Report - groundedadventures.co/wp-content/plugins/amex

Report Overview

Submitted URL
groundedadventures.co/wp-content/plugins/amex
IP
162.241.114.172
ASN
#46606 UNIFIEDLAYER-AS-1
Submitted
2023-03-31 09:45:33
Access
public
Website Title
Final URL
Tags
american_express financial phishing
urlquery detections
Phishing - American Express

Detections

urlquery
121
Network Intrusion Detection
1
Threat Detection Systems
120

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-31T21:56:16Z	1.7 kB	3.9 kB	192.229.221.95
www.aexp-static.com	12486	2012-05-24T16:06:16Z	2023-04-01T10:40:44Z	3.6 kB	351 kB	104.110.6.135
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-31T18:12:04Z	3.0 kB	8.0 kB	23.36.77.32
groundedadventures.co	unknown	2023-03-07T11:19:21Z	2023-03-31T07:49:56Z	22 kB	699 kB	162.241.114.172
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-31T18:12:09Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-31T18:13:52Z	606 B	238 B	34.117.65.55
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-31T18:14:44Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-31T18:18:04Z	413 B	5.9 kB	34.160.144.191
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-31T07:51:33Z	3.2 kB	62 kB	34.120.237.76
www.americanexpress.com	13613	2013-04-24T17:59:26Z	2023-04-01T07:48:27Z	396 B	1.9 kB	104.110.26.196

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-03-31 09:45:23	medium	Client IP	162.241.114.172	ET HUNTING Suspicious GET Request with Possible COVID-19 URI M1

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/	American Express

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/css/appvendors.js	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/css/en-BBi1a1e63395.js	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/css/axp-voice-of-customer.js	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/css/axp-error-message.js	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/css/axp-marketing-offer.js	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/css/runtime.js	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/css/vendors.js	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/css/en-US.js	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/css/axp-identity-root.js	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/css/axp-universal-session-manager.js	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/css/axp-data-layer.js	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/css/axp-one-seo.js	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/css/axp-global-header.js	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/css/axp-login-alert.js	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/css/axp-page-wrapper.js	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/css/axp-identity-login-page.js	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/css/axp-providers.js	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/css/axp-footer.js	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/css/axp-login.js	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/css/axp-root.js	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/css/axp-search-box.js	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/css/app.js	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/css/gtkp_aa.js	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/css/cc.js	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/css/en-BBi1a1e63395.js	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/css/timeout.js	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/css/dls-logo-bluebox-solid.svg	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/css/dls-flag-us.svg	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/css/dls-logo-line.svg	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/css/axp-marketing-offer.js	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/css/axp-voice-of-customer.js	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/css/axp-error-message.js	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/css/appvendors.js	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/fonts/Roboto-Regular.woff	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/css/runtime.js	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/fonts/Roboto-Regular.ttf	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/iconfont/dls-icons.woff	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/css/vendors.js	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/iconfont/dls-icons.ttf	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/css/en-US.js	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/css/axp-identity-root.js	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/css/axp-universal-session-manager.js	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/css/axp-data-layer.js	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/css/axp-one-seo.js	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/css/axp-global-header.js	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/css/axp-login-alert.js	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/css/axp-page-wrapper.js	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/css/axp-identity-login-page.js	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/css/axp-providers.js	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/css/axp-footer.js	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/css/axp-login.js	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/css/axp-root.js	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/css/axp-search-box.js	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/css/app.js	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/css/gtkp_aa.js	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/css/cc.js	Phishing
2023-03-31	medium	groundedadventures.co/wp-content/plugins/amex/css/timeout.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (1)

	URL	Size	First Seen	Last Seen
	groundedadventures.co/wp-content/plugins/amex/	268 B	2023-03-07	2023-11-07
Pretty URL groundedadventures.co/wp-content/plugins/amex/ IP 162.241.114.172 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:57 Last Seen2023-11-07 06:55:18 Times Seen56 Hash efe0e1fb220f44dbca0b6e787fefabf2 ee40bf81b846bc71f818b6ece86e71b300b16a79 f375636ba452a9e4b30b9eb7bc95edab9274acdc9e247f540bd481037091be9c Loading...

HTTP Transactions (94)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7af19a5145a4ee99bdf18831bad04bfd
7bdd2a4785b999ef54a2644211d2b2b7190fb8e1
3237bf0111ecdec3615c4d2d49a602f48f800335d0194f52b600bdaefbd63ed0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3237BF0111ECDEC3615C4D2D49A602F48F800335D0194F52B600BDAEFBD63ED0"
Last-Modified: Thu, 30 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2405
Expires: Fri, 31 Mar 2023 10:25:27 GMT
Date: Fri, 31 Mar 2023 09:45:22 GMT
Connection: keep-alive

