r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 048cda18c6dbe7c4e4b106f5e1104b0a
1bd6f3367ccf446263b00ad8c1ece15a4164730b
66a680d9b8e454db94e14d2c4a466891e538b2d83ccee0dc65be62163992b4e0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "66A680D9B8E454DB94E14D2C4A466891E538B2D83CCEE0DC65BE62163992B4E0"
Last-Modified: Tue, 20 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3170
Expires: Wed, 21 Dec 2022 03:35:34 GMT
Date: Wed, 21 Dec 2022 02:42:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b8fbcd7ca1a893d05677318a8a198e7a
0851654c21f6e3741887e7deab8098c1dc56f33c
edbade5913ace2fcbb932922e9af69acb2e8759474a2eeaec216307247fea361
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EDBADE5913ACE2FCBB932922E9AF69ACB2E8759474A2EEAEC216307247FEA361"
Last-Modified: Tue, 20 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5440
Expires: Wed, 21 Dec 2022 04:13:24 GMT
Date: Wed, 21 Dec 2022 02:42:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cf03270e3476f7482a2cc7ddc6a9e857
ab70d5ee87b01e0601f8e518bf36f97c8ceeba9a
43a4e796860a1481636dac103488cadc68c261d13cfe835d273efc368e569f97
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "43A4E796860A1481636DAC103488CADC68C261D13CFE835D273EFC368E569F97"
Last-Modified: Sun, 18 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3543
Expires: Wed, 21 Dec 2022 03:41:47 GMT
Date: Wed, 21 Dec 2022 02:42:44 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 21 Dec 2022 01:45:52 GMT
content-type: application/json
age: 3412
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: sS+sHwEcuP5usmoY7EqJvi5Aklvkk9IbKjlZ2JcuRvAYyXAwl9DyS5Ib/7qLkFA30FPURH17lTU=
x-amz-request-id: 1QNTT9YMCH42ZXRG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 21 Dec 2022 02:29:41 GMT
age: 783
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Dec 2022 02:42:44 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Pragma, Last-Modified, Expires, Alert, Content-Type, Retry-After, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 21 Dec 2022 02:33:24 GMT
age: 561
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
travelshine.com.au/americanexpress.com.axp,Urls/verify/VIDServiceDomestic.js
116.0.23.174404 Not Found 0 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/VIDServiceDomestic.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/VIDServiceDomestic.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 02:42:45 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d0c2b6760f2b58f445446dd2276d5af4
aeedf417b1ebde86ce837ca02ba934abb938b1a4
8fe72d0ce839150559da5ddf46bf87d26b6b9cbe34d09641b29a53be24997c81
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6589
Cache-Control: max-age=116035
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 02:42:45 GMT
Etag: "63a17b2b-1d7"
Expires: Thu, 22 Dec 2022 10:56:40 GMT
Last-Modified: Tue, 20 Dec 2022 09:06:51 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
travelshine.com.au/americanexpress.com.axp,Urls/verify/serverComponent_002.php
116.0.23.174200 OK 165 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/serverComponent_002.php
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash 0ba13d7ecfb9284a0c77c975ebe2e195
0446c21e4be49c50fc1c8fe780469898d5127a41
a58aaf020f49841d8cae415490209e949fd73095dd2d7ae026c1056aa579cb5e
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/serverComponent_002.php HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
HTTP/1.1 200 OK
Date: Wed, 21 Dec 2022 02:42:45 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
travelshine.com.au/americanexpress.com.axp,Urls/verify/visitorAPI-NonAAM.js
116.0.23.174404 Not Found 0 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/visitorAPI-NonAAM.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/visitorAPI-NonAAM.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 02:42:45 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
travelshine.com.au/americanexpress.com.axp,Urls/verify/uxa.js
116.0.23.174404 Not Found 0 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/uxa.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/uxa.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 02:42:45 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
push.services.mozilla.com/
44.237.93.5101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.237.93.5:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: EnIArb42qjuk5e++D1tLTQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: KsQuYeRiNxhls+fhBA/hfzRYjSM=
travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
116.0.23.174200 OK 108 kB URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Non-ISO extended-ASCII text, with very long lines (25605), with CRLF line terminators
Size 108 kB (108241 bytes)
Hash 55f4f692442d15e9ee245215963304d7
da58639c37e73a05167355b715eff35998400fc7
ef0e2c0916888a05cccb9931efb045f808a6b1cf9ceb3d39a96cbb58d13ba2b8
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
openphish American Express
GET /americanexpress.com.axp,Urls/verify-card.php HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 21 Dec 2022 02:42:44 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
travelshine.com.au/americanexpress.com.axp,Urls/verify/chatButtonBootStrap.js
116.0.23.174404 Not Found 0 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/chatButtonBootStrap.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/chatButtonBootStrap.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 02:42:45 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
travelshine.com.au/americanexpress.com.axp,Urls/verify/tag.js
116.0.23.174404 Not Found 0 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/tag.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/tag.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 02:42:45 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
travelshine.com.au/americanexpress.com.axp,Urls/verify/a.js
116.0.23.174404 Not Found 0 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/a.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/a.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 02:42:45 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
travelshine.com.au/americanexpress.com.axp,Urls/verify/angular.js
116.0.23.174404 Not Found 0 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/angular.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/angular.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 02:42:45 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
travelshine.com.au/americanexpress.com.axp,Urls/verify/angular-ui-router.js
116.0.23.174404 Not Found 0 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/angular-ui-router.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/angular-ui-router.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 02:42:45 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
travelshine.com.au/americanexpress.com.axp,Urls/verify/jquery.js
116.0.23.174404 Not Found 0 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/jquery.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/jquery.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 02:42:45 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
travelshine.com.au/americanexpress.com.axp,Urls/verify/chatFrame.css
116.0.23.174200 OK 18 kB URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/chatFrame.css
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
File type ASCII text, with CRLF line terminators
Hash 82650bd01c3776e0a465060e6d6dc506
a600a101a6b11a7cf38c9a0eb60af53f4352e297
43cd810f097c80c86e207e3115cb4bffbda760f9001e7a8e2329afab8985919d
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/chatFrame.css HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
HTTP/1.1 200 OK
Date: Wed, 21 Dec 2022 02:42:45 GMT
Server: Apache
Last-Modified: Fri, 18 Feb 2022 05:49:00 GMT
Accept-Ranges: bytes
Content-Length: 18156
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
travelshine.com.au/americanexpress.com.axp,Urls/verify/ptc.js
116.0.23.174200 OK 47 kB URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/ptc.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
File type ASCII text, with very long lines (2457)
Hash 6e92a69b3d0311078b56c5b28104709a
0f49e56ab39c6361d2f2e7f3ad3294f471c210bf
c3facc5f3d547265536fb46f11ea582d5a476f754f12ca55f9c9c917b1f6d9c1
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/ptc.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
HTTP/1.1 200 OK
Date: Wed, 21 Dec 2022 02:42:45 GMT
Server: Apache
Last-Modified: Fri, 18 Feb 2022 14:15:50 GMT
Accept-Ranges: bytes
Content-Length: 47246
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
travelshine.com.au/americanexpress.com.axp,Urls/verify/script-supplier.js
116.0.23.174200 OK 64 kB URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/script-supplier.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
File type Unicode text, UTF-8 text, with very long lines (64178), with no line terminators
Hash fa19ec785f8b8b912e389cb10af226fe
90f0204e49685bb5343fc46ae0e3112b921a11bc
91b9598ce3b4fe3cbcdd5b0f427169c78e8186916fca2c7c1c9d5f6fb4eef616
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/script-supplier.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
HTTP/1.1 200 OK
Date: Wed, 21 Dec 2022 02:42:45 GMT
Server: Apache
Last-Modified: Fri, 18 Feb 2022 14:15:50 GMT
Accept-Ranges: bytes
Content-Length: 64179
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
travelshine.com.au/americanexpress.com.axp,Urls/verify/rwd.js
