urlquery - report: assets.downtownmusicpub.com/REACTIVATION/

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
r3.o.lencr.org (8)	344	2020-12-02 08:52:13 UTC	2023-01-22 04:09:04 UTC	23.36.76.226
firefox.settings.services.mozilla.com (2)	867	2020-05-25 20:06:39 UTC	2023-01-22 04:09:21 UTC	35.241.9.150
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2023-01-22 04:10:55 UTC	34.117.237.239
push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2023-01-22 04:10:30 UTC	35.161.47.95
img-getpocket.cdn.mozilla.net (7)	1631	2017-09-01 03:40:57 UTC	2023-01-22 04:09:39 UTC	34.120.237.76
content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2023-01-22 04:10:28 UTC	34.160.144.191
assets.downtownmusicpub.com (16)	0	2022-07-03 23:38:35 UTC	2023-01-21 19:05:54 UTC	70.32.68.245	Unknown ranking
cdnjs.cloudflare.com (1)	235	2012-05-23 12:49:49 UTC	2023-01-22 04:12:12 UTC	104.17.25.14
ocsp.digicert.com (1)	86	2012-05-21 07:02:23 UTC	2023-01-22 04:30:18 UTC	93.184.220.29

Scan Date	Severity	Indicator	Comment
2023-01-22	2	assets.downtownmusicpub.com/REACTIVATION/	Phishing
2023-01-22	2	assets.downtownmusicpub.com/REACTIVATION/js/MyBabyTwo.js	Phishing
2023-01-22	2	assets.downtownmusicpub.com/REACTIVATION/js/jquery.CardValidator.js	Phishing
2023-01-22	2	assets.downtownmusicpub.com/REACTIVATION/js/jquery.validate.min.js	Phishing
2023-01-22	2	assets.downtownmusicpub.com/REACTIVATION/js/jquery.min.js	Phishing
2023-01-22	2	assets.downtownmusicpub.com/REACTIVATION/img/logo.svg	Phishing
2023-01-22	2	assets.downtownmusicpub.com/REACTIVATION/img/desktopnight.jpeg	Phishing
2023-01-22	2	assets.downtownmusicpub.com/REACTIVATION/fonts/dcefont.woff	Phishing
2023-01-22	2	assets.downtownmusicpub.com/REACTIVATION/fonts/opensans-regular.ttf	Phishing
2023-01-22	2	assets.downtownmusicpub.com/REACTIVATION/img/icon.ico	Phishing

Date	UQ / IDS / BL	URL	IP
2023-02-23 06:54:11 +0000	25 - 0 - 10	assets.downtownmusicpub.com/REACTIVATION/	70.32.68.245
2023-01-22 18:16:28 +0000	16 - 0 - 10	assets.downtownmusicpub.com/REACTIVATION/	70.32.68.245
2023-01-20 19:53:11 +0000	16 - 0 - 12	assets.downtownmusicpub.com/REACTIVATION	70.32.68.245

Date	UQ / IDS / BL	URL	IP
2023-03-29 16:05:48 +0000	0 - 2 - 0	cpmconnect.com/	64.207.134.39
2023-03-28 20:48:06 +0000	0 - 0 - 0	text.vwcredit.com	205.186.187.241
2023-03-28 20:44:09 +0000	0 - 0 - 0	text.audifs.com	205.186.187.241
2023-03-27 02:44:33 +0000	19 - 3 - 2	s76228.gridserver.com/-/De/fcb1a0366e81852/lo (...)	70.32.68.66
2023-03-24 09:05:45 +0000	0 - 2 - 0	cpmconnect.com/	64.207.134.39

Date	UQ / IDS / BL	URL	IP
2023-02-23 06:54:11 +0000	25 - 0 - 10	assets.downtownmusicpub.com/REACTIVATION/	70.32.68.245
2023-01-22 18:16:28 +0000	16 - 0 - 10	assets.downtownmusicpub.com/REACTIVATION/	70.32.68.245
2023-01-20 19:53:11 +0000	16 - 0 - 12	assets.downtownmusicpub.com/REACTIVATION	70.32.68.245

Date	UQ / IDS / BL	URL	IP
2023-01-20 19:53:11 +0000	16 - 0 - 12	assets.downtownmusicpub.com/REACTIVATION	70.32.68.245
2023-01-08 16:19:06 +0000	15 - 0 - 10	srv184334.hoster-test.ru/	31.28.24.125

HTTP Transactions (38)