groundedadventures.co/wp-content/plugins/amex

162.241.114.172

301 Moved Permanently

261 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
261 B (261 bytes)
Hash
eaec710086049cc385ee80b89bccbde6
651deb5ab415ef0a5ffe45ef1c3f06d46bf4443c
fdcf064c78331f48b674a37fb5c3f3cf81db76ab903ad5c297108bfa4e5053bd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Fri, 31 Mar 2023 09:45:21 GMT
Server: Apache
Location: http://groundedadventures.co/wp-content/plugins/amex/
Content-Length: 261
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cca063332ba9a89eadd62a8dd7f81a9b
d473b2a7a32c964599ff3bac8f98fa578f03d1d1
02fb74c7c695ad99f7f2fd7c02ae2b88e2da1c5db339f883333d9090291931dc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02FB74C7C695AD99F7F2FD7C02AE2B88E2DA1C5DB339F883333D9090291931DC"
Last-Modified: Wed, 29 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4417
Expires: Fri, 31 Mar 2023 10:58:59 GMT
Date: Fri, 31 Mar 2023 09:45:22 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
76218c893040d958ae1c4231cdd2133c
6a7b336dee91d4aec26ace0a5883ecdfac52e68f
d35492b04d16ed00e9e195e7c84c99aa6a2b8a93abeb656baae0918986f0a7e4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D35492B04D16ED00E9E195E7C84C99AA6A2B8A93ABEB656BAAE0918986F0A7E4"
Last-Modified: Wed, 29 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2779
Expires: Fri, 31 Mar 2023 10:31:41 GMT
Date: Fri, 31 Mar 2023 09:45:22 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Retry-After, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 31 Mar 2023 09:28:23 GMT
content-type: application/json
age: 1019
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: lsBpCzHlvoRHmRsqbX57jJhaDz4EovCoJt/TeJTTC+UWEm6dgQJ2ffUGpI9/yFFe6bZfVBzLqHU=
x-amz-request-id: 20KBP4WNEE9S6439
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 31 Mar 2023 09:03:17 GMT
age: 2525
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 09:45:22 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ab61862f016dea85f8aa55e59369d905
a5e81f13052b9e9184caf05a9740c345a40d1f22
e0d580c313088d524a5338e63e4acf9f3f3cb45a54f2528c5d1c4915d71b255b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E0D580C313088D524A5338E63E4ACF9F3F3CB45A54F2528C5D1C4915D71B255B"
Last-Modified: Thu, 30 Mar 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7645
Expires: Fri, 31 Mar 2023 11:52:48 GMT
Date: Fri, 31 Mar 2023 09:45:23 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Last-Modified, Alert, Backoff, Content-Type, ETag, Cache-Control, Retry-After, Expires, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 31 Mar 2023 09:17:26 GMT
age: 1677
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

groundedadventures.co/wp-content/plugins/amex/

162.241.114.172

200 OK

284 kB

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (47507), with CRLF line terminators
Size
284 kB (283474 bytes)
Hash
0d40272e5ef4e08ed631795bc0283fe3
70368eeb302d71caaebfa55204208c0b6f7a7160
4588bf85857325b5803777e3c703b06f6cfa89740d82eb41d0a264f1d183744d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
openphish	American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/ HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 09:45:22 GMT
Server: Apache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

push.services.mozilla.com/

34.117.65.55

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.117.65.55:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hRowPuZZdKYocN7Y0noXvw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0JutnQLt+fXci7LI+z1z3w7OEWE=
Date: Fri, 31 Mar 2023 09:45:23 GMT
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

groundedadventures.co/wp-content/plugins/amex/css/appvendors.js

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/appvendors.js
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/css/appvendors.js HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:22 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

groundedadventures.co/wp-content/plugins/amex/css/en-BBi1a1e63395.js

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/en-BBi1a1e63395.js
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/css/en-BBi1a1e63395.js HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:22 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

groundedadventures.co/wp-content/plugins/amex/css/axp-voice-of-customer.js

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/axp-voice-of-customer.js
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/css/axp-voice-of-customer.js HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:22 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

groundedadventures.co/wp-content/plugins/amex/css/axp-error-message.js

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/axp-error-message.js
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/css/axp-error-message.js HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:22 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

groundedadventures.co/wp-content/plugins/amex/css/axp-marketing-offer.js

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/axp-marketing-offer.js
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/css/axp-marketing-offer.js HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:22 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

groundedadventures.co/wp-content/plugins/amex/css/runtime.js

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/runtime.js
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/css/runtime.js HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:22 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

groundedadventures.co/wp-content/plugins/amex/css/vendors.js

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/vendors.js
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/css/vendors.js HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:22 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

groundedadventures.co/wp-content/plugins/amex/css/en-US.js

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/en-US.js
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/css/en-US.js HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:22 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

groundedadventures.co/wp-content/plugins/amex/css/axp-identity-root.js

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/axp-identity-root.js
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/css/axp-identity-root.js HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:22 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

groundedadventures.co/wp-content/plugins/amex/css/axp-universal-session-manager.js

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/axp-universal-session-manager.js
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/css/axp-universal-session-manager.js HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:22 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

groundedadventures.co/wp-content/plugins/amex/css/dls.css

162.241.114.172

200 OK

354 kB

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/dls.css
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (65536), with no line terminators
Size
354 kB (353626 bytes)
Hash
4bd9811ba7caedefaf1d5b4d348b5402
61de1ffedee8e64b1b383710f42eb9539aa0fe85
3488e209e7ecf29039fda4dfc5a98bfabb7a682c79bdb0d3e848dc5509fdc776