116.0.23.174200 OK 3.5 kB URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/rwd.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash 4983a0dc4a23db6823d449d7b80f8faf
a3809f5bc4a9468094727c17c31c170fece0b0a1
a76143e5e29d1e2b1f96bcde633d981294104acef2403c6ce876dfee7ed9548b
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/rwd.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
HTTP/1.1 200 OK
Date: Wed, 21 Dec 2022 02:42:46 GMT
Server: Apache
Last-Modified: Fri, 18 Feb 2022 14:15:50 GMT
Accept-Ranges: bytes
Content-Length: 3535
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
travelshine.com.au/americanexpress.com.axp,Urls/verify/mmcore.js
116.0.23.174404 Not Found 0 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/mmcore.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/mmcore.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 02:42:46 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
travelshine.com.au/americanexpress.com.axp,Urls/verify/mmpackage-1.js
116.0.23.174404 Not Found 0 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/mmpackage-1.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/mmpackage-1.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 02:42:46 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
travelshine.com.au/americanexpress.com.axp,Urls/verify/pilot2.js
116.0.23.174200 OK 30 kB URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/pilot2.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
File type ASCII text, with very long lines (22962)
Hash 7057bff89250fb4e96a87acf8d67dab7
e5ab48ad04ae6ba872767df20cbfaaa34b9329af
e7b45773efb4f4ad5a1fb731b16b76aed0881e80fb6fbb3ab19bb7e047e35420
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/pilot2.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
HTTP/1.1 200 OK
Date: Wed, 21 Dec 2022 02:42:46 GMT
Server: Apache
Last-Modified: Fri, 18 Feb 2022 14:15:50 GMT
Accept-Ranges: bytes
Content-Length: 29626
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
travelshine.com.au/americanexpress.com.axp,Urls/verify/mmcore_002.js
116.0.23.174404 Not Found 0 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/mmcore_002.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/mmcore_002.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 02:42:46 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
travelshine.com.au/americanexpress.com.axp,Urls/verify/ensighten-head-domestic
116.0.23.174200 OK 81 kB URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/ensighten-head-domestic
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
File type ASCII text, with very long lines (600)
Hash f5c717e849b8e611cf78368cd4e6fdb2
aa30ae864fe88cb4e170d10c2e874b05baf36475
ac7b75e9cef95d920f3832ba314e5ec3ccec6adb91e96a7ceac8ab71a51890e4
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/ensighten-head-domestic HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
HTTP/1.1 200 OK
Date: Wed, 21 Dec 2022 02:42:46 GMT
Server: Apache
Last-Modified: Fri, 18 Feb 2022 05:49:00 GMT
Accept-Ranges: bytes
Content-Length: 80803
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
travelshine.com.au/americanexpress.com.axp,Urls/verify/angular-sanitize.js
116.0.23.174404 Not Found 0 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/angular-sanitize.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/angular-sanitize.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 02:42:46 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
travelshine.com.au/americanexpress.com.axp,Urls/verify/angular-translate.js
116.0.23.174404 Not Found 0 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/angular-translate.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/angular-translate.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 02:42:46 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 746409a88b1342fe7b570306c302c71e
e08a7bf55e08a498f2eed6a35b90107fc0bdb303
9352308fd047bafceddfaf2a9a6eab650593f16ff5632330a4bf745750704650
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9352308FD047BAFCEDDFAF2A9A6EAB650593F16FF5632330A4BF745750704650"
Last-Modified: Tue, 20 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7596
Expires: Wed, 21 Dec 2022 04:49:22 GMT
Date: Wed, 21 Dec 2022 02:42:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 746409a88b1342fe7b570306c302c71e
e08a7bf55e08a498f2eed6a35b90107fc0bdb303
9352308fd047bafceddfaf2a9a6eab650593f16ff5632330a4bf745750704650
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9352308FD047BAFCEDDFAF2A9A6EAB650593F16FF5632330A4BF745750704650"
Last-Modified: Tue, 20 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7596
Expires: Wed, 21 Dec 2022 04:49:22 GMT
Date: Wed, 21 Dec 2022 02:42:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 746409a88b1342fe7b570306c302c71e
e08a7bf55e08a498f2eed6a35b90107fc0bdb303
9352308fd047bafceddfaf2a9a6eab650593f16ff5632330a4bf745750704650
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9352308FD047BAFCEDDFAF2A9A6EAB650593F16FF5632330A4BF745750704650"
Last-Modified: Tue, 20 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7596
Expires: Wed, 21 Dec 2022 04:49:22 GMT
Date: Wed, 21 Dec 2022 02:42:46 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd8c50f43-5bd1-47f3-9801-3d69c2401091.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd8c50f43-5bd1-47f3-9801-3d69c2401091.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d4aa7e9e3fe28e9c401786f7415171f7
8482a47175ff105957d640269bc14ee1fbc97448
2215ff2537f927e2baf4f713fc947afefc83b416719113ce516aa00f2a4e0708
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd8c50f43-5bd1-47f3-9801-3d69c2401091.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11535
x-amzn-requestid: 4fb9a698-c429-49e1-a2c5-b9388f03b044
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: daGQIEuSoAMFnBg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a0b733-53b8088f0d8863f813b9967e;Sampled=0
x-amzn-remapped-date: Mon, 19 Dec 2022 19:10:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: MiX_AJgXGldkYjkeHO1OUPzraljox6v7B1M54cJPBdmfUZ7QETowOw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 548adcda884eed02304ba5d6a1d7f514.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Dec 2022 21:55:36 GMT
age: 17230
etag: "8482a47175ff105957d640269bc14ee1fbc97448"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fa8a62f-ea22-4322-aa22-949d8110171e.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fa8a62f-ea22-4322-aa22-949d8110171e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da9b0930ee2249c6e7e1f83890414427
f064f1c66751a7fd57cc2e5bd4de7f0056280201
51f358162f132a7df1894f1f55e14a49facda33efa4339310cc4be2c30fb3bec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fa8a62f-ea22-4322-aa22-949d8110171e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7928
x-amzn-requestid: 7ac71ec7-3ebb-4564-909f-5cd431e52cde
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dBW08HOJoAMFr5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6396d1b9-3ccebae6692c2e0878bb0368;Sampled=0
x-amzn-remapped-date: Mon, 12 Dec 2022 07:01:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: IawMW-biuiDSx4ywTV8rReeK0gyGWYqnknJvRbQhhCxyk0Yq2A0JmA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Dec 2022 04:47:22 GMT
age: 78924
etag: "f064f1c66751a7fd57cc2e5bd4de7f0056280201"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe13fbed7-47cd-444b-bdd5-a6ea6c1102ad.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe13fbed7-47cd-444b-bdd5-a6ea6c1102ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da0372fd2038366c47d4eaff7e31c329
48a7cd1908c184cbecbb67fd3ec5e5a9208dadf0
f0e09b0931450057e6b5f7fdd6d73de0702b170497d7075464edc168ea74a4a3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe13fbed7-47cd-444b-bdd5-a6ea6c1102ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11295
x-amzn-requestid: 6823faac-46cb-4212-a728-aed7b997f246
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dX5RdE1dIAMFVtA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639fd5a2-59711c5a6982c90f570c2d7d;Sampled=0
x-amzn-remapped-date: Mon, 19 Dec 2022 03:08:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: v1nC674339ge4-Q-EBtIuVMH6TECv8gWJhHKiMFUjXjoJKxgxnkpzg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Dec 2022 04:38:28 GMT
age: 79458
etag: "48a7cd1908c184cbecbb67fd3ec5e5a9208dadf0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefe0191e-7441-4083-843d-18a9446de816.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefe0191e-7441-4083-843d-18a9446de816.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3bd6359db3b908389343275ee839466b
9094f8e9275252a8e9d5e65fd3e87851b2f80bd7
7380590a93f8a21907c39ddce2f51c599161f219522df4099e9c1a82bcd1e40e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefe0191e-7441-4083-843d-18a9446de816.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9069
x-amzn-requestid: 103b5caf-fa82-4d66-97e6-99c77027f759
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ddt_DG_hoAMFoKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a229f9-1a4accb80dbf5e9f2f696c85;Sampled=0
x-amzn-remapped-date: Tue, 20 Dec 2022 21:32:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: D8V_RlBCxL1RHxtCyWkX7_IsCCrOdv2o1Wdic0N_aUz0qguhANp88A==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 29a825d8a219984d47bec4350779b558.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Dec 2022 21:37:22 GMT
age: 18324
