{"report_id":"1d3eae5c-8695-4968-92f9-db1c973fb2be","version":6,"status":"done","tags":["linkedin","microsoft","phishing"],"date":"2026-05-29T10:51:48Z","url":{"schema":"http","addr":"georgetownmover.com/www.linkedin.com/index.html","fqdn":"georgetownmover.com","domain":"georgetownmover.com","tld":"com"},"ip":{"addr":"104.247.108.91","port":0,"asn":399883,"as":"CODEFORHOST-AS-ARIN","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"georgetownmover.com/www.linkedin.com/index.html","fqdn":"georgetownmover.com","domain":"georgetownmover.com","tld":"com"},"title":"LinkedIn Login, Sign in | LinkedIn","dom":{"size":397609,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (32030)","md5":"5f3a0cc12add15973361079e979e0fb0","sha1":"39973c8df017bb23e5bede39fec91a14428cb857","sha256":"fa0408df99c045ba6fa7a7e379fa464b6d57761592640fb8b744905d3ea057a6","sha512":"efe061349198ec4edc4a0cb21330936ffce19a3a82b091939ec89d58ac7f6ad7c077fe2c34a531b1f5966bcb75010623c528548e007d6a34ae499617fb5dc094","ssdeep":"3072:yxcq0hrLZwpsYbmzORDU8Cunc4J+OlfOhWppCW6G9a98Hr8MOo4DVu:DHBLZjYqORDU8CuaOFpqG9a98HrR0U","tlshash":"fe8419aa7102218ad22b0678d1cb57067739c763f00d5d66f91994e4fbe298bc03bf5e","dom_hash":"domhash4e45810fdfaa491f7e632c9d01d82a22","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"georgetownmover.com/www.linkedin.com/index.html","fqdn":"georgetownmover.com","domain":"georgetownmover.com","tld":"com"},"ip":{"addr":"104.247.108.91","port":0,"asn":399883,"as":"CODEFORHOST-AS-ARIN","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-07-03T10:51:48Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":3,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-29","alert":"Phishing Block","trigger":"georgetownmover.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"georgetownmover.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"georgetownmover.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - LinkedIn","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with LinkedIn phishing","tags":["linkedin","microsoft","phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Generic phishing","verdict":"phishing","severity":"medium","comment":"","tags":["phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Generic phishing","verdict":"phishing","severity":"medium","comment":"","tags":["phishing"],"meta":null}]},"summary":[{"fqdn":"stackpath.bootstrapcdn.com","ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-25","domain_rank":21970,"first_seen":"2018-04-05T04:41:29Z","last_seen":"2026-05-25T07:33:32.549881Z","alert_count":0,"request_count":1,"received_data":51950,"sent_data":454,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"georgetownmover.com","ip":{"addr":"104.247.108.91","port":443,"asn":399883,"as":"CODEFORHOST-AS-ARIN","country":"United States","country_code":"US"},"domain_registered":"2024-11-08","domain_rank":0,"first_seen":"2026-05-29T10:51:02.202325Z","last_seen":"2026-05-29T10:51:02.202325Z","alert_count":9,"request_count":2,"received_data":399960,"sent_data":987,"comment":"","tags":null,"fingerprints":[{"name":"BootstrapCDN:4.0.0","description":"BootstrapCDN is a powerful and reliable Content Delivery Network (CDN) that delivers static resources, including CSS, JavaScript, and font files, for the widely-used Bootstrap framework. By leveraging multiple server locations worldwide, BootstrapCDN accelerates website loading times, ensuring a smooth and visually appealing user experience. Additionally, it ensures website compatibility with various devices and browsers. The service reduces bandwidth usage and server load, improving web performance for developers and end-users alike.","website":"https://www.bootstrapcdn.com/","common_platform_enumeration":"","icon":"BootstrapCDN.png","categories":["CDN"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"jQuery:3.3.