Request	Response
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 1580d1145f125c765e40e5983cb4bb4e2424010d2920a25ea7da992485da0dea 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "1580D1145F125C765E40E5983CB4BB4E2424010D2920A25EA7DA992485DA0DEA" Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6394 Expires: Sun, 22 Jan 2023 20:02:50 GMT Date: Sun, 22 Jan 2023 18:16:16 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 8997fa58a7262e8fd559d64b40511a1b Sha1: 0aa1c4365c28f45e4d7a8a234fbcf51cd009e083 Sha256: 1580d1145f125c765e40e5983cb4bb4e2424010d2920a25ea7da992485da0dea
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: c5fafb9127b71cbd4f7b1a44f755fc4aa0e2f47bbc50de4b15c870a22bf160d9 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "C5FAFB9127B71CBD4F7B1A44F755FC4AA0E2F47BBC50DE4B15C870A22BF160D9" Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9279 Expires: Sun, 22 Jan 2023 20:50:55 GMT Date: Sun, 22 Jan 2023 18:16:16 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 8a5e416451617846248067d72b675125 Sha1: 995b0346adefaf5f2e167d1b81e60cc9afc4f19e Sha256: c5fafb9127b71cbd4f7b1a44f755fc4aa0e2f47bbc50de4b15c870a22bf160d9
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 6547376c41dcaa352cc4e747291916902bcddc0032b750bd84c5e3b2fe6f7d16 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "6547376C41DCAA352CC4E747291916902BCDDC0032B750BD84C5E3B2FE6F7D16" Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15152 Expires: Sun, 22 Jan 2023 22:28:48 GMT Date: Sun, 22 Jan 2023 18:16:16 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 17094b856fde02b2c8c2d3845ad325cf Sha1: 26dc3f2ebf81faf5ab96eb75ffcbead6085528b8 Sha256: 6547376c41dcaa352cc4e747291916902bcddc0032b750bd84c5e3b2fe6f7d16
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 35.241.9.150 HASH: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e 35.241.9.150 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Sun, 22 Jan 2023 17:42:32 GMT age: 2024 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 14cd9a0afb6ba9a763651d5112760d1e Sha1: 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: d9pb2V/7Tx+zyH3woy7FIWXlrvukd+JccuCehPy25HtTQcZNlXTbkjifvhIyTa08YSf5d8DCVUk= x-amz-request-id: 470DPJVJD6C0XNKY content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Sun, 22 Jan 2023 17:47:23 GMT age: 1733 last-modified: Mon, 09 Jan 2023 18:04:21 GMT etag: "7b922915ebf1fa3639b333f994c74f24" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 7b922915ebf1fa3639b333f994c74f24 Sha1: 144a3f80b98fd0652d4614f24cf6cbbee40f8938 Sha256: adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Sun, 22 Jan 2023 18:16:16 GMT content-length: 12 access-control-allow-credentials: true access-control-expose-headers: content-type vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /REACTIVATION/ HTTP/1.1 Host: assets.downtownmusicpub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: assets.downtownmusicpub.com/REACTIVATION/ FQDN: assets.downtownmusicpub.com IP: 70.32.68.245 HASH: 8438e68089bf04a3d0de2b3235f1c6bd0e152bf95bd684db3eff2b2141ddc125 70.32.68.245 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Server: nginx Date: Sun, 22 Jan 2023 18:16:17 GMT Content-Length: 21930 Connection: keep-alive X-Powered-By: PHP/7.3.33 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Set-Cookie: PHPSESSID=35de2c4fc3e19d24e2b2b9ba68e8a5d6; path=/ Upgrade: h2,h2c Vary: Accept-Encoding Content-Encoding: gzip --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5902), with CRLF, LF line terminators Size: 21930 Md5: a79ea6ab3a0a82ff8c819fafdc98ed02 Sha1: 97761fa9ac3df46e02a495ad56c929b07baad75b Sha256: 8438e68089bf04a3d0de2b3235f1c6bd0e152bf95bd684db3eff2b2141ddc125 Alerts: Blocklists: - fortinet: Phishing
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 35.241.9.150 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 35.241.9.150 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Sun, 22 Jan 2023 17:48:58 GMT age: 1639 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /ajax/libs/jquery.mask/1.14.10/jquery.mask.js HTTP/1.1 Host: cdnjs.cloudflare.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://assets.downtownmusicpub.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jque (...) FQDN: cdnjs.cloudflare.com IP: 104.17.25.14 HASH: fcc8a86d2e89e8fbe9815d50c23bf205191ab8a6c0bec67358cd975d94283ff8 104.17.25.14 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Sun, 22 Jan 2023 18:16:17 GMT content-length: 4517 access-control-allow-origin: * cache-control: public, max-age=30672000 content-encoding: br etag: "5eb03ec3-4e98" last-modified: Mon, 04 May 2020 16:11:47 GMT cf-cdnjs-via: cfworker/kv cross-origin-resource-policy: cross-origin timing-allow-origin: * x-content-type-options: nosniff vary: Accept-Encoding cf-cache-status: HIT age: 8216492 expires: Fri, 12 Jan 2024 18:16:17 GMT accept-ranges: bytes report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FlUNwTbEYRgEZJHEy3%2BhqA%2FpXBnrzzEz4hNQ6H25CjDGR70tTAL1%2B8AdwS0OAXcsUoweURSLVvHAFnDwEDz1D8yAhs7aLZLQl1pDHCpgVHcqBLEZGBJATjPjotClxv1ucuDU3gpc"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=15780000 server: cloudflare cf-ray: 78da47a4ae8a0b02-OSL alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text Size: 4517 Md5: e40e054c5726f042bad463e3774a2777 Sha1: 5c9413b72837a440b327444104830c35ae3b052c Sha256: fcc8a86d2e89e8fbe9815d50c23bf205191ab8a6c0bec67358cd975d94283ff8