etag: "9094f8e9275252a8e9d5e65fd3e87851b2f80bd7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d031850-22eb-4b68-b31f-b6442037953e.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d031850-22eb-4b68-b31f-b6442037953e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 551946a77ac86428763e22bc008d68b1
04f4a422bd872990f47b802326e386ee26a967e3
58dce19008346e668c2a1219aee7f54b940c9c2b541a8bd860731cc05031cd60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d031850-22eb-4b68-b31f-b6442037953e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10717
x-amzn-requestid: ca8b43b6-7ffd-43df-9a77-b9352a2e8dfe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT66DEbfoAMFw4g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e3ea6-5f8f5745418a41cd6fb9e2c6;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 22:11:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: N2l8V5Zz2SsDl5UbOfsAQze8Jo4hbkJxTCGvGZrRVCG_ZEHEkI2bTg==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Dec 2022 07:13:47 GMT
age: 70139
etag: "04f4a422bd872990f47b802326e386ee26a967e3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F755d2e29-1b21-4b5a-bf07-7e8c9b9fa5ef.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F755d2e29-1b21-4b5a-bf07-7e8c9b9fa5ef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d412dc903a0b59ad7b621087ea0ac761
f2ea37308a210ac16412bac93b63a83a5a018c39
08afbc5941a511b6c536d33a8975fae902f5c4c814de0ed1b7f444c1c4233aad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F755d2e29-1b21-4b5a-bf07-7e8c9b9fa5ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9661
x-amzn-requestid: 7046f4e1-0f80-4ae7-9500-1b1a07839232
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dbuz0F-OoAMF9Mw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a15e7e-720525d72a8ce03b45b37d86;Sampled=0
x-amzn-remapped-date: Tue, 20 Dec 2022 07:04:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: F5TWrJ-8iEM7ciqftJNmwMO0qYV-cj0JeyJ99OfGQWVjL-bKHN2LlA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 a06140ffee86972bad90c57fc682df36.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Dec 2022 07:19:35 GMT
age: 69791
etag: "f2ea37308a210ac16412bac93b63a83a5a018c39"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
travelshine.com.au/americanexpress.com.axp,Urls/verify/angular-animate.js
116.0.23.174404 Not Found 0 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/angular-animate.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/angular-animate.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 02:42:46 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
travelshine.com.au/americanexpress.com.axp,Urls/verify/angular-messages.js
116.0.23.174404 Not Found 0 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/angular-messages.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/angular-messages.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 02:42:46 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
travelshine.com.au/americanexpress.com.axp,Urls/verify/angular-translate-loader-static-files.js
116.0.23.174404 Not Found 0 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/angular-translate-loader-static-files.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/angular-translate-loader-static-files.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 02:42:46 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
travelshine.com.au/americanexpress.com.axp,Urls/verify/tealeaf-jQuery-prod-min.js
116.0.23.174404 Not Found 0 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/tealeaf-jQuery-prod-min.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/tealeaf-jQuery-prod-min.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 02:42:46 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
travelshine.com.au/americanexpress.com.axp,Urls/verify/oce-min.js
116.0.23.174404 Not Found 0 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/oce-min.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/oce-min.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 02:42:46 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
travelshine.com.au/americanexpress.com.axp,Urls/verify/serverComponent.php
116.0.23.174200 OK 721 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/serverComponent.php
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
File type ASCII text, with very long lines (720)
Hash 7724a3eb200c534c408a4ab906a9acb9
113f8fcf7a10a1705135f8633b48b0cd11901e69
c0cd9348fc7eeee49c4102c8fd05bf71bf2fcd26325df158b602d75387735f6f
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/serverComponent.php HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
HTTP/1.1 200 OK
Date: Wed, 21 Dec 2022 02:42:47 GMT
Server: Apache
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
travelshine.com.au/americanexpress.com.axp,Urls/verify/a1286f6da764170383069583cf445384.js
116.0.23.174404 Not Found 0 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/a1286f6da764170383069583cf445384.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/a1286f6da764170383069583cf445384.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 02:42:47 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
travelshine.com.au/americanexpress.com.axp,Urls/verify/d9d11a89d20ecba185c3544ef5e0ccd0.js
116.0.23.174404 Not Found 0 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/d9d11a89d20ecba185c3544ef5e0ccd0.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/d9d11a89d20ecba185c3544ef5e0ccd0.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 02:42:47 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
travelshine.com.au/americanexpress.com.axp,Urls/verify/535cbbbd1048d62499a0605c08493da6.js
116.0.23.174404 Not Found 0 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/535cbbbd1048d62499a0605c08493da6.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/535cbbbd1048d62499a0605c08493da6.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 02:42:47 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
travelshine.com.au/americanexpress.com.axp,Urls/verify/oce-min.css
116.0.23.174200 OK 256 kB URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/oce-min.css
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
File type ASCII text, with very long lines (65536), with no line terminators
Size 256 kB (256450 bytes)
Hash d8b95b24cfc63858e131ac8324458609
6012b9731b5e36c1fc4e9cc8b3612e85b2b9df35
43fd39f39c43525e5b6803b6e6571889ddf46f535b5b4cce6e311d0618320af4
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/oce-min.css HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
HTTP/1.1 200 OK
Date: Wed, 21 Dec 2022 02:42:46 GMT
Server: Apache
Last-Modified: Fri, 18 Feb 2022 14:03:04 GMT
Accept-Ranges: bytes
Content-Length: 256450
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
travelshine.com.au/americanexpress.com.axp,Urls/verify/adobetracking
116.0.23.174200 OK 76 kB URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/adobetracking
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
File type ASCII text, with very long lines (624), with CRLF line terminators
Hash e0cfa0525156be243b3faf4c2080c09a
dce1602a67078c45dc5c1bf4a28cf6a5395c2cb9
8c83c596abf7096d4ac19854d8297883a6a6172a665485efcd0d7e52618d3c0b
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/adobetracking HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
HTTP/1.1 200 OK
Date: Wed, 21 Dec 2022 02:42:46 GMT
Server: Apache
Last-Modified: Fri, 18 Feb 2022 05:49:00 GMT
Accept-Ranges: bytes
Content-Length: 75599
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
travelshine.com.au/americanexpress.com.axp,Urls/verify/3be911ab4b3927cad6c319a60d59181e.js
116.0.23.174404 Not Found 0 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/3be911ab4b3927cad6c319a60d59181e.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/3be911ab4b3927cad6c319a60d59181e.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 02:42:47 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
travelshine.com.au/americanexpress.com.axp,Urls/verify/982ff8f1d565c91c5d7b8527b5bacbf1.js
116.0.23.174404 Not Found 0 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/982ff8f1d565c91c5d7b8527b5bacbf1.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/982ff8f1d565c91c5d7b8527b5bacbf1.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 02:42:47 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8acb8a9722b5140bb0fa0e5ff5cb7f94
15606c0c82489f77bcce11fbae788a3df356e5d4
cef12912fca1b7a71010a7450244160b1ea8046b67f8828316d1c7f3d67539c7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5240
Cache-Control: max-age=86653
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 02:42:47 GMT
Etag: "63a10dac-1d7"
Expires: Thu, 22 Dec 2022 02:47:00 GMT
Last-Modified: Tue, 20 Dec 2022 01:19:40 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
travelshine.com.au/americanexpress.com.axp,Urls/verify/wrb.js
116.0.23.174404 Not Found 0 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/wrb.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/wrb.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 02:42:47 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
travelshine.com.au/americanexpress.com.axp,Urls/verify/wr.js
116.0.23.174404 Not Found 0 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/wr.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/wr.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 02:42:47 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
www.aexp-static.com/cdaas/api/axpi/omniture/visitorapi/4.4.2/visitorAPI-NonAAM.js
104.110.6.135200 OK 20 kB URL HTTP/2 www.aexp-static.com/cdaas/api/axpi/omniture/visitorapi/4.4.2/visitorAPI-NonAAM.js