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express

HTTP Headers

GET /wp-content/plugins/amex/css/dls.css HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 09:45:22 GMT
Server: Apache
Last-Modified: Fri, 18 Feb 2022 21:06:58 GMT
Accept-Ranges: bytes
Content-Length: 353626
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

groundedadventures.co/wp-content/plugins/amex/css/axp-data-layer.js

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/axp-data-layer.js
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/css/axp-data-layer.js HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:23 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

groundedadventures.co/wp-content/plugins/amex/css/axp-one-seo.js

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/axp-one-seo.js
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/css/axp-one-seo.js HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:23 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

groundedadventures.co/wp-content/plugins/amex/css/axp-global-header.js

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/axp-global-header.js
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/css/axp-global-header.js HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:23 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

groundedadventures.co/wp-content/plugins/amex/css/axp-login-alert.js

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/axp-login-alert.js
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/css/axp-login-alert.js HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:23 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

groundedadventures.co/wp-content/plugins/amex/css/axp-page-wrapper.js

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/axp-page-wrapper.js
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/css/axp-page-wrapper.js HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:23 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

groundedadventures.co/wp-content/plugins/amex/css/axp-identity-login-page.js

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/axp-identity-login-page.js
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/css/axp-identity-login-page.js HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:23 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

groundedadventures.co/wp-content/plugins/amex/css/axp-providers.js

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/axp-providers.js
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/css/axp-providers.js HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:23 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

groundedadventures.co/wp-content/plugins/amex/css/axp-footer.js

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/axp-footer.js
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/css/axp-footer.js HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:23 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

groundedadventures.co/wp-content/plugins/amex/css/axp-login.js

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/axp-login.js
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/css/axp-login.js HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:23 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

groundedadventures.co/wp-content/plugins/amex/css/axp-root.js

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/axp-root.js
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/css/axp-root.js HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:23 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

groundedadventures.co/wp-content/plugins/amex/css/axp-search-box.js

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/axp-search-box.js
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/css/axp-search-box.js HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:23 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

groundedadventures.co/wp-content/plugins/amex/css/app.js

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/app.js
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/css/app.js HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:23 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

groundedadventures.co/wp-content/plugins/amex/css/gtkp_aa.js

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/gtkp_aa.js
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/css/gtkp_aa.js HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:23 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

groundedadventures.co/wp-content/plugins/amex/css/cc.js

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/cc.js
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/css/cc.js HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:23 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

groundedadventures.co/wp-content/plugins/amex/css/en-BBi1a1e63395.js

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/en-BBi1a1e63395.js
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/css/en-BBi1a1e63395.js HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:23 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

groundedadventures.co/wp-content/plugins/amex/css/timeout.js

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/timeout.js
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/css/timeout.js HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:23 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

groundedadventures.co/wp-content/plugins/amex/css/dls-logo-bluebox-solid.svg

162.241.114.172

200 OK

2.4 kB

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/dls-logo-bluebox-solid.svg
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (2402), with no line terminators
Size
2.4 kB (2402 bytes)
Hash
d97d46fe48d19d2c4f236b9a2cfee5f3
a164f3588bb4b601c472461a24a6eec265bcf8c8
028f643755987211bf2f3add6c62ae1870a888cf2f4fe3040a4fac7dce2543ab

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/css/dls-logo-bluebox-solid.svg HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 09:45:23 GMT
Server: Apache
Last-Modified: Fri, 18 Feb 2022 21:06:58 GMT
Accept-Ranges: bytes
Content-Length: 2402
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/svg+xml

groundedadventures.co/wp-content/plugins/amex/css/dls-flag-us.svg

162.241.114.172

200 OK

5.6 kB

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/dls-flag-us.svg
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (5624), with no line terminators
Size
5.6 kB (5624 bytes)
Hash
56addba553083eb384b100cbb7e8632f
f718526f1ef720e5d361536615595d5bfc3c9688
5e60a20da0f769a6260d4ed755d615da930b87c62436f807a6ff32d000017d18

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/css/dls-flag-us.svg HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 09:45:23 GMT
Server: Apache
Last-Modified: Fri, 18 Feb 2022 21:06:58 GMT
Accept-Ranges: bytes
Content-Length: 5624
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/svg+xml

groundedadventures.co/wp-content/plugins/amex/css/20-AMX-0046_Covid19Support-AmexBanner_300x250_m01_46.jpg

162.241.114.172

200 OK

22 kB

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/20-AMX-0046_Covid19Support-AmexBanner_300x250_m01_46.jpg
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 300x250, components 3\012- data
Size
22 kB (22099 bytes)
Hash
79f5dadeb9379ce87796a0306d11f3b9
e31a3cbbc1368b3b4043ae40d0a2b497cfc5f780
52aed84047dc005eceb2d1e04cd03449d41724b248a119594fa70c0dfb34992f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express

NIDS	Severity	Alert
suricata	medium	ET HUNTING Suspicious GET Request with Possible COVID-19 URI M1