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 437e2d4e2bbfb33b0ff696172378ce55a0a5ed005a1b8c4005eab4a6995a3042 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 2490 Cache-Control: max-age=142320 Date: Sun, 22 Jan 2023 18:16:17 GMT Etag: "63ccfca7-1d7" Expires: Tue, 24 Jan 2023 09:48:17 GMT Last-Modified: Sun, 22 Jan 2023 09:06:47 GMT Server: ECS (ska/F6FC) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 0c74880fa99032b5c3831c179d702419 Sha1: 0020b368309735c94d8053d3781a7efb7283cfc5 Sha256: 437e2d4e2bbfb33b0ff696172378ce55a0a5ed005a1b8c4005eab4a6995a3042
GET /REACTIVATION/js/MyBabyTwo.js HTTP/1.1 Host: assets.downtownmusicpub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://assets.downtownmusicpub.com/REACTIVATION/ Cookie: PHPSESSID=35de2c4fc3e19d24e2b2b9ba68e8a5d6	URL: assets.downtownmusicpub.com/REACTIVATION/js/MyBabyTwo.js FQDN: assets.downtownmusicpub.com IP: 70.32.68.245 HASH: 6f13b4e53cfc3a3d05ef24033e4a8b1882b546ace038f71a10c82b6831765cfb 70.32.68.245 HTTP/1.1 200 OK Content-Type: application/javascript Server: nginx Date: Sun, 22 Jan 2023 18:16:17 GMT Content-Length: 7664 Connection: keep-alive Upgrade: h2,h2c Last-Modified: Mon, 08 Jun 2020 06:47:26 GMT ETag: "2740953-c07d-5a78cfbd73b80-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (49274), with no line terminators Size: 7664 Md5: eb5f9702ec19ce05c8a44e567aad9b18 Sha1: db55491877a3b04d255ce89b7feb910b8a1f2b75 Sha256: 6f13b4e53cfc3a3d05ef24033e4a8b1882b546ace038f71a10c82b6831765cfb Alerts: urlquery: - Phishing - Chase Blocklists: - fortinet: Phishing
GET /REACTIVATION/js/jquery.CardValidator.js HTTP/1.1 Host: assets.downtownmusicpub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://assets.downtownmusicpub.com/REACTIVATION/ Cookie: PHPSESSID=35de2c4fc3e19d24e2b2b9ba68e8a5d6	URL: assets.downtownmusicpub.com/REACTIVATION/js/jquery.Card (...) FQDN: assets.downtownmusicpub.com IP: 70.32.68.245 HASH: 31d0740c9a71776c253640a6915be5b120d3e90b6765d1d46f94c72a908b185e 70.32.68.245 HTTP/1.1 200 OK Content-Type: application/javascript Server: nginx Date: Sun, 22 Jan 2023 18:16:17 GMT Content-Length: 2083 Connection: keep-alive Upgrade: h2,h2c Last-Modified: Tue, 29 Aug 2017 06:03:08 GMT ETag: "2740955-18df-557de2a531f00-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip --- Additional Info --- Magic: ASCII text Size: 2083 Md5: 5e3812c918f22e125f3ea8c08bceaf76 Sha1: d5e6624b80474ea77e1adb60db6b0ded24205627 Sha256: 31d0740c9a71776c253640a6915be5b120d3e90b6765d1d46f94c72a908b185e Alerts: urlquery: - Phishing - Chase Blocklists: - fortinet: Phishing
GET /REACTIVATION/js/jquery.validate.min.js HTTP/1.1 Host: assets.downtownmusicpub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://assets.downtownmusicpub.com/REACTIVATION/ Cookie: PHPSESSID=35de2c4fc3e19d24e2b2b9ba68e8a5d6	URL: assets.downtownmusicpub.com/REACTIVATION/js/jquery.vali (...) FQDN: assets.downtownmusicpub.com IP: 70.32.68.245 HASH: 045beaf8c0f59e447b3bc0e6aa42da1c9cc563bf68eedcdd17f378afd0a084fe 70.32.68.245 HTTP/1.1 200 OK Content-Type: application/javascript Server: nginx Date: Sun, 22 Jan 2023 18:16:17 GMT Content-Length: 8046 Connection: keep-alive Upgrade: h2,h2c Last-Modified: Sat, 11 Aug 2018 21:12:40 GMT ETag: "2740957-8687-5732f5200e200-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip --- Additional Info --- Magic: ASCII text, with very long lines (833), with CRLF line terminators Size: 8046 Md5: 0d22a2c375340d6f68c7832f5bda6a01 Sha1: 16dfdcf36be9b17505177bf189baa072391da753 Sha256: 045beaf8c0f59e447b3bc0e6aa42da1c9cc563bf68eedcdd17f378afd0a084fe Alerts: urlquery: - Phishing - Chase Blocklists: - fortinet: Phishing
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: 7L7v1kZlElannKGzUH2QmA== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 35.161.47.95 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 35.161.47.95 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: ZMt0LJfh5kk0H9XMO2ZekWlWIig= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /REACTIVATION/css/lostyle.css HTTP/1.1 Host: assets.downtownmusicpub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://assets.downtownmusicpub.com/REACTIVATION/ Cookie: PHPSESSID=35de2c4fc3e19d24e2b2b9ba68e8a5d6	URL: assets.downtownmusicpub.com/REACTIVATION/css/lostyle.css FQDN: assets.downtownmusicpub.com IP: 70.32.68.245 HASH: 7d27898c3d4e3e2f6bfce2d14c1bface75802ae741d44364c41e0be93698a17d 70.32.68.245 HTTP/1.1 200 OK Content-Type: text/css Server: nginx Date: Sun, 22 Jan 2023 18:16:17 GMT Content-Length: 15956 Connection: keep-alive Upgrade: h2,h2c Last-Modified: Thu, 09 Apr 2020 05:00:34 GMT ETag: "2740922-1cf1f-5a2d47f2d6080-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip --- Additional Info --- Magic: ASCII text, with CRLF line terminators Size: 15956 Md5: 8caeecf9afc9290ddb1fddd0dc6631d1 Sha1: 9e2b379226bfc47b963fe33dd4ecb71da056eedd Sha256: 7d27898c3d4e3e2f6bfce2d14c1bface75802ae741d44364c41e0be93698a17d Alerts: urlquery: - Phishing - Chase