IP 104.110.6.135:0
File type Unicode text, UTF-8 text, with very long lines (31991), with CRLF line terminators
Hash f56c74ff50c71fbc4c796db504485997
e6a584fe13d94141229183fca16a9f8a670184b5
9baf4a2f7ecb0b07bdc52240091b338ac16738612d12647d15f794550141b1ca
GET /cdaas/api/axpi/omniture/visitorapi/4.4.2/visitorAPI-NonAAM.js HTTP/1.1
Host: www.aexp-static.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://travelshine.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 03 Feb 2021 15:23:08 GMT
etag: W/"601abfdc-ec9e"
timing-allow-origin: *
cache-control: max-age=31536000, must-revalidate
content-encoding: gzip
content-length: 19838
vary: Origin, Accept-Encoding
date: Wed, 21 Dec 2022 02:42:47 GMT
X-Firefox-Spdy: h2
travelshine.com.au/americanexpress.com.axp,Urls/verify/aaLauncher.js
116.0.23.174404 Not Found 0 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/aaLauncher.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/aaLauncher.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 02:42:47 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
travelshine.com.au/americanexpress.com.axp,Urls/verify/s_code_myca_context.js
116.0.23.174200 OK 97 kB URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/s_code_myca_context.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7ea592b300241cf04d6000efab72290c
51b0829edce7c6b5a699fbabddec87e13610887f
cb75ee1ddfe34cf990f444c676736a7a3d9f808541cf6336986d29e5e2864638
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/s_code_myca_context.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
HTTP/1.1 200 OK
Date: Wed, 21 Dec 2022 02:42:47 GMT
Server: Apache
Last-Modified: Fri, 18 Feb 2022 14:15:50 GMT
Accept-Ranges: bytes
Content-Length: 96705
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
travelshine.com.au/americanexpress.com.axp,Urls/verify/mmcore.js
116.0.23.174404 Not Found 0 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/mmcore.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/mmcore.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 02:42:47 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
travelshine.com.au/americanexpress.com.axp,Urls/verify/pcc.js
116.0.23.174200 OK 74 kB URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/pcc.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
File type ASCII text, with very long lines (3063), with CRLF, LF line terminators
Hash 33580920821dd465fec558eb8a2650da
12b5a321c0cb2b8bf4b01130ebbbae1e26eb3f6e
d231b7681e5bedd8af7d24acdb57b65cbed06abadfbce8d04b8101a550ccf8d1
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/pcc.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
HTTP/1.1 200 OK
Date: Wed, 21 Dec 2022 02:42:47 GMT
Server: Apache
Last-Modified: Fri, 18 Feb 2022 14:15:50 GMT
Accept-Ranges: bytes
Content-Length: 74537
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&ts=1671590582214
63.33.182.230302 Found 0 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&ts=1671590582214
IP 63.33.182.230:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&ts=1671590582214 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Origin: http://travelshine.com.au
Connection: keep-alive
Referer: http://travelshine.com.au/
HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://travelshine.com.au
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v045-0449b668e.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: http://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&ts=1671590582214
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=74094149288640695542986447058994306832; Max-Age=15552000; Expires=Mon, 19 Jun 2023 02:42:47 GMT; Path=/; Domain=.demdex.net
Vary: Origin
X-TID: 1mA9JeyfR0c=
Content-Length: 0
Connection: keep-alive
dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&ts=1671590582214
63.33.182.230200 OK 124 B URL HTTP/1.1 dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&ts=1671590582214
IP 63.33.182.230:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1f6783349ac4177ec3b3845fd520dca6
d84e7a43a8c8ff6f1a568ad6cb4162767f5b32b7
64bc30aa6a9d9e5396bb67c6af32c31f5ca6610641f0bdea10d759281df6adca
GET /id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&ts=1671590582214 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://travelshine.com.au
Content-Type: application/x-www-form-urlencoded
Referer: http://travelshine.com.au/
Connection: keep-alive
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://travelshine.com.au
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v045-040129606.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Vary: Origin
X-Error: 172
X-TID: jUsNc9B6Qrs=
Content-Length: 124
Connection: keep-alive
travelshine.com.au/americanexpress.com.axp,Urls/verify/pzncs.js
116.0.23.174200 OK 30 kB URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/pzncs.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash fde714a327348b71296da1438c596e08
f691d675f68f05ab04d957ce0def9768094e2e52
0f331649f5bb96736bb153331610689f134fa91efc83250fb2854c90f756fb3e
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/pzncs.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
HTTP/1.1 200 OK
Date: Wed, 21 Dec 2022 02:42:47 GMT
Server: Apache
Last-Modified: Fri, 18 Feb 2022 14:15:50 GMT
Accept-Ranges: bytes
Content-Length: 29655
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
travelshine.com.au/americanexpress.com.axp,Urls/verify/aaLauncher.css
116.0.23.174200 OK 148 kB URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/aaLauncher.css
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
File type ASCII text, with very long lines (65536), with no line terminators
Size 148 kB (147828 bytes)
Hash bbb512a79fbf3e0ac5c614010593220b
55e9ec2299f04f1383508af0f7fb3f22070e40be
359ced204cb91b41bbb874139e4a3ce36f40c3852b681cfc7389ecf104d96562
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/aaLauncher.css HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
HTTP/1.1 200 OK
Date: Wed, 21 Dec 2022 02:42:47 GMT
Server: Apache
Last-Modified: Fri, 18 Feb 2022 05:49:00 GMT
Accept-Ranges: bytes
Content-Length: 147828
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
omn.americanexpress.com/id?d_visid_ver=4.4.0&d_fieldgroup=MC&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&ts=1671590582371
13.36.218.177200 OK 48 B URL HTTP/1.1 omn.americanexpress.com/id?d_visid_ver=4.4.0&d_fieldgroup=MC&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&ts=1671590582371
IP 13.36.218.177:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5afb12eb0f735e21d11d8d60990d0c23
46a4c5320c2e7c4e82c6625eb13d6d1bcaa85298
25ef7ed69cb6e31c3ce49f28bede34093f9b5a252342db64d5fca8d41aa28ffe
GET /id?d_visid_ver=4.4.0&d_fieldgroup=MC&mcorgid=5C36123F5245AF470A490D45%40AdobeOrg&ts=1671590582371 HTTP/1.1
Host: omn.americanexpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Origin: http://travelshine.com.au
Connection: keep-alive
Referer: http://travelshine.com.au/
HTTP/1.1 200 OK
access-control-allow-origin: http://travelshine.com.au
access-control-allow-credentials: true
date: Wed, 21 Dec 2022 02:42:47 GMT
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: AMCV_5C36123F5245AF470A490D45%40AdobeOrg=0%7CMCMID%7C44833381368489097102519176307440976511; Path=/; Domain=americanexpress.com; Max-Age=63072000; Expires=Fri, 20 Dec 2024 02:42:42 GMT; SameSite=None;
s_ecid=MCMID%7C44833381368489097102519176307440976511; Path=/; Domain=americanexpress.com; Max-Age=63072000; Expires=Fri, 20 Dec 2024 02:42:42 GMT; SameSite=None;
vary: Origin
content-type: application/x-javascript;charset=utf-8
content-length: 48
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
travelshine.com.au/americanexpress.com.axp,Urls/verify/le-mtagconfig.js
116.0.23.174404 Not Found 0 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/le-mtagconfig.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/le-mtagconfig.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 02:42:47 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&d_mid=44833381368489097102519176307440976511&d_cid_ic=amexGuid%01%011&ts=1671590582461
63.33.182.230200 OK 1.5 kB URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&d_mid=44833381368489097102519176307440976511&d_cid_ic=amexGuid%01%011&ts=1671590582461
IP 63.33.182.230:0
File type JSON data\012- , ASCII text, with very long lines (4613), with no line terminators
Hash 6500ca62cf46733c58852aa9d22f3a19
856355461e13814c1df06f5caf19215378becf8a
eb70873c05ba59bc47d2147a5c3d5118d8598f512829d94ea36f666023093462
GET /id?d_visid_ver=4.4.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5C36123F5245AF470A490D45%40AdobeOrg&d_nsid=0&d_mid=44833381368489097102519176307440976511&d_cid_ic=amexGuid%01%011&ts=1671590582461 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Origin: http://travelshine.com.au
Connection: keep-alive
Referer: http://travelshine.com.au/
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://travelshine.com.au
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v045-02fbabcd7.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=44992514421572897342503263139508635383; Max-Age=15552000; Expires=Mon, 19 Jun 2023 02:42:48 GMT; Path=/; Domain=.demdex.net
Vary: Origin
X-Error: 300
X-TID: eRSToLhIRlk=
Content-Length: 1503
Connection: keep-alive
travelshine.com.au/americanexpress.com.axp,Urls/verify/timeout.js
