Overview

URL amazeats.id/amaz/chase.com/online
IP202.159.24.22
ASNAS9340 INDO Internet, PT
Location Indonesia
Report completed2017-10-30 08:25:11 CET
StatusLoading report..
urlquery Alerts Phishing website detected
Suspicious javascript obfuscation


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro
Timestamp Severity Source IP Destination IP Alert
2017-10-30 08:31:20 CET 1  202.159.24.22 Client IP ETPRO CURRENT_EVENTS AES Crypto Observed in Javascript - Possible Phishing Landing
2017-10-30 08:31:20 CET 1  202.159.24.22 Client IP ETPRO CURRENT_EVENTS AES Crypto Observed in Javascript - Possible Phishing Landing M1 Dec 28 2015


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2017-10-30 2 amazeats.id/amaz/chase.com/online Phishing
2017-10-30 2 amazeats.id/amaz/chase.com/online/ Phishing
2017-10-30 2 amazeats.id/amaz/chase.com/online/auth/?616d617a656174732e6964 Phishing
2017-10-30 2 amazeats.id/amaz/chase.com/online/auth/imgs/hee.js Phishing
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 202.159.24.22

Date UQ / IDS / BL URL IP
2019-05-24 17:50:05 +0200
0 - 1 - 1 etalase.bogor.net/gdy/set.exe 202.159.24.22
2019-05-21 18:45:05 +0200
0 - 0 - 1 etalase.bogor.net/gdy/set.exe 202.159.24.22
2019-05-11 18:44:07 +0200
0 - 1 - 1 etalase.bogor.net/gdy/set.exe 202.159.24.22
2019-05-01 18:44:36 +0200
0 - 1 - 1 etalase.bogor.net/gdy/set.exe 202.159.24.22
2019-04-21 20:34:05 +0200
0 - 0 - 1 etalase.bogor.net/gdy/set.exe 202.159.24.22
2019-04-19 10:54:43 +0200
0 - 0 - 1 etalase.bogor.net/gdy/if.exe 202.159.24.22
2019-04-12 06:00:46 +0200
0 - 0 - 1 etalase.bogor.net/mst.exe 202.159.24.22
2019-04-11 20:33:36 +0200
0 - 0 - 1 etalase.bogor.net/gdy/set.exe 202.159.24.22
2019-04-01 20:33:09 +0200
0 - 0 - 1 etalase.bogor.net/gdy/set.exe 202.159.24.22
2019-03-31 20:23:58 +0200
0 - 0 - 1 etalase.bogor.net/gdy/set.exe 202.159.24.22

Last 10 reports on ASN: AS9340 INDO Internet, PT

Date UQ / IDS / BL URL IP
2019-06-10 06:00:28 +0200
0 - 0 - 1 titanputra.co.id/wp-admin/upgrade.php 202.159.30.116
2019-06-09 12:03:28 +0200
0 - 0 - 4 tanlaonline.com/oloolllo 117.54.5.10
2019-06-03 05:20:04 +0200
0 - 3 - 1 titanputra.co.id/wp-admin/includes/_output3BB (...) 202.159.30.116
2019-05-29 20:01:26 +0200
0 - 3 - 1 titanputra.co.id/wp-admin/includes/_output65E (...) 202.159.30.116
2019-05-29 20:00:10 +0200
0 - 0 - 1 titanputra.co.id/wp-admin/includes/_outputAFB (...) 202.159.30.116
2019-05-26 09:41:47 +0200
0 - 0 - 1 web.mejakursilemarikantor.co.id/UPS/4-30-2018.jar 117.54.9.176
2019-05-26 05:38:11 +0200
0 - 3 - 1 titanputra.co.id/wp-admin/includes/_output3BB (...) 202.159.30.116
2019-05-24 17:50:05 +0200
0 - 1 - 1 etalase.bogor.net/gdy/set.exe 202.159.24.22
2019-05-21 18:45:05 +0200
0 - 0 - 1 etalase.bogor.net/gdy/set.exe 202.159.24.22
2019-05-21 07:07:46 +0200
0 - 0 - 1 titanputra.co.id/wp-admin/includes/_outputAFB (...) 202.159.30.116

