Report - assets.downtownmusicpub.com/REACTIVATION/

Report Overview

Submitted URL
assets.downtownmusicpub.com/REACTIVATION/
IP
70.32.68.245
ASN
#31815 MEDIATEMPLE
Submitted
2023-02-23 06:54:11
Access
Website Title
Final URL
Tags
chase financial phishing
urlquery detections
Phishing - Chase

Detections

urlquery
25
Network Intrusion Detection
0
Threat Detection Systems
20

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.4 kB	6.2 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	54.184.253.181
assets.downtownmusicpub.com	unknown	2022-07-04T01:38:35Z	2023-02-23T03:02:42Z	7.5 kB	599 kB	70.32.68.245
cdnjs.cloudflare.com	235	2015-04-17T22:46:33Z	2023-03-13T05:09:21Z	412 B	5.6 kB	104.17.25.14
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.8 kB	55 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-02-22	medium	assets.downtownmusicpub.com/REACTIVATION/	Chase Personal Banking

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-23	medium	assets.downtownmusicpub.com/REACTIVATION/	Phishing
2023-02-23	medium	assets.downtownmusicpub.com/REACTIVATION/js/jquery.validate.min.js	Phishing
2023-02-23	medium	assets.downtownmusicpub.com/REACTIVATION/js/MyBabyTwo.js	Phishing
2023-02-23	medium	assets.downtownmusicpub.com/REACTIVATION/js/jquery.CardValidator.js	Phishing
2023-02-23	medium	assets.downtownmusicpub.com/REACTIVATION/js/jquery.min.js	Phishing
2023-02-23	medium	assets.downtownmusicpub.com/REACTIVATION/img/desktopnight.jpeg	Phishing
2023-02-23	medium	assets.downtownmusicpub.com/REACTIVATION/fonts/dcefont.woff	Phishing
2023-02-23	medium	assets.downtownmusicpub.com/REACTIVATION/fonts/opensans-regular.ttf	Phishing
2023-02-23	medium	assets.downtownmusicpub.com/REACTIVATION/img/icon.ico	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (8)

	URL	Size	First Seen	Last Seen
	cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js	20 kB	2023-03-07	2024-04-19
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-04-19 19:48:36 Times Seen3555 Hash 053305c2b293c27c02523cda42962c09 556b0af7346b9e21a8eea1be8b195b563169ecd5 be483938eb34538b970684f72e312f62652e84b42b7ad86953962d1ce2217c44 Loading...

	assets.downtownmusicpub.com/REACTIVATION/js/jquery.validate.min.js	34 kB	2023-03-07	2024-04-15
Pretty URL assets.downtownmusicpub.com/REACTIVATION/js/jquery.validate.min.js IP 70.32.68.245 ASN #31815 MEDIATEMPLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-04-15 09:41:25 Times Seen417 Hash 9ea64390e300ed1a23e2b62b7cd5cb20 7df056209ee2091fc674aa9f59a1063c072e9e32 b8302f6aead75ca339781930167f4e1ad42f50cf7e17b654c93159037fc9fd20 Loading...

	assets.downtownmusicpub.com/REACTIVATION/js/MyBabyTwo.js	49 kB	2023-03-07	2024-04-15
Pretty URL assets.downtownmusicpub.com/REACTIVATION/js/MyBabyTwo.js IP 70.32.68.245 ASN #31815 MEDIATEMPLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:47 Last Seen2024-04-15 09:41:25 Times Seen116 Hash ddb4d583751486599b53b5ef75d6cec0 39e93733f13c8da59fec06048ee65ee4eb7ecd4b b952b50c313b81263f233f25fb28472439365b98cc9b59c816b5962ac281b090 Loading...

	assets.downtownmusicpub.com/REACTIVATION/js/jquery.CardValidator.js	6.4 kB	2023-03-07	2024-04-15
Pretty URL assets.downtownmusicpub.com/REACTIVATION/js/jquery.CardValidator.js IP 70.32.68.245 ASN #31815 MEDIATEMPLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-04-15 09:41:25 Times Seen437 Hash fb905575d35b1762182c0bdb0156a8e7 5d7364bb8423174608a55975e985138b09ef16f0 2e31f31633d04598c60731878851d821eaa4403af63b930d58bb10bc9c0428a2 Loading...

	assets.downtownmusicpub.com/REACTIVATION/js/jquery.min.js	160 kB	2023-03-07	2024-04-15
Pretty URL assets.downtownmusicpub.com/REACTIVATION/js/jquery.min.js IP 70.32.68.245 ASN #31815 MEDIATEMPLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-04-15 09:41:25 Times Seen198 Hash 50f1aacb05fc40763064d74404c5bcb2 b3c28cab2fc387c630cf23704dde2f1b5013747c 6e1297448cf350be58ab05a6c413fa4d4b97440a0a3ab97fb03c09ff49af5ad4 Loading...