116.0.23.174404 Not Found 0 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/timeout.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/timeout.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 02:42:47 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
travelshine.com.au/americanexpress.com.axp,Urls/verify/mmpackage-1.js
116.0.23.174404 Not Found 0 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/mmpackage-1.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/mmpackage-1.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 02:42:47 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
travelshine.com.au/americanexpress.com.axp,Urls/verify/dls-logo-line.svg
116.0.23.174200 OK 1.7 kB URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/dls-logo-line.svg
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1683), with no line terminators
Hash ebbbafae5bdc09d7ded7cef405413ac5
7a635abed6420b798397c62270d2df8b084cd8a8
c39e8554624a4b74e596d2bfa96bdd4d30dbc395532ab32e67591c0e929080e9
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/dls-logo-line.svg HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
HTTP/1.1 200 OK
Date: Wed, 21 Dec 2022 02:42:48 GMT
Server: Apache
Last-Modified: Fri, 18 Feb 2022 05:49:00 GMT
Accept-Ranges: bytes
Content-Length: 1683
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/svg+xml
travelshine.com.au/americanexpress.com.axp,Urls/verify/cm15-double-card.png
116.0.23.174200 OK 9.8 kB URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/cm15-double-card.png
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
File type PNG image data, 558 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash f202d934ae46a217782a194055f32a41
8a00fa595e7468dae0a2d9f1da3f698b0720060a
a185f56fce5110dfca7a78b8b5d22bb82d5dc4e597a3d589158cbe5e1fa9fac7
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/cm15-double-card.png HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
HTTP/1.1 200 OK
Date: Wed, 21 Dec 2022 02:42:48 GMT
Server: Apache
Last-Modified: Fri, 18 Feb 2022 05:49:00 GMT
Accept-Ranges: bytes
Content-Length: 9831
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
travelshine.com.au/americanexpress.com.axp,Urls/verify/dls-flag-us.svg
116.0.23.174200 OK 5.6 kB URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/dls-flag-us.svg
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (5624), with no line terminators
Hash 56addba553083eb384b100cbb7e8632f
f718526f1ef720e5d361536615595d5bfc3c9688
5e60a20da0f769a6260d4ed755d615da930b87c62436f807a6ff32d000017d18
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/dls-flag-us.svg HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
HTTP/1.1 200 OK
Date: Wed, 21 Dec 2022 02:42:48 GMT
Server: Apache
Last-Modified: Fri, 18 Feb 2022 05:49:00 GMT
Accept-Ranges: bytes
Content-Length: 5624
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/svg+xml
travelshine.com.au/americanexpress.com.axp,Urls/verify/cid-double.png
116.0.23.174200 OK 9.1 kB URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/cid-double.png
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
File type PNG image data, 460 x 294, 8-bit/color RGBA, non-interlaced\012- data
Hash 25fa5e38ad8b621936b4cb8e5e613fd3
ce0acc6c672ca2b7f4b84770b8321f4ea5743d0b
564a66835dbdf4eda01f07e7f60344b644343cef1ed9eb40924108d417459bec
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/cid-double.png HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
HTTP/1.1 200 OK
Date: Wed, 21 Dec 2022 02:42:48 GMT
Server: Apache
Last-Modified: Fri, 18 Feb 2022 05:49:00 GMT
Accept-Ranges: bytes
Content-Length: 9066
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png
travelshine.com.au/americanexpress.com.axp,Urls/verify/mmcore_002.js
116.0.23.174404 Not Found 0 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/mmcore_002.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/mmcore_002.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
Cookie: AMCV_5C36123F5245AF470A490D45%40AdobeOrg=1585540135%7CMCMID%7C44833381368489097102519176307440976511%7CMCAID%7CNONE%7CMCOPTOUT-1671597782s%7CNONE%7CMCAAMLH-1672195382%7C6%7CMCAAMB-1672195382%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCCIDH%7C-125587907%7CvVersion%7C4.4.0; AMCVS_5C36123F5245AF470A490D45%40AdobeOrg=1
HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 02:42:48 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
www.aexp-static.com/nav/ngn/fonts/325e6ad0-38fb-4bad-861c-d965eab101d5-3.woff
104.110.6.135200 OK 70 kB URL HTTP/2 www.aexp-static.com/nav/ngn/fonts/325e6ad0-38fb-4bad-861c-d965eab101d5-3.woff
IP 104.110.6.135:0
File type Web Open Font Format, TrueType, length 69766, version 1.0\012- data
Hash a07548869b852060e0f08b37cc570261
9fd27c5d71acc069e5afac2bda57bac61222fe73
b1f37b2f1cc26ef70671e3c2d345cffdcc06f02e72fcd6063c350094265426b9
GET /nav/ngn/fonts/325e6ad0-38fb-4bad-861c-d965eab101d5-3.woff HTTP/1.1
Host: www.aexp-static.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://travelshine.com.au
Connection: keep-alive
Referer: http://travelshine.com.au/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: font/woff
content-length: 69766
last-modified: Wed, 15 Aug 2018 20:46:09 GMT
etag: "5b749111-11086"
expires: Wed, 07 Oct 2020 16:56:37 GMT
cache-control: max-age=15552000
access-control-allow-origin: *
timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
accept-ranges: bytes
date: Wed, 21 Dec 2022 02:42:48 GMT
X-Firefox-Spdy: h2
travelshine.com.au/americanexpress.com.axp,Urls/verify/jquery.js
116.0.23.174404 Not Found 0 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/jquery.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/jquery.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
Cookie: AMCV_5C36123F5245AF470A490D45%40AdobeOrg=1585540135%7CMCMID%7C44833381368489097102519176307440976511%7CMCAID%7CNONE%7CMCOPTOUT-1671597782s%7CNONE%7CMCAAMLH-1672195382%7C6%7CMCAAMB-1672195382%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCCIDH%7C-125587907%7CvVersion%7C4.4.0; AMCVS_5C36123F5245AF470A490D45%40AdobeOrg=1
HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 02:42:48 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
travelshine.com.au/americanexpress.com.axp,Urls/verify/amex-desktop-logo.png
116.0.23.174200 OK 11 kB URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/amex-desktop-logo.png
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
File type PNG image data, 470 x 30, 8-bit/color RGBA, interlaced\012- data
Hash b82e61a35dabd32331d831c9bc5ee82f
4e958b3164982e8ff92f76336f3549bd1e8908c2
610166ddd2d965283356d314f592522c1907a5334cec1daa0874fc61639a667c
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/amex-desktop-logo.png HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify/oce-min.css
Cookie: AMCV_5C36123F5245AF470A490D45%40AdobeOrg=1585540135%7CMCMID%7C44833381368489097102519176307440976511%7CMCAID%7CNONE%7CMCOPTOUT-1671597782s%7CNONE%7CMCAAMLH-1672195382%7C6%7CMCAAMB-1672195382%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCCIDH%7C-125587907%7CvVersion%7C4.4.0; AMCVS_5C36123F5245AF470A490D45%40AdobeOrg=1
HTTP/1.1 200 OK
Date: Wed, 21 Dec 2022 02:42:48 GMT
Server: Apache
Last-Modified: Fri, 18 Feb 2022 06:04:54 GMT
Accept-Ranges: bytes
Content-Length: 11134
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
travelshine.com.au/americanexpress.com.axp,Urls/verify/angular.js
116.0.23.174404 Not Found 0 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/angular.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/angular.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
Cookie: AMCV_5C36123F5245AF470A490D45%40AdobeOrg=1585540135%7CMCMID%7C44833381368489097102519176307440976511%7CMCAID%7CNONE%7CMCOPTOUT-1671597782s%7CNONE%7CMCAAMLH-1672195382%7C6%7CMCAAMB-1672195382%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCCIDH%7C-125587907%7CvVersion%7C4.4.0; AMCVS_5C36123F5245AF470A490D45%40AdobeOrg=1
HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 02:42:48 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
travelshine.com.au/americanexpress.com.axp,Urls/verify/angular-ui-router.js
116.0.23.174404 Not Found 0 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/angular-ui-router.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/angular-ui-router.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
Cookie: AMCV_5C36123F5245AF470A490D45%40AdobeOrg=1585540135%7CMCMID%7C44833381368489097102519176307440976511%7CMCAID%7CNONE%7CMCOPTOUT-1671597782s%7CNONE%7CMCAAMLH-1672195382%7C6%7CMCAAMB-1672195382%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCCIDH%7C-125587907%7CvVersion%7C4.4.0; AMCVS_5C36123F5245AF470A490D45%40AdobeOrg=1
HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 02:42:49 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
travelshine.com.au/americanexpress.com.axp,Urls/verify/angular-sanitize.js
116.0.23.174404 Not Found 0 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/angular-sanitize.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/angular-sanitize.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
Cookie: AMCV_5C36123F5245AF470A490D45%40AdobeOrg=1585540135%7CMCMID%7C44833381368489097102519176307440976511%7CMCAID%7CNONE%7CMCOPTOUT-1671597782s%7CNONE%7CMCAAMLH-1672195382%7C6%7CMCAAMB-1672195382%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCCIDH%7C-125587907%7CvVersion%7C4.4.0; AMCVS_5C36123F5245AF470A490D45%40AdobeOrg=1
HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 02:42:49 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
travelshine.com.au/americanexpress.com.axp,Urls/verify/angular-translate.js