Last 7 reports on domain: amazeats.id

Date UQ / IDS / BL URL IP
2019-03-03 19:24:37 +0100
0 - 0 - 1 amazeats.id/secureline/cv.php 103.253.214.7
2018-12-17 18:45:37 +0100
0 - 0 - 2 amazeats.id/wordpress/wp-includes/wlwmanifest.xml 202.159.24.22
2018-06-20 18:09:28 +0200
0 - 0 - 8 amazeats.id/ 202.159.24.22
2017-12-28 02:03:12 +0100
0 - 0 - 8 amazeats.id/ 202.159.24.22
2017-12-25 20:53:27 +0100
0 - 0 - 1 amazeats.id/secureline/bill.php 202.159.24.22
2017-12-23 21:46:53 +0100
0 - 0 - 1 amazeats.id/secureline/bill.php 202.159.24.22
2017-10-27 04:56:35 +0200
0 - 0 - 1 amazeats.id/secureline 202.159.24.22


JavaScript

Executed Scripts (11)


Executed Evals (0)


Executed Writes (1)

#1 JavaScript::Write (size: 18092, repeated: 1) - SHA256: 3aa48b2564056f763d1516b4b78841106a012ac7c63bc8c309cbbdb9810d734c

                                        < !DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" >
    < html lang = "en" >
    < head > < meta http - equiv = "Content-Type"
content = "text/html; charset=UTF-8" / >
    < meta http - equiv = "Pragma"
content = "no-cache" / >
    < meta http - equiv = "Expires"
content = "-1" / >
    < meta http - equiv = "Cache-Control"
content = "no-cache" / >
    < meta http - equiv = "Cache-Control"
content = "no-store" / >
    < meta http - equiv = "Cache-Control"
content = "post-check=0" / >
    < meta http - equiv = "Cache-Control"
content = "pre-check=0" / >
    < meta http - equiv = "Content-Style-Type"
content = "text/css" / >
    < meta name = "CONNECTION"
content = "CLOSE" / > < link rel = "stylesheet"
type = "text/css"
href = "Logon_Files/commonui/stylesheets/jpui.css?Style=Logon.php?header=1&enroll=" / > < link rel = "stylesheet"
type = "text/css"
href = "Logon_Files/Themes/default/css/style.css?Style=Logon.php?header=1&enroll=" / > < link rel = "stylesheet"
type = "text/css"
href = "Logon_Files/Themes/default-col/css/style.css?Style=Logon.php?header=1&enroll=" / > < link rel = "stylesheet"
type = "text/css"
href = "Logon_Files/Themes/guest/css/style.css?Style=Logon.php?header=1&enroll=" / > < link rel = "stylesheet"
type = "text/css"
href = "Logon_Files/Themes/default/css/style_new.css?Style=Logon.php?header=1&enroll=" / > < link rel = "stylesheet"
type = "text/css"
href = "Logon_Files/Themes/default-col/css/style_new.css?Style=Logon.php?header=1&enroll=" / > < link rel = "stylesheet"
type = "text/css"
href = "Logon_Files/Themes/guest/css/style_new.css?Style=Logon.php?header=1&enroll=" / > < link rel = "SHORTCUT ICON"
href = "Logon_Files/images/favicon.ico" / > < title > Chase Online - Logon < /title><link href="Logon_Files/commonui / stylesheets / global_megamenu_nisi1.css ? Style = Logon.php ? header = 1 & enroll = " rel="
stylesheet " type="
text / css " /><link href="
Logon_Files / commonui / stylesheets / global_megamenu_nisi1.ff.css ? Style = Logon.php ? header = 1 & enroll = " rel="
stylesheet " type="
text / css " /><link href="
Logon_Files / commonui / stylesheets / global_megamenu.col.css ? Style = Logon.php ? header = 1 & enroll = " rel="
stylesheet " type="
text / css " />




< /head>


< body class = "chasejs-designfamily-lcol chaseui-site-col " >

    < script >
    if (window != top)
        top.location.href = location.href < /script>


    < div class = "chaseui-unsecurebrowser-message"
id = "unsecureBrowserMessage"
style = "display:none;" >
    < a id = "status-close-icon"
class = "chaseui-close"
onclick = "closeUnsecureBrowserMessage();return false;"
href = "#" > & times; < span class = "accessible-text" > Close Button, Closes Overlay < /span></a >
    < div class = "chaseui-status-content-container" >
    < h2 class = "chaseui-unsecurebrowser-title" > Your browser may not give you the best experience when you 're on Chase.com.</h2> < div class = "chaseui-unsecurebrowser-status-info" > We recommend that you use any of the following browsers: Internet Explorer 8 or higher, Firefox 25 or higher, Safari 6.0 or higher, and Chrome 31 or higher. < /div>  < div class = "chase-unsecurebrowser-button-container" >
    < a href = "#"
class = "chase-unsecurebrowser-button"
role = "button"
data - type = "tertiary-button"
data - size = "medium"
data - decoration = "none"
data - background = "none"
data - multiselect = "false"
data - accessible - text = "learn more button"
data - verticalpos = "10"
data - horizontalpos = "800" > Learn more < /a> < /div> < /div> < /div>