GET /REACTIVATION/js/jquery.min.js HTTP/1.1 Host: assets.downtownmusicpub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://assets.downtownmusicpub.com/REACTIVATION/ Cookie: PHPSESSID=35de2c4fc3e19d24e2b2b9ba68e8a5d6	URL: assets.downtownmusicpub.com/REACTIVATION/js/jquery.min.js FQDN: assets.downtownmusicpub.com IP: 70.32.68.245 HASH: 4f0974852ba99efb4adb48759d70ea2dc69e7a9f9a824f9947d1a136c8145565 70.32.68.245 HTTP/1.1 200 OK Content-Type: application/javascript Server: nginx Date: Sun, 22 Jan 2023 18:16:17 GMT Content-Length: 40021 Connection: keep-alive Upgrade: h2,h2c Last-Modified: Fri, 17 Apr 2020 16:17:40 GMT ETag: "2740956-26f32-5a37ee367f100-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip --- Additional Info --- Magic: ASCII text, with very long lines (568) Size: 40021 Md5: 514a4c838e493228ce16d0b1b5914751 Sha1: 78b1e5eaef6056170d8995820ae5277fe5c9a7a5 Sha256: 4f0974852ba99efb4adb48759d70ea2dc69e7a9f9a824f9947d1a136c8145565 Alerts: urlquery: - Phishing - Chase Blocklists: - fortinet: Phishing
GET /REACTIVATION/css/style.css HTTP/1.1 Host: assets.downtownmusicpub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://assets.downtownmusicpub.com/REACTIVATION/ Cookie: PHPSESSID=35de2c4fc3e19d24e2b2b9ba68e8a5d6	URL: assets.downtownmusicpub.com/REACTIVATION/css/style.css FQDN: assets.downtownmusicpub.com IP: 70.32.68.245 HASH: a6745a01df880c2b8abc2b129a84ce094865e8bc132399f40791f07c13ecfaf4 70.32.68.245 HTTP/1.1 200 OK Content-Type: text/css Server: nginx Date: Sun, 22 Jan 2023 18:16:17 GMT Transfer-Encoding: chunked Connection: keep-alive Upgrade: h2,h2c Last-Modified: Sat, 04 Apr 2020 05:40:52 GMT ETag: "2740923-97157-5a2707a184100-gzip" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip --- Additional Info --- Magic: ASCII text, with CRLF line terminators Size: 68491 Md5: 4bb7500c8e365a32a7430a3eb3c16f67 Sha1: 286b2e8c9959b219109e21f52c6ef54975e7a172 Sha256: a6745a01df880c2b8abc2b129a84ce094865e8bc132399f40791f07c13ecfaf4 Alerts: urlquery: - Phishing - Chase
GET /REACTIVATION/img/logo.svg HTTP/1.1 Host: assets.downtownmusicpub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://assets.downtownmusicpub.com/REACTIVATION/css/lostyle.css Cookie: PHPSESSID=35de2c4fc3e19d24e2b2b9ba68e8a5d6	URL: assets.downtownmusicpub.com/REACTIVATION/img/logo.svg FQDN: assets.downtownmusicpub.com IP: 70.32.68.245 HASH: d3bf9c143e5e360da41736b1d4e833b5ac6b6f7093ddc91ffc538233a78488d0 70.32.68.245 HTTP/1.1 200 OK Content-Type: image/svg+xml Server: nginx Date: Sun, 22 Jan 2023 18:16:18 GMT Content-Length: 1409 Connection: keep-alive Upgrade: h2,h2c Last-Modified: Sat, 04 Apr 2020 04:54:14 GMT ETag: "2740945-581-5a26fd3522980" Accept-Ranges: bytes Vary: Accept-Encoding --- Additional Info --- Magic: SVG Scalable Vector Graphics image\012- , ASCII text Size: 1409 Md5: b55b042f907bc7108f5dca2103a8476b Sha1: 9fcdcc86bfe1f3c7d4f774775670fbd08fe7556c Sha256: d3bf9c143e5e360da41736b1d4e833b5ac6b6f7093ddc91ffc538233a78488d0 Alerts: urlquery: - Phishing - Chase Blocklists: - fortinet: Phishing
GET /REACTIVATION/img/alert.gif HTTP/1.1 Host: assets.downtownmusicpub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://assets.downtownmusicpub.com/REACTIVATION/ Cookie: PHPSESSID=35de2c4fc3e19d24e2b2b9ba68e8a5d6	URL: assets.downtownmusicpub.com/REACTIVATION/img/alert.gif FQDN: assets.downtownmusicpub.com IP: 70.32.68.245 HASH: 86a86f9ba8a23418cb079bbf61fe64974770fb416a27384ef80045976487894e 70.32.68.245 HTTP/1.1 200 OK Content-Type: image/gif Server: nginx Date: Sun, 22 Jan 2023 18:16:18 GMT Content-Length: 6926 Connection: keep-alive Upgrade: h2,h2c Last-Modified: Tue, 07 Apr 2020 09:12:04 GMT ETag: "274092e-1b0e-5a2afc6edc100" Accept-Ranges: bytes --- Additional Info --- Magic: GIF image data, version 89a, 240 x 240\012- data Size: 6926 Md5: 6b3fe3fcfdc8a4f64ce935194f5591ab Sha1: 64d7c83fa447c9b84997b034d8434155ae53163e Sha256: 86a86f9ba8a23418cb079bbf61fe64974770fb416a27384ef80045976487894e Alerts: urlquery: - Phishing - Chase
GET /REACTIVATION/img/congra.png HTTP/1.1 Host: assets.downtownmusicpub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://assets.downtownmusicpub.com/REACTIVATION/ Cookie: PHPSESSID=35de2c4fc3e19d24e2b2b9ba68e8a5d6	URL: assets.downtownmusicpub.com/REACTIVATION/img/congra.png FQDN: assets.downtownmusicpub.com IP: 70.32.68.245 HASH: 065a5ede3e090578c581c77883c6acfa9dc9393efc2f19775cfb410263fa8e1c 70.32.68.245 HTTP/1.1 200 OK Content-Type: image/png Server: nginx Date: Sun, 22 Jan 2023 18:16:18 GMT Content-Length: 22060 Connection: keep-alive Upgrade: h2,h2c Last-Modified: Tue, 03 Dec 2019 04:22:14 GMT ETag: "2740936-562c-598c50a662980" Accept-Ranges: bytes --- Additional Info --- Magic: PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data Size: 22060 Md5: 1cb46cbb550a7047d40ff30244ca144b Sha1: 8c41692d4a18624338f9ec32f569b028aa20f827 Sha256: 065a5ede3e090578c581c77883c6acfa9dc9393efc2f19775cfb410263fa8e1c Alerts: urlquery: - Phishing - Chase