HTTP Headers

GET /wp-content/plugins/amex/css/20-AMX-0046_Covid19Support-AmexBanner_300x250_m01_46.jpg HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 09:45:23 GMT
Server: Apache
Last-Modified: Fri, 18 Feb 2022 21:06:58 GMT
Accept-Ranges: bytes
Content-Length: 22099
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg

groundedadventures.co/wp-content/plugins/amex/css/dls-logo-line.svg

162.241.114.172

200 OK

1.7 kB

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/dls-logo-line.svg
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1683), with no line terminators
Size
1.7 kB (1683 bytes)
Hash
ebbbafae5bdc09d7ded7cef405413ac5
7a635abed6420b798397c62270d2df8b084cd8a8
c39e8554624a4b74e596d2bfa96bdd4d30dbc395532ab32e67591c0e929080e9

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/css/dls-logo-line.svg HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 09:45:23 GMT
Server: Apache
Last-Modified: Fri, 18 Feb 2022 21:06:58 GMT
Accept-Ranges: bytes
Content-Length: 1683
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/svg+xml

groundedadventures.co/wp-content/plugins/amex/css/axp-marketing-offer.js

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/axp-marketing-offer.js
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/css/axp-marketing-offer.js HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:23 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

groundedadventures.co/wp-content/plugins/amex/css/axp-voice-of-customer.js

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/axp-voice-of-customer.js
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/css/axp-voice-of-customer.js HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:23 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

groundedadventures.co/wp-content/plugins/amex/css/axp-error-message.js

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/axp-error-message.js
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/css/axp-error-message.js HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:23 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

groundedadventures.co/wp-content/plugins/amex/css/appvendors.js

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/appvendors.js
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/css/appvendors.js HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:23 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

ocsp.digicert.com/

192.229.221.95

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
934435daf7494aa2525d0556a06916f8
cf46914dedf6c86f7f3cd60acd61e775795c5586
76bab0b78c5a798682460a1cb164c48d67154ed99bb6cee630dd793b31c0501e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1991
Cache-Control: max-age=140836
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 09:45:24 GMT
Etag: "64262711-1d7"
Expires: Sun, 02 Apr 2023 00:52:40 GMT
Last-Modified: Fri, 31 Mar 2023 00:19:29 GMT
Server: ECAcc (ska/F776)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

192.229.221.95

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
934435daf7494aa2525d0556a06916f8
cf46914dedf6c86f7f3cd60acd61e775795c5586
76bab0b78c5a798682460a1cb164c48d67154ed99bb6cee630dd793b31c0501e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4807
Cache-Control: max-age=143652
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 09:45:24 GMT
Etag: "64262711-1d7"
Expires: Sun, 02 Apr 2023 01:39:36 GMT
Last-Modified: Fri, 31 Mar 2023 00:19:29 GMT
Server: ECAcc (ska/F7A3)
X-Cache: HIT
Content-Length: 471

groundedadventures.co/wp-content/plugins/amex/fonts/Roboto-Regular.woff

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/fonts/Roboto-Regular.woff
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/fonts/Roboto-Regular.woff HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/css/dls.css

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:23 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

ocsp.digicert.com/

192.229.221.95

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
934435daf7494aa2525d0556a06916f8
cf46914dedf6c86f7f3cd60acd61e775795c5586
76bab0b78c5a798682460a1cb164c48d67154ed99bb6cee630dd793b31c0501e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4780
Cache-Control: max-age=143625
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 09:45:24 GMT
Etag: "64262711-1d7"
Expires: Sun, 02 Apr 2023 01:39:09 GMT
Last-Modified: Fri, 31 Mar 2023 00:19:29 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

192.229.221.95

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
934435daf7494aa2525d0556a06916f8
cf46914dedf6c86f7f3cd60acd61e775795c5586
76bab0b78c5a798682460a1cb164c48d67154ed99bb6cee630dd793b31c0501e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6319
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 09:45:24 GMT
Last-Modified: Fri, 31 Mar 2023 08:00:05 GMT
Server: ECAcc (ska/F6D2)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

192.229.221.95

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
934435daf7494aa2525d0556a06916f8
cf46914dedf6c86f7f3cd60acd61e775795c5586
76bab0b78c5a798682460a1cb164c48d67154ed99bb6cee630dd793b31c0501e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 315
Cache-Control: max-age=139160
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 09:45:24 GMT
Etag: "64262711-1d7"
Expires: Sun, 02 Apr 2023 00:24:44 GMT
Last-Modified: Fri, 31 Mar 2023 00:19:29 GMT
Server: ECAcc (ska/F6AF)
X-Cache: HIT
Content-Length: 471

www.aexp-static.com/nav/ngn/fonts/3be50273-0b2e-4aef-ae68-882eacd611f9-3.woff

104.110.6.135

200 OK

37 kB

URL HTTP/2
www.aexp-static.com/nav/ngn/fonts/3be50273-0b2e-4aef-ae68-882eacd611f9-3.woff
IP
104.110.6.135:0
ASN
#16625 AKAMAI-AS

File type
Web Open Font Format, TrueType, length 37153, version 1.0\012- data
Size
37 kB (37153 bytes)
Hash
c0e3b5653c803f69c05862736a765e4a
4ae2328614d48c62388c8409cbd1d9e7b5d4dfda
48050d8eeb740bb31aaad9eb82bcd4a493b474c9385eeda5fc2ca2ea279cffad