	assets.downtownmusicpub.com/REACTIVATION/	126 B	2023-03-07	2024-04-15
Pretty URL assets.downtownmusicpub.com/REACTIVATION/ IP 70.32.68.245 ASN #31815 MEDIATEMPLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-04-15 09:41:25 Times Seen118 Hash 8740b4845ab9cab32fb62a6fad538bd4 ced8c839fd8be627298b22c0e5bafee66e700d32 525f18739bc66c1a58912857307bf9c0df387ac5f3c9f585780dc101418a40e2 Loading...

	assets.downtownmusicpub.com/REACTIVATION/	42 B	2023-03-07	2024-04-15
Pretty URL assets.downtownmusicpub.com/REACTIVATION/ IP 70.32.68.245 ASN #31815 MEDIATEMPLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-04-15 09:41:25 Times Seen154 Hash 2761a67601de260a37acfd3820c114ca d7bfce876cf1303475303d3bc4e6d6c1d9b332c5 696cce9ea2564c7309810ef098e91ce166edaca99d905e1be65f81450f31ff19 Loading...

		Size	First Seen	Last Seen
	#1 Write - 5531a5834816222280f20d1ef9e95f69	4 B	2023-03-12	2024-01-28
Pretty Observations First Seen2023-03-12 12:17:15 Last Seen2024-01-28 13:22:54 Times Seen21116 Hash 5531a5834816222280f20d1ef9e95f69 445cd2fd3273962bdf09425109a2d09f7170e837 d398b29d3dbbb9bf201d4c7e1c19ff9d43c15fd45a0cec46fbe9885ec3f6e97f Loading...

HTTP Transactions (35)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6eb0a77aa4a20639a06d9621742007c2
d2d03beeb111049117b70d5f3dff3698a671ef8a
62c2da0800bf8efb6bb985b2eb046fa863e0b394681fb2ab187a9c4836fbd320

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62C2DA0800BF8EFB6BB985B2EB046FA863E0B394681FB2AB187A9C4836FBD320"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4264
Expires: Thu, 23 Feb 2023 08:05:04 GMT
Date: Thu, 23 Feb 2023 06:54:00 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
67fc460ed2f69dde3c410ec607ef3510
ba9f582ec321351e5c06c9b2c381f06b685ef274
85df74fac7d59d76840b6359bac24648fede201c0048f2a8382af6468225ffb8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "85DF74FAC7D59D76840B6359BAC24648FEDE201C0048F2A8382AF6468225FFB8"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4379
Expires: Thu, 23 Feb 2023 08:06:59 GMT
Date: Thu, 23 Feb 2023 06:54:00 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 23 Feb 2023 06:53:54 GMT
content-type: application/json
age: 6
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d4569ebd95f766b8f22ed69d69334c37
a7fcd3f640877885077a4126708968d7e1e0d252
e485343a8251f50009506dfc6a42c82ca6b09b434d1e0984ea7c2dfea7dcd28d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E485343A8251F50009506DFC6A42C82CA6B09B434D1E0984EA7C2DFEA7DCD28D"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3412
Expires: Thu, 23 Feb 2023 07:50:52 GMT
Date: Thu, 23 Feb 2023 06:54:00 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: Iov9R2btMiReaeBg4jhV/Z4MUi53vIRGGj9Ay0cpMc43r5swY/i0VovWDAhXv6v+HDLje6m3FbA=
x-amz-request-id: 6QTSG6VBFSR4M59P
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 23 Feb 2023 06:48:58 GMT
age: 302
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 23 Feb 2023 06:54:00 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Last-Modified, Alert, Backoff, Content-Type, Pragma, Expires, Cache-Control, Retry-After, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 23 Feb 2023 06:51:26 GMT
age: 154
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5fa728a339ca32e616d483e61d0aebcd
6a63966de94d16390c8f1e47e5b67fe5bb67f7cd
7e83729d554404e59f1f1ff809ac776d3596487e2b062a1e38af8e29f33c0686

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E83729D554404E59F1F1FF809AC776D3596487E2B062A1E38AF8E29F33C0686"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16368
Expires: Thu, 23 Feb 2023 11:26:49 GMT
Date: Thu, 23 Feb 2023 06:54:01 GMT
Connection: keep-alive

push.services.mozilla.com/

54.184.253.181

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.184.253.181:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: fiBvJdY5QZkjmUdLbHqsEw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: HtCr09F/Znqhs0uacOtmoXhLkb8=

assets.downtownmusicpub.com/REACTIVATION/

70.32.68.245

200 OK

19 kB

URL HTTP/2
assets.downtownmusicpub.com/REACTIVATION/
IP
70.32.68.245:0
ASN
#31815 MEDIATEMPLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5902), with CRLF line terminators
Size
19 kB (19325 bytes)
Hash
9f37fab79779075d0a4408dc523ba98f
b6475a8173e1b03065102327c561a702b033ce66
a43fdaa8f22ebf221a6b5c80f8ac20461110bced52c7ab86dacc659472842e58