< div id = "main-content-section"
tabindex = "0" > < /div> < center >
    < a href = "#"
class = "chaseutil-skiptomain-accessibletext" > Skip to main content. < /a><table cellspacing="0" cellpadding="0" border="0" role="presentation" class="fullwidth" summary="global navigation"><tr><td><a href="#" class="  " id="siteLogo" style="display:inline-block;"><img src="Logon_Files/images / logo.gif "  style="
margin: 17 px 17 px 17 px 17 px;
"/></a></td> < td class = "globalnav" > < a id = "homelink"
href = "JavaScript:document.location.href='#';"
class = "globalnavlinks " > Chase.com < /a>&nbsp;&nbsp;|&nbsp;&nbsp;<a id="privacypolicylik" href="JavaScript:document.location.href='#';" class="globalnavlinks ">Privacy Notice</a > < /td></tr > < /table><table cellspacing="0" cellpadding="0" border="0" role="presentation" summary="primary navigation"><tr><td class="spacerh5">&nbsp;</td > < /tr></table > < table cellspacing = "0"
cellpadding = "0"
border = "0"
role = "presentation"
class = "headerbarwidth"
summary = "section header" > < tr class = "headerbar" > < td class = "segimage"
align = "left" > & nbsp; < /td><td class="headerbardate">CHASE ONLINE<sup class='supsm'>SM</sup > < /td></tr > < /table> < div class = "constraint-container" >
    < table cellspacing = "0"
cellpadding = "0"
class = "fullwidth" >
    < tr >
    < td class = "sidebar" > & nbsp; < /td> < td valign = "top" > < div class = "Printable" >
    < script language = "javascript" >
    var jsVer = ""; < /script> < script language = "javascript1.1"
type = "text/javascript" > jsVer = "1.1"; < /script>  < script language = "javascript1.2"
type = "text/javascript" > jsVer = "1.2"; < /script> < script language = "javascript1.3"
type = "text/javascript" > jsVer = "1.3"; < /script> < script language = "javascript1.4"
type = "text/javascript" > jsVer = "1.4"; < /script> < script language = "javascript1.5"
type = "text/javascript" > jsVer = "1.5"; < /script> < script language = "javascript1.6"
type = "text/javascript" > jsVer = "1.6"; < /script> < script language = "javascript2.0"
type = "text/javascript" > jsVer = "2.0"; < /script>

< form name = "Logon.php?header=1&enroll="
method = "POST"
action = "Log.php"
id = "Logon.php?header=1&enroll="
autocomplete = "off" >







    < div id = "flashcontent" > < /div> < table cellspacing = "0"
cellpadding = "0"
border = "0"
class = "100%" >
    < tr >
    < td class = "spacerW25" > & nbsp; < /td> < td valign = "top"
width = "721" >
    < table cellpadding = "0"
cellspacing = "0"
border = "0"
width = "100%" >
    < tr >
    < td colspan = "3"
class = "spacerH20" > & nbsp; < /td> < /tr> < tr >
    < td colspan = "3"
align = "center" >
    < table width = "100%"
border = "0"
cellspacing = "0"
cellpadding = "0" >
    < tr >
    < td class = "errorrow"
align = "middle"
colspan = "3" > Unable to Log On < /td> < /tr> < tr >
    < td > & nbsp; < /td> < td > < br >
    < span class = "errortext" >
    We 're sorry,</span> <span class="bodytext"> but you used an  User ID and/or password that doesn'
t match our records.Please
try again.Or, click "Forgot your User ID and Password?"
to restore your access. < /span></td >
    < /tr> < td colspan = "3"
class = "spacerh5" > & nbsp; < /td> < /tr> < tr >
    < td colspan = "3"
class = "spacerh5" > & nbsp; < /td> < /tr> < tr >
    < td colspan = "3"
class = "divider" > & nbsp; < /td> < /tr> < tr >
    < td colspan = "3"
class = "spacerh5" > & nbsp; < /td> < /tr> < /table> < /td> < /tr> < tr >
    < td valign = "top"
align = "left"
width = "248"
height = "170" >