HTTP Headers

GET /nav/ngn/fonts/3be50273-0b2e-4aef-ae68-882eacd611f9-3.woff HTTP/1.1
Host: www.aexp-static.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://groundedadventures.co
Connection: keep-alive
Referer: http://groundedadventures.co/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: font/woff
content-length: 37153
last-modified: Wed, 15 Aug 2018 20:46:09 GMT
etag: "5b749111-9121"
expires: Sat, 15 Aug 2020 17:40:37 GMT
cache-control: max-age=15552000
access-control-allow-origin: *
timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
accept-ranges: bytes
date: Fri, 31 Mar 2023 09:45:24 GMT
X-Firefox-Spdy: h2

www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.2.0/package/dist/iconfont/dls-icons.woff?v=2.1.0

104.110.6.135

200 OK

45 kB

URL HTTP/2
www.aexp-static.com/cdaas/one/statics/axp-static-assets/2.2.0/package/dist/iconfont/dls-icons.woff?v=2.1.0
IP
104.110.6.135:0
ASN
#16625 AKAMAI-AS

File type
Web Open Font Format, TrueType, length 44552, version 1.0\012- data
Size
45 kB (44552 bytes)
Hash
b9e2a1b82e4c8e3fb8ff083b1a6f596b
350a8f9813c75ee0bc16edc87a7565cf226c6d1e
6c2307e5fa4f3725b00710176eeab8c23abbcd4acfd6f7c70389acc9d08d82f0

HTTP Headers

GET /cdaas/one/statics/axp-static-assets/2.2.0/package/dist/iconfont/dls-icons.woff?v=2.1.0 HTTP/1.1
Host: www.aexp-static.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://groundedadventures.co
Connection: keep-alive
Referer: http://groundedadventures.co/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: font/woff
content-length: 44552
last-modified: Mon, 06 Jan 2020 21:18:42 GMT
etag: "5e13a432-ae08"
expires: Sun, 16 Aug 2020 03:57:28 GMT
cache-control: max-age=15552000
access-control-allow-origin: *
timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
accept-ranges: bytes
date: Fri, 31 Mar 2023 09:45:24 GMT
vary: Origin, Accept-Encoding
X-Firefox-Spdy: h2

www.aexp-static.com/cdaas/one/statics/axp-dls/5.10.1/package/dist/fonts/Roboto-Medium.woff

104.110.6.135

200 OK

73 kB

URL HTTP/2
www.aexp-static.com/cdaas/one/statics/axp-dls/5.10.1/package/dist/fonts/Roboto-Medium.woff
IP
104.110.6.135:0
ASN
#16625 AKAMAI-AS

File type
Web Open Font Format, TrueType, length 72956, version 0.0\012- data
Size
73 kB (72956 bytes)
Hash
ba8101d8a4e5a90bd9d07a05afd8466d
f616f6471fc3c3badb3cb8b693d4329deb2e2d3b
d5d7822393d3103ec421f72f09c7f7c78948c68da112031c0afd1c0b0da92c08

HTTP Headers

GET /cdaas/one/statics/axp-dls/5.10.1/package/dist/fonts/Roboto-Medium.woff HTTP/1.1
Host: www.aexp-static.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://groundedadventures.co
Connection: keep-alive
Referer: http://groundedadventures.co/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: font/woff
content-length: 72956
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "1dc09d84-11cfc"
expires: Sat, 15 Aug 2020 17:31:29 GMT
cache-control: max-age=15552000
access-control-allow-origin: *
timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
accept-ranges: bytes
date: Fri, 31 Mar 2023 09:45:24 GMT
vary: Origin, Accept-Encoding
X-Firefox-Spdy: h2

www.aexp-static.com/cdaas/one/statics/axp-dls/5.10.1/package/dist/iconfont/dls-icons.woff?v=5.10.1

104.110.6.135

200 OK

35 kB

URL HTTP/2
www.aexp-static.com/cdaas/one/statics/axp-dls/5.10.1/package/dist/iconfont/dls-icons.woff?v=5.10.1
IP
104.110.6.135:0
ASN
#16625 AKAMAI-AS

File type
Web Open Font Format, TrueType, length 34756, version 1.0\012- data
Size
35 kB (34756 bytes)
Hash
00e1ece1ed6008465632d7b9800e3f4c
75e8f21ce1cf3fe13515c602bdcd8679581b6229
3ab0045c7cec2bd10b33c094d7ff82145efe1e75345bc49166dc5236db831b08

HTTP Headers

GET /cdaas/one/statics/axp-dls/5.10.1/package/dist/iconfont/dls-icons.woff?v=5.10.1 HTTP/1.1
Host: www.aexp-static.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://groundedadventures.co
Connection: keep-alive
Referer: http://groundedadventures.co/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: font/woff
content-length: 34756
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "1dc09d84-87c4"
expires: Sat, 15 Aug 2020 16:42:58 GMT
cache-control: max-age=15552000
access-control-allow-origin: *
timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
accept-ranges: bytes
date: Fri, 31 Mar 2023 09:45:24 GMT
vary: Origin, Accept-Encoding
X-Firefox-Spdy: h2

www.aexp-static.com/cdaas/one/statics/axp-dls/5.10.1/package/dist/fonts/Roboto-Light.woff