Detections

Analyzer	Verdict	Alert
openphish	Chase Personal Banking
fortinet	Phishing

HTTP Headers

GET /REACTIVATION/ HTTP/1.1
Host: assets.downtownmusicpub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
x-powered-by: PHP/7.4.33
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=13b37d4b6d8d986bfb2049dfd218c2d2; path=/
vary: Accept-Encoding
content-encoding: br
content-length: 19325
content-type: text/html; charset=UTF-8
date: Thu, 23 Feb 2023 06:54:00 GMT
server: Apache
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js

104.17.25.14

200 OK

4.5 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
4.5 kB (4517 bytes)
Hash
e40e054c5726f042bad463e3774a2777
5c9413b72837a440b327444104830c35ae3b052c
fcc8a86d2e89e8fbe9815d50c23bf205191ab8a6c0bec67358cd975d94283ff8

HTTP Headers

GET /ajax/libs/jquery.mask/1.14.10/jquery.mask.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://assets.downtownmusicpub.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 23 Feb 2023 06:54:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 4517
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec3-4e98"
last-modified: Mon, 04 May 2020 16:11:47 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 10940356
expires: Tue, 13 Feb 2024 06:54:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p9CVerjipRu2AdzvdvGxmP7i%2BgHV5B2XNYboxsKESeoTuW1wCpgo5u6wQVv9uW8NQdFWKhGdNfU1swv%2FjWeBRCVA%2BiklIPRpP4xRIfO3HvIK%2B%2BC5gvn%2B6EqpVYwh78lJ0ULbDqFE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 79de0c3b4e830b06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

assets.downtownmusicpub.com/REACTIVATION/img/congra.png

70.32.68.245

200 OK

22 kB

URL HTTP/2
assets.downtownmusicpub.com/REACTIVATION/img/congra.png
IP
70.32.68.245:0
ASN
#31815 MEDIATEMPLE

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Size
22 kB (22060 bytes)
Hash
1cb46cbb550a7047d40ff30244ca144b
8c41692d4a18624338f9ec32f569b028aa20f827
065a5ede3e090578c581c77883c6acfa9dc9393efc2f19775cfb410263fa8e1c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Chase
urlquery	phishing	Phishing - Chase

HTTP Headers

GET /REACTIVATION/img/congra.png HTTP/1.1
Host: assets.downtownmusicpub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://assets.downtownmusicpub.com/REACTIVATION/
Cookie: PHPSESSID=13b37d4b6d8d986bfb2049dfd218c2d2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 03 Dec 2019 04:22:14 GMT
etag: "2740936-562c-598c50a662980"
accept-ranges: bytes
content-length: 22060
content-type: image/png
date: Thu, 23 Feb 2023 06:54:01 GMT
server: Apache
X-Firefox-Spdy: h2

assets.downtownmusicpub.com/REACTIVATION/img/alert.gif

70.32.68.245

200 OK

6.9 kB

URL HTTP/2
assets.downtownmusicpub.com/REACTIVATION/img/alert.gif
IP
70.32.68.245:0
ASN
#31815 MEDIATEMPLE

File type
GIF image data, version 89a, 240 x 240\012- data
Size
6.9 kB (6926 bytes)
Hash
6b3fe3fcfdc8a4f64ce935194f5591ab
64d7c83fa447c9b84997b034d8434155ae53163e
86a86f9ba8a23418cb079bbf61fe64974770fb416a27384ef80045976487894e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Chase
urlquery	phishing	Phishing - Chase

HTTP Headers

GET /REACTIVATION/img/alert.gif HTTP/1.1
Host: assets.downtownmusicpub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://assets.downtownmusicpub.com/REACTIVATION/
Cookie: PHPSESSID=13b37d4b6d8d986bfb2049dfd218c2d2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 07 Apr 2020 09:12:04 GMT
etag: "274092e-1b0e-5a2afc6edc100"
accept-ranges: bytes
content-length: 6926
content-type: image/gif
date: Thu, 23 Feb 2023 06:54:01 GMT
server: Apache
X-Firefox-Spdy: h2

assets.downtownmusicpub.com/REACTIVATION/img/emdef213.png

70.32.68.245

200 OK

26 kB

URL HTTP/2
assets.downtownmusicpub.com/REACTIVATION/img/emdef213.png
IP
70.32.68.245:0
ASN
#31815 MEDIATEMPLE