116.0.23.174404 Not Found 0 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/angular-translate.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/angular-translate.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
Cookie: AMCV_5C36123F5245AF470A490D45%40AdobeOrg=1585540135%7CMCMID%7C44833381368489097102519176307440976511%7CMCAID%7CNONE%7CMCOPTOUT-1671597782s%7CNONE%7CMCAAMLH-1672195382%7C6%7CMCAAMB-1672195382%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCCIDH%7C-125587907%7CvVersion%7C4.4.0; AMCVS_5C36123F5245AF470A490D45%40AdobeOrg=1
HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 02:42:49 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
travelshine.com.au/americanexpress.com.axp,Urls/verify/angular-animate.js
116.0.23.174404 Not Found 0 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/angular-animate.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/angular-animate.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
Cookie: AMCV_5C36123F5245AF470A490D45%40AdobeOrg=1585540135%7CMCMID%7C44833381368489097102519176307440976511%7CMCAID%7CNONE%7CMCOPTOUT-1671597782s%7CNONE%7CMCAAMLH-1672195382%7C6%7CMCAAMB-1672195382%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCCIDH%7C-125587907%7CvVersion%7C4.4.0; AMCVS_5C36123F5245AF470A490D45%40AdobeOrg=1
HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 02:42:49 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
travelshine.com.au/americanexpress.com.axp,Urls/verify/angular-messages.js
116.0.23.174404 Not Found 0 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/angular-messages.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/angular-messages.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
Cookie: AMCV_5C36123F5245AF470A490D45%40AdobeOrg=1585540135%7CMCMID%7C44833381368489097102519176307440976511%7CMCAID%7CNONE%7CMCOPTOUT-1671597782s%7CNONE%7CMCAAMLH-1672195382%7C6%7CMCAAMB-1672195382%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCCIDH%7C-125587907%7CvVersion%7C4.4.0; AMCVS_5C36123F5245AF470A490D45%40AdobeOrg=1
HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 02:42:50 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
travelshine.com.au/americanexpress.com.axp,Urls/verify/angular-translate-loader-static-files.js
116.0.23.174404 Not Found 0 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/angular-translate-loader-static-files.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/angular-translate-loader-static-files.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
Cookie: AMCV_5C36123F5245AF470A490D45%40AdobeOrg=1585540135%7CMCMID%7C44833381368489097102519176307440976511%7CMCAID%7CNONE%7CMCOPTOUT-1671597782s%7CNONE%7CMCAAMLH-1672195382%7C6%7CMCAAMB-1672195382%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCCIDH%7C-125587907%7CvVersion%7C4.4.0; AMCVS_5C36123F5245AF470A490D45%40AdobeOrg=1
HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 02:42:50 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
travelshine.com.au/americanexpress.com.axp,Urls/verify/tealeaf-jQuery-prod-min.js
116.0.23.174404 Not Found 0 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/tealeaf-jQuery-prod-min.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/tealeaf-jQuery-prod-min.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
Cookie: AMCV_5C36123F5245AF470A490D45%40AdobeOrg=1585540135%7CMCMID%7C44833381368489097102519176307440976511%7CMCAID%7CNONE%7CMCOPTOUT-1671597782s%7CNONE%7CMCAAMLH-1672195382%7C6%7CMCAAMB-1672195382%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCCIDH%7C-125587907%7CvVersion%7C4.4.0; AMCVS_5C36123F5245AF470A490D45%40AdobeOrg=1
HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 02:42:50 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
travelshine.com.au/americanexpress.com.axp,Urls/verify/oce-min.js
116.0.23.174404 Not Found 0 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/oce-min.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/oce-min.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
Cookie: AMCV_5C36123F5245AF470A490D45%40AdobeOrg=1585540135%7CMCMID%7C44833381368489097102519176307440976511%7CMCAID%7CNONE%7CMCOPTOUT-1671597782s%7CNONE%7CMCAAMLH-1672195382%7C6%7CMCAAMB-1672195382%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCCIDH%7C-125587907%7CvVersion%7C4.4.0; AMCVS_5C36123F5245AF470A490D45%40AdobeOrg=1
HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 02:42:51 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
tms.americanexpress.com/amex/serverComponent.php?clientID=218&PageID=http%3A%2F%2Ftravelshine.com.au%2Famericanexpress.com.axp%2CUrls%2Fverify-card.php%3FensMarket%3DUS%26ens_env%3D3%26e_pageId%3D21093%26deviceType%3Dlarge
34.242.179.188200 OK 265 B URL HTTP/1.1 tms.americanexpress.com/amex/serverComponent.php?clientID=218&PageID=http%3A%2F%2Ftravelshine.com.au%2Famericanexpress.com.axp%2CUrls%2Fverify-card.php%3FensMarket%3DUS%26ens_env%3D3%26e_pageId%3D21093%26deviceType%3Dlarge
IP 34.242.179.188:0
File type ASCII text, with very long lines (399)
Hash cf34f5d74030bd8b0cdab6ea3614063a
cf035c00a6bccf2fde7544ca912ea97687c730ec
3dc7880bd129b93cccee6b014a89f97c8b9651c9fe1c39c9a4d40f5c47047454
GET /amex/serverComponent.php?clientID=218&PageID=http%3A%2F%2Ftravelshine.com.au%2Famericanexpress.com.axp%2CUrls%2Fverify-card.php%3FensMarket%3DUS%26ens_env%3D3%26e_pageId%3D21093%26deviceType%3Dlarge HTTP/1.1
Host: tms.americanexpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Dec 2022 02:42:51 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Wed, 21 Dec 2022 02:42:50 GMT
Cache-Control: no-cache, no-store
X-Cache: Miss from cloudfront
Via: 1.1 78bdf6e23d7dfa3884111f27d93df4c8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUB56-P1
X-Amz-Cf-Id: 31iJ-2hLrUAEsHuyztUw22KfzdZyYYrVKtLEt40cLSeaW4FzusynNw==
Content-Encoding: gzip
travelshine.com.au/americanexpress.com.axp,Urls/verify/a1286f6da764170383069583cf445384.js
116.0.23.174404 Not Found 0 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/a1286f6da764170383069583cf445384.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/a1286f6da764170383069583cf445384.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
Cookie: AMCV_5C36123F5245AF470A490D45%40AdobeOrg=1585540135%7CMCMID%7C44833381368489097102519176307440976511%7CMCAID%7CNONE%7CMCOPTOUT-1671597782s%7CNONE%7CMCAAMLH-1672195382%7C6%7CMCAAMB-1672195382%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCCIDH%7C-125587907%7CvVersion%7C4.4.0; AMCVS_5C36123F5245AF470A490D45%40AdobeOrg=1
HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 02:42:51 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
travelshine.com.au/americanexpress.com.axp,Urls/verify/535cbbbd1048d62499a0605c08493da6.js
116.0.23.174404 Not Found 0 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/535cbbbd1048d62499a0605c08493da6.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/535cbbbd1048d62499a0605c08493da6.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
Cookie: AMCV_5C36123F5245AF470A490D45%40AdobeOrg=1585540135%7CMCMID%7C44833381368489097102519176307440976511%7CMCAID%7CNONE%7CMCOPTOUT-1671597782s%7CNONE%7CMCAAMLH-1672195382%7C6%7CMCAAMB-1672195382%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCCIDH%7C-125587907%7CvVersion%7C4.4.0; AMCVS_5C36123F5245AF470A490D45%40AdobeOrg=1
HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 02:42:51 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
travelshine.com.au/americanexpress.com.axp,Urls/verify/d9d11a89d20ecba185c3544ef5e0ccd0.js
116.0.23.174404 Not Found 0 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/d9d11a89d20ecba185c3544ef5e0ccd0.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/d9d11a89d20ecba185c3544ef5e0ccd0.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
Cookie: AMCV_5C36123F5245AF470A490D45%40AdobeOrg=1585540135%7CMCMID%7C44833381368489097102519176307440976511%7CMCAID%7CNONE%7CMCOPTOUT-1671597782s%7CNONE%7CMCAAMLH-1672195382%7C6%7CMCAAMB-1672195382%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCCIDH%7C-125587907%7CvVersion%7C4.4.0; AMCVS_5C36123F5245AF470A490D45%40AdobeOrg=1
HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 02:42:51 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
travelshine.com.au/americanexpress.com.axp,Urls/verify/wrb.js
116.0.23.174404 Not Found 0 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/wrb.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/wrb.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
Cookie: AMCV_5C36123F5245AF470A490D45%40AdobeOrg=1585540135%7CMCMID%7C44833381368489097102519176307440976511%7CMCAID%7CNONE%7CMCOPTOUT-1671597782s%7CNONE%7CMCAAMLH-1672195382%7C6%7CMCAAMB-1672195382%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCCIDH%7C-125587907%7CvVersion%7C4.4.0; AMCVS_5C36123F5245AF470A490D45%40AdobeOrg=1
HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 02:42:51 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
travelshine.com.au/americanexpress.com.axp,Urls/verify/3be911ab4b3927cad6c319a60d59181e.js
116.0.23.174404 Not Found 0 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/3be911ab4b3927cad6c319a60d59181e.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/3be911ab4b3927cad6c319a60d59181e.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
Cookie: AMCV_5C36123F5245AF470A490D45%40AdobeOrg=1585540135%7CMCMID%7C44833381368489097102519176307440976511%7CMCAID%7CNONE%7CMCOPTOUT-1671597782s%7CNONE%7CMCAAMLH-1672195382%7C6%7CMCAAMB-1672195382%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCCIDH%7C-125587907%7CvVersion%7C4.4.0; AMCVS_5C36123F5245AF470A490D45%40AdobeOrg=1
HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 02:42:51 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
travelshine.com.au/americanexpress.com.axp,Urls/verify/wr.js
116.0.23.174404 Not Found 0 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/wr.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/wr.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
Cookie: AMCV_5C36123F5245AF470A490D45%40AdobeOrg=1585540135%7CMCMID%7C44833381368489097102519176307440976511%7CMCAID%7CNONE%7CMCOPTOUT-1671597782s%7CNONE%7CMCAAMLH-1672195382%7C6%7CMCAAMB-1672195382%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCCIDH%7C-125587907%7CvVersion%7C4.4.0; AMCVS_5C36123F5245AF470A490D45%40AdobeOrg=1
HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 02:42:51 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
travelshine.com.au/americanexpress.com.axp,Urls/verify/982ff8f1d565c91c5d7b8527b5bacbf1.js
116.0.23.174404 Not Found 0 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/982ff8f1d565c91c5d7b8527b5bacbf1.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/982ff8f1d565c91c5d7b8527b5bacbf1.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
Cookie: AMCV_5C36123F5245AF470A490D45%40AdobeOrg=1585540135%7CMCMID%7C44833381368489097102519176307440976511%7CMCAID%7CNONE%7CMCOPTOUT-1671597782s%7CNONE%7CMCAAMLH-1672195382%7C6%7CMCAAMB-1672195382%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCCIDH%7C-125587907%7CvVersion%7C4.4.0; AMCVS_5C36123F5245AF470A490D45%40AdobeOrg=1
HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 02:42:51 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
tms.americanexpress.com/amex/prod/code/982ff8f1d565c91c5d7b8527b5bacbf1.js?conditionId0=4865743
34.242.179.188200 OK 12 kB URL HTTP/2 tms.americanexpress.com/amex/prod/code/982ff8f1d565c91c5d7b8527b5bacbf1.js?conditionId0=4865743
IP 34.242.179.188:0
File type ASCII text, with very long lines (636)
Hash 8bd48d09be9055bb0e823b92153ab2f2
b43cb56ff2cef3471bf0300c5fa0089bd0b108c3
727af94e9413ddef057f7131a415d6eb4ba354021d179ff98525734328a249ed
GET /amex/prod/code/982ff8f1d565c91c5d7b8527b5bacbf1.js?conditionId0=4865743 HTTP/1.1
Host: tms.americanexpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://travelshine.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Dec 2022 02:42:51 GMT
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Mon, 19 Jul 2021 19:27:29 GMT
etag: W/"3862e86bf2356029d624970843303f99"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: WW13L0OpDOf3AGAlm8DUYUlaTeUGQfbV
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d8e6d5a84eb26ff3b7d1801d7337b390.cloudfront.net (CloudFront)
x-amz-cf-pop: DUB56-P1
x-amz-cf-id: dnkmU3Guy02AMHYlhe7PiTGa_SpVzSkrS1QoH_xlYXcHsbKBU1Kk0g==
age: 606773
X-Firefox-Spdy: h2
icm.aexp-static.com/content/dam/search/ioa/launcher/aaLauncher.css?70
104.110.6.135200 OK 17 kB URL HTTP/2 icm.aexp-static.com/content/dam/search/ioa/launcher/aaLauncher.css?70
IP 104.110.6.135:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 3b467e78316aeeaefaf8fcfca5c6d7a1
2cfa186b8f3ef2b4949552c85262966ff61fb704
aecb03456882d3f487c0d2c090af1ea34ff4ec4e2e3bf69816f1740321701691
GET /content/dam/search/ioa/launcher/aaLauncher.css?70 HTTP/1.1
Host: icm.aexp-static.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://travelshine.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
etag: "24174-56633e9d7400d-gzip"
last-modified: Mon, 19 Dec 2022 03:33:41 GMT
server: Akamai Resource Optimizer
vary: Accept-Encoding
x-content-type-options: nosniff
content-length: 17422
cache-control: public, must-revalidate, max-age=2697
date: Wed, 21 Dec 2022 02:42:51 GMT
X-Firefox-Spdy: h2
tms.americanexpress.com/amex/prod/code/3be911ab4b3927cad6c319a60d59181e.js?conditionId0=342470
34.242.179.188200 OK 2.6 kB URL HTTP/2 tms.americanexpress.com/amex/prod/code/3be911ab4b3927cad6c319a60d59181e.js?conditionId0=342470
IP 34.242.179.188:0
File type ASCII text, with very long lines (509)
Hash e4b3bce0ceebe9539676bcb954c2727d
a3f5549e4a57a9ffe33eefbb18217b224f1ac88a
3dca1ff8661a10b816f1ed75809fbe8a45eeee6d9f510d74eddbf7c7cffdef67
GET /amex/prod/code/3be911ab4b3927cad6c319a60d59181e.js?conditionId0=342470 HTTP/1.1
Host: tms.americanexpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://travelshine.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Dec 2022 02:42:51 GMT
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Mon, 19 Jul 2021 19:26:37 GMT
etag: W/"9da885eaacf72fac492c716dd341d6be"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: wUVnNzNHim6LA6SsnCp8NqbncEKfBtkz
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 49c0c4776e390b983c9f9f5365e3140c.cloudfront.net (CloudFront)
x-amz-cf-pop: DUB56-P1
x-amz-cf-id: T6kwtO1BY04j9SGJ_9sLqU2yt3QLCZZCVyp_Ht3KUPbF7le61bYpHg==
age: 606773
X-Firefox-Spdy: h2
icm.aexp-static.com/content/dam/search/ioa/launcher/aaLauncher.js?70
104.110.6.135200 OK 12 kB URL HTTP/2 icm.aexp-static.com/content/dam/search/ioa/launcher/aaLauncher.js?70
IP 104.110.6.135:0
File type HTML document, ASCII text, with very long lines (17146), with CRLF line terminators
Hash d45b1903cc3fc136c357445c23400911
d2aa35c04934b23b5ebb82e9f42e901ec62bddcd
7a76318c78e5c2f26a03b07a2c7c101529ad6234e3fb491041274d530cfe155c
GET /content/dam/search/ioa/launcher/aaLauncher.js?70 HTTP/1.1
Host: icm.aexp-static.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://travelshine.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
etag: "139dd-5aa7930e3f913-gzip"
last-modified: Mon, 19 Dec 2022 04:00:27 GMT
server: Akamai Resource Optimizer
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
content-length: 11957
cache-control: public, must-revalidate, max-age=2697
date: Wed, 21 Dec 2022 02:42:51 GMT
X-Firefox-Spdy: h2
travelshine.com.au/americanexpress.com.axp,Urls/verify/aaLauncher.js
116.0.23.174404 Not Found 0 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/aaLauncher.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/aaLauncher.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
Cookie: AMCV_5C36123F5245AF470A490D45%40AdobeOrg=1585540135%7CMCMID%7C44833381368489097102519176307440976511%7CMCAID%7CNONE%7CMCOPTOUT-1671597782s%7CNONE%7CMCAAMLH-1672195382%7C6%7CMCAAMB-1672195382%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCCIDH%7C-125587907%7CvVersion%7C4.4.0; AMCVS_5C36123F5245AF470A490D45%40AdobeOrg=1
HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 02:42:51 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
tms.americanexpress.com/amex/prod/code/a1286f6da764170383069583cf445384.js?conditionId0=209423
34.242.179.188200 OK 15 B URL HTTP/2 tms.americanexpress.com/amex/prod/code/a1286f6da764170383069583cf445384.js?conditionId0=209423
IP 34.242.179.188:0
Hash ffe905f50d9b47e6353b68513c4d48ac
d2c2ee4201cca3be67abf771ed1f1922fa94d083
c0d8671e209f009f9c1ad8153222f942087ec193b7e87f856e60971bd5424633
GET /amex/prod/code/a1286f6da764170383069583cf445384.js?conditionId0=209423 HTTP/1.1
Host: tms.americanexpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://travelshine.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Dec 2022 02:42:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 15
x-amz-replication-status: COMPLETED
last-modified: Fri, 22 Jul 2022 23:48:01 GMT
etag: "ffe905f50d9b47e6353b68513c4d48ac"
x-amz-server-side-encryption: AES256
cache-control: no-cache, no-store
x-amz-version-id: aoJA4xuOoFemAhjg4lZAdeni.2iMq5FL
accept-ranges: bytes
x-cache: Error from cloudfront
via: 1.1 e2a6a95e8d95cf855c934397de0d60aa.cloudfront.net (CloudFront)
x-amz-cf-pop: DUB56-P1
x-amz-cf-id: dtuxCavagkLu7YdJp5mHKzXsxdeqJ7vzuFN97VgwPvah-h6s6vFZWA==
X-Firefox-Spdy: h2
travelshine.com.au/americanexpress.com.axp,Urls/verify/timeout.js
116.0.23.174404 Not Found 0 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/timeout.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/timeout.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
Cookie: AMCV_5C36123F5245AF470A490D45%40AdobeOrg=1585540135%7CMCMID%7C44833381368489097102519176307440976511%7CMCAID%7CNONE%7CMCOPTOUT-1671597782s%7CNONE%7CMCAAMLH-1672195382%7C6%7CMCAAMB-1672195382%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCCIDH%7C-125587907%7CvVersion%7C4.4.0; AMCVS_5C36123F5245AF470A490D45%40AdobeOrg=1
HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 02:42:52 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
travelshine.com.au/americanexpress.com.axp,Urls/verify/le-mtagconfig.js
116.0.23.174404 Not Found 0 B URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/le-mtagconfig.js
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/le-mtagconfig.js HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
Cookie: AMCV_5C36123F5245AF470A490D45%40AdobeOrg=1585540135%7CMCMID%7C44833381368489097102519176307440976511%7CMCAID%7CNONE%7CMCOPTOUT-1671597782s%7CNONE%7CMCAAMLH-1672195382%7C6%7CMCAAMB-1672195382%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCCIDH%7C-125587907%7CvVersion%7C4.4.0; AMCVS_5C36123F5245AF470A490D45%40AdobeOrg=1
HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 02:42:52 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
tms.americanexpress.com/amex/prod/code/d9d11a89d20ecba185c3544ef5e0ccd0.js?conditionId0=181208
34.242.179.188200 OK 15 B URL HTTP/2 tms.americanexpress.com/amex/prod/code/d9d11a89d20ecba185c3544ef5e0ccd0.js?conditionId0=181208
IP 34.242.179.188:0