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Bootstrap:4.0.0","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]}]},{"fqdn":"maxcdn.bootstrapcdn.com","ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-25","domain_rank":6807,"first_seen":"2014-06-18T00:37:31Z","last_seen":"2026-05-25T07:29:18.327738Z","alert_count":0,"request_count":1,"received_data":49855,"sent_data":451,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - LinkedIn","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with LinkedIn phishing","tags":["linkedin","microsoft","phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Generic phishing","verdict":"phishing","severity":"medium","comment":"","tags":["phishing"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"georgetownmover.com/www.linkedin.com/index.html","fqdn":"georgetownmover.com","domain":"georgetownmover.com","tld":"com"},"ip":{"addr":"104.247.108.91","port":443,"asn":399883,"as":"CODEFORHOST-AS-ARIN","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"6bca87897549898c4b48d190b16f5dbf","sha1":"4eee33d0253ca15a10995ad04aeba09d38451112","sha256":"57765b94ed970b679dea29a161b832b9949cc9dfa19b7fcd65b811d024231e06","sha512":"d8eb6caa4f0f8f248c2f072566cdfc318596b7e8eda7cb1f17b98da5187446eaae5b0be969dbed65cfe3bc7e3bc9c4d6d54e828fd904f0fefeb3cc9db7584096","ssdeep":"1536:lNhEyjjTikEJO4edXXe9J578go6MWXqcVhrLyB4Lw13sh2bzrl1+iuH7U3gBORDT:Lxcq0hrLZwpsYbmzORDU8Cup","tlshash":"9383d5d9b2c670529b7730b850bf450bb17a98dab44c8d60f058c5d57eb8a8e507bf2c","size":86712,"data":"","first_seen":"2023-03-07T01:25:24Z","last_seen":"2026-05-29T12:40:53.675882Z","times_seen":222,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"georgetownmover.com/www.linkedin.com/index.html","fqdn":"georgetownmover.com","domain":"georgetownmover.com","tld":"com"},"ip":{"addr":"104.247.108.91","port":443,"asn":399883,"as":"CODEFORHOST-AS-ARIN","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"84fe2906b2ce2c4f065c9f1fbe5514ef","sha1":"23f5b7b69bb30741ae14636cd070887518a760f3","sha256":"539a6bf2029907005dab50fb7bfc9fe83f3ece3dd29e19f39cac530c123bb88c","sha512":"6fc5272d1fcfa5f2ef5bfefb9681924edb3702922a1d1797f21cfda31f2469aa9ae29161cfe1efd339e8bb0ea94957d70a82f333bfc0784ba3a6d7ce91f56970","ssdeep":"1536:MYE1JVoiB9JqZdXXe2pD3PgoIiulrUndZ6a4tfOR7WpfWBZ2BJda4w9W3qG9a98G:n4J+OlfOhWppCW6G9a98HrS","tlshash":"0383c6d9b2d6706297b734b850bf410bb17a98dab44c8c60f059d4e47eb4a8e507bf2c","size":85581,"data":"","first_seen":"2023-03-07T01:25:24Z","last_seen":"2026-05-29T12:40:53.677166Z","times_seen":223,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"georgetownmover.com/www.linkedin.com/index.html","fqdn":"georgetownmover.com","domain":"georgetownmover.com","tld":"com"},"ip":{"addr":"104.247.108.91","port":443,"asn":399883,"as":"CODEFORHOST-AS-ARIN","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"a56b5bc0264cacd4888ffb70b5994600","sha1":"2f23541e2c627963640974f846dd1f2acd1b8840","sha256":"7bc7acc5864068552a21641ab44df998f26d82998aa8cc7f9ce8a96876666c98","sha512":"2ad0c19f62e9ff085ad10121f1958a432f86e73b92ed79e7ff56de8c6fcdccd792d669fa35f9fa95b629c0e0e52b2b7cb7d6e80c2d323f09c42f45ba14172298","ssdeep":"","tlshash":"d381c105f8ab11a5163370bd1f7f604073a6484b150cde547c1dba80af68a2eb4bb5c7","size":3918,"data":"","first_seen":"2026-05-29T10:51:49.469745Z","last_seen":"2026-05-29T12:40:53.678473Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js","fqdn":"maxcdn.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"14d449eb8876fa55e1ef3c2cc52b0c17","sha1":"a9545831803b1359cfeed47e3b4d6bae68e40e99","sha256":"e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b","sha512":"00d9069b9bd29ad0daa0503f341d67549cce28e888e1affd1a2a45b64a4c1bc460d81cfc4751857f991f2f4fb3d2572fd97fca651ba0c2b0255530209b182f22","ssdeep":"768:9VG5R15WbHVKZrycEHSYro34CrSLB6WU/6DqBf4l1B:9VIRuo53XiwWTvl1B","tlshash":"7523c84a7254b4a202dfa476913f450bb73b389aa60bc16cb95994ed1d7cd8c3227f3c","size":48944,"data":"","first_seen":"2023-03-07T01:02:44Z","last_seen":"2026-06-06T23:34:11.094979Z","times_seen":107999,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js","fqdn":"stackpath.