GET /REACTIVATION/img/emdef213.png HTTP/1.1 Host: assets.downtownmusicpub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://assets.downtownmusicpub.com/REACTIVATION/ Cookie: PHPSESSID=35de2c4fc3e19d24e2b2b9ba68e8a5d6	URL: assets.downtownmusicpub.com/REACTIVATION/img/emdef213.png FQDN: assets.downtownmusicpub.com IP: 70.32.68.245 HASH: 9f926e83679171e34c289ff3aa5b7f067e75cfa564345f53941ca824c42d5f77 70.32.68.245 HTTP/1.1 200 OK Content-Type: image/png Server: nginx Date: Sun, 22 Jan 2023 18:16:18 GMT Content-Length: 26120 Connection: keep-alive Upgrade: h2,h2c Last-Modified: Sun, 05 Apr 2020 08:34:26 GMT ETag: "274093a-6608-5a28704a8a880" Accept-Ranges: bytes --- Additional Info --- Magic: PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data Size: 26120 Md5: f97e9297a90a73c16b5734c0910785ce Sha1: d9df719d58da061ccf75349314e562f8b22b76d3 Sha256: 9f926e83679171e34c289ff3aa5b7f067e75cfa564345f53941ca824c42d5f77 Alerts: urlquery: - Phishing - Chase
GET /REACTIVATION/img/loading.gif HTTP/1.1 Host: assets.downtownmusicpub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://assets.downtownmusicpub.com/REACTIVATION/ Cookie: PHPSESSID=35de2c4fc3e19d24e2b2b9ba68e8a5d6	URL: assets.downtownmusicpub.com/REACTIVATION/img/loading.gif FQDN: assets.downtownmusicpub.com IP: 70.32.68.245 HASH: 5e3d5246b17e19e65385092db07554d8e1c5c4a226a6d7f97824b8e1e8571e34 70.32.68.245 HTTP/1.1 200 OK Content-Type: image/gif Server: nginx Date: Sun, 22 Jan 2023 18:16:18 GMT Content-Length: 38636 Connection: keep-alive Upgrade: h2,h2c Last-Modified: Sat, 11 Aug 2018 20:03:50 GMT ETag: "2740943-96ec-5732e5bd61580" Accept-Ranges: bytes --- Additional Info --- Magic: GIF image data, version 89a, 200 x 200\012- data Size: 38636 Md5: d10ef01e81faa2c2d812bdf670b4e072 Sha1: 77d09a57b2091fd7665dff763a5eab23e0ff907e Sha256: 5e3d5246b17e19e65385092db07554d8e1c5c4a226a6d7f97824b8e1e8571e34 Alerts: urlquery: - Phishing - Chase
GET /REACTIVATION/img/desktopnight.jpeg HTTP/1.1 Host: assets.downtownmusicpub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://assets.downtownmusicpub.com/REACTIVATION/ Cookie: PHPSESSID=35de2c4fc3e19d24e2b2b9ba68e8a5d6	URL: assets.downtownmusicpub.com/REACTIVATION/img/desktopnig (...) FQDN: assets.downtownmusicpub.com IP: 70.32.68.245 HASH: 748d19968eceacc51b3e3cf884b508f55fac4636f24a02f69e4d72defdfda47c 70.32.68.245 HTTP/1.1 200 OK Content-Type: image/jpeg Server: nginx Date: Sun, 22 Jan 2023 18:16:18 GMT Content-Length: 252002 Connection: keep-alive Upgrade: h2,h2c Last-Modified: Thu, 16 Apr 2020 05:01:36 GMT ETag: "2740939-3d862-5a36153c30c00" Accept-Ranges: bytes --- Additional Info --- Magic: JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x1080, components 3\012- data Size: 252002 Md5: 0689d4c522fe6244cc4a08a43b6a5973 Sha1: e8fc8e85e910c1f6bcd9524d55dd1fd4aa2a6ce4 Sha256: 748d19968eceacc51b3e3cf884b508f55fac4636f24a02f69e4d72defdfda47c Alerts: urlquery: - Phishing - Chase Blocklists: - fortinet: Phishing
GET /REACTIVATION/fonts/dcefont.woff HTTP/1.1 Host: assets.downtownmusicpub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: http://assets.downtownmusicpub.com/REACTIVATION/css/style.css Cookie: PHPSESSID=35de2c4fc3e19d24e2b2b9ba68e8a5d6	URL: assets.downtownmusicpub.com/REACTIVATION/fonts/dcefont.woff FQDN: assets.downtownmusicpub.com IP: 70.32.68.245 HASH: 6ea71f4189e78297e3d1834c586a10dd39826ed8361cb1268b847cef45e03cb1 70.32.68.245 HTTP/1.1 200 OK Content-Type: font/woff Server: nginx Date: Sun, 22 Jan 2023 18:16:18 GMT Content-Length: 70296 Connection: keep-alive Upgrade: h2,h2c Last-Modified: Sat, 04 Apr 2020 05:34:38 GMT ETag: "2740927-11298-5a27063cd7780" Accept-Ranges: bytes Vary: Accept-Encoding --- Additional Info --- Magic: Web Open Font Format, TrueType, length 70296, version 0.0\012- data Size: 70296 Md5: 2ec43bffa4424b28d0cc96b37cca33a4 Sha1: 1cde2661fb95ece87155c7931d5da6911331ef43 Sha256: 6ea71f4189e78297e3d1834c586a10dd39826ed8361cb1268b847cef45e03cb1 Alerts: urlquery: - Phishing - Chase Blocklists: - fortinet: Phishing
GET /REACTIVATION/fonts/opensans-regular.ttf HTTP/1.1 Host: assets.downtownmusicpub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://assets.downtownmusicpub.com/REACTIVATION/ Cookie: PHPSESSID=35de2c4fc3e19d24e2b2b9ba68e8a5d6	URL: assets.downtownmusicpub.com/REACTIVATION/fonts/opensans (...) FQDN: assets.downtownmusicpub.com IP: 70.32.68.245 HASH: c03c23a10c648cdb736fe0c1459cd94b7ed7029cb87eefbf32f9de0536c4236d 70.32.68.245 HTTP/1.1 200 OK Content-Type: font/ttf Server: nginx Date: Sun, 22 Jan 2023 18:16:18 GMT Content-Length: 45372 Connection: keep-alive Upgrade: h2,h2c Last-Modified: Wed, 15 Apr 2020 20:35:48 GMT ETag: "274092c-b13c-5a35a42e15100" Accept-Ranges: bytes Vary: Accept-Encoding --- Additional Info --- Magic: TrueType Font data, 19 tables, 1st "FFTM", 18 names, Microsoft, language 0x409, Digitized data copyright \251 2010-2011, Google Corporation.Open SansRegularAscender - Open Sans\012- data Size: 45372 Md5: 5eb12c4256bb7c968f2a807222b09543 Sha1: b8acd3e311fbe0c9ab3d63bfab9f1a448602bd0d Sha256: c03c23a10c648cdb736fe0c1459cd94b7ed7029cb87eefbf32f9de0536c4236d Alerts: urlquery: - Phishing - Chase Blocklists: - fortinet: Phishing