104.110.6.135

200 OK

74 kB

URL HTTP/2
www.aexp-static.com/cdaas/one/statics/axp-dls/5.10.1/package/dist/fonts/Roboto-Light.woff
IP
104.110.6.135:0
ASN
#16625 AKAMAI-AS

File type
Web Open Font Format, TrueType, length 73604, version 0.0\012- data
Size
74 kB (73604 bytes)
Hash
7294a33a9bec0eae9f3adddbcfe009c9
6e2cf6a463aab5c238468b67831a30dbdf430bda
e9f9fab2d479b79aca1d3d3bf0a9fc36131752869363180bef040905a008cc1b

HTTP Headers

GET /cdaas/one/statics/axp-dls/5.10.1/package/dist/fonts/Roboto-Light.woff HTTP/1.1
Host: www.aexp-static.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://groundedadventures.co
Connection: keep-alive
Referer: http://groundedadventures.co/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: font/woff
content-length: 73604
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "1dc09d84-11f84"
expires: Sat, 15 Aug 2020 17:53:33 GMT
cache-control: max-age=15552000
access-control-allow-origin: *
timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
accept-ranges: bytes
date: Fri, 31 Mar 2023 09:45:24 GMT
vary: Origin, Accept-Encoding
X-Firefox-Spdy: h2

www.aexp-static.com/cdaas/one/statics/axp-dls/5.10.1/package/dist/fonts/Roboto-Regular.woff

104.110.6.135

200 OK

77 kB

URL HTTP/2
www.aexp-static.com/cdaas/one/statics/axp-dls/5.10.1/package/dist/fonts/Roboto-Regular.woff
IP
104.110.6.135:0
ASN
#16625 AKAMAI-AS

File type
Web Open Font Format, TrueType, length 76792, version 0.0\012- data
Size
77 kB (76792 bytes)
Hash
6824f89aed1f9cea50aeae0f94e590e4
b110bcca0524f8b001826673291c6201fbebd161
7ef974010abfe71fb92dc3f53e3948e1e544cf6821bf9802ea0bf35fa8fe5af6

HTTP Headers

GET /cdaas/one/statics/axp-dls/5.10.1/package/dist/fonts/Roboto-Regular.woff HTTP/1.1
Host: www.aexp-static.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://groundedadventures.co
Connection: keep-alive
Referer: http://groundedadventures.co/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: font/woff
content-length: 76792
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "1dc09d84-12bf8"
expires: Sat, 15 Aug 2020 17:53:33 GMT
cache-control: max-age=15552000
access-control-allow-origin: *
timing-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
accept-ranges: bytes
date: Fri, 31 Mar 2023 09:45:24 GMT
vary: Origin, Accept-Encoding
X-Firefox-Spdy: h2

groundedadventures.co/wp-content/plugins/amex/css/runtime.js

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/runtime.js
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/css/runtime.js HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:23 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

groundedadventures.co/wp-content/plugins/amex/fonts/Roboto-Regular.ttf

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/fonts/Roboto-Regular.ttf
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/fonts/Roboto-Regular.ttf HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/css/dls.css

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:23 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

groundedadventures.co/wp-content/plugins/amex/iconfont/dls-icons.woff

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/iconfont/dls-icons.woff
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/iconfont/dls-icons.woff HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/css/dls.css

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:23 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

groundedadventures.co/wp-content/plugins/amex/css/vendors.js

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/vendors.js
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/css/vendors.js HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:23 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

groundedadventures.co/wp-content/plugins/amex/iconfont/dls-icons.ttf

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/iconfont/dls-icons.ttf
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/iconfont/dls-icons.ttf HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/css/dls.css

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:23 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

groundedadventures.co/wp-content/plugins/amex/css/en-US.js

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/en-US.js
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/css/en-US.js HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:23 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

groundedadventures.co/wp-content/plugins/amex/css/axp-identity-root.js

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/axp-identity-root.js
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/css/axp-identity-root.js HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:24 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

groundedadventures.co/wp-content/plugins/amex/css/axp-universal-session-manager.js

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/axp-universal-session-manager.js
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/css/axp-universal-session-manager.js HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:24 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2668
Expires: Fri, 31 Mar 2023 10:29:52 GMT
Date: Fri, 31 Mar 2023 09:45:24 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2668
Expires: Fri, 31 Mar 2023 10:29:52 GMT
Date: Fri, 31 Mar 2023 09:45:24 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2668
Expires: Fri, 31 Mar 2023 10:29:52 GMT
Date: Fri, 31 Mar 2023 09:45:24 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2668
Expires: Fri, 31 Mar 2023 10:29:52 GMT
Date: Fri, 31 Mar 2023 09:45:24 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2668
Expires: Fri, 31 Mar 2023 10:29:52 GMT
Date: Fri, 31 Mar 2023 09:45:24 GMT
Connection: keep-alive