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Size
26 kB (26120 bytes)
Hash
f97e9297a90a73c16b5734c0910785ce
d9df719d58da061ccf75349314e562f8b22b76d3
9f926e83679171e34c289ff3aa5b7f067e75cfa564345f53941ca824c42d5f77

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Chase
urlquery	phishing	Phishing - Chase

HTTP Headers

GET /REACTIVATION/img/emdef213.png HTTP/1.1
Host: assets.downtownmusicpub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://assets.downtownmusicpub.com/REACTIVATION/
Cookie: PHPSESSID=13b37d4b6d8d986bfb2049dfd218c2d2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 05 Apr 2020 08:34:26 GMT
etag: "274093a-6608-5a28704a8a880"
accept-ranges: bytes
content-length: 26120
content-type: image/png
date: Thu, 23 Feb 2023 06:54:01 GMT
server: Apache
X-Firefox-Spdy: h2

assets.downtownmusicpub.com/REACTIVATION/img/loading.gif

70.32.68.245

200 OK

39 kB

URL HTTP/2
assets.downtownmusicpub.com/REACTIVATION/img/loading.gif
IP
70.32.68.245:0
ASN
#31815 MEDIATEMPLE

File type
GIF image data, version 89a, 200 x 200\012- data
Size
39 kB (38636 bytes)
Hash
d10ef01e81faa2c2d812bdf670b4e072
77d09a57b2091fd7665dff763a5eab23e0ff907e
5e3d5246b17e19e65385092db07554d8e1c5c4a226a6d7f97824b8e1e8571e34

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Chase
urlquery	phishing	Phishing - Chase

HTTP Headers

GET /REACTIVATION/img/loading.gif HTTP/1.1
Host: assets.downtownmusicpub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://assets.downtownmusicpub.com/REACTIVATION/
Cookie: PHPSESSID=13b37d4b6d8d986bfb2049dfd218c2d2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 11 Aug 2018 20:03:50 GMT
etag: "2740943-96ec-5732e5bd61580"
accept-ranges: bytes
content-length: 38636
content-type: image/gif
date: Thu, 23 Feb 2023 06:54:01 GMT
server: Apache
X-Firefox-Spdy: h2

assets.downtownmusicpub.com/REACTIVATION/js/jquery.validate.min.js

70.32.68.245

200 OK

7.8 kB

URL HTTP/2
assets.downtownmusicpub.com/REACTIVATION/js/jquery.validate.min.js
IP
70.32.68.245:0
ASN
#31815 MEDIATEMPLE

File type
ASCII text, with very long lines (833), with CRLF line terminators
Size
7.8 kB (7825 bytes)
Hash
e4f725ce2851306a9e7fc4a4eb012ed3
76541c79d44cbc180d8c6625cabac0007cec4e90
212e823e7e81a165bfb4c2a3a784ce17da92c147036181cddcf975897c561670

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Chase
urlquery	phishing	Phishing - Chase
fortinet	Phishing

HTTP Headers

GET /REACTIVATION/js/jquery.validate.min.js HTTP/1.1
Host: assets.downtownmusicpub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://assets.downtownmusicpub.com/REACTIVATION/
Cookie: PHPSESSID=13b37d4b6d8d986bfb2049dfd218c2d2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 11 Aug 2018 21:12:40 GMT
etag: "2740957-8687-5732f5200e200-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 7825
content-type: application/javascript
date: Thu, 23 Feb 2023 06:54:01 GMT
server: Apache
X-Firefox-Spdy: h2

assets.downtownmusicpub.com/REACTIVATION/css/lostyle.css

70.32.68.245

200 OK

15 kB

URL HTTP/2
assets.downtownmusicpub.com/REACTIVATION/css/lostyle.css
IP
70.32.68.245:0
ASN
#31815 MEDIATEMPLE

File type
ASCII text, with CRLF line terminators
Size
15 kB (15404 bytes)
Hash
aed55fb0d22f2df3a54fc4cf6141f00a
1d03b62e372f39d47a897b59c47c1fb6d34bb10e
1cd3c07896d98e963b374b64042959c888a78ea9731ab26fcde4767971eb947b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Chase
urlquery	phishing	Phishing - Chase