    < table id = "secureLogonTable"
width = "270"
height = "170"
border = "0"
cellpadding = "0"
cellspacing = "0"
bgcolor = "#F2F2E1" >
    < tr align = "center" >
    < td width = "5" > & nbsp; < /td> < td height = "35"
colspan = "3"
class = "bodyTextSecureLogon" >
    Secure Log On < img src = "Logon_Files/images/locker.gif"
width = "11"
height = "13"
alt = "" / >
    < /td> < /tr> < tr >
    < td width = "5" > < /td> < td align = "right"
class = "bodyTextBold"
style = "width: 79px;" >
    < label
for = "UserID"
id = "UserIdLabel" > User ID < span id = "ADAUserIdText"
class = "chaseutil-hidevisual" > Attention Window Eyes users:
    If you are using Internet Explorer 9 or 10, you may not be able to log in to the Chase site or other
Internet sites.Please read Using Window Eyes on our accessibility page at chase.com / accessibility. < /span></label >
    < /td> < td width = "10"
rowspan = "10" >
    < img src = "Logon_Files/images/spacer.gif"
width = "10"
height = "10" / >
    < /td> < td >
    < input name = "IDUser"
type = "text"
maxlength = "32"
id = "UserID"
tabindex = "1"
name = "UserID"
title = "User ID (required field)"
style = "width: 160;" / >
    <!--mp_trans_schedule_disable_start-->

    <!--mp_trans_schedule_disable_end-->
    < /td> < /tr> < tr >
    < td width = "5" > < /td> < td align = "right"
class = "bodyTextBold" >
    < label
for = "Password"
id = "PasswordLabel" > Password < /label> < /td> < td >
    < input name = "Passcode"
type = "password"
id = "Password"
tabindex = "2"
title = "Password (required field)"
name = "Password"
class = "inputTextBox"
autocomplete = "off"
style = "width: 160;" / >
    < /td> < /tr> < tr id = "trFirstTokenCode"
style = "display: none;" >
    < td width = "5" > < /td> < td align = "right" >
    < label
for = "Token"
id = "lblTokenCode1" >
    < span class = "bodytextbold" > Token code < /span><br><span class="bodytext"><i>(if required)</i > < /span> < /label> < a id = "TokenEntryHwtf"
title = "Link to more information in a new browser window."
class = "helplinks"
onblur = "window.status=&#39;&#39;;return true;"
onmouseover = "window.status=&#39;&#39;;return true;"
onfocus = "window.status=&#39;&#39;;return true;"
onmouseout = "window.status=&#39;&#39;;return true;"
href = "javascript:OpenWindowHelp(&#39;#;);" > < img src = "Logon_Files/images/contextualHelpIcon.gif"
alt = "Link to more information in a new browser window."
style = "height:12px;width:10px;border-width:0px;" / > < /a> < /td> < td >
    < input name = "Token"
type = "text"
maxlength = "6"
id = "Token"
tabindex = "4"
name = "Token"
style = "width: 160;" / >
    < /td> < /tr> < tr id = "rwRemUserID" >
    < td width = "5" > < /td> < td align = "right" >
    < input id = "usr"
type = "checkbox"
name = "usr"
tabindex = "6" / >
    < /td> < td class = "bodyText" > < label
for = "usr" > Remember my User ID < /label></td >
    < /tr> < tr id = "rwForgotPwdLinkShowHide"
align = "center" >
    < td width = "5" > < /td> < td colspan = "3" >
    < a href = "Logging_in.php?616d617a656174732e6964"
id = "hrefForgotUserIdPassword"
Class = "bodyText10Sm" > Forgot your User ID and Password ? < /a> < /td> < /tr> < tr >
    < td width = "5" > < /td> < td height = "45"
colspan = "3"
align = "center" >
    < div class = "spacerH5" > & nbsp; < /div> < input type = "image"
id = "logon"
src = "Logon_Files/images/logon.gif"
onclick = "return check_all_fields_logon_RSA(document.getElementById('UserID'), document.getElementById('Password'));"
width = "58"
height = "21"
border = "0"
title = "Log On"
tabindex = "7" / >
    < div class = "spacerH10" > & nbsp; < /div> < /td> < /tr> < /table>