groundedadventures.co/wp-content/plugins/amex/css/axp-data-layer.js

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/axp-data-layer.js
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/css/axp-data-layer.js HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:24 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8745 bytes)
Hash
ef54a1ed997cc09495edb102ccdf6803
f5637efb37b5eecff77e60e6bcf5f599991f334f
fa76d7a82dc15baf02b207cea874d1332c20a0ebe1eea99929a6f2746608412c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8745
x-amzn-requestid: e1d8dab6-4c15-4752-b528-21854c93a11c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguJ5Hy5oAMFyAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235d72-4bd62c8472f7257a155b2a80;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:34:42 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: YJQbVC3HpHtLrNiTzsUmCOMIWgRik2lIhvpAz0DfmUNSznCXw6ipYw==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 60b744e5b364d04abea9fa6686121242.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 06:47:32 GMT
age: 10672
etag: "f5637efb37b5eecff77e60e6bcf5f599991f334f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa12abd-bde1-4533-85ef-2cc555105c71.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10323 bytes)
Hash
a3b5eaa5d578299f8a506df71865d4d5
99fc13dea248dd6316e4abe545c80ad9df9bc1cd
30baa165074984ba7de6fc42cd1959d63c3f17c8f5b7cfabd68511136ff9e4ac

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa12abd-bde1-4533-85ef-2cc555105c71.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10323
x-amzn-requestid: 5851fc9d-f75e-4237-87de-45b881d1d553
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUnJEb4IAMFh8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260160-2003d3df2d802faa74ca5096;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:40 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 28pB4vd4QIm-Q7aEpaoOVhSU5Tw7HiZfViMfqJ_Jk4Z2KtoDOcaOrg==
via: 1.1 0a166b53605851fe961f5a2952e5a748.cloudfront.net (CloudFront), 1.1 efcf7b9d0f917f9ebf314db03e52d9b6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:59:58 GMT
age: 42326
etag: "99fc13dea248dd6316e4abe545c80ad9df9bc1cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9859 bytes)
Hash
da174e6ccc9451c5071ba10eeb97f6f6
c38827a9ac1218768839877263e1f2984fbdc454
76da406c8ae8cd6ca8471928f3aec3876aed2c21bc10edc0fbdaef5c100c1030

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9859
x-amzn-requestid: c00efe5b-7fdb-445a-a924-75ddd461b72b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: COQPtHizoAMF7-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641bfa64-3eb90ae703b78e8a06130540;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 07:06:12 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: nZfXy-IsoHliuLodEocEZlH-IvmIV9G-noSmSEU1wmuMPfBx3rLJ9w==
via: 1.1 02f1a759e4ec9fab6fc17c080dd851dc.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 00:11:32 GMT
age: 34432
etag: "c38827a9ac1218768839877263e1f2984fbdc454"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6380 bytes)
Hash
8a2b8f737604b7983cf686c82599dc73
aa63be93c4cd641f09ce0d5144ef60aab21caed1
78835586bfd170fee7e6f70b2b426ed186f5aeae969459c6dcbf527ba9c0deec

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6380
x-amzn-requestid: 0a129a69-0720-47a0-8b0e-b3200de24204
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUn6E19IAMF9SQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260165-564474a42e79d1dc4eb9558f;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:45 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 3paQf8BhyRcZoZNox8660Zyzz0WaiQxJuHmDbj4wpo-rgbDdkxrYgQ==
via: 1.1 b5695e36d7fbc522ece27885d73757ae.cloudfront.net (CloudFront), 1.1 b48dedcc55e63f14261aa92cf2d61522.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:47:23 GMT
age: 43081
etag: "aa63be93c4cd641f09ce0d5144ef60aab21caed1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d531a5-067e-452b-8349-d9f2a461ba4a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9055 bytes)
Hash
1688ae550e5e9181de2448a9cade8a26
a46eb0cd75f46778dc802b648f7c391ce801c700
e717e6e64c928571506bc6d19e3d9ce19bea3292f01618a6d9ddbbaffe65ffd1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d531a5-067e-452b-8349-d9f2a461ba4a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9055
x-amzn-requestid: aad4ce89-7ff3-484a-b644-ecda89a2ff16
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnVW5EPJoAMFfFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260292-41fb44737ee678bc7c93b7ff;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:43:46 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: aCuRurszjWr-BePwsnPfCqMpfO2GaREtRvvFGiiywmfsuAGFRRK9sQ==
via: 1.1 99db15345b0e5e7ad9c267ae999b8cf4.cloudfront.net (CloudFront), 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 08:20:16 GMT
age: 5108
etag: "a46eb0cd75f46778dc802b648f7c391ce801c700"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29b45e61-5c2e-4b1b-929e-70c72bde0787.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11114 bytes)
Hash
211d737362f7cbcd8c77cee7d29fa2f5
668d1d80c88082928c6ca01fbf1ccbfcd079f64f
05672d4ab964a706c41d73b51592ca2425983e77544f08198dd2d3a7dcc5b3a1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29b45e61-5c2e-4b1b-929e-70c72bde0787.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11114
x-amzn-requestid: e9e6a6b5-e6e8-4ca4-9302-a1fc023a38af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkypoH5goAMF6Hw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424fe3d-63c6c8465407f5dc26e9aced;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 03:13:01 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: HsI--rdD7nPKwY0W7f_eIm1y-oz6BbWkLea2jX-JmxY6_I8ncpD-cg==
via: 1.1 8ead054384c1626556ee4410cad35692.cloudfront.net (CloudFront), 1.1 4c48e9fb20d53d40e9fe273dbdae1098.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 08:59:56 GMT
age: 18596
etag: "668d1d80c88082928c6ca01fbf1ccbfcd079f64f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