Hash ffe905f50d9b47e6353b68513c4d48ac
d2c2ee4201cca3be67abf771ed1f1922fa94d083
c0d8671e209f009f9c1ad8153222f942087ec193b7e87f856e60971bd5424633
GET /amex/prod/code/d9d11a89d20ecba185c3544ef5e0ccd0.js?conditionId0=181208 HTTP/1.1
Host: tms.americanexpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://travelshine.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Dec 2022 02:42:52 GMT
content-type: application/javascript; charset=utf-8
content-length: 15
x-amz-replication-status: COMPLETED
last-modified: Fri, 22 Jul 2022 23:48:01 GMT
etag: "ffe905f50d9b47e6353b68513c4d48ac"
x-amz-server-side-encryption: AES256
cache-control: no-cache, no-store
x-amz-version-id: aoJA4xuOoFemAhjg4lZAdeni.2iMq5FL
accept-ranges: bytes
x-cache: Error from cloudfront
via: 1.1 e3f435228cbc8657d81bd707948f5910.cloudfront.net (CloudFront)
x-amz-cf-pop: DUB56-P1
x-amz-cf-id: trvz989xcaWL-7CPHWG5jDE42orrXirCylhs9bard291Wdwkkp_5rQ==
X-Firefox-Spdy: h2
nexus.ensighten.com/amex/amexhead/perf.rnc?cid=218&ns=1671590578708&ce=287&cs=0&dc=0&dclee=0&dcles=7953&di=7952&dl=593&dle=0&dls=0&fs=0&lee=0&les=0&rede=0&reds=0&reqs=287&resps=583&respe=1459&scs=0&ues=0&uee=0
54.230.111.14204 No Content 0 B URL HTTP/1.1 nexus.ensighten.com/amex/amexhead/perf.rnc?cid=218&ns=1671590578708&ce=287&cs=0&dc=0&dclee=0&dcles=7953&di=7952&dl=593&dle=0&dls=0&fs=0&lee=0&les=0&rede=0&reds=0&reqs=287&resps=583&respe=1459&scs=0&ues=0&uee=0
IP 54.230.111.14:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /amex/amexhead/perf.rnc?cid=218&ns=1671590578708&ce=287&cs=0&dc=0&dclee=0&dcles=7953&di=7952&dl=593&dle=0&dls=0&fs=0&lee=0&les=0&rede=0&reds=0&reqs=287&resps=583&respe=1459&scs=0&ues=0&uee=0 HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/
HTTP/1.1 204 No Content
Content-Length: 0
Connection: keep-alive
Server: CloudFront
Date: Tue, 20 Dec 2022 22:33:54 GMT
Cache-Control: no-cache, no-store
X-Cache: Hit from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: epP1X2Sf3lSxkA2yv4hrl0iWHxmPf3IM_KFWUbgj3VPEO7KgPPkvFQ==
Age: 14938
nexus.ensighten.com/amex/amexhead/TagAuditBeacon.rnc?cid=218&data=[-1|-1|0;393709|1445673|1;419889|3450583|1;335213|975459|1;359428|2201075|1;273123|2595317|1;308082|2203175|1;307814|917656|1;370507|1253525|1;367060|1575590|1;277274|604209|1;345208|1053246|1;424218|1578782|1;259339|2313925|1;543117|2473961|1;336702|2595374|1;-1|-1|1;-1|-1|0;272505|2144425|1;279937|788218|1;267533|2234422|1;540602|2591456|1;326085|908480|1;371160|1258447|1;323589|889762|1;411545|1884248|1;350220|1090091|1;365725|3035660|1;334375|1445505|1]&idx=0&r=59856.03329372468
54.230.111.14204 No Content 0 B URL HTTP/1.1 nexus.ensighten.com/amex/amexhead/TagAuditBeacon.rnc?cid=218&data=[-1|-1|0;393709|1445673|1;419889|3450583|1;335213|975459|1;359428|2201075|1;273123|2595317|1;308082|2203175|1;307814|917656|1;370507|1253525|1;367060|1575590|1;277274|604209|1;345208|1053246|1;424218|1578782|1;259339|2313925|1;543117|2473961|1;336702|2595374|1;-1|-1|1;-1|-1|0;272505|2144425|1;279937|788218|1;267533|2234422|1;540602|2591456|1;326085|908480|1;371160|1258447|1;323589|889762|1;411545|1884248|1;350220|1090091|1;365725|3035660|1;334375|1445505|1]&idx=0&r=59856.03329372468
IP 54.230.111.14:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /amex/amexhead/TagAuditBeacon.rnc?cid=218&data=[-1|-1|0;393709|1445673|1;419889|3450583|1;335213|975459|1;359428|2201075|1;273123|2595317|1;308082|2203175|1;307814|917656|1;370507|1253525|1;367060|1575590|1;277274|604209|1;345208|1053246|1;424218|1578782|1;259339|2313925|1;543117|2473961|1;336702|2595374|1;-1|-1|1;-1|-1|0;272505|2144425|1;279937|788218|1;267533|2234422|1;540602|2591456|1;326085|908480|1;371160|1258447|1;323589|889762|1;411545|1884248|1;350220|1090091|1;365725|3035660|1;334375|1445505|1]&idx=0&r=59856.03329372468 HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/
HTTP/1.1 204 No Content
Content-Length: 0
Connection: keep-alive
Server: CloudFront
Date: Tue, 20 Dec 2022 22:33:55 GMT
Cache-Control: no-cache, no-store
X-Cache: Hit from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ULQtgBhiSPtywJr6pbMifCLowrtdvDWKLgq2PTdMKD5QmX52_L5PSQ==
Age: 14937
nexus.ensighten.com/amex/amexhead/serverComponent.php?namespace=amexhead&staticJsPath=nexus.ensighten.com/amex/amexhead/code/&publishedOn=Fri%20Jul%2030%2004:03:28%20GMT%202021&ClientID=218&PageID=http%3A%2F%2Ftravelshine.com.au%2Famericanexpress.com.axp%2CUrls%2Fverify-card.php
54.230.111.14200 OK 170 B URL HTTP/1.1 nexus.ensighten.com/amex/amexhead/serverComponent.php?namespace=amexhead&staticJsPath=nexus.ensighten.com/amex/amexhead/code/&publishedOn=Fri%20Jul%2030%2004:03:28%20GMT%202021&ClientID=218&PageID=http%3A%2F%2Ftravelshine.com.au%2Famericanexpress.com.axp%2CUrls%2Fverify-card.php
IP 54.230.111.14:0
Hash cb5217106c34da593584864a44a7d6b0
2cd3413969dc6fb2fc7b87f1ec27c2f3f7033e7a
9c1511256688beeb29cbfba2a0f36083cad58871483d7f0a9992b447a3cf9cfc
GET /amex/amexhead/serverComponent.php?namespace=amexhead&staticJsPath=nexus.ensighten.com/amex/amexhead/code/&publishedOn=Fri%20Jul%2030%2004:03:28%20GMT%202021&ClientID=218&PageID=http%3A%2F%2Ftravelshine.com.au%2Famericanexpress.com.axp%2CUrls%2Fverify-card.php HTTP/1.1
Host: nexus.ensighten.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 170
Connection: keep-alive
Server: nginx
Date: Wed, 21 Dec 2022 02:42:52 GMT
Expires: Wed, 21 Dec 2022 02:42:51 GMT
Cache-Control: no-cache, no-store
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: MWKc75ucYzOBnlaaRmmMoKq8e2YlXbDtJYGRQ_RbvKWIoizNTNufcQ==
www.americanexpress.com/favicon.ico
104.110.26.196200 OK 1.4 kB URL HTTP/2 www.americanexpress.com/favicon.ico
IP 104.110.26.196:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 3b59e51534607dfefbcce3772b913031
77bb0792ab706ca3a687c5df968814f11fd96bfe
d3f8ea2f4b84bdc76bac4cd065481deb32efafb2b412906beeafc46b2f80217a
GET /favicon.ico HTTP/1.1
Host: www.americanexpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://travelshine.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=15552000;
last-modified: Fri, 07 Jun 2019 04:05:21 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1381
x-cnection: close
content-type: image/x-icon
date: Wed, 21 Dec 2022 02:42:52 GMT
set-cookie: agent-id=3e069f65-1c5c-44d0-8016-db98c29d0dba; expires=Thu, 21-Dec-2023 02:42:52 GMT; path=/; domain=.americanexpress.com; secure; HttpOnly
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
icm.aexp-static.com/Internet/PZN/js/cs/v106/pzncs.min.js
104.110.6.135200 OK 4.4 kB URL HTTP/2 icm.aexp-static.com/Internet/PZN/js/cs/v106/pzncs.min.js
IP 104.110.6.135:0
Hash 32c3ec20ee4e6ea9a30a3449e6e4df20
50766264245897ef5198bba8a73d7469109263c3
103e5466e88f92a44735a16d06692388dcee01d8381c9f0842d8a6f6d874111e
GET /Internet/PZN/js/cs/v106/pzncs.min.js HTTP/1.1
Host: icm.aexp-static.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://travelshine.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
etag: "73d7-5d5fd1b5d1d52-gzip"
last-modified: Mon, 19 Dec 2022 06:08:59 GMT
server: Akamai Resource Optimizer
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
content-length: 4421
cache-control: public, must-revalidate, max-age=2696
date: Wed, 21 Dec 2022 02:42:52 GMT
X-Firefox-Spdy: h2
travelshine.com.au/americanexpress.com.axp,Urls/verify/storage.htm
116.0.23.174200 OK 40 kB URL HTTP/1.1 travelshine.com.au/americanexpress.com.axp,Urls/verify/storage.htm
IP 116.0.23.174:0
ASN #38719 Dreamscape Networks Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32207), with CRLF line terminators
Hash e9e4cb82a6e1e596bdd02af50ce9b87b
f7ec5901b5d62ee3d26af88fbb6e80a72c6bfc9a
7d8117062dca4539336e914f22f3880329b5b9cdb91dd75d40da9146eecc9eed
Analyzer Verdict Alert urlquery phishing Phishing - American Express
urlquery phishing Phishing - American Express
GET /americanexpress.com.axp,Urls/verify/storage.htm HTTP/1.1
Host: travelshine.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://travelshine.com.au/americanexpress.com.axp,Urls/verify-card.php
Cookie: AMCV_5C36123F5245AF470A490D45%40AdobeOrg=1585540135%7CMCMID%7C44833381368489097102519176307440976511%7CMCAID%7CNONE%7CMCOPTOUT-1671597782s%7CNONE%7CMCAAMLH-1672195382%7C6%7CMCAAMB-1672195382%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCCIDH%7C-125587907%7CvVersion%7C4.4.0; AMCVS_5C36123F5245AF470A490D45%40AdobeOrg=1
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 21 Dec 2022 02:42:52 GMT
Server: Apache
Last-Modified: Fri, 18 Feb 2022 05:49:00 GMT
Accept-Ranges: bytes
Content-Length: 39578
Keep-Alive: timeout=5, max=82
Connection: Keep-Alive
Content-Type: text/html
tms.americanexpress.com/amex/prod/code/535cbbbd1048d62499a0605c08493da6.js?conditionId0=4868387
34.242.179.188200 OK 0 B URL HTTP/2 tms.americanexpress.com/amex/prod/code/535cbbbd1048d62499a0605c08493da6.js?conditionId0=4868387
IP 34.242.179.188:0
GET /amex/prod/code/535cbbbd1048d62499a0605c08493da6.js?conditionId0=4868387 HTTP/1.1
Host: tms.americanexpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://travelshine.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Dec 2022 02:42:51 GMT
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Mon, 19 Jul 2021 19:26:49 GMT
etag: W/"d92f9ee7d2269e8e49676f9ebfb52926"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: lKOgk7gG5QKMGA70U2rfeA_K7ysqwYyg
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 87c2f129ca002f6811a7e1d2fe8c6810.cloudfront.net (CloudFront)
x-amz-cf-pop: DUB56-P1
x-amz-cf-id: gI2_OmSNZQ3TSjID4nnyeiuIQYX3Wi5AilAz2DNL3gjz1eap3D3nBQ==
age: 375137
X-Firefox-Spdy: h2