HTTP Headers

GET /REACTIVATION/css/lostyle.css HTTP/1.1
Host: assets.downtownmusicpub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://assets.downtownmusicpub.com/REACTIVATION/
Cookie: PHPSESSID=13b37d4b6d8d986bfb2049dfd218c2d2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 09 Apr 2020 05:00:34 GMT
etag: "2740922-1cf1f-5a2d47f2d6080-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 15404
content-type: text/css
date: Thu, 23 Feb 2023 06:54:01 GMT
server: Apache
X-Firefox-Spdy: h2

assets.downtownmusicpub.com/REACTIVATION/js/MyBabyTwo.js

70.32.68.245

200 OK

6.9 kB

URL HTTP/2
assets.downtownmusicpub.com/REACTIVATION/js/MyBabyTwo.js
IP
70.32.68.245:0
ASN
#31815 MEDIATEMPLE

File type
Unicode text, UTF-8 text, with very long lines (49274), with no line terminators
Size
6.9 kB (6938 bytes)
Hash
a2fcdbc286064ea1de502100bb96c962
fc4c178194962dcfe37d5e80ae2bd4f45539cdc9
8ffc67b818bc44b395169b85c609832a8ffbcb31ecf747967a22b9000ca915b5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /REACTIVATION/js/MyBabyTwo.js HTTP/1.1
Host: assets.downtownmusicpub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://assets.downtownmusicpub.com/REACTIVATION/
Cookie: PHPSESSID=13b37d4b6d8d986bfb2049dfd218c2d2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 08 Jun 2020 06:47:26 GMT
etag: "2740953-c07d-5a78cfbd73b80-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 6938
content-type: application/javascript
date: Thu, 23 Feb 2023 06:54:01 GMT
server: Apache
X-Firefox-Spdy: h2

assets.downtownmusicpub.com/REACTIVATION/js/jquery.CardValidator.js

70.32.68.245

200 OK

2.0 kB

URL HTTP/2
assets.downtownmusicpub.com/REACTIVATION/js/jquery.CardValidator.js
IP
70.32.68.245:0
ASN
#31815 MEDIATEMPLE

File type
ASCII text
Size
2.0 kB (1951 bytes)
Hash
30b03a7cb29ef790e8453da0ec68f172
3f081c28b9946583755e2f94b9ced5354370f177
0f16f9846dacbdf2d8a63b1f6641c5c36052c058b62d7888ac25dc589d521a72

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Chase
urlquery	phishing	Phishing - Chase
fortinet	Phishing

HTTP Headers

GET /REACTIVATION/js/jquery.CardValidator.js HTTP/1.1
Host: assets.downtownmusicpub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://assets.downtownmusicpub.com/REACTIVATION/
Cookie: PHPSESSID=13b37d4b6d8d986bfb2049dfd218c2d2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 29 Aug 2017 06:03:08 GMT
etag: "2740955-18df-557de2a531f00-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1951
content-type: application/javascript
date: Thu, 23 Feb 2023 06:54:01 GMT
server: Apache
X-Firefox-Spdy: h2

assets.downtownmusicpub.com/REACTIVATION/js/jquery.min.js

70.32.68.245

200 OK

39 kB

URL HTTP/2
assets.downtownmusicpub.com/REACTIVATION/js/jquery.min.js
IP
70.32.68.245:0
ASN
#31815 MEDIATEMPLE

File type
ASCII text, with very long lines (568)
Size
39 kB (38555 bytes)
Hash
28feb1a4a2276a6d31db563408a99c7c
743015e99f1a4fc9309c395aca319639c4c500fa
cfc93ad35ad1243ad639fbdb6d3f6606c9eb88fec610bc70e7c73b2bc18ed4fa

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Chase
urlquery	phishing	Phishing - Chase
fortinet	Phishing

HTTP Headers

GET /REACTIVATION/js/jquery.min.js HTTP/1.1
Host: assets.downtownmusicpub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://assets.downtownmusicpub.com/REACTIVATION/
Cookie: PHPSESSID=13b37d4b6d8d986bfb2049dfd218c2d2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 17 Apr 2020 16:17:40 GMT
etag: "2740956-26f32-5a37ee367f100-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 38555
content-type: application/javascript
date: Thu, 23 Feb 2023 06:54:01 GMT
server: Apache
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cd04d923e6b3cbd7cac3c56d18ca9016
7d3205fb454124635afcbfcf2265ce504c778ef1
fc857fad800eb3c6f2a3f28007b1b81f2a95e4968d376f47238a681f9c958475

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC857FAD800EB3C6F2A3F28007B1B81F2A95E4968D376F47238A681F9C958475"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4903
Expires: Thu, 23 Feb 2023 08:15:45 GMT
Date: Thu, 23 Feb 2023 06:54:02 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cd04d923e6b3cbd7cac3c56d18ca9016
7d3205fb454124635afcbfcf2265ce504c778ef1
fc857fad800eb3c6f2a3f28007b1b81f2a95e4968d376f47238a681f9c958475