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"67176c242e1bdc20603c878dee836df3","sha1":"27a71b00383d61ef3c489326b3564d698fc1227c","sha256":"56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4","sha512":"9fa75814e1b9f7db38fe61a503a13e60b82d83db8f4ce30351bd08a6b48c0d854baf472d891af23c443c8293380c2325c7b3361b708af9971aa0ea09a25cdd0a","ssdeep":"768:E9Yw7GuJM+HV0cen/7Kh5rM7V4RxCKg8FW/xsXQUd+FiID65r48Hgp5HRl+:E9X7PMIM7V4R5LFAxTWyuHHgp5HRl+","tlshash":"3533b649725078b201df9176913f460bb736788ea907816cb95d98ed2e7cd89322bf3c","size":51039,"data":"","first_seen":"2023-03-07T01:02:44Z","last_seen":"2026-06-06T20:29:02.103421Z","times_seen":124265,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js","fqdn":"stackpath.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://georgetownmover.com/www.linkedin.com/index.html","date":"2026-05-29T10:51:27.261Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bootstrapcdn.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 03 May 2026 06:14:57 GMT","end":"Sat, 01 Aug 2026 07:14:54 GMT"},"fingerprint":{"sha1":"87:39:8B:D4:F5:C1:CE:D2:17:B0:DA:A6:93:21:38:E7:CA:4B:7E:2A","sha256":"22:95:0A:F1:20:E2:D1:60:17:3F:96:BF:26:3A:90:BA:38:84:38:04:30:52:7D:AE:EA:74:8D:58:1E:F7:C7:0B"}}},"request":{"raw":"GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1\r\nHost: stackpath.bootstrapcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://georgetownmover.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 29 May 2026 10:51:27 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nserver: cloudflare\r\ncdn-pullzone: 252412\r\ncdn-requestcountrycode: DE\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31919000\r\ncontent-encoding: br\r\netag: \"67176c242e1bdc20603c878dee836df3\"\r\nlast-modified: Mon, 25 Jan 2021 22:04:06 GMT\r\ncdn-cachedat: 08/01/2025 15:36:25\r\ncdn-proxyver: 1.33\r\ncdn-requestpullcode: 200\r\ncdn-requestpullsuccess: True\r\ncdn-edgestorageid: 1078\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\ncdn-requestid: a78b5a25cfaf2df533c60a6d4fa388d4\r\ncdn-cache: HIT\r\nage: 3654013\r\ncf-cache-status: HIT\r\ncf-ray: a034f1a7cef6568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":51039,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (50758)","md5":"67176c242e1bdc20603c878dee836df3","sha1":"27a71b00383d61ef3c489326b3564d698fc1227c","sha256":"56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4","sha512":"9fa75814e1b9f7db38fe61a503a13e60b82d83db8f4ce30351bd08a6b48c0d854baf472d891af23c443c8293380c2325c7b3361b708af9971aa0ea09a25cdd0a","ssdeep":"768:E9Yw7GuJM+HV0cen/7Kh5rM7V4RxCKg8FW/xsXQUd+FiID65r48Hgp5HRl+:E9X7PMIM7V4R5LFAxTWyuHHgp5HRl+","tlshash":"3533b649725078b201df9176913f460bb736788ea907816cb95d98ed2e7cd89322bf3c","first_seen":"2023-03-07T01:02:44Z","last_seen":"2026-06-06T20:29:02.103421Z","times_seen":124265,"resource_available":true,"data":null}},"time_used":75,"timings":{"blocked":65,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"georgetownmover.com/www.linkedin.com/index.html","fqdn":"georgetownmover.com","domain":"georgetownmover.com","tld":"com"},"ip":{"addr":"104.247.108.91","port":443,"asn":399883,"as":"CODEFORHOST-AS-ARIN","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-29T10:51:26.468Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"georgetownmover.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sun, 15 Mar 2026 00:00:00 GMT","end":"Sat, 13 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"09:57:AB:74:2A:3C:22:4A:89:91:E0:C0:8B:98:74:42:07:C5:99:DE","sha256":"70:70:28:C9:86:FA:11:65:6A:88:DD:07:74:50:59:09:50:2A:28:F0:BB:73:91:C4:7E:07:08:02:56:07:2C:08"}}},"request":{"raw":"GET /www.linkedin.com/index.html HTTP/1.1\r\nHost: georgetownmover.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\netag: \"61206-6a13567e-20bcb30b;br\"\r\nlast-modified: Sun, 24 May 2026 19:50:22 GMT\r\ncontent-type: text/html\r\ncontent-length: 63623\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Fri, 29 May 2026 10:51:26 GMT\r\nserver: LiteSpeed\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"BootstrapCDN:4.0.0","description":"BootstrapCDN is a powerful and reliable Content Delivery Network (CDN) that delivers static resources, including CSS, JavaScript, and font files, for the widely-used Bootstrap framework. By leveraging multiple server locations worldwide, BootstrapCDN accelerates website loading times, ensuring a smooth and visually appealing user experience. Additionally, it ensures website compatibility with various devices and browsers. The service reduces bandwidth usage and server load, improving web performance for developers and end-users alike.","website":"https://www.bootstrapcdn.com/","common_platform_enumeration":"","icon":"BootstrapCDN.png","categories":["CDN"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"jQuery:3.3.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Bootstrap:4.0.0","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]}],"data":{"size":397830,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (32030), with CRLF line terminators","md5":"5a352166fa6eae62f76ef601857fce32","sha1":"deda34c5d583681522b98dd0b3508bde9bf40ca6","sha256":"13f28993ce698b39e68014d8430013967e6a22dd9a32f0aecccc3755262b1954","sha512":"307b39c0fc7362b94b89f0284159dd8432afaea812b7195a5ad629633f8b1e7723944128b9605670a1f1647cde94057778d2ce0c356c90dfbff7548d3130cbbe","ssdeep":"3072:Oxcq0hkLZwpsYbbzORDU8Cu44J+rlfOhWpgCW6G9a98HrQOouQ:nH2LZjYbORDU8CuurFpBG9a98HrQaQ","tlshash":"cc841aaa7102218ad22b0678d1cb57067739c763f00d5d66f91994e4fbe298bc03bf5e","first_seen":"2026-05-29T10:51:49.458658Z","last_seen":"2026-05-29T12:40:53.667454Z","times_seen":2,"resource_available":true,"data":null}},"time_used":1038,"timings":{"blocked":313,"dns":1,"connect":137,"send":0,"wait":137,"receive":275,"ssl":172},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-29","alert":"Phishing Block","trigger":"georgetownmover.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"georgetownmover.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"georgetownmover.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - LinkedIn","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with LinkedIn phishing","tags":["linkedin","microsoft","phishing"],"meta":null},{"sensor_name":"urlquery","alert":"Phishing - Generic phishing","verdict":"phishing","severity":"medium","comment":"","tags":["phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"georgetownmover.com/www.linkedin.com/js/jquery-3.3.1.js","fqdn":"georgetownmover.com","domain":"georgetownmover.com","tld":"com"},"ip":{"addr":"104.247.108.91","port":443,"asn":399883,"as":"CODEFORHOST-AS-ARIN","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://georgetownmover.com/www.linkedin.com/index.html","date":"2026-05-29T10:51:27.258Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"georgetownmover.com","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Sun, 15 Mar 2026 00:00:00 GMT","end":"Sat, 13 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"09:57:AB:74:2A:3C:22:4A:89:91:E0:C0:8B:98:74:42:07:C5:99:DE","sha256":"70:70:28:C9:86:FA:11:65:6A:88:DD:07:74:50:59:09:50:2A:28:F0:BB:73:91:C4:7E:07:08:02:56:07:2C:08"}}},"request":{"raw":"GET /www.linkedin.com/js/jquery-3.3.1.js HTTP/1.1\r\nHost: georgetownmover.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://georgetownmover.com/www.linkedin.com/index.html\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-type: text/html\r\ncache-control: private, no-cache, max-age=0\r\npragma: no-cache\r\ndate: Fri, 29 May 2026 10:51:27 GMT\r\nserver: LiteSpeed\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1249,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF, LF line terminators","md5":"f58515dfe987f7e027c8a71bbc884621","sha1":"bec6aebf5940ea88fbbff5748d539453d49fa284","sha256":"679e7e62b81267c93d0778083ae0fd0efe24172ff0ac581835b54165b3d9ed43","sha512":"f085346a38318f7935d76909db0367862924cc9b0d96256f7ff4e8999c041e610bbcde8ca56c92673bde0991c85e9c9d9b6726abd91d0c3177462c80d4a99140","ssdeep":"","tlshash":"8b21653ec1c1520ae0271164fb81f3a86629821191970f703b8eb176f6cd0bb52a36c8","first_seen":"2024-02-10T12:39:22Z","last_seen":"2026-06-06T23:30:35.385701Z","times_seen":40986,"resource_available":true,"data":null}},"time_used":142,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":142,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"georgetownmover.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-29","alert":"Sinkholed","trigger":"georgetownmover.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-29","alert":"Phishing Block","trigger":"georgetownmover.com","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - LinkedIn","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with LinkedIn phishing","tags":["linkedin","microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js","fqdn":"maxcdn.bootstrapcdn.com","domain":"bootstrapcdn.com","tld":"com"},"ip":{"addr":"104.18.10.207","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://georgetownmover.com/www.linkedin.com/index.html","date":"2026-05-29T10:51:27.260Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"bootstrapcdn.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 03 May 2026 06:14:57 GMT","end":"Sat, 01 Aug 2026 07:14:54 GMT"},"fingerprint":{"sha1":"87:39:8B:D4:F5:C1:CE:D2:17:B0:DA:A6:93:21:38:E7:CA:4B:7E:2A","sha256":"22:95:0A:F1:20:E2:D1:60:17:3F:96:BF:26:3A:90:BA:38:84:38:04:30:52:7D:AE:EA:74:8D:58:1E:F7:C7:0B"}}},"request":{"raw":"GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1\r\nHost: maxcdn.bootstrapcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://georgetownmover.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 29 May 2026 10:51:27 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nserver: cloudflare\r\ncdn-pullzone: 252412\r\ncdn-requestcountrycode: DE\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=31919000\r\ncontent-encoding: br\r\netag: \"14d449eb8876fa55e1ef3c2cc52b0c17\"\r\nlast-modified: Mon, 25 Jan 2021 22:04:04 GMT\r\ncdn-cachedat: 03/22/2025 12:19:15\r\ncdn-proxyver: 1.22\r\ncdn-requestpullcode: 200\r\ncdn-requestpullsuccess: True\r\ncdn-edgestorageid: 1048\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\ncdn-status: 200\r\ncdn-requesttime: 0\r\ncdn-requestid: aa18ff3ef6b20a9742247cfaa006fdc6\r\ncdn-cache: HIT\r\nage: 3917177\r\ncf-cache-status: HIT\r\ncf-ray: a034f1a7ceef568b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":48944,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (48664)","md5":"14d449eb8876fa55e1ef3c2cc52b0c17","sha1":"a9545831803b1359cfeed47e3b4d6bae68e40e99","sha256":"e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b","sha512":"00d9069b9bd29ad0daa0503f341d67549cce28e888e1affd1a2a45b64a4c1bc460d81cfc4751857f991f2f4fb3d2572fd97fca651ba0c2b0255530209b182f22","ssdeep":"768:9VG5R15WbHVKZrycEHSYro34CrSLB6WU/6DqBf4l1B:9VIRuo53XiwWTvl1B","tlshash":"7523c84a7254b4a202dfa476913f450bb73b389aa60bc16cb95994ed1d7cd8c3227f3c","first_seen":"2023-03-07T01:02:44Z","last_seen":"2026-06-06T23:34:11.094979Z","times_seen":107999,"resource_available":true,"data":null}},"time_used":137,"timings":{"blocked":61,"dns":37,"connect":1,"send":0,"wait":10,"receive":0,"ssl":25},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}