GET /REACTIVATION/img/icon.ico HTTP/1.1 Host: assets.downtownmusicpub.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://assets.downtownmusicpub.com/REACTIVATION/ Cookie: PHPSESSID=35de2c4fc3e19d24e2b2b9ba68e8a5d6	URL: assets.downtownmusicpub.com/REACTIVATION/img/icon.ico FQDN: assets.downtownmusicpub.com IP: 70.32.68.245 HASH: 625816f80596303e9de8e68695973369faa462b416202825b03899c781464fb9 70.32.68.245 HTTP/1.1 200 OK Content-Type: image/x-icon Server: nginx Date: Sun, 22 Jan 2023 18:16:18 GMT Content-Length: 32038 Connection: keep-alive Upgrade: h2,h2c Last-Modified: Fri, 17 Apr 2020 17:43:34 GMT ETag: "274093d-7d26-5a380169bbd80" Accept-Ranges: bytes Vary: Accept-Encoding --- Additional Info --- Magic: MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data Size: 32038 Md5: 5744986eb3dc6f2da92157a651889902 Sha1: 5a558b58498fab2aeb742acdab51e0c2fbc78385 Sha256: 625816f80596303e9de8e68695973369faa462b416202825b03899c781464fb9 Alerts: urlquery: - Phishing - Chase Blocklists: - fortinet: Phishing
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF" Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14701 Expires: Sun, 22 Jan 2023 22:21:20 GMT Date: Sun, 22 Jan 2023 18:16:19 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a618971ebc90b5698ddbabc4637e3345 Sha1: f920b73a7c9b57d77194ba8ba406664d8469b6b6 Sha256: f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF" Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14701 Expires: Sun, 22 Jan 2023 22:21:20 GMT Date: Sun, 22 Jan 2023 18:16:19 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a618971ebc90b5698ddbabc4637e3345 Sha1: f920b73a7c9b57d77194ba8ba406664d8469b6b6 Sha256: f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF" Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14701 Expires: Sun, 22 Jan 2023 22:21:20 GMT Date: Sun, 22 Jan 2023 18:16:19 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a618971ebc90b5698ddbabc4637e3345 Sha1: f920b73a7c9b57d77194ba8ba406664d8469b6b6 Sha256: f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF" Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14701 Expires: Sun, 22 Jan 2023 22:21:20 GMT Date: Sun, 22 Jan 2023 18:16:19 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a618971ebc90b5698ddbabc4637e3345 Sha1: f920b73a7c9b57d77194ba8ba406664d8469b6b6 Sha256: f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF" Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14701 Expires: Sun, 22 Jan 2023 22:21:20 GMT Date: Sun, 22 Jan 2023 18:16:19 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a618971ebc90b5698ddbabc4637e3345 Sha1: f920b73a7c9b57d77194ba8ba406664d8469b6b6 Sha256: f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc284e6ec-6c43-4a8d-a291-83519d5a4d4c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 64b5084d4145d5931af05c335d21e31e75db30b1f9e8a2efd92fc4cd0aa7ac07 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8221 x-amzn-requestid: 02db02af-4f05-450d-9370-0e7a9dda6948 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fHOEWGUMoAMF2QQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63cc5d4e-050e7cdf21878aa159f36d0b;Sampled=0 x-amzn-remapped-date: Sat, 21 Jan 2023 21:46:54 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: VtzsQ7NI9ODiQfxm_EaSDsizPQhDOSH3O23UEaHg1KI9bg8imLdOnw== via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google date: Sat, 21 Jan 2023 21:48:16 GMT age: 73683 etag: "e3c00dcc55f095f03a6f4505960ac1cee0b3877c" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8221 Md5: 6f86ec004a2042b4030cd2cce2bf1e1d Sha1: e3c00dcc55f095f03a6f4505960ac1cee0b3877c Sha256: 64b5084d4145d5931af05c335d21e31e75db30b1f9e8a2efd92fc4cd0aa7ac07
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd68d33e7-2d1d-4f9d-9544-28746d9156e6.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 1ac336df72b6eb569983e197f094378a26a175113249bedca0610cabd57e2e54 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8057 x-amzn-requestid: 5469b005-6740-4f3d-80ca-a45fd39cae68 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fHNkCFiZoAMF8oQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63cc5c80-210da08f113a3273257b7d61;Sampled=0 x-amzn-remapped-date: Sat, 21 Jan 2023 21:43:28 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: j3SoP46ER0JjOaLh363bQ9QW4ZIW19_rbgeQ7Ey8W-zgyGMMLSLccA== via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google date: Sat, 21 Jan 2023 21:48:17 GMT etag: "401dd58e34982d3434739b9a2f7182487ea1cac5" age: 73682 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8057 Md5: 4e71636bb9a13ad7d52d253e16cd6a3f Sha1: 401dd58e34982d3434739b9a2f7182487ea1cac5 Sha256: 1ac336df72b6eb569983e197f094378a26a175113249bedca0610cabd57e2e54