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC857FAD800EB3C6F2A3F28007B1B81F2A95E4968D376F47238A681F9C958475"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4903
Expires: Thu, 23 Feb 2023 08:15:45 GMT
Date: Thu, 23 Feb 2023 06:54:02 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cd04d923e6b3cbd7cac3c56d18ca9016
7d3205fb454124635afcbfcf2265ce504c778ef1
fc857fad800eb3c6f2a3f28007b1b81f2a95e4968d376f47238a681f9c958475

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC857FAD800EB3C6F2A3F28007B1B81F2A95E4968D376F47238A681F9C958475"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4903
Expires: Thu, 23 Feb 2023 08:15:45 GMT
Date: Thu, 23 Feb 2023 06:54:02 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5df27f54-2fe2-459e-87c7-b6c6a31aba0c.jpeg

34.120.237.76

200 OK

6.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5df27f54-2fe2-459e-87c7-b6c6a31aba0c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.7 kB (6705 bytes)
Hash
d97504086b1691daf37cfc6fdc47d397
df754de121e0219219424f5ec36d4150510ede41
3d41298d07865266b65dd40292df8c2667aeded253cd3cd9648ef36d5141296a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5df27f54-2fe2-459e-87c7-b6c6a31aba0c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6705
x-amzn-requestid: c3a54f4d-2516-41fd-a654-de992767ba5a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AwqR3F-foAMFW2w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f68a72-7ae23d402cdf53c8752caf5d;Sampled=0
x-amzn-remapped-date: Wed, 22 Feb 2023 21:34:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JqUwtC4nRkbarwUo7m4fgpLg0W5HYnXMe8s4hKE41wSBuCWWPhLfVw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 21:44:15 GMT
age: 32987
etag: "df754de121e0219219424f5ec36d4150510ede41"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1024518c-aee4-4742-a886-86b92f76f0c3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.8 kB (5823 bytes)
Hash
fbf1945668d4a8c35e68f8d60fd80f56
0553020a82f7a6245a2979d58e1765883a777893
4220c9dea6f77c1775be6ca4d1d133b3d8f1d9caec3cc6e85747b87c7d897a92

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1024518c-aee4-4742-a886-86b92f76f0c3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5823
x-amzn-requestid: 4b226ac8-c443-4382-ab8e-b618c95a713d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Aq1HSFWvIAMFUAw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f43561-7ac4a51e389a6e6b2a9199a5;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 03:07:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: p6v-ksQmtagKBT2hXXL7AVGvhSCwy8wUoi4dWRJPDaSsT7BvBxh4fw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Feb 2023 03:02:20 GMT
age: 13902
etag: "0553020a82f7a6245a2979d58e1765883a777893"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1585e234-d4e0-4e4e-8699-70831e5a915e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9721 bytes)
Hash
e4016fa20fa2642f89d375fcc2855d4b
f1733be34a214e9565208f814dd3990f89cafbcb
74686e6a674433c436bce8c70cecc1a2cde51e82241e8251188ebd587fd4ee18

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1585e234-d4e0-4e4e-8699-70831e5a915e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9721
x-amzn-requestid: 5ddea3ff-b6e2-4528-8e71-eade54612b4f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AwqR3HJpoAMF5LQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f68a72-413219251feae2e32b9e6857;Sampled=0
x-amzn-remapped-date: Wed, 22 Feb 2023 21:34:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: iHR9N5OPgY8mjpsZowY-Ipeq62c8O_QQorpNmIOa68_vmWyY0eqt-A==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 21:44:15 GMT
age: 32987
etag: "f1733be34a214e9565208f814dd3990f89cafbcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04e67897-b0ef-4c04-a8de-f6f092510d32.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5894 bytes)
Hash
b71d2b327e4b858ce631d4d3d7ebeb4a
d35b46e26cab53baf794abc95a9796fc681f8d6d
e69798f5c9b6b1e33b8e7b3dc2ea1c463f06d4ba4fbc3b08e1fdd13d19b4756b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04e67897-b0ef-4c04-a8de-f6f092510d32.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5894
x-amzn-requestid: 70cc1517-7f08-4576-ba9a-2d049ce63647
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AwqgqHB5oAMFcXw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f68ad0-7d8e36ec44432c5a69c0662c;Sampled=0
x-amzn-remapped-date: Wed, 22 Feb 2023 21:36:16 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AvjfDtI2Wg_A17yfvDITdJ_kgpaOmXyZStanoZDdy2ezFbYzOGu3Qg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 21:49:47 GMT
age: 32655
etag: "d35b46e26cab53baf794abc95a9796fc681f8d6d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07a7f783-b830-48ee-af41-9e919bf61c16.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7286 bytes)
Hash
e767c4b566f75c2e5c384d79c874a982
3aa715f0e3a2fbc2a6be06a1284610be50685023
eb40b67d33ffb31a5acb809c4da06e3a82c49990b78f34407d56d22c444cf11c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07a7f783-b830-48ee-af41-9e919bf61c16.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7286
x-amzn-requestid: 3c5826ab-c99d-41c0-8145-561cab4d1d01
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AwqTQFtaIAMFW3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f68a7a-4e4d07a87e805c5c16837dfe;Sampled=0
x-amzn-remapped-date: Wed, 22 Feb 2023 21:34:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: anJcs_dDaqQi_kTT67paSKY90nqjll-QXuFboe1wV_26pr5WK5iNtw==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 21:45:02 GMT
age: 32940
etag: "3aa715f0e3a2fbc2a6be06a1284610be50685023"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faaed7132-17d0-4617-b3f8-f713aec9243a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.8 kB (5786 bytes)
Hash
25600c45164795c721b8cc679e1c00b2
1b5a850ab8518b01cd1c37d22abd0a835bfc7cc8
39e57a7d1101cff67274a0bcdbb20faed021c38679f833613a7165804fa11d86