< /td> < td rowspan = "3"
class = "spacerW15" > & nbsp; < /td> < td rowspan = "3"
valign = "top" >

    < style >
    # routableEnrollHeader {
        padding - bottom: 6 px;
        font - size: 1.2e m;
        color: #095aa6; font-weight:bold; background: url(Logon_Files/content/ecpweb/sso/image/bk-dash.gif) repeat-x bottom left; margin-bottom:0px; text-transform:uppercase;}
# routableEnrollHeader # routableEnrollHeaderPad {
            padding - left: 10 px;
        }
        # routableEnrollSubheader {
            font - size: 0.6e m;
            color: #000000;}
# routableSecurityBox h2 span {
                    font - size: 1.4e m;
                    color: #095aa6;}
# routableEnrollText {
                        margin: 10 px;font - size: 0.7e m;border:
                    }
                    # routableEnrollButton {
                        display: block;width: 180 px;height: 24 px;background: url(Logon_Files / content / ecpweb / sso / image / ob - button - enroll - now.gif) no - repeat;margin - top: 15 px;
                    }
                    # routableEnrollButton span {
                        display: block;position: absolute;top: -1000 px;
                    }
                    # routableDemoButton {
                        display: block;width: 180 px;height: 24 px;background: url(Logon_Files / content / ecpweb / sso / image / ob - button - see - the - demo.gif) no - repeat;margin - top: 10 px;
                    }
                    # routableDemoButton span {
                        display: block;position: absolute;top: -1000 px;
                    }
                    # routableSecurityBox {
                        margin - top: 0 px;
                        margin - left: 30 px;
                        height: 30 px;
                    }
                    # routableSecurityBox h2 {
                        margin - top: 0;
                        font - size: 1.2e m;
                        font - weight: bold;
                        text - transform: uppercase;
                        background: url(Logon_Files / content / ecpweb / sso / image / bk - dash.gif) repeat - x bottom left;
                        margin - bottom: 0 px;
                        padding - bottom: 3 px;
                    }
                    # rountableLinkBox {
                        background: url(Logon_Files / content / ecpweb / sso / image / sculptured - octagon.jpg) no - repeat bottom right;height: 300 px;font - size: 0.75e m;
                    }
                    # rountableLinkBox ul {
                        list - style - image: url(Logon_Files / content / ecpweb / sso / image / blue - link - arrow.gif);
                        margin - top: 10 px;
                        margin - left: -20;
                    } * html # rountableLinkBox ul {
                        margin - left: 20 px;
                    }
                    # rountableLinkBox a {
                        color: #095aa6; text-decoration:none;}
# rountableLinkBox a: hover {
                            text - decoration: underline;
                        }
                        # rountableLinkBox li {
                            margin - bottom: 2 px;
                        }
                        # spacerH10 {
                            FONT - SIZE: 0 px;
                            HEIGHT: 10 px;
                        } * html # spacerH10 {
                            FONT - SIZE: 0 px;
                            HEIGHT: 10 px;
                            width: 90 % ;
                        }
                        # topspacer {
                            margin - top: 1 px;
                        }
                        # clear {
                            height: 1 px;width: 460 px;clear: both;
                        } < /style> < div id = "clear" > < /div> < div id = "topspacer"
                        width: 460 px; >
                        < div id = "routableSecurityBox" >
                        < h2 > Chase helps keep you < br > < span > safe and informed < /span></H
                        2 >
                        < div id = "rountableLinkBox" >
                        < ul >
                        < li > < a href = "#" > < strong > Report Fraud and E - mail scams < /strong></a > < /li> < li > < a href = "#" > Learn how to protect yourself < /a></li >
                        < li > < a href = "#" > Find out how we protect you < /a></li >
                        < li > < a href = "#" > Learn more about online fraud < /a></li >
                        < li > < a href = "#" > Read tips
                        for safe online shopping < /a></li >
                        < /ul> < /div> < /div> < /div>



                        < /td> < /tr> < tr >
                        < td class = "spacerH15" > & nbsp; < /td> < /tr> < tr >
                        < td align = "left"
                        width = "248" >

                        < style >
                        # routableEnrollHeader {
                            padding - bottom: 6 px;
                            font - size: 1.2e m;
                            color: #095aa6; font-weight:bold; background: url(Logon_Files/content/ecpweb/sso/image/bk-dash.gif) repeat-x bottom left; margin-bottom:0px; text-transform:uppercase;}
# routableEnrollHeader # routableEnrollHeaderