r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e1e94f036b0e677a492e4238b9443034
862ebeb19164d77b65229976b12338c399ce0bd9
1875033f6e187cdb371b497b6640a3c9625283b6a4b12de5bbc5be326365b6a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1875033F6E187CDB371B497B6640A3C9625283B6A4B12DE5BBC5BE326365B6A9"
Last-Modified: Mon, 13 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16284
Expires: Tue, 14 Feb 2023 06:06:21 GMT
Date: Tue, 14 Feb 2023 01:34:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9b39c3955aa73765d5c9cbe0d4c52f83
b13bf774f0189207d90d846b86b68fcf2f64f868
f6fea261b800d26e329ced17006c9f5d10b6c490dac3b2276cc7b0e2aa38316c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6FEA261B800D26E329CED17006C9F5D10B6C490DAC3B2276CC7B0E2AA38316C"
Last-Modified: Mon, 13 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9567
Expires: Tue, 14 Feb 2023 04:14:24 GMT
Date: Tue, 14 Feb 2023 01:34:57 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 14 Feb 2023 00:37:18 GMT
content-type: application/json
age: 3459
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3534c46dafa4e959cb5f4aba0b1d8cd7
f4aa8774355b04bf1f074aeb73c56c52b32568ab
68b7b6679046611b607c073416e818c6d0391e2953ecc8781b02e57a9b5af306
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "68B7B6679046611B607C073416E818C6D0391E2953ECC8781B02E57A9B5AF306"
Last-Modified: Mon, 13 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17384
Expires: Tue, 14 Feb 2023 06:24:41 GMT
Date: Tue, 14 Feb 2023 01:34:57 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 6yUuqRiVGdEbiBuKZkGa8DM8jeIP/wrVv53tPGZ/VfBWdfrGVDEAzT3dYaYDDm8fEMle8TXDlDA=
x-amz-request-id: Y4XP9N90DA1N49VQ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 14 Feb 2023 00:48:19 GMT
age: 2798
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 14 Feb 2023 01:34:57 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Content-Type, Pragma, ETag, Retry-After, Backoff, Expires, Alert, Cache-Control, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 14 Feb 2023 01:14:53 GMT
age: 1205
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 188e06be43a4f1b02aa98f1762147970
5e6b7e3a172fb7327331fd8c7f74559d079bd4fb
89bd97cff26b8d656f26db21b59b02fbc3f671ac903e1e44735c7472ebd05090
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89BD97CFF26B8D656F26DB21B59B02FBC3F671AC903E1E44735C7472EBD05090"
Last-Modified: Mon, 13 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15816
Expires: Tue, 14 Feb 2023 05:58:34 GMT
Date: Tue, 14 Feb 2023 01:34:58 GMT
Connection: keep-alive
maryannmoise.com/comsx/
199.204.248.137200 OK 33 kB IP 199.204.248.137:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6168)
Hash ba8ec113806cb0e79bae3434e6238213
0cd3f198873e6a0f9be82a9acfe07d4f7b041734
648daef874b30314788fc6c81e4472a77f329d1e49f0e0e45dac11fc59697f18
Analyzer Verdict Alert openphish Comcast Corporation
fortinet Phishing
quad9 Sinkholed
GET /comsx/ HTTP/1.1
Host: maryannmoise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 14 Feb 2023 01:35:38 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
X-Powered-By: PHP/5.5.38
Keep-Alive: timeout=30, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
push.services.mozilla.com/
44.233.250.150101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.233.250.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: SmsuymkpfYxApGNkEIDrrw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hZu+eUOAYE0DWGRai9np0TJXOMg=
maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/1203273213x32.js
199.204.248.137200 OK 2.7 kB URL HTTP/1.1 maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/1203273213x32.js
IP 199.204.248.137:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (403)
Hash 026533413b3d09d51db59238995299c1
8299098d71a0d18d7bf7279f0d71bed0345c0ec2
62079f9953d5a6dc3240039aa842881f9171f4c3f2bc664629aaf5f2c537214c
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /comsx/Sign%20in%20to%20XFINITY_files/1203273213x32.js HTTP/1.1
Host: maryannmoise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://maryannmoise.com/comsx/
HTTP/1.1 200 OK
Date: Tue, 14 Feb 2023 01:35:38 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Last-Modified: Thu, 23 Feb 2017 01:59:36 GMT
ETag: "18a9202-aa7-54928f70e9200"
Accept-Ranges: bytes
Content-Length: 2727
Keep-Alive: timeout=30, max=99
Connection: Keep-Alive
Content-Type: application/javascript
maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/rta.js
199.204.248.137200 OK 168 B URL HTTP/1.1 maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/rta.js
IP 199.204.248.137:0
File type Unicode text, UTF-8 (with BOM) text, with no line terminators
Hash cf8059bd98746a031879c027d0675200
5b36326aeac50dd7fbf8a910775b32beccc12d5a
00fb70d9832d4974eacda5d97b5ede63153bebe471109491dc6807db6ceca3a7
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /comsx/Sign%20in%20to%20XFINITY_files/rta.js HTTP/1.1
Host: maryannmoise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://maryannmoise.com/comsx/
HTTP/1.1 200 OK
Date: Tue, 14 Feb 2023 01:35:39 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Last-Modified: Thu, 23 Feb 2017 01:59:36 GMT
ETag: "18a91ec-a8-54928f70e9200"
Accept-Ranges: bytes
Content-Length: 168
Keep-Alive: timeout=30, max=100
Connection: Keep-Alive
Content-Type: application/javascript
maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/segments.js
199.204.248.137200 OK 39 B URL HTTP/1.1 maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/segments.js
IP 199.204.248.137:0
Hash 9c5453ce3943ebf709c68c4358907916
25c057fa107fca0917c7dca9f432cdce93ce2316
c47bb8af6317ddc64116b9fa30f3d2d46ea6b759789556c003a08fd57c0f6e8a
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /comsx/Sign%20in%20to%20XFINITY_files/segments.js HTTP/1.1
Host: maryannmoise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://maryannmoise.com/comsx/
HTTP/1.1 200 OK
Date: Tue, 14 Feb 2023 01:35:39 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Last-Modified: Thu, 23 Feb 2017 01:59:36 GMT
ETag: "18a91f4-27-54928f70e9200"
Accept-Ranges: bytes
Content-Length: 39
Keep-Alive: timeout=30, max=100
Connection: Keep-Alive
Content-Type: application/javascript
maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/data.json
199.204.248.137200 OK 295 B URL HTTP/1.1 maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/data.json
IP 199.204.248.137:0
Hash c4e699111d8c5ee41a03610b94ff02d5
7b4ec667ab9d73b69d752931fa675eca988ac1be
f1aa6a629871c08a077cba94a653cb0c2ace627617e442adccbf6712972bf0df
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /comsx/Sign%20in%20to%20XFINITY_files/data.json HTTP/1.1
Host: maryannmoise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://maryannmoise.com/comsx/
HTTP/1.1 200 OK
Date: Tue, 14 Feb 2023 01:35:39 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Last-Modified: Thu, 23 Feb 2017 01:59:36 GMT
ETag: "18a9215-127-54928f70e9200"
Accept-Ranges: bytes
Content-Length: 295
Keep-Alive: timeout=30, max=100
Connection: Keep-Alive
Content-Type: application/json
maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/event
199.204.248.137200 OK 191 B URL HTTP/1.1 maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/event
IP 199.204.248.137:0
File type ASCII text, with no line terminators
Hash 2d5d169b7afabb783f8994c576f005cb
d3c1f326303b3cd98f892a5ab28cea82222d058b
384d036f62eab523e123b0e2c033bdee06077fdf041c564ce56f956e6219fb24
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /comsx/Sign%20in%20to%20XFINITY_files/event HTTP/1.1
Host: maryannmoise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://maryannmoise.com/comsx/
HTTP/1.1 200 OK
Date: Tue, 14 Feb 2023 01:35:39 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Last-Modified: Thu, 23 Feb 2017 01:59:36 GMT
ETag: "18a91d2-bf-54928f70e9200"
Accept-Ranges: bytes
Content-Length: 191
Keep-Alive: timeout=30, max=100
Connection: Keep-Alive
maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/comcastVisIDAthena.js
199.204.248.137200 OK 18 kB URL HTTP/1.1 maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/comcastVisIDAthena.js
IP 199.204.248.137:0
File type ASCII text, with very long lines (815), with CRLF line terminators
Hash 4ff1cfd3240ea3e8eed8d96e31152dc2
97ed8e13c3b52da3ea4865af48b219c8e540e5ac
c1d1eb4e35d0cfa8617262918737bcb8804dd0720cdca026da2087166ac7ba71
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /comsx/Sign%20in%20to%20XFINITY_files/comcastVisIDAthena.js HTTP/1.1
Host: maryannmoise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://maryannmoise.com/comsx/
HTTP/1.1 200 OK
Date: Tue, 14 Feb 2023 01:35:39 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Last-Modified: Thu, 23 Feb 2017 01:59:36 GMT
ETag: "18a9216-4446-54928f70e9200"
Accept-Ranges: bytes
Content-Length: 17478
Keep-Alive: timeout=30, max=98
Connection: Keep-Alive
Content-Type: application/javascript
maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/150582-10.js
199.204.248.137200 OK 898 B URL HTTP/1.1 maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/150582-10.js
IP 199.204.248.137:0
File type HTML document text\012- exported SGML document, ASCII text, with very long lines (728)
Hash 5de2cd9adefd2a264bc1e881d19827f0
07046ae6c3a9449fd68bd4e0a4f59e7626f30854
af216babd9b5c43a2e6cdedc5d7497f154b3055216272d4a53af26be49bcd53f
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /comsx/Sign%20in%20to%20XFINITY_files/150582-10.js HTTP/1.1
Host: maryannmoise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://maryannmoise.com/comsx/
HTTP/1.1 200 OK
Date: Tue, 14 Feb 2023 01:35:39 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Last-Modified: Thu, 23 Feb 2017 01:59:36 GMT
ETag: "18a922e-382-54928f70e9200"
Accept-Ranges: bytes
Content-Length: 898
Keep-Alive: timeout=30, max=99
Connection: Keep-Alive
Content-Type: application/javascript
maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/150582-15.js
199.204.248.137200 OK 3.0 kB URL HTTP/1.1 maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/150582-15.js
IP 199.204.248.137:0
File type HTML document text\012- exported SGML document, ASCII text, with very long lines (2808)
Hash 3884f03746032fe3fb6b327134090769
b2e5801b7814f320f0364ab04d98f16e429a987d
c7b6ae528e00b64960dd07aa40cd199c946f089e789df34e47c1de507879302b
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /comsx/Sign%20in%20to%20XFINITY_files/150582-15.js HTTP/1.1
Host: maryannmoise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://maryannmoise.com/comsx/
HTTP/1.1 200 OK
Date: Tue, 14 Feb 2023 01:35:39 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Last-Modified: Thu, 23 Feb 2017 01:59:36 GMT
ETag: "18a9230-ba2-54928f70e9200"
Accept-Ranges: bytes
Content-Length: 2978
Keep-Alive: timeout=30, max=99
Connection: Keep-Alive
Content-Type: application/javascript
maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/styles-light.css
199.204.248.137200 OK 51 kB URL HTTP/1.1 maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/styles-light.css
IP 199.204.248.137:0
File type ASCII text, with very long lines (50848), with no line terminators
Hash 46ad0dca51a657b2f6d4302e8af335ac
56f30d2a99c33270a368df39b0fac6a6321f72f4
7744a06830d6b63ba7fc3b5f7649f8f06959e3c31118cf324d3e36e5433915ed
Analyzer Verdict Alert quad9 Sinkholed
GET /comsx/Sign%20in%20to%20XFINITY_files/styles-light.css HTTP/1.1
Host: maryannmoise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://maryannmoise.com/comsx/
HTTP/1.1 200 OK
Date: Tue, 14 Feb 2023 01:35:38 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Last-Modified: Thu, 23 Feb 2017 01:59:36 GMT
ETag: "18a91f3-c6a0-54928f70e9200"
Accept-Ranges: bytes
Content-Length: 50848
Keep-Alive: timeout=30, max=100
Connection: Keep-Alive
Content-Type: text/css
maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/1647526060x32.js
199.204.248.137200 OK 1.4 kB URL HTTP/1.1 maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/1647526060x32.js
IP 199.204.248.137:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (433)
Hash db5bdae32033752bd8574dc96ee4c96c
59c8ea77207eff9f8dbf9b6cbf156c6329cbf931
853efa16d425ff8c75c2bd4c74459ef9b555ceaae1a22d4aae0c36f95cad4351
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /comsx/Sign%20in%20to%20XFINITY_files/1647526060x32.js HTTP/1.1
Host: maryannmoise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://maryannmoise.com/comsx/
HTTP/1.1 200 OK
Date: Tue, 14 Feb 2023 01:35:39 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Last-Modified: Thu, 23 Feb 2017 01:59:36 GMT
ETag: "18a920c-58c-54928f70e9200"
Accept-Ranges: bytes
Content-Length: 1420
Keep-Alive: timeout=30, max=99
Connection: Keep-Alive
Content-Type: application/javascript
maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/11648.js
199.204.248.137200 OK 26 kB URL HTTP/1.1 maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/11648.js
IP 199.204.248.137:0
File type HTML document text\012- C source, ASCII text, with very long lines (25399)
Hash 04873a9ac5cdc1c90fcfb18a21e04136
2703ddd39416a70ada985452107e5b543ee89a0a
d7e781eaa55fbe21f653b0d2b807adc6af016ba9170ccd35fd44b3176786c80c
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /comsx/Sign%20in%20to%20XFINITY_files/11648.js HTTP/1.1
Host: maryannmoise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://maryannmoise.com/comsx/
HTTP/1.1 200 OK
Date: Tue, 14 Feb 2023 01:35:39 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Last-Modified: Thu, 23 Feb 2017 01:59:36 GMT
ETag: "18a9233-63a4-54928f70e9200"
Accept-Ranges: bytes
Content-Length: 25508
Keep-Alive: timeout=30, max=99
Connection: Keep-Alive
Content-Type: application/javascript
maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/asc.txt
199.204.248.137200 OK 17 B URL HTTP/1.1 maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/asc.txt
IP 199.204.248.137:0
File type ASCII text, with no line terminators
Hash 92ecce91e58ca501e89410701805ffd2
fbc2f9374e8f5aebbc0a9ebeaeb836dfe2ee8803
af2d3351d5bb6b63e81eb19140f27324fd7b0ba94dc7c39b6154461243e4986e
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /comsx/Sign%20in%20to%20XFINITY_files/asc.txt HTTP/1.1
Host: maryannmoise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://maryannmoise.com/comsx/
HTTP/1.1 200 OK
Date: Tue, 14 Feb 2023 01:35:39 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Last-Modified: Thu, 23 Feb 2017 01:59:36 GMT
ETag: "18a91ce-11-54928f70e9200"
Accept-Ranges: bytes
Content-Length: 17
Keep-Alive: timeout=30, max=98
Connection: Keep-Alive
Content-Type: text/plain
maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/scripts-responsive.js
199.204.248.137200 OK 3.9 kB URL HTTP/1.1 maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/scripts-responsive.js
IP 199.204.248.137:0
File type ASCII text, with very long lines (3906), with no line terminators
Hash b9e47f9f8aac844ec80a9ba6ff6e7a74
cbf073ac21eaa5de906e1fcce023c64c3829c648
aef3124abf7a9f765f36093acf39e804987e52e1a1c241700441949ea52a7673
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /comsx/Sign%20in%20to%20XFINITY_files/scripts-responsive.js HTTP/1.1
Host: maryannmoise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://maryannmoise.com/comsx/
HTTP/1.1 200 OK
Date: Tue, 14 Feb 2023 01:35:39 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Last-Modified: Thu, 23 Feb 2017 01:59:36 GMT
ETag: "18a9201-f42-54928f70e9200"
Accept-Ranges: bytes
Content-Length: 3906
Keep-Alive: timeout=30, max=98
Connection: Keep-Alive
Content-Type: application/javascript
maryannmoise.com/static/fonts/Xfinity-Standard/XfinityStandard-Regular.woff2
199.204.248.137500 Internal Server Error 0 B URL HTTP/1.1 maryannmoise.com/static/fonts/Xfinity-Standard/XfinityStandard-Regular.woff2
IP 199.204.248.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/fonts/Xfinity-Standard/XfinityStandard-Regular.woff2 HTTP/1.1
Host: maryannmoise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/styles-light.css
HTTP/1.1 500 Internal Server Error
Date: Tue, 14 Feb 2023 01:35:39 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
X-Powered-By: PHP/5.5.38
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html
maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/moatad_002.js
199.204.248.137200 OK 182 kB URL HTTP/1.1 maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/moatad_002.js
IP 199.204.248.137:0
File type ASCII text, with very long lines (554)
Size 182 kB (182301 bytes)
Hash 941a402bcb3a12f11ff32f50060a4f99
ecd237a5bc7d0995bf036e31eeabb97c6dd8c50d
894acd20e24fda4995bf56b9c7f5b0f2a634febf91db251a2adcbf6f6915e6f5
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /comsx/Sign%20in%20to%20XFINITY_files/moatad_002.js HTTP/1.1
Host: maryannmoise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://maryannmoise.com/comsx/
HTTP/1.1 200 OK
Date: Tue, 14 Feb 2023 01:35:39 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Last-Modified: Thu, 23 Feb 2017 01:59:36 GMT
ETag: "18a91ef-2c81d-54928f70e9200"
Accept-Ranges: bytes
Content-Length: 182301
Keep-Alive: timeout=30, max=97
Connection: Keep-Alive
Content-Type: application/javascript
z.moatads.com/comcastapn56341864860/moatad.js
23.38.201.146200 OK 0 B URL HTTP/2 z.moatads.com/comcastapn56341864860/moatad.js
IP 23.38.201.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /comcastapn56341864860/moatad.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://maryannmoise.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: DgrV/yUP0cYZJ24pT7Z5LVkFATYFOX23OVuFadPO2EW++SB5KZZT2R0SCmVojLGlVbLec6pGXtw=
x-amz-request-id: CA2DQ7A5WM2MGH3Y
last-modified: Mon, 11 May 2020 15:59:42 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
accept-ranges: bytes
content-type: application/x-javascript
server: AmazonS3
content-length: 0
cache-control: max-age=34831
date: Tue, 14 Feb 2023 01:34:59 GMT
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7e3eac860d253aa9a72e0f59e63b5c9d
48bddbf1fb5b299612d137c749ed6fb4638a5a8e
93c7c6429bd4eae33c3d2b3d4870c69fa2da48de015c9d9b18552f635e2ddf00
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6577
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 14 Feb 2023 01:34:59 GMT
Last-Modified: Mon, 13 Feb 2023 23:45:22 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/moatad.js
199.204.248.137200 OK 182 kB URL HTTP/1.1 maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/moatad.js
IP 199.204.248.137:0
File type ASCII text, with very long lines (554)
Size 182 kB (182301 bytes)
Hash 941a402bcb3a12f11ff32f50060a4f99
ecd237a5bc7d0995bf036e31eeabb97c6dd8c50d
894acd20e24fda4995bf56b9c7f5b0f2a634febf91db251a2adcbf6f6915e6f5
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /comsx/Sign%20in%20to%20XFINITY_files/moatad.js HTTP/1.1
Host: maryannmoise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://maryannmoise.com/comsx/
HTTP/1.1 200 OK
Date: Tue, 14 Feb 2023 01:35:39 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Last-Modified: Thu, 23 Feb 2017 01:59:36 GMT
ETag: "18a9222-2c81d-54928f70e9200"
Accept-Ranges: bytes
Content-Length: 182301
Keep-Alive: timeout=30, max=98
Connection: Keep-Alive
Content-Type: application/javascript
maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/omniture_visId.js
199.204.248.137200 OK 83 kB URL HTTP/1.1 maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/omniture_visId.js
IP 199.204.248.137:0
File type ASCII text, with very long lines (707), with CRLF line terminators
Hash e97a8791094937eca04430b8fd76550b
69fac7a4b26fdd0e5ea9c7b679435c80857efb1f
0d511486e7d3d6543bce126133d47c2805c5e4f0ff4c6d6eefabd5d6e678bf99
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /comsx/Sign%20in%20to%20XFINITY_files/omniture_visId.js HTTP/1.1
Host: maryannmoise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://maryannmoise.com/comsx/
HTTP/1.1 200 OK
Date: Tue, 14 Feb 2023 01:35:39 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Last-Modified: Thu, 23 Feb 2017 01:59:36 GMT
ETag: "18a91e7-14390-54928f70e9200"
Accept-Ranges: bytes
Content-Length: 82832
Keep-Alive: timeout=30, max=97
Connection: Keep-Alive
Content-Type: application/javascript
maryannmoise.com/static/fonts/Xfinity-Standard/XfinityStandard-ExtraLight.woff2
199.204.248.137500 Internal Server Error 0 B URL HTTP/1.1 maryannmoise.com/static/fonts/Xfinity-Standard/XfinityStandard-ExtraLight.woff2
IP 199.204.248.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/fonts/Xfinity-Standard/XfinityStandard-ExtraLight.woff2 HTTP/1.1
Host: maryannmoise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/styles-light.css
HTTP/1.1 500 Internal Server Error
Date: Tue, 14 Feb 2023 01:35:39 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
X-Powered-By: PHP/5.5.38
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html
us-ads.openx.net/w/1.0/jstag
34.98.64.218200 OK 18 kB URL HTTP/2 us-ads.openx.net/w/1.0/jstag
IP 34.98.64.218:0
File type ASCII text, with very long lines (12594)
Hash 6128764f150549adb888955a81e38a7b
36d744bd20c87db56a7a90668b5278268a87bf6c
e4e5f14082a3968e39c4900e2eba667ad2ec1d0b42154b175f9893c6e858a340
GET /w/1.0/jstag HTTP/1.1
Host: us-ads.openx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://maryannmoise.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
server: OXGW/0.0.0
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Tue, 14 Feb 2023 02:34:59 GMT
date: Tue, 14 Feb 2023 01:34:59 GMT
content-type: text/javascript
content-length: 18073
content-encoding: gzip
cache-control: max-age=3600
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7e3eac860d253aa9a72e0f59e63b5c9d
48bddbf1fb5b299612d137c749ed6fb4638a5a8e
93c7c6429bd4eae33c3d2b3d4870c69fa2da48de015c9d9b18552f635e2ddf00
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6578
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 14 Feb 2023 01:35:00 GMT
Last-Modified: Mon, 13 Feb 2023 23:45:22 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d42a01fdf9af7a50d630c42fde100d30
a7568d35657f934220298ca4c2fb102398554196
f215d87cad50e9310bf2a4df263b24e1c87e7cda29e48f93f6b0d76eb218ab1d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F215D87CAD50E9310BF2A4DF263B24E1C87E7CDA29E48F93F6B0D76EB218AB1D"
Last-Modified: Mon, 13 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4290
Expires: Tue, 14 Feb 2023 02:46:30 GMT
Date: Tue, 14 Feb 2023 01:35:00 GMT
Connection: keep-alive
maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/Oscars_SignIn_300x250.jpg
199.204.248.137200 OK 36 kB URL HTTP/1.1 maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/Oscars_SignIn_300x250.jpg
IP 199.204.248.137:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x250, components 3\012- data
Hash a98fbe346dd7c66a4ca5f1f77aa75e44
ee1c12063d821ba884efe2afedd6cab81c825363
de3e0d54441cd6afe0d7d2afcb95eadf8fec5cb23ecd47a796c3818fe7fb8f4d
Analyzer Verdict Alert quad9 Sinkholed
GET /comsx/Sign%20in%20to%20XFINITY_files/Oscars_SignIn_300x250.jpg HTTP/1.1
Host: maryannmoise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://maryannmoise.com/comsx/
HTTP/1.1 200 OK
Date: Tue, 14 Feb 2023 01:35:39 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Last-Modified: Thu, 23 Feb 2017 01:59:36 GMT
ETag: "18a9206-8aba-54928f70e9200"
Accept-Ranges: bytes
Content-Length: 35514
Keep-Alive: timeout=30, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
us-ads.openx.net/w/1.0/acj?ai=05331070-86e0-47a4-837f-7e66f69f8bc6&o=8906806854&callback=OX_8906806854&ju=http%3A//maryannmoise.com/comsx/&jr=&auid=538020939&dims=1152x836&adxy=556%2C69&res=1280x1024x24&plg=pm&ch=UTF-8&tz=0&ws=1152x836&ifr=0&tws=1152x836&vmt=1&sd=1&mt=1
34.98.64.218200 OK 251 B URL HTTP/2 us-ads.openx.net/w/1.0/acj?ai=05331070-86e0-47a4-837f-7e66f69f8bc6&o=8906806854&callback=OX_8906806854&ju=http%3A//maryannmoise.com/comsx/&jr=&auid=538020939&dims=1152x836&adxy=556%2C69&res=1280x1024x24&plg=pm&ch=UTF-8&tz=0&ws=1152x836&ifr=0&tws=1152x836&vmt=1&sd=1&mt=1
IP 34.98.64.218:0
Hash 1095fe82574e3bb26b62c4735c92753b
dd01f50b2fac30266e5828e5881ccf9effc09ae1
9c1897debaf33ae76b5b2961f777d8553a1e30fec6d7d6a8c37574ae4592f16c
GET /w/1.0/acj?ai=05331070-86e0-47a4-837f-7e66f69f8bc6&o=8906806854&callback=OX_8906806854&ju=http%3A//maryannmoise.com/comsx/&jr=&auid=538020939&dims=1152x836&adxy=556%2C69&res=1280x1024x24&plg=pm&ch=UTF-8&tz=0&ws=1152x836&ifr=0&tws=1152x836&vmt=1&sd=1&mt=1 HTTP/1.1
Host: us-ads.openx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://maryannmoise.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept, Accept-Encoding
server: OXGW/0.0.0
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Tue, 14 Feb 2023 01:35:00 GMT
content-type: application/json
content-length: 251
content-encoding: gzip
cache-control: private, max-age=0, no-cache
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/u.gif
199.204.248.137200 OK 42 B URL HTTP/1.1 maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/u.gif
IP 199.204.248.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Analyzer Verdict Alert quad9 Sinkholed
GET /comsx/Sign%20in%20to%20XFINITY_files/u.gif HTTP/1.1
Host: maryannmoise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://maryannmoise.com/comsx/
HTTP/1.1 200 OK
Date: Tue, 14 Feb 2023 01:35:40 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Last-Modified: Thu, 23 Feb 2017 01:59:36 GMT
ETag: "18a9203-2a-54928f70e9200"
Accept-Ranges: bytes
Content-Length: 42
Keep-Alive: timeout=30, max=97
Connection: Keep-Alive
Content-Type: image/gif
maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/all.js
199.204.248.137200 OK 199 kB URL HTTP/1.1 maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/all.js
IP 199.204.248.137:0
File type ASCII text, with very long lines (18053)
Size 199 kB (198957 bytes)
Hash bc6c96975ece396c2410a11de12aa324
dc29df9842c22f28b858e6384b9339e2632ce3fc
1cbf11d576a004a0f2bf7baa71c045dd94d4b0eb3e4c848df0bd75dcb144c5f7
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /comsx/Sign%20in%20to%20XFINITY_files/all.js HTTP/1.1
Host: maryannmoise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://maryannmoise.com/comsx/
HTTP/1.1 200 OK
Date: Tue, 14 Feb 2023 01:35:39 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Last-Modified: Thu, 23 Feb 2017 01:59:36 GMT
ETag: "18a9207-3092d-54928f70e9200"
Accept-Ranges: bytes
Content-Length: 198957
Keep-Alive: timeout=30, max=98
Connection: Keep-Alive
Content-Type: application/javascript
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa801374a-514c-45d6-b314-1b177300684c.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa801374a-514c-45d6-b314-1b177300684c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 798c45b6ff58fbda19c7e927267cf234
fc569c547b361ff3fe3d28e362bb09546d0e75f5
d35b11adf84262c8aa485fa1a93d485c71f1a68a68cfedb142946ccc3bf809ee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa801374a-514c-45d6-b314-1b177300684c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10068
x-amzn-requestid: ed7c343b-63cf-4294-8dd1-c0f619c7a305
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AS_0hEpKIAMF6-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63eaace9-22bc96ba036f73575f3b8d30;Sampled=0
x-amzn-remapped-date: Mon, 13 Feb 2023 21:34:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: SMHjJzrBytie2Xe4KVVpP7oL6Wlzwr0us4bIhcJLMbEHrhOcE5lb3g==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 13 Feb 2023 22:14:55 GMT
age: 12005
etag: "fc569c547b361ff3fe3d28e362bb09546d0e75f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/seal.png
199.204.248.137200 OK 3.1 kB URL HTTP/1.1 maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/seal.png
IP 199.204.248.137:0
File type PNG image data, 142 x 45, 8-bit/color RGBA, non-interlaced\012- data
Hash be19bc645a5d70db58e4317fb1f7f791
8c38f471f3e6d17af148acaab219db7e3e4a8d23
6ab85bc152133401e0ad5ca069990f4a76413499820d4ba95a0dadb063bcc8b8
Analyzer Verdict Alert quad9 Sinkholed
GET /comsx/Sign%20in%20to%20XFINITY_files/seal.png HTTP/1.1
Host: maryannmoise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://maryannmoise.com/comsx/
HTTP/1.1 200 OK
Date: Tue, 14 Feb 2023 01:35:40 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Last-Modified: Thu, 23 Feb 2017 01:59:36 GMT
ETag: "18a9213-c13-54928f70e9200"
Accept-Ranges: bytes
Content-Length: 3091
Keep-Alive: timeout=30, max=96
Connection: Keep-Alive
Content-Type: image/png
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48c61999-a2a2-438f-8c0e-f38b9e51567f.jpeg
34.120.237.76200 OK 3.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48c61999-a2a2-438f-8c0e-f38b9e51567f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b302287f861b1e046f86b902e08b6edd
1574004bac64d367279cc0b253d9678ecd3a6fe8
1f6fc77a1a273c5fa5430e98f0166758d9b3ecd910ee012bdedcc2b695ef27c8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48c61999-a2a2-438f-8c0e-f38b9e51567f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3012
x-amzn-requestid: 6d3d36a0-d4a1-475b-bf0e-b0cde61f1001
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AS_x5HTGoAMF0Dg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63eaacd8-58f5a5bb64eed8cc7ce7c670;Sampled=0
x-amzn-remapped-date: Mon, 13 Feb 2023 21:34:16 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CLBI0E5eIiwNjIGFNAYE3dqt3cCSUf2qnylqzzkdQ0N135aHsyde6w==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 13 Feb 2023 22:14:59 GMT
age: 12001
etag: "1574004bac64d367279cc0b253d9678ecd3a6fe8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31b064cd-e914-46c4-9261-f5cf1e300786.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31b064cd-e914-46c4-9261-f5cf1e300786.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e24473b3e335f2046f72ea198a1a9ac8
346f3744c1fd32467ac8c1783f7c28c0ffd3cc4b
87fb8a02fb286ccd1d04abe4052fb08617fc68692515aa6daed2895e83827ccd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31b064cd-e914-46c4-9261-f5cf1e300786.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10677
x-amzn-requestid: 7fbf05af-939a-443c-9add-f856b5ab4b1c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AS_zFH3hoAMFUkg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63eaace0-0676c24e496661ff545249f0;Sampled=0
x-amzn-remapped-date: Mon, 13 Feb 2023 21:34:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ASk3lL6xNgUz-lLwE7lpLLh_PK_Iq-PSAz3VSOZrEweutYlfUggXTg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Mon, 13 Feb 2023 22:26:35 GMT
etag: "346f3744c1fd32467ac8c1783f7c28c0ffd3cc4b"
content-type: image/jpeg
age: 11305
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ba070e2-295e-485b-8bb9-cf35a649e9d1.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ba070e2-295e-485b-8bb9-cf35a649e9d1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b8526505043a5b3a1a8a3e86f80dd796
121031f827508bc441ab34387ffdf9bf878c43a9
70e9f640c8339aea888ceea9fd2ef74fa2c3ea210f69fa22442155dca61a799e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ba070e2-295e-485b-8bb9-cf35a649e9d1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10635
x-amzn-requestid: 98a6b744-d08f-4e53-a0b0-735b336c8513
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AS_zjG9boAMFchQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63eaace3-5d86345a4ee7009e61291369;Sampled=0
x-amzn-remapped-date: Mon, 13 Feb 2023 21:34:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KJ56reDkEbXg0bE7sE4pB1n7Lkn1nLiKblbKM9aFYCow4tpHrIqGnw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 13 Feb 2023 22:26:43 GMT
etag: "121031f827508bc441ab34387ffdf9bf878c43a9"
content-type: image/jpeg
age: 11297
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fe38f96-4b04-43d2-9644-5b2f7cd0c0c9.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fe38f96-4b04-43d2-9644-5b2f7cd0c0c9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 504b69ec2b6350345c36777959b0765a
c302824325b8f0839c7de54af9c5bd02541e4269
6e3a5b1cd7d17a9f448b8189d5683567269b3b3d461838770482283898008f39
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fe38f96-4b04-43d2-9644-5b2f7cd0c0c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14477
x-amzn-requestid: 2544b5cc-3fb0-4536-88ec-8cb9044fb612
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ANtsXFBYoAMF6tA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e88fe8-452901f67af9f5d95ccc61c3;Sampled=0
x-amzn-remapped-date: Sun, 12 Feb 2023 07:06:16 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: hy4pKD0EX3RY8ayeOzmZvNG-K7qwaVP4VPjPOxcpUGmk2x09fKFFRg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 13 Feb 2023 07:20:10 GMT
age: 65690
etag: "c302824325b8f0839c7de54af9c5bd02541e4269"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F392971b2-f0c4-40e7-9616-6fb674302e06.webp
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F392971b2-f0c4-40e7-9616-6fb674302e06.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 99d681194e66cf0389f2a7e1f3da326f
ef67e1015d163b445d1a3577432ead63333d4174
40b2626c4f9124b281165a5235ff42045f21824f059560289f0307ba02800302
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F392971b2-f0c4-40e7-9616-6fb674302e06.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6976
x-amzn-requestid: 74d50c11-9e84-429f-9f92-61d0d4daf882
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AGlR9EywoAMFjeg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e5b5a5-23def26729ea784e1392e2d9;Sampled=0
x-amzn-remapped-date: Fri, 10 Feb 2023 03:10:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: lMEwjGhb9UBk8tX3z8LhagX5EHwJG0we_7MPm44SQBV3Rv_Lv3x8fA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 13 Feb 2023 07:57:06 GMT
age: 63474
etag: "ef67e1015d163b445d1a3577432ead63333d4174"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/event.gif
199.204.248.137200 OK 42 B URL HTTP/1.1 maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/event.gif
IP 199.204.248.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Analyzer Verdict Alert quad9 Sinkholed
GET /comsx/Sign%20in%20to%20XFINITY_files/event.gif HTTP/1.1
Host: maryannmoise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://maryannmoise.com/comsx/
HTTP/1.1 200 OK
Date: Tue, 14 Feb 2023 01:35:40 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Last-Modified: Thu, 23 Feb 2017 01:59:36 GMT
ETag: "18a9200-2a-54928f70e9200"
Accept-Ranges: bytes
Content-Length: 42
Keep-Alive: timeout=30, max=97
Connection: Keep-Alive
Content-Type: image/gif
maryannmoise.com/static/fonts/Xfinity-Standard/XfinityStandard-Regular.woff
199.204.248.137500 Internal Server Error 0 B URL HTTP/1.1 maryannmoise.com/static/fonts/Xfinity-Standard/XfinityStandard-Regular.woff
IP 199.204.248.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/fonts/Xfinity-Standard/XfinityStandard-Regular.woff HTTP/1.1
Host: maryannmoise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/styles-light.css
HTTP/1.1 500 Internal Server Error
Date: Tue, 14 Feb 2023 01:35:39 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
X-Powered-By: PHP/5.5.38
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html
maryannmoise.com/static/fonts/Xfinity-Standard/XfinityStandard-ExtraLight.woff
199.204.248.137500 Internal Server Error 0 B URL HTTP/1.1 maryannmoise.com/static/fonts/Xfinity-Standard/XfinityStandard-ExtraLight.woff
IP 199.204.248.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/fonts/Xfinity-Standard/XfinityStandard-ExtraLight.woff HTTP/1.1
Host: maryannmoise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/styles-light.css
HTTP/1.1 500 Internal Server Error
Date: Tue, 14 Feb 2023 01:35:40 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
X-Powered-By: PHP/5.5.38
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html
optimized-by.rubiconproject.com/a/11648/36314/150582-10.js?&cb=0.42194960991264097&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10
52.57.159.169307 Temporary Redirect 0 B URL HTTP/1.1 optimized-by.rubiconproject.com/a/11648/36314/150582-10.js?&cb=0.42194960991264097&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10
IP 52.57.159.169:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a/11648/36314/150582-10.js?&cb=0.42194960991264097&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10 HTTP/1.1
Host: optimized-by.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://maryannmoise.com/
HTTP/1.1 307 Temporary Redirect
Date: Tue, 14 Feb 2023 01:35:00 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Location: http://vast.rubiconproject.com/a/11648/36314/150582-10.js?tk_vps=2&&cb=0.42194960991264097&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10
X-Forwarded-For: 91.90.42.154
X-Forwarded-Proto: http
X-Forwarded-Port: 80
Host: optimized-by.rubiconproject.com
X-Amzn-Trace-Id: Root=1-63eae544-05c08f4f3729e9c94b7ebc3c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://maryannmoise.com/
vast.rubiconproject.com/a/11648/36314/150582-10.js?tk_vps=2&&cb=0.42194960991264097&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10
213.19.162.21200 OK 147 B URL HTTP/1.1 vast.rubiconproject.com/a/11648/36314/150582-10.js?tk_vps=2&&cb=0.42194960991264097&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10
IP 213.19.162.21:0
Hash 7bdda9f1de292e7e006306b2d85c9cb1
36a60514a49f5f2d58deb949fdf037ed29a067cc
83ea4cc1abe0489b72d792344ff8e08c2749d8bd6933a61ab0bdbd7e07c447ca
GET /a/11648/36314/150582-10.js?tk_vps=2&&cb=0.42194960991264097&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10 HTTP/1.1
Host: vast.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://maryannmoise.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.21.4
Date: Tue, 14 Feb 2023 01:35:00 GMT
Content-Type: text/javascript
Content-Length: 147
Connection: keep-alive
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: khaos=LE3KNTAA-20-DDP2; Domain=.rubiconproject.com; Path=/; Expires=Wed, 14-Feb-2024 01:35:00 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qrPX5xQMwmxrO9DtVM30fCg6SzMj6pXx+TZDmvkSIMAbgT7fIa4aBIxDfLOCIjmQFDMboWaW1ii7fhrX4gOZaqf; Domain=.rubiconproject.com; Path=/; Expires=Wed, 14-Feb-2024 01:35:00 GMT; Max-Age=31536000; SameSite=None; Secure
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
maryannmoise.com/static/fonts/Xfinity-Standard/XfinityStandard-ExtraLight.ttf
199.204.248.137500 Internal Server Error 0 B URL HTTP/1.1 maryannmoise.com/static/fonts/Xfinity-Standard/XfinityStandard-ExtraLight.ttf
IP 199.204.248.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/fonts/Xfinity-Standard/XfinityStandard-ExtraLight.ttf HTTP/1.1
Host: maryannmoise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: OX_sd=1; OX_plg=pm
HTTP/1.1 500 Internal Server Error
Date: Tue, 14 Feb 2023 01:35:40 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
X-Powered-By: PHP/5.5.38
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html
optimized-by.rubiconproject.com/a/11648/36314/150582-10.js?&cb=0.42194960991264097&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10
52.57.159.169307 Temporary Redirect 0 B URL HTTP/1.1 optimized-by.rubiconproject.com/a/11648/36314/150582-10.js?&cb=0.42194960991264097&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10
IP 52.57.159.169:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a/11648/36314/150582-10.js?&cb=0.42194960991264097&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10 HTTP/1.1
Host: optimized-by.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://maryannmoise.com/
HTTP/1.1 307 Temporary Redirect
Date: Tue, 14 Feb 2023 01:35:00 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Location: http://vast.rubiconproject.com/a/11648/36314/150582-10.js?tk_vps=2&&cb=0.42194960991264097&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10
X-Forwarded-For: 91.90.42.154
X-Forwarded-Proto: http
X-Forwarded-Port: 80
Host: optimized-by.rubiconproject.com
X-Amzn-Trace-Id: Root=1-63eae544-79b2257505947b2a64a581a0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://maryannmoise.com/
vast.rubiconproject.com/a/11648/36314/150582-10.js?tk_vps=2&&cb=0.42194960991264097&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10
213.19.162.21200 OK 147 B URL HTTP/1.1 vast.rubiconproject.com/a/11648/36314/150582-10.js?tk_vps=2&&cb=0.42194960991264097&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10
IP 213.19.162.21:0
Hash 7bdda9f1de292e7e006306b2d85c9cb1
36a60514a49f5f2d58deb949fdf037ed29a067cc
83ea4cc1abe0489b72d792344ff8e08c2749d8bd6933a61ab0bdbd7e07c447ca
GET /a/11648/36314/150582-10.js?tk_vps=2&&cb=0.42194960991264097&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1280x1024&ad_slot=36314_10 HTTP/1.1
Host: vast.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://maryannmoise.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.21.4
Date: Tue, 14 Feb 2023 01:35:00 GMT
Content-Type: text/javascript
Content-Length: 147
Connection: keep-alive
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: khaos=LE3KNTC6-7-9PSK; Domain=.rubiconproject.com; Path=/; Expires=Wed, 14-Feb-2024 01:35:00 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qoZSr39rzo6Ve9DtVM30fCg6SzMj6pXx+TZDmvkSIMAbgT7fIa4aBIxDfLOCIjmQFDMboWaW1ii7fhrX4gOZaqf; Domain=.rubiconproject.com; Path=/; Expires=Wed, 14-Feb-2024 01:35:00 GMT; Max-Age=31536000; SameSite=None; Secure
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ads.rubiconproject.com/ad/11648.js
104.110.14.155200 OK 8.9 kB URL HTTP/2 ads.rubiconproject.com/ad/11648.js
IP 104.110.14.155:0
File type C source, ASCII text, with very long lines (26545)
Hash 5aecf12e8c3cb1d14458bc71c6b8cf0c
b0cedce6e8165041981ba59a9b7277053a37ba89
69dd3510681bc16e17f107ac8f2fa504aa7ce59d75ebf3248b6f85f02a6409aa
GET /ad/11648.js HTTP/1.1
Host: ads.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://maryannmoise.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
x-powered-by: PHP/5.3.3
content-encoding: gzip
content-length: 8946
content-type: text/javascript
cache-control: max-age=5717
expires: Tue, 14 Feb 2023 03:10:17 GMT
date: Tue, 14 Feb 2023 01:35:00 GMT
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 78d5f582e9fa8cac333d548c13524026
ddc121d1ac4f70015ea5e1749d98b7e775f6d8e6
48753df3b6d118395a17816b501483fc1e9280f96ac3cb20ccb8435b84760d1c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5336
Cache-Control: max-age=90055
Content-Type: application/ocsp-response
Date: Tue, 14 Feb 2023 01:35:00 GMT
Etag: "63e98d33-1d7"
Expires: Wed, 15 Feb 2023 02:35:55 GMT
Last-Modified: Mon, 13 Feb 2023 01:06:59 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
smarttag.rubiconproject.com/a/11648/36314/150582-15.js?&cb=0.31557856926857475&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15&rp_secure=1
69.173.144.140200 OK 147 B URL HTTP/2 smarttag.rubiconproject.com/a/11648/36314/150582-15.js?&cb=0.31557856926857475&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15&rp_secure=1
IP 69.173.144.140:0
Hash 9441d4459f9bdf15aad152e66fc88643
e97b5816d440de61a5d5a7f47bb921cec240580b
9983e07b9631af361911c4abfcddf64df4a51003d916415dfab1e19c9cd16749
GET /a/11648/36314/150582-15.js?&cb=0.31557856926857475&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15&rp_secure=1 HTTP/1.1
Host: smarttag.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://maryannmoise.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.21.4
date: Tue, 14 Feb 2023 01:35:00 GMT
content-type: text/javascript
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LE3KNTKJ-4-L2XP; Domain=.rubiconproject.com; Path=/; Expires=Wed, 14-Feb-2024 01:35:00 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|hLZGFuTafB3jcsSZGMtyw+9DtVM30fCg6SzMj6pXx+TZDmvkSIMAbgT7fIa4aBIxDfLOCIjmQFDMboWaW1ii7fhrX4gOZaqf; Domain=.rubiconproject.com; Path=/; Expires=Wed, 14-Feb-2024 01:35:00 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 147
X-Firefox-Spdy: h2
optimized-by.rubiconproject.com/a/11648/36314/150582-15.js?&cb=0.7115252572475247&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15
52.57.159.169307 Temporary Redirect 0 B URL HTTP/1.1 optimized-by.rubiconproject.com/a/11648/36314/150582-15.js?&cb=0.7115252572475247&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15
IP 52.57.159.169:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a/11648/36314/150582-15.js?&cb=0.7115252572475247&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15 HTTP/1.1
Host: optimized-by.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://maryannmoise.com/
HTTP/1.1 307 Temporary Redirect
Date: Tue, 14 Feb 2023 01:35:01 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Location: http://vast.rubiconproject.com/a/11648/36314/150582-15.js?tk_vps=2&&cb=0.7115252572475247&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15
X-Forwarded-For: 91.90.42.154
X-Forwarded-Proto: http
X-Forwarded-Port: 80
Host: optimized-by.rubiconproject.com
X-Amzn-Trace-Id: Root=1-63eae545-74ae85673bf11b2544fc4960
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://maryannmoise.com/
vast.rubiconproject.com/a/11648/36314/150582-15.js?tk_vps=2&&cb=0.7115252572475247&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15
213.19.162.21200 OK 147 B URL HTTP/1.1 vast.rubiconproject.com/a/11648/36314/150582-15.js?tk_vps=2&&cb=0.7115252572475247&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15
IP 213.19.162.21:0
Hash 9441d4459f9bdf15aad152e66fc88643
e97b5816d440de61a5d5a7f47bb921cec240580b
9983e07b9631af361911c4abfcddf64df4a51003d916415dfab1e19c9cd16749
GET /a/11648/36314/150582-15.js?tk_vps=2&&cb=0.7115252572475247&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15 HTTP/1.1
Host: vast.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://maryannmoise.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.21.4
Date: Tue, 14 Feb 2023 01:35:01 GMT
Content-Type: text/javascript
Content-Length: 147
Connection: keep-alive
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: khaos=LE3KNTMH-7-HRR3; Domain=.rubiconproject.com; Path=/; Expires=Wed, 14-Feb-2024 01:35:01 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qqir3TesW+9He9DtVM30fCg6SzMj6pXx+TBTOE7lMjtngT7fIa4aBIxDfLOCIjmQFDMboWaW1ii7fhrX4gOZaqf; Domain=.rubiconproject.com; Path=/; Expires=Wed, 14-Feb-2024 01:35:01 GMT; Max-Age=31536000; SameSite=None; Secure
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
optimized-by.rubiconproject.com/a/11648/36314/150582-15.js?&cb=0.7115252572475247&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15
52.57.159.169307 Temporary Redirect 0 B URL HTTP/1.1 optimized-by.rubiconproject.com/a/11648/36314/150582-15.js?&cb=0.7115252572475247&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15
IP 52.57.159.169:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a/11648/36314/150582-15.js?&cb=0.7115252572475247&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15 HTTP/1.1
Host: optimized-by.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://maryannmoise.com/
HTTP/1.1 307 Temporary Redirect
Date: Tue, 14 Feb 2023 01:35:01 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Location: http://vast.rubiconproject.com/a/11648/36314/150582-15.js?tk_vps=2&&cb=0.7115252572475247&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15
X-Forwarded-For: 91.90.42.154
X-Forwarded-Proto: http
X-Forwarded-Port: 80
Host: optimized-by.rubiconproject.com
X-Amzn-Trace-Id: Root=1-63eae545-73a72352468224c93f2e5991
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://maryannmoise.com/
vast.rubiconproject.com/a/11648/36314/150582-15.js?tk_vps=2&&cb=0.7115252572475247&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15
213.19.162.21200 OK 147 B URL HTTP/1.1 vast.rubiconproject.com/a/11648/36314/150582-15.js?tk_vps=2&&cb=0.7115252572475247&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15
IP 213.19.162.21:0
Hash 9441d4459f9bdf15aad152e66fc88643
e97b5816d440de61a5d5a7f47bb921cec240580b
9983e07b9631af361911c4abfcddf64df4a51003d916415dfab1e19c9cd16749
GET /a/11648/36314/150582-15.js?tk_vps=2&&cb=0.7115252572475247&tk_st=1&rp_s=c&p_exp=1&p_pos=btf&p_screen_res=1280x1024&ad_slot=36314_15 HTTP/1.1
Host: vast.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://maryannmoise.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.21.4
Date: Tue, 14 Feb 2023 01:35:01 GMT
Content-Type: text/javascript
Content-Length: 147
Connection: keep-alive
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: khaos=LE3KNTO4-V-KLWE; Domain=.rubiconproject.com; Path=/; Expires=Wed, 14-Feb-2024 01:35:01 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qonF5DdGnUqqu9DtVM30fCg6SzMj6pXx+TBTOE7lMjtngT7fIa4aBIxDfLOCIjmQFDMboWaW1ii7fhrX4gOZaqf; Domain=.rubiconproject.com; Path=/; Expires=Wed, 14-Feb-2024 01:35:01 GMT; Max-Age=31536000; SameSite=None; Secure
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7b14b77f887df396fe229b9ce0658a94
3c61d14c2d51912812d57db63ebb82ee3236b5b3
e05487f462e142bf99e89be1eaafba2e464a421365ade101ace7b617beec29ea
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3345
Cache-Control: max-age=149260
Content-Type: application/ocsp-response
Date: Tue, 14 Feb 2023 01:35:01 GMT
Etag: "63ea7c40-1d7"
Expires: Wed, 15 Feb 2023 19:02:41 GMT
Last-Modified: Mon, 13 Feb 2023 18:06:56 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
pixel.quantserve.com/api/segments.json?a=p-9eJ8k4iSzux46&callback=qc_results&ttl=86400
91.228.74.168200 OK 39 B URL HTTP/2 pixel.quantserve.com/api/segments.json?a=p-9eJ8k4iSzux46&callback=qc_results&ttl=86400
IP 91.228.74.168:0
Hash 9c5453ce3943ebf709c68c4358907916
25c057fa107fca0917c7dca9f432cdce93ce2316
c47bb8af6317ddc64116b9fa30f3d2d46ea6b759789556c003a08fd57c0f6e8a
GET /api/segments.json?a=p-9eJ8k4iSzux46&callback=qc_results&ttl=86400 HTTP/1.1
Host: pixel.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://maryannmoise.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 14 Feb 2023 01:35:01 GMT
content-type: application/x-javascript
content-length: 39
cache-control: private, no-transform, must-revalidate, max-age=86400
expires: Wed, 15 Feb 2023 01:35:01 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
set-cookie: mc=63eae545-4bb8a-ce1b4-8c8bc; expires=Sat, 16-Mar-2024 01:35:01 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2
maryannmoise.com/static/fonts/Xfinity-Standard/XfinityStandard-Medium.woff2
199.204.248.137500 Internal Server Error 0 B URL HTTP/1.1 maryannmoise.com/static/fonts/Xfinity-Standard/XfinityStandard-Medium.woff2
IP 199.204.248.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/fonts/Xfinity-Standard/XfinityStandard-Medium.woff2 HTTP/1.1
Host: maryannmoise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: OX_sd=1; OX_plg=pm
HTTP/1.1 500 Internal Server Error
Date: Tue, 14 Feb 2023 01:35:41 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
X-Powered-By: PHP/5.5.38
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html
staticxx.facebook.com/connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42
157.240.221.16301 Moved Permanently 0 B URL HTTP/1.1 staticxx.facebook.com/connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42
IP 157.240.221.16:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42 HTTP/1.1
Host: staticxx.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://maryannmoise.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://staticxx.facebook.com/connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42
Content-Type: text/plain
Server: proxygen-bolt
Date: Tue, 14 Feb 2023 01:35:01 GMT
Connection: keep-alive
Content-Length: 0
maryannmoise.com/static/images/fb-logo-29.png
199.204.248.137500 Internal Server Error 0 B URL HTTP/1.1 maryannmoise.com/static/images/fb-logo-29.png
IP 199.204.248.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /static/images/fb-logo-29.png HTTP/1.1
Host: maryannmoise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: OX_sd=1; OX_plg=pm
HTTP/1.1 500 Internal Server Error
Date: Tue, 14 Feb 2023 01:35:41 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
X-Powered-By: PHP/5.5.38
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html
maryannmoise.com/static/fonts/Xfinity-Standard/XfinityStandard-Light.woff2
199.204.248.137500 Internal Server Error 0 B URL HTTP/1.1 maryannmoise.com/static/fonts/Xfinity-Standard/XfinityStandard-Light.woff2
IP 199.204.248.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/fonts/Xfinity-Standard/XfinityStandard-Light.woff2 HTTP/1.1
Host: maryannmoise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: OX_sd=1; OX_plg=pm
HTTP/1.1 500 Internal Server Error
Date: Tue, 14 Feb 2023 01:35:41 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
X-Powered-By: PHP/5.5.38
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html
serviceo.comcast.net/b/ss/comcastnetdev/1/H.27.5/s63919118525756?AQB=1&ndh=1&t=14%2F1%2F2023%201%3A36%3A21%202%200&fid=2721B2C5657BF1E7-2DD0E497D262E378&ce=UTF-8&ns=comcast&pageName=sign%20in&g=http%3A%2F%2Fmaryannmoise.com%2Fcomsx%2F&cc=USD&ch=sign%20in&events=event11&c1=%2Fcomsx%2F%2F%3Asign%20in&v1=%2Fcomsx%2F%2F%3Asign%20in&c4=sign%20in&c7=my-xfinity&v7=my-xfinity&c23=large&c31=comcast&v31=sign%20in&c32=cim&v32=cim&c33=comcast%20net&v33=comcast%20net&c34=comcast%20net%3Asign%20in&c35=authentication&v35=authentication&c36=site%3Ahome&v36=site%3Ahome&v41=large&c44=anonymous%3Asign%20in&v47=anonymous&h1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&h2=%2Fcomsx%2F&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1152&bh=836&AQE=1
13.37.25.97302 Found 0 B URL HTTP/1.1 serviceo.comcast.net/b/ss/comcastnetdev/1/H.27.5/s63919118525756?AQB=1&ndh=1&t=14%2F1%2F2023%201%3A36%3A21%202%200&fid=2721B2C5657BF1E7-2DD0E497D262E378&ce=UTF-8&ns=comcast&pageName=sign%20in&g=http%3A%2F%2Fmaryannmoise.com%2Fcomsx%2F&cc=USD&ch=sign%20in&events=event11&c1=%2Fcomsx%2F%2F%3Asign%20in&v1=%2Fcomsx%2F%2F%3Asign%20in&c4=sign%20in&c7=my-xfinity&v7=my-xfinity&c23=large&c31=comcast&v31=sign%20in&c32=cim&v32=cim&c33=comcast%20net&v33=comcast%20net&c34=comcast%20net%3Asign%20in&c35=authentication&v35=authentication&c36=site%3Ahome&v36=site%3Ahome&v41=large&c44=anonymous%3Asign%20in&v47=anonymous&h1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&h2=%2Fcomsx%2F&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1152&bh=836&AQE=1
IP 13.37.25.97:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/ss/comcastnetdev/1/H.27.5/s63919118525756?AQB=1&ndh=1&t=14%2F1%2F2023%201%3A36%3A21%202%200&fid=2721B2C5657BF1E7-2DD0E497D262E378&ce=UTF-8&ns=comcast&pageName=sign%20in&g=http%3A%2F%2Fmaryannmoise.com%2Fcomsx%2F&cc=USD&ch=sign%20in&events=event11&c1=%2Fcomsx%2F%2F%3Asign%20in&v1=%2Fcomsx%2F%2F%3Asign%20in&c4=sign%20in&c7=my-xfinity&v7=my-xfinity&c23=large&c31=comcast&v31=sign%20in&c32=cim&v32=cim&c33=comcast%20net&v33=comcast%20net&c34=comcast%20net%3Asign%20in&c35=authentication&v35=authentication&c36=site%3Ahome&v36=site%3Ahome&v41=large&c44=anonymous%3Asign%20in&v47=anonymous&h1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&h2=%2Fcomsx%2F&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1152&bh=836&AQE=1 HTTP/1.1
Host: serviceo.comcast.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://maryannmoise.com/
HTTP/1.1 302 Found
access-control-allow-origin: *
vary: Origin
date: Tue, 14 Feb 2023 01:35:01 GMT
content-type: text/plain;charset=utf-8
expires: Mon, 13 Feb 2023 01:35:01 GMT
last-modified: Wed, 15 Feb 2023 01:35:01 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_vi=[CS]v1|31F572A2B6F5A4D0-4000086F2BAAE5EE[CE]; Path=/; Domain=comcast.net; Max-Age=63072000; Expires=Thu, 13 Feb 2025 01:35:35 GMT;
location: http://serviceo.comcast.net/b/ss/comcastnetdev/1/H.27.5/s63919118525756?AQB=1&pccr=true&vidn=31F572A2B6F5A4D0-4000086F2BAAE5EE&ndh=1&t=14%2F1%2F2023%201%3A36%3A21%202%200&fid=2721B2C5657BF1E7-2DD0E497D262E378&ce=UTF-8&ns=comcast&pageName=sign%20in&g=http%3A%2F%2Fmaryannmoise.com%2Fcomsx%2F&cc=USD&ch=sign%20in&events=event11&c1=%2Fcomsx%2F%2F%3Asign%20in&v1=%2Fcomsx%2F%2F%3Asign%20in&c4=sign%20in&c7=my-xfinity&v7=my-xfinity&c23=large&c31=comcast&v31=sign%20in&c32=cim&v32=cim&c33=comcast%20net&v33=comcast%20net&c34=comcast%20net%3Asign%20in&c35=authentication&v35=authentication&c36=site%3Ahome&v36=site%3Ahome&v41=large&c44=anonymous%3Asign%20in&v47=anonymous&h1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&h2=%2Fcomsx%2F&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1152&bh=836&AQE=1
content-length: 0
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ec33afd6e21970c203dad1ec005247f7
fecf244de80795a3503605da5ce15c65522ca035
a6c61d21d16b752cb8a9f6653e2b112f2e27214d484a3d9d155f8f73bdd74107
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6329
Cache-Control: max-age=112294
Content-Type: application/ocsp-response
Date: Tue, 14 Feb 2023 01:35:01 GMT
Etag: "63e9e032-1d7"
Expires: Wed, 15 Feb 2023 08:46:35 GMT
Last-Modified: Mon, 13 Feb 2023 07:01:06 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
serviceo.comcast.net/b/ss/comcastnetdev/1/H.27.5/s63919118525756?AQB=1&pccr=true&vidn=31F572A2B6F5A4D0-4000086F2BAAE5EE&ndh=1&t=14%2F1%2F2023%201%3A36%3A21%202%200&fid=2721B2C5657BF1E7-2DD0E497D262E378&ce=UTF-8&ns=comcast&pageName=sign%20in&g=http%3A%2F%2Fmaryannmoise.com%2Fcomsx%2F&cc=USD&ch=sign%20in&events=event11&c1=%2Fcomsx%2F%2F%3Asign%20in&v1=%2Fcomsx%2F%2F%3Asign%20in&c4=sign%20in&c7=my-xfinity&v7=my-xfinity&c23=large&c31=comcast&v31=sign%20in&c32=cim&v32=cim&c33=comcast%20net&v33=comcast%20net&c34=comcast%20net%3Asign%20in&c35=authentication&v35=authentication&c36=site%3Ahome&v36=site%3Ahome&v41=large&c44=anonymous%3Asign%20in&v47=anonymous&h1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&h2=%2Fcomsx%2F&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1152&bh=836&AQE=1
13.37.25.97200 OK 43 B URL HTTP/1.1 serviceo.comcast.net/b/ss/comcastnetdev/1/H.27.5/s63919118525756?AQB=1&pccr=true&vidn=31F572A2B6F5A4D0-4000086F2BAAE5EE&ndh=1&t=14%2F1%2F2023%201%3A36%3A21%202%200&fid=2721B2C5657BF1E7-2DD0E497D262E378&ce=UTF-8&ns=comcast&pageName=sign%20in&g=http%3A%2F%2Fmaryannmoise.com%2Fcomsx%2F&cc=USD&ch=sign%20in&events=event11&c1=%2Fcomsx%2F%2F%3Asign%20in&v1=%2Fcomsx%2F%2F%3Asign%20in&c4=sign%20in&c7=my-xfinity&v7=my-xfinity&c23=large&c31=comcast&v31=sign%20in&c32=cim&v32=cim&c33=comcast%20net&v33=comcast%20net&c34=comcast%20net%3Asign%20in&c35=authentication&v35=authentication&c36=site%3Ahome&v36=site%3Ahome&v41=large&c44=anonymous%3Asign%20in&v47=anonymous&h1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&h2=%2Fcomsx%2F&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1152&bh=836&AQE=1
IP 13.37.25.97:0
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /b/ss/comcastnetdev/1/H.27.5/s63919118525756?AQB=1&pccr=true&vidn=31F572A2B6F5A4D0-4000086F2BAAE5EE&ndh=1&t=14%2F1%2F2023%201%3A36%3A21%202%200&fid=2721B2C5657BF1E7-2DD0E497D262E378&ce=UTF-8&ns=comcast&pageName=sign%20in&g=http%3A%2F%2Fmaryannmoise.com%2Fcomsx%2F&cc=USD&ch=sign%20in&events=event11&c1=%2Fcomsx%2F%2F%3Asign%20in&v1=%2Fcomsx%2F%2F%3Asign%20in&c4=sign%20in&c7=my-xfinity&v7=my-xfinity&c23=large&c31=comcast&v31=sign%20in&c32=cim&v32=cim&c33=comcast%20net&v33=comcast%20net&c34=comcast%20net%3Asign%20in&c35=authentication&v35=authentication&c36=site%3Ahome&v36=site%3Ahome&v41=large&c44=anonymous%3Asign%20in&v47=anonymous&h1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&h2=%2Fcomsx%2F&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1152&bh=836&AQE=1 HTTP/1.1
Host: serviceo.comcast.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://maryannmoise.com/
Connection: keep-alive
HTTP/1.1 200 OK
access-control-allow-origin: *
date: Tue, 14 Feb 2023 01:35:01 GMT
expires: Mon, 13 Feb 2023 01:35:01 GMT
last-modified: Wed, 15 Feb 2023 01:35:01 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_vi=[CS]v1|31F572A2D3D7A1A7-40000A468BA7DDD4[CE]; Path=/; Domain=comcast.net; Max-Age=63072000; Expires=Thu, 13 Feb 2025 01:35:35 GMT;
etag: 3599909520816963584-4619684168998575571
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/dest5.htm
199.204.248.137200 OK 8.9 kB URL HTTP/1.1 maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/dest5.htm
IP 199.204.248.137:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (581), with CRLF line terminators
Hash d2f6fa6292c62a0b4453c4d7763040e1
a9330f8597c230773f94d5f3b442d0a14e94083f
b8ddbf2a9418fff20f88a0692ce5aa6770edc51280200cdf410fdfb36466794c
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /comsx/Sign%20in%20to%20XFINITY_files/dest5.htm HTTP/1.1
Host: maryannmoise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://maryannmoise.com/comsx/
Cookie: OX_sd=1; OX_plg=pm; s_cc=true; s_fid=2721B2C5657BF1E7-2DD0E497D262E378; AMCV_723C39F756ABCD0B7F000101%40AdobeOrg=T; s_sq=%5B%5BB%5D%5D
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 14 Feb 2023 01:35:41 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Last-Modified: Thu, 23 Feb 2017 01:59:36 GMT
ETag: "18a920b-22f4-54928f70e9200"
Accept-Ranges: bytes
Content-Length: 8948
Keep-Alive: timeout=30, max=100
Connection: Keep-Alive
Content-Type: text/html
staticxx.facebook.com/connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42
157.240.221.16404 Not Found 9 B URL HTTP/2 staticxx.facebook.com/connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42
IP 157.240.221.16:0
File type ASCII text, with no line terminators
Hash 9d1ead73e678fa2f51a70a933b0bf017
d205cbd6783332a212c5ae92d73c77178c2d2f28
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
GET /connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42 HTTP/1.1
Host: staticxx.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://maryannmoise.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: TB1WySsS/d3KnQ4ZO/nC2v4EbqhUdFKhfSkI0KoStIOPocDha8q2tTEt1beoJBgEF/p6V2bvXm/CoG9zzqVmUg==
content-length: 9
priority: u=3,i
x-fb-trip-id: 1679558926
date: Tue, 14 Feb 2023 01:35:01 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
staticxx.facebook.com/connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42
157.240.221.16404 Not Found 9 B URL HTTP/2 staticxx.facebook.com/connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42
IP 157.240.221.16:0
File type ASCII text, with no line terminators
Hash 9d1ead73e678fa2f51a70a933b0bf017
d205cbd6783332a212c5ae92d73c77178c2d2f28
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
GET /connect/xd_arbiter/r/ao6eUeuGXQq.js?version=42 HTTP/1.1
Host: staticxx.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://maryannmoise.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 4C45y/HvTH1uajhwegjjrU1jYKq+p2Rs/D6hlXnIpAPSCpfVreff6wr9iePZT4LJmKRbgM/L7aBf30pgly1F3g==
content-length: 9
x-fb-trip-id: 1679558926
date: Tue, 14 Feb 2023 01:35:01 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ec33afd6e21970c203dad1ec005247f7
fecf244de80795a3503605da5ce15c65522ca035
a6c61d21d16b752cb8a9f6653e2b112f2e27214d484a3d9d155f8f73bdd74107
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6329
Cache-Control: max-age=112294
Content-Type: application/ocsp-response
Date: Tue, 14 Feb 2023 01:35:01 GMT
Etag: "63e9e032-1d7"
Expires: Wed, 15 Feb 2023 08:46:35 GMT
Last-Modified: Mon, 13 Feb 2023 07:01:06 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
maryannmoise.com/static/fonts/Xfinity-Standard/XfinityStandard-Thin.woff2
199.204.248.137500 Internal Server Error 0 B URL HTTP/1.1 maryannmoise.com/static/fonts/Xfinity-Standard/XfinityStandard-Thin.woff2
IP 199.204.248.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/fonts/Xfinity-Standard/XfinityStandard-Thin.woff2 HTTP/1.1
Host: maryannmoise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: OX_sd=1; OX_plg=pm
HTTP/1.1 500 Internal Server Error
Date: Tue, 14 Feb 2023 01:35:41 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
X-Powered-By: PHP/5.5.38
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html
maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/ao6eUeuGXQq.htm
199.204.248.137200 OK 43 kB URL HTTP/1.1 maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/ao6eUeuGXQq.htm
IP 199.204.248.137:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (6078), with CRLF line terminators
Hash fc6f71bf3bb8b37c2e742712f5e9fa31
1985f6685907edd356e999433d688632683297f5
074da691273a060b544115ecc31905c1c260559484b45560f9a299d83ca5d898
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /comsx/Sign%20in%20to%20XFINITY_files/ao6eUeuGXQq.htm HTTP/1.1
Host: maryannmoise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://maryannmoise.com/comsx/
Cookie: OX_sd=1; OX_plg=pm
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 14 Feb 2023 01:35:41 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Last-Modified: Thu, 23 Feb 2017 01:59:36 GMT
ETag: "18a91d5-a818-54928f70e9200"
Accept-Ranges: bytes
Content-Length: 43032
Keep-Alive: timeout=30, max=100
Connection: Keep-Alive
Content-Type: text/html
maryannmoise.com/static/fonts/Xfinity-Standard/XfinityStandard-Light.woff
199.204.248.137500 Internal Server Error 0 B URL HTTP/1.1 maryannmoise.com/static/fonts/Xfinity-Standard/XfinityStandard-Light.woff
IP 199.204.248.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/fonts/Xfinity-Standard/XfinityStandard-Light.woff HTTP/1.1
Host: maryannmoise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: OX_sd=1; OX_plg=pm; s_cc=true; s_fid=2721B2C5657BF1E7-2DD0E497D262E378; AMCV_723C39F756ABCD0B7F000101%40AdobeOrg=T; s_sq=%5B%5BB%5D%5D
HTTP/1.1 500 Internal Server Error
Date: Tue, 14 Feb 2023 01:35:41 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
X-Powered-By: PHP/5.5.38
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html
maryannmoise.com/static/fonts/Xfinity-Standard/XfinityStandard-Medium.woff
199.204.248.137500 Internal Server Error 0 B URL HTTP/1.1 maryannmoise.com/static/fonts/Xfinity-Standard/XfinityStandard-Medium.woff
IP 199.204.248.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/fonts/Xfinity-Standard/XfinityStandard-Medium.woff HTTP/1.1
Host: maryannmoise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: OX_sd=1; OX_plg=pm; s_cc=true; s_fid=2721B2C5657BF1E7-2DD0E497D262E378; AMCV_723C39F756ABCD0B7F000101%40AdobeOrg=T; s_sq=%5B%5BB%5D%5D
HTTP/1.1 500 Internal Server Error
Date: Tue, 14 Feb 2023 01:35:41 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
X-Powered-By: PHP/5.5.38
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html
maryannmoise.com/static/fonts/Xfinity-Standard/XfinityStandard-Thin.woff
199.204.248.137500 Internal Server Error 0 B URL HTTP/1.1 maryannmoise.com/static/fonts/Xfinity-Standard/XfinityStandard-Thin.woff
IP 199.204.248.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/fonts/Xfinity-Standard/XfinityStandard-Thin.woff HTTP/1.1
Host: maryannmoise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: OX_sd=1; OX_plg=pm; s_cc=true; s_fid=2721B2C5657BF1E7-2DD0E497D262E378; AMCV_723C39F756ABCD0B7F000101%40AdobeOrg=T; s_sq=%5B%5BB%5D%5D
HTTP/1.1 500 Internal Server Error
Date: Tue, 14 Feb 2023 01:35:42 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
X-Powered-By: PHP/5.5.38
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html
maryannmoise.com/static/fonts/Xfinity-Standard/XfinityStandard-Light.ttf
199.204.248.137500 Internal Server Error 0 B URL HTTP/1.1 maryannmoise.com/static/fonts/Xfinity-Standard/XfinityStandard-Light.ttf
IP 199.204.248.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/fonts/Xfinity-Standard/XfinityStandard-Light.ttf HTTP/1.1
Host: maryannmoise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: OX_sd=1; OX_plg=pm; s_cc=true; s_fid=2721B2C5657BF1E7-2DD0E497D262E378; AMCV_723C39F756ABCD0B7F000101%40AdobeOrg=-1248264605%7CMCMID%7C09172107422430870815937403449189409171; s_sq=%5B%5BB%5D%5D
HTTP/1.1 500 Internal Server Error
Date: Tue, 14 Feb 2023 01:35:42 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
X-Powered-By: PHP/5.5.38
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html
maryannmoise.com/static/fonts/Xfinity-Standard/XfinityStandard-Medium.ttf
199.204.248.137500 Internal Server Error 0 B URL HTTP/1.1 maryannmoise.com/static/fonts/Xfinity-Standard/XfinityStandard-Medium.ttf
IP 199.204.248.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/fonts/Xfinity-Standard/XfinityStandard-Medium.ttf HTTP/1.1
Host: maryannmoise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: OX_sd=1; OX_plg=pm; s_cc=true; s_fid=2721B2C5657BF1E7-2DD0E497D262E378; AMCV_723C39F756ABCD0B7F000101%40AdobeOrg=-1248264605%7CMCMID%7C09172107422430870815937403449189409171; s_sq=%5B%5BB%5D%5D
HTTP/1.1 500 Internal Server Error
Date: Tue, 14 Feb 2023 01:35:42 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
X-Powered-By: PHP/5.5.38
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html
maryannmoise.com/static/fonts/Xfinity-Standard/XfinityStandard-Thin.ttf
199.204.248.137500 Internal Server Error 0 B URL HTTP/1.1 maryannmoise.com/static/fonts/Xfinity-Standard/XfinityStandard-Thin.ttf
IP 199.204.248.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/fonts/Xfinity-Standard/XfinityStandard-Thin.ttf HTTP/1.1
Host: maryannmoise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/styles-light.css
Cookie: OX_sd=1; OX_plg=pm; s_cc=true; s_fid=2721B2C5657BF1E7-2DD0E497D262E378; AMCV_723C39F756ABCD0B7F000101%40AdobeOrg=-1248264605%7CMCMID%7C09172107422430870815937403449189409171; s_sq=%5B%5BB%5D%5D
HTTP/1.1 500 Internal Server Error
Date: Tue, 14 Feb 2023 01:35:42 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
X-Powered-By: PHP/5.5.38
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html
secure-assets.rubiconproject.com/static/psa/blank/1x1.png
104.110.14.155200 OK 155 B URL HTTP/2 secure-assets.rubiconproject.com/static/psa/blank/1x1.png
IP 104.110.14.155:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 0fed6b76619acefb38a43867d5fbbd65
b4881fe00376089907ce39fb43398fe2b9d55b8a
172f8ce100094feaee2d292f56c5a847b0a89852a43e79ef7743d28d06dec7d7