groundedadventures.co/wp-content/plugins/amex/css/axp-one-seo.js

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/axp-one-seo.js
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/css/axp-one-seo.js HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:24 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

groundedadventures.co/wp-content/plugins/amex/css/axp-global-header.js

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/axp-global-header.js
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/css/axp-global-header.js HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:24 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

groundedadventures.co/wp-content/plugins/amex/css/axp-login-alert.js

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/axp-login-alert.js
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/css/axp-login-alert.js HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:24 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

groundedadventures.co/wp-content/plugins/amex/css/axp-page-wrapper.js

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/axp-page-wrapper.js
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/css/axp-page-wrapper.js HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:24 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

groundedadventures.co/wp-content/plugins/amex/css/axp-identity-login-page.js

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/axp-identity-login-page.js
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/css/axp-identity-login-page.js HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:24 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

groundedadventures.co/wp-content/plugins/amex/css/axp-providers.js

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/axp-providers.js
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/css/axp-providers.js HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:25 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

groundedadventures.co/wp-content/plugins/amex/css/axp-footer.js

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/axp-footer.js
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/css/axp-footer.js HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:25 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

groundedadventures.co/wp-content/plugins/amex/css/axp-login.js

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/axp-login.js
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/css/axp-login.js HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:25 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=82
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

groundedadventures.co/wp-content/plugins/amex/css/axp-root.js

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/axp-root.js
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/css/axp-root.js HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:25 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=81
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

groundedadventures.co/wp-content/plugins/amex/css/axp-search-box.js

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/axp-search-box.js
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/css/axp-search-box.js HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:25 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=80
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

groundedadventures.co/wp-content/plugins/amex/css/app.js

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/app.js
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/css/app.js HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:25 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=79
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

groundedadventures.co/wp-content/plugins/amex/css/gtkp_aa.js

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/gtkp_aa.js
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/css/gtkp_aa.js HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:25 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=78
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

groundedadventures.co/wp-content/plugins/amex/css/cc.js

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/cc.js
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/css/cc.js HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:25 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

groundedadventures.co/wp-content/plugins/amex/css/timeout.js

162.241.114.172

404 Not Found

315 B

URL HTTP/1.1
groundedadventures.co/wp-content/plugins/amex/css/timeout.js
IP
162.241.114.172:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - American Express
urlquery	phishing	Phishing - American Express
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/amex/css/timeout.js HTTP/1.1
Host: groundedadventures.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://groundedadventures.co/wp-content/plugins/amex/

HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 09:45:25 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

www.aexp-static.com/cdaas/axp-app/modules/axp-identity-root/1.36.0/images/icon-192.png

104.110.6.135

200 OK

7.2 kB

URL HTTP/2
www.aexp-static.com/cdaas/axp-app/modules/axp-identity-root/1.36.0/images/icon-192.png
IP
104.110.6.135:0
ASN
#16625 AKAMAI-AS

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
7.2 kB (7242 bytes)
Hash
0696656f7545af976eb4641141d81696
80ff69a28d379c7fa0a13388d857e2bc67afd7b9
19ff8bb08694905f12c0e9235e51bf28491bea785de0bc182e2c3346db7456a9

HTTP Headers

GET /cdaas/axp-app/modules/axp-identity-root/1.36.0/images/icon-192.png HTTP/1.1
Host: www.aexp-static.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://groundedadventures.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 7242
last-modified: Tue, 04 Jan 2022 17:03:54 GMT
etag: "61d47dfa-1c4a"
timing-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
date: Fri, 31 Mar 2023 09:45:26 GMT
vary: Origin, Accept-Encoding
X-Firefox-Spdy: h2

www.americanexpress.com/favicon.ico

104.110.26.196

200 OK

1.4 kB

URL HTTP/2
www.americanexpress.com/favicon.ico
IP
104.110.26.196:0
ASN
#16625 AKAMAI-AS

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 kB (1381 bytes)
Hash
3b59e51534607dfefbcce3772b913031
77bb0792ab706ca3a687c5df968814f11fd96bfe
d3f8ea2f4b84bdc76bac4cd065481deb32efafb2b412906beeafc46b2f80217a

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.americanexpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://groundedadventures.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=15552000;
last-modified: Fri, 07 Jun 2019 04:05:21 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1381
x-cnection: close
content-type: image/x-icon
date: Fri, 31 Mar 2023 09:45:26 GMT
set-cookie: agent-id=729a6e18-2f10-4284-8319-23336fda0a44; expires=Sat, 30-Mar-2024 09:45:26 GMT; path=/; domain=.americanexpress.com; secure; HttpOnly
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (1)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (94)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN