de3987803a3747677e0e222a964444f0bbca3163c686469729ec667b","ssdeep":"768:3kEJ6k5UQdhzhODqcJnoGp9OFjIWQhvOWXFgHV8zpKjFOpiPyWwL6W:Ik5UQdhzhO+cAjIvvO9HOKj2iPyiW","tlshash":"d7e2e1a8da90dc3bdf6653f4ade7105eb1fa7bb4897108e1de12fa6d89d12c0c4144e0","first_seen":"2025-09-07T23:43:48.051278Z","last_seen":"2026-07-17T09:46:40.585248Z","times_seen":2024,"resource_available":false,"data":null}},"time_used":150,"timings":{"blocked":43,"dns":0,"connect":0,"send":0,"wait":42,"receive":65,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}