GET /static/psa/blank/1x1.png HTTP/1.1
Host: secure-assets.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://maryannmoise.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Tue, 01 Oct 2019 16:53:58 GMT
accept-ranges: bytes
content-type: image/png
content-encoding: gzip
content-length: 155
date: Tue, 14 Feb 2023 01:35:02 GMT
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
rtax.criteo.com/delivery/rta/rta.js?netId=2528&cookieName=crtg_comcast&rnd=71324836271&varName=crtg_content
178.250.2.157204 No Content 0 B URL HTTP/1.1 rtax.criteo.com/delivery/rta/rta.js?netId=2528&cookieName=crtg_comcast&rnd=71324836271&varName=crtg_content
IP 178.250.2.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /delivery/rta/rta.js?netId=2528&cookieName=crtg_comcast&rnd=71324836271&varName=crtg_content HTTP/1.1
Host: rtax.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://maryannmoise.com/
HTTP/1.1 204 No Content
server: nginx/1.20.1
date: Tue, 14 Feb 2023 01:35:02 GMT
strict-transport-security: max-age=31536000; preload;
connect.facebook.net/en_US/all.js
31.13.72.12301 Moved Permanently 0 B URL HTTP/1.1 connect.facebook.net/en_US/all.js
IP 31.13.72.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /en_US/all.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://maryannmoise.com/
HTTP/1.1 301 Moved Permanently
Location: https://connect.facebook.net/en_US/all.js
Content-Type: text/plain
Server: proxygen-bolt
Date: Tue, 14 Feb 2023 01:35:02 GMT
Connection: keep-alive
Content-Length: 0
dpm.demdex.net/id?d_visid_ver=1.5.6&d_rtbd=json&d_ver=2&d_orgid=723C39F756ABCD0B7F000101%40AdobeOrg&d_nsid=0&d_cb=s_c_il%5B0%5D._setMarketingCloudFields
54.72.143.161200 OK 692 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=1.5.6&d_rtbd=json&d_ver=2&d_orgid=723C39F756ABCD0B7F000101%40AdobeOrg&d_nsid=0&d_cb=s_c_il%5B0%5D._setMarketingCloudFields
IP 54.72.143.161:0
File type ASCII text, with very long lines (1652), with no line terminators
Hash d90104db431a53c4988633eb6c3fbbb9
90a6f71cc7f29aa9fa35cf11786bdda94c87b631
43ef8bf778c59fd87a7edca5416c28b041f231f51d95847c82bd1989d6710a3a
GET /id?d_visid_ver=1.5.6&d_rtbd=json&d_ver=2&d_orgid=723C39F756ABCD0B7F000101%40AdobeOrg&d_nsid=0&d_cb=s_c_il%5B0%5D._setMarketingCloudFields HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://maryannmoise.com/
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/javascript;charset=utf-8
DCS: dcs-prod-irl1-2-v046-055e9ae9c.edge-irl1.demdex.com 3 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=50378985589339116223147661339948506909; Max-Age=15552000; Expires=Sun, 13 Aug 2023 01:35:02 GMT; Path=/; Domain=.demdex.net
X-TID: 9njH6ncQRWM=
Content-Length: 692
Connection: keep-alive
dpm.demdex.net/id?d_visid_ver=1.5.6&d_rtbd=json&d_ver=2&d_orgid=723C39F756ABCD0B7F000101%40AdobeOrg&d_nsid=0&d_mid=09172107422430870815937403449189409171&d_cb=s_c_il%5B0%5D._setMarketingCloudFields
54.72.143.161200 OK 684 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=1.5.6&d_rtbd=json&d_ver=2&d_orgid=723C39F756ABCD0B7F000101%40AdobeOrg&d_nsid=0&d_mid=09172107422430870815937403449189409171&d_cb=s_c_il%5B0%5D._setMarketingCloudFields
IP 54.72.143.161:0
File type ASCII text, with very long lines (1647), with no line terminators
Hash b6eada45c865682c76864cca96505dc9
49e0e40d019515de602db4b9847e5b3709af7b0d
ab1059ddc5863273ea45c0dc85eb1199a852a9de466713fe0ba3d3c5b5102674
GET /id?d_visid_ver=1.5.6&d_rtbd=json&d_ver=2&d_orgid=723C39F756ABCD0B7F000101%40AdobeOrg&d_nsid=0&d_mid=09172107422430870815937403449189409171&d_cb=s_c_il%5B0%5D._setMarketingCloudFields HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://maryannmoise.com/
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/javascript;charset=utf-8
DCS: dcs-prod-irl1-2-v046-070ee2004.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=08783079126889390925976015921241801518; Max-Age=15552000; Expires=Sun, 13 Aug 2023 01:35:02 GMT; Path=/; Domain=.demdex.net
X-TID: LqCBa5rZTIM=
Content-Length: 684
Connection: keep-alive
comcastathena.demdex.net/event?d_mid=09172107422430870815937403449189409171&d_nsid=1&d_ld=_ts%3D1676338581846&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_1_1676338581846&c_pageName=sign%20in&c_channel=sign%20in&c_events=event11&c_prop1=%2Fcomsx%2F%2F%3Asign%20in&c_eVar1=%2Fcomsx%2F%2F%3Asign%20in&c_prop4=sign%20in&c_prop7=my-xfinity&c_eVar7=my-xfinity&c_prop23=large&c_prop31=comcast&c_eVar31=sign%20in&c_prop32=cim&c_eVar32=cim&c_prop33=comcast%20net&c_eVar33=comcast%20net&c_prop34=comcast%20net%3Asign%20in&c_prop35=authentication&c_eVar35=authentication&c_prop36=site%3Ahome&c_eVar36=site%3Ahome&c_eVar41=large&c_prop44=anonymous%3Asign%20in&c_eVar47=anonymous&c_hier1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&c_hier2=%2Fcomsx%2F
3.248.49.44200 OK 149 B URL HTTP/1.1 comcastathena.demdex.net/event?d_mid=09172107422430870815937403449189409171&d_nsid=1&d_ld=_ts%3D1676338581846&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_1_1676338581846&c_pageName=sign%20in&c_channel=sign%20in&c_events=event11&c_prop1=%2Fcomsx%2F%2F%3Asign%20in&c_eVar1=%2Fcomsx%2F%2F%3Asign%20in&c_prop4=sign%20in&c_prop7=my-xfinity&c_eVar7=my-xfinity&c_prop23=large&c_prop31=comcast&c_eVar31=sign%20in&c_prop32=cim&c_eVar32=cim&c_prop33=comcast%20net&c_eVar33=comcast%20net&c_prop34=comcast%20net%3Asign%20in&c_prop35=authentication&c_eVar35=authentication&c_prop36=site%3Ahome&c_eVar36=site%3Ahome&c_eVar41=large&c_prop44=anonymous%3Asign%20in&c_eVar47=anonymous&c_hier1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&c_hier2=%2Fcomsx%2F
IP 3.248.49.44:0
File type ASCII text, with no line terminators
Hash 27a9562260349429869bcad87e72e17b
3ff8aa7eeff24d52dd88b5c0935cf0f0d64e9660
a8a849e58691e589acf5887caeceaa99d4a3fc0c96e6731e86df16307a8dae5b
GET /event?d_mid=09172107422430870815937403449189409171&d_nsid=1&d_ld=_ts%3D1676338581846&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_1_1676338581846&c_pageName=sign%20in&c_channel=sign%20in&c_events=event11&c_prop1=%2Fcomsx%2F%2F%3Asign%20in&c_eVar1=%2Fcomsx%2F%2F%3Asign%20in&c_prop4=sign%20in&c_prop7=my-xfinity&c_eVar7=my-xfinity&c_prop23=large&c_prop31=comcast&c_eVar31=sign%20in&c_prop32=cim&c_eVar32=cim&c_prop33=comcast%20net&c_eVar33=comcast%20net&c_prop34=comcast%20net%3Asign%20in&c_prop35=authentication&c_eVar35=authentication&c_prop36=site%3Ahome&c_eVar36=site%3Ahome&c_eVar41=large&c_prop44=anonymous%3Asign%20in&c_eVar47=anonymous&c_hier1=comcast%3Acim%3Acomcast%20net%3Asign%20in%3Asign%20in&c_hier2=%2Fcomsx%2F HTTP/1.1
Host: comcastathena.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://maryannmoise.com/
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/javascript;charset=utf-8
DCS: dcs-prod-irl1-2-v046-0f6cf9230.edge-irl1.demdex.com 4 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=08783079126889390925976015921241801518; Max-Age=15552000; Expires=Sun, 13 Aug 2023 01:35:02 GMT; Path=/; Domain=.demdex.net
X-TID: xxxlMNCxQyM=
Content-Length: 149
Connection: keep-alive
ocsp.comodoca.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash af1051618dfed46fd3e68d4e58890731
a51921e13de61e802dd94dc9858ec3ae37b26e1b
122428e7fead6235a9c55fd8c3177c7ef46f3f584c19539dfc374271a91debfc
POST / HTTP/1.1
Host: ocsp.comodoca.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 14 Feb 2023 01:35:03 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 13 Feb 2023 10:07:36 GMT
Expires: Mon, 20 Feb 2023 10:07:35 GMT
Etag: "a51921e13de61e802dd94dc9858ec3ae37b26e1b"
Cache-Control: max-age=601661,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 315
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7992109ef8820b55-OSL
login.comcast.net/static/images/global/favicon.ico
76.96.69.84200 OK 1.2 kB URL HTTP/1.1 login.comcast.net/static/images/global/favicon.ico
IP 76.96.69.84:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 8591b1e1977be23073d13751a5f203d0
3f549eff3cf641803992d8748202bf0775f4765e
a0307845ad0d4579ae6e7283a02b81403767295ab37cc0b144ac9d60772ebf97
GET /static/images/global/favicon.ico HTTP/1.1
Host: login.comcast.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://maryannmoise.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 14 Feb 2023 01:35:03 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Last-Modified: Tue, 11 Jan 2022 16:05:32 GMT
Accept-Ranges: bytes
Content-Length: 1150
Keep-Alive: timeout=5, max=500
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon
www.facebook.com/impression.php/f12212c2b7bf8a2/?api_key=161991040493541&lid=115&payload=%7B%22source%22%3A%22jssdk%22%7D
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/impression.php/f12212c2b7bf8a2/?api_key=161991040493541&lid=115&payload=%7B%22source%22%3A%22jssdk%22%7D
IP 31.13.72.36:0
GET /impression.php/f12212c2b7bf8a2/?api_key=161991040493541&lid=115&payload=%7B%22source%22%3A%22jssdk%22%7D HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://maryannmoise.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
content-type: image/gif
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
x-fb-debug: bzr3Bnxsaz2/PAK+tDeQEtutHnxICCzOCz4VClNCUdD9SELrIZl3coNux1POZz1YhgV4mNx4sJ19HdjPOKdeZA==
date: Tue, 14 Feb 2023 01:35:02 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/jquery-1.js
199.204.248.137200 OK 0 B URL HTTP/1.1 maryannmoise.com/comsx/Sign%20in%20to%20XFINITY_files/jquery-1.js
IP 199.204.248.137:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /comsx/Sign%20in%20to%20XFINITY_files/jquery-1.js HTTP/1.1
Host: maryannmoise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://maryannmoise.com/comsx/
HTTP/1.1 200 OK
Date: Tue, 14 Feb 2023 01:35:39 GMT
Server: Apache/2.4.54 (cPanel) OpenSSL/1.1.1q mod_bwlimited/1.4
Last-Modified: Thu, 23 Feb 2017 01:59:36 GMT
ETag: "18a91ff-16f44-54928f70e9200"
Accept-Ranges: bytes
Content-Length: 94020
Keep-Alive: timeout=30, max=99
Connection: Keep-Alive
Content-Type: application/javascript