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faaed7132-17d0-4617-b3f8-f713aec9243a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5786
x-amzn-requestid: 40080562-bd25-4e3f-ae07-c4935151d8b1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AusKUF-3oAMFwgQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f5c0a8-0306cb555d9bdd7e3de46354;Sampled=0
x-amzn-remapped-date: Wed, 22 Feb 2023 07:13:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ktBlTqhUu32ODQY70zQtpwjfCxyb7cVgOoYLG8JwGaEe1Y9XeSqxxw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 07:24:17 GMT
age: 84585
etag: "1b5a850ab8518b01cd1c37d22abd0a835bfc7cc8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

assets.downtownmusicpub.com/REACTIVATION/img/desktopnight.jpeg

70.32.68.245

200 OK

252 kB

URL HTTP/2
assets.downtownmusicpub.com/REACTIVATION/img/desktopnight.jpeg
IP
70.32.68.245:0
ASN
#31815 MEDIATEMPLE

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x1080, components 3\012- data
Size
252 kB (252002 bytes)
Hash
0689d4c522fe6244cc4a08a43b6a5973
e8fc8e85e910c1f6bcd9524d55dd1fd4aa2a6ce4
748d19968eceacc51b3e3cf884b508f55fac4636f24a02f69e4d72defdfda47c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Chase
urlquery	phishing	Phishing - Chase
fortinet	Phishing

HTTP Headers

GET /REACTIVATION/img/desktopnight.jpeg HTTP/1.1
Host: assets.downtownmusicpub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://assets.downtownmusicpub.com/REACTIVATION/
Cookie: PHPSESSID=13b37d4b6d8d986bfb2049dfd218c2d2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 16 Apr 2020 05:01:36 GMT
etag: "2740939-3d862-5a36153c30c00"
accept-ranges: bytes
content-length: 252002
content-type: image/jpeg
date: Thu, 23 Feb 2023 06:54:02 GMT
server: Apache
X-Firefox-Spdy: h2

assets.downtownmusicpub.com/REACTIVATION/css/style.css

70.32.68.245

200 OK

63 kB

URL HTTP/2
assets.downtownmusicpub.com/REACTIVATION/css/style.css
IP
70.32.68.245:0
ASN
#31815 MEDIATEMPLE

File type
ASCII text, with CRLF line terminators
Size
63 kB (62555 bytes)
Hash
5535a3e0017bb96fd53f07ead973f4f2
9b722b4572bcbb3245005eca79bb00377d0872b9
b18096d69aeb709a11caf52ab98e17ca157a608088bd5ddb981bfe9d0bfb0556

HTTP Headers

GET /REACTIVATION/css/style.css HTTP/1.1
Host: assets.downtownmusicpub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://assets.downtownmusicpub.com/REACTIVATION/
Cookie: PHPSESSID=13b37d4b6d8d986bfb2049dfd218c2d2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 04 Apr 2020 05:40:52 GMT
etag: "2740923-97157-5a2707a184100-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/css
date: Thu, 23 Feb 2023 06:54:01 GMT
server: Apache
X-Firefox-Spdy: h2

assets.downtownmusicpub.com/REACTIVATION/fonts/dcefont.woff

70.32.68.245

200 OK

70 kB

URL HTTP/2
assets.downtownmusicpub.com/REACTIVATION/fonts/dcefont.woff
IP
70.32.68.245:0
ASN
#31815 MEDIATEMPLE

File type
Web Open Font Format, TrueType, length 70296, version 0.0\012- data
Size
70 kB (70296 bytes)
Hash
2ec43bffa4424b28d0cc96b37cca33a4
1cde2661fb95ece87155c7931d5da6911331ef43
6ea71f4189e78297e3d1834c586a10dd39826ed8361cb1268b847cef45e03cb1

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Chase
urlquery	phishing	Phishing - Chase
fortinet	Phishing

HTTP Headers

GET /REACTIVATION/fonts/dcefont.woff HTTP/1.1
Host: assets.downtownmusicpub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://assets.downtownmusicpub.com/REACTIVATION/css/style.css
Cookie: PHPSESSID=13b37d4b6d8d986bfb2049dfd218c2d2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 04 Apr 2020 05:34:38 GMT
etag: "2740927-11298-5a27063cd7780"
accept-ranges: bytes
content-length: 70296
vary: Accept-Encoding
content-type: font/woff
date: Thu, 23 Feb 2023 06:54:02 GMT
server: Apache
X-Firefox-Spdy: h2

assets.downtownmusicpub.com/REACTIVATION/fonts/opensans-regular.ttf

70.32.68.245

200 OK

24 kB

URL HTTP/2
assets.downtownmusicpub.com/REACTIVATION/fonts/opensans-regular.ttf
IP
70.32.68.245:0
ASN
#31815 MEDIATEMPLE

File type
TrueType Font data, 19 tables, 1st "FFTM", 18 names, Microsoft, language 0x409, Digitized data copyright \251 2010-2011, Google Corporation.Open SansRegularAscender - Open Sans\012- data
Size
24 kB (23693 bytes)
Hash
9eff48f142e2c08e3fb457211227b8ad
dd91431557cfd2a8b1f78919772fd63056581137
ce57550c7185d5da966831e5f64a4d1886154ee0a6bfe90a85c96f2bc00597e6

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Chase
urlquery	phishing	Phishing - Chase
fortinet	Phishing

HTTP Headers

GET /REACTIVATION/fonts/opensans-regular.ttf HTTP/1.1
Host: assets.downtownmusicpub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://assets.downtownmusicpub.com/REACTIVATION/
Cookie: PHPSESSID=13b37d4b6d8d986bfb2049dfd218c2d2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 15 Apr 2020 20:35:48 GMT
etag: "274092c-b13c-5a35a42e15100-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 23693
content-type: font/ttf
date: Thu, 23 Feb 2023 06:54:02 GMT
server: Apache
X-Firefox-Spdy: h2

assets.downtownmusicpub.com/REACTIVATION/img/icon.ico

70.32.68.245

200 OK

2.3 kB

URL HTTP/2
assets.downtownmusicpub.com/REACTIVATION/img/icon.ico
IP
70.32.68.245:0
ASN
#31815 MEDIATEMPLE

File type
MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
2.3 kB (2252 bytes)
Hash
a1309a01e05915959161d39b46f4cf1e
7a491fc9538e34f12b43a121c3df0bf9abfb50b1
1605511b5623cb53f879554863fc7c67888c5b26b93a22947434db8b8b6cf543

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Chase
urlquery	phishing	Phishing - Chase
fortinet	Phishing

HTTP Headers

GET /REACTIVATION/img/icon.ico HTTP/1.1
Host: assets.downtownmusicpub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://assets.downtownmusicpub.com/REACTIVATION/
Cookie: PHPSESSID=13b37d4b6d8d986bfb2049dfd218c2d2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 17 Apr 2020 17:43:34 GMT
etag: "274093d-7d26-5a380169bbd80-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 2252
content-type: image/x-icon
date: Thu, 23 Feb 2023 06:54:02 GMT
server: Apache
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7713f4b5-c3f3-4d1b-b482-207e7dba9b9f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.1 kB (6136 bytes)
Hash
74dd13a48eb1b654aa657ac1b50abd24
4b5a935ba7d60b1f68e89d56115a91bd90fef982
c2edd14bfbfcce7e37c6226b47f31a133e9e51efcd0dcbc2a33bc89c564446d9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7713f4b5-c3f3-4d1b-b482-207e7dba9b9f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 6136
x-amzn-requestid: a2466096-4fbe-43aa-8f32-b4bd90d8a0d7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Auq1HFb2oAMFS9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f5be86-453b0b3210b8885f0b64abda;Sampled=0
x-amzn-remapped-date: Wed, 22 Feb 2023 07:04:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2S_xlaG6EP-i1UFYcKaygH3r-2qj2d7nlw9LPdRuXiW1BifDDnqFzg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 07:15:45 GMT
age: 85104
etag: "4b5a935ba7d60b1f68e89d56115a91bd90fef982"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

HTTP Transactions (35)

URL HTTP/1.1

IP