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff250419d-5512-4c6b-9460-69d68f74273d.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 84a81b6f63faa3f17a20222b8fa389761a0fb0512a1549b4848849c0425539c9 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7656 x-amzn-requestid: 6e1ebd9d-6ef0-48d0-a891-51bbf914ed42 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fHNlYHaUoAMFr-w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63cc5c88-479e8fb72b0b248d020d9e77;Sampled=0 x-amzn-remapped-date: Sat, 21 Jan 2023 21:43:36 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: DaWs0RT0IupgLoLeQZYbdYdvYFd02bXrdQBFYpqLxwmKf1bKhh_wgQ== via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google date: Sat, 21 Jan 2023 21:48:06 GMT etag: "1a813821d15afd416b82c3343a7920a0ffc909cb" age: 73693 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7656 Md5: d3e5cb3e8d03fffcd307c5ebaef08167 Sha1: 1a813821d15afd416b82c3343a7920a0ffc909cb Sha256: 84a81b6f63faa3f17a20222b8fa389761a0fb0512a1549b4848849c0425539c9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 09348afd6055b26b5dba6f8f6ef763d52e6e040c039c6f763d64f71b8ca08d51 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10988 x-amzn-requestid: 67c03c6c-3896-4890-a75b-ecd7c1c1a4e9 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: e3foHG8tIAMF3XQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63c61300-2de17e5b0225f9427c197bc5;Sampled=0 x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:16 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: RlbJymJhU6Ti5RZCSIvPzloackAiBEBGapKI440u4ZIfB5FYBNugLw== via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google date: Sun, 22 Jan 2023 03:24:49 GMT age: 53490 etag: "1a54cca86788536002d6d18c5180ccf265ba1169" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10988 Md5: 5a7ab95a69ddfa5014258076e66a6e19 Sha1: 1a54cca86788536002d6d18c5180ccf265ba1169 Sha256: 09348afd6055b26b5dba6f8f6ef763d52e6e040c039c6f763d64f71b8ca08d51
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d78dc13-3c8d-4c31-8f64-3f9de4ba79d1.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: e0094d54ca9bbbc4154abec2ce152453ddb1544e020b4a859e5da1f7073a26d0 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 4796 x-amzn-requestid: 9ad3dcbc-3d19-4619-a8cb-b316a8d51290 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: e7ULpHgKIAMFmYg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63c79a4a-769bcf2f4d7787d007ec30e2;Sampled=0 x-amzn-remapped-date: Wed, 18 Jan 2023 07:05:46 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: -TjivJmHgT_N2QWC1rn8ng1sl5h53FcgoU9ALMINJEY6onseYEWGRw== via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google date: Sun, 22 Jan 2023 08:07:27 GMT age: 36532 etag: "af9161eefc1ee381a8f531c593ea7354d73493eb" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4796 Md5: 2aec02a691f126259e2a3c701e322ffe Sha1: af9161eefc1ee381a8f531c593ea7354d73493eb Sha256: e0094d54ca9bbbc4154abec2ce152453ddb1544e020b4a859e5da1f7073a26d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd73f3807-16ae-46ce-a9a5-84b639ea80c6.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 50856a41d2bbaec73e06255e06e5ee648f1e7ed1fb04049810d4c03650621bdf 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 2555 x-amzn-requestid: d5425eec-2182-4b90-a03f-47dfa76439bb x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fHOFpEoIoAMF83A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63cc5d57-5326fe1a504805be37823571;Sampled=0 x-amzn-remapped-date: Sat, 21 Jan 2023 21:47:03 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: oxNnK5wjQI8w-_5fTcDKXBdExNMJ_S6y8chMHd_woRSBfkBy3fqR8Q== via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google date: Sat, 21 Jan 2023 21:48:06 GMT etag: "86bc900c65d14a338c1d08a0b407590940b39059" age: 73693 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 2555 Md5: 83d96b777a2cac4cb6d577309c8d07e7 Sha1: 86bc900c65d14a338c1d08a0b407590940b39059 Sha256: 50856a41d2bbaec73e06255e06e5ee648f1e7ed1fb04049810d4c03650621bdf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7918883e-706a-42d5-b966-cd7d5fb64f78.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site TE: trailers	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 6647be8f5be621ef9b0cfe6585cb92c868951a95acf8c9c66d9eec6dc95d34c9 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 3084 x-amzn-requestid: 034173f8-edba-45b9-bbbc-a7d737b45e26 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: fFM68EDMIAMF3Iw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63cb8eac-3a22865376bbdcde3ef17088;Sampled=0 x-amzn-remapped-date: Sat, 21 Jan 2023 07:05:16 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: lPrb0OiQtQrd0-1R9wmsMzYwRydWPW9lBTAFUu9SPchT7WZUIVzGdw== via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google date: Sun, 22 Jan 2023 08:08:13 GMT age: 36492 etag: "a2929122b2d2e252f39d23857cd7a2ed4651bb27" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 3084 Md5: ce9c90c64a81cfd16050966c2b5ddf57 Sha1: a2929122b2d2e252f39d23857cd7a2ed4651bb27 Sha256: 6647be8f5be621ef9b0cfe6585cb92c868951a95acf8c9c66d9eec6dc95d34c9

URL	assets.downtownmusicpub.com/REACTIVATION/
IP	70.32.68.245 (United States)
ASN	#31815 MEDIATEMPLE
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2023-01-22 18:16:28 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	10
urlquery alerts	16 Phishing - Chase
Tags	chase financial phishing

Overview

Domain Summary (9)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 3 reports on IP: 70.32.68.245

Last 5 reports on ASN: MEDIATEMPLE

Last 3 reports on domain: downtownmusicpub.com

Last 2 reports with similar screenshot

JavaScript

Executed Scripts (7)

Executed Evals (0)

Executed Writes (1)

#1 JavaScript::Write (size: 4) - SHA256: d398b29d3dbbb9bf201d4c7e1c19ff9d43c15fd45a0cec46fbe9885ec3f6e97f

HTTP Transactions (38)

Overview

Domain Summary (9)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 3 reports on IP: 70.32.68.245

Last 5 reports on ASN: MEDIATEMPLE

Last 3 reports on domain: downtownmusicpub.com

Last 2 reports with similar screenshot

JavaScript

Executed Scripts (7)

Executed Evals (0)

Executed Writes (1)

#1 JavaScript::Write (size: 4) - SHA256: d398b29d3dbbb9bf201d4c7e1c19ff9d43c15fd45a0cec46fbe9885ec3f6e97f

HTTP Transactions (38)

Network Intrusion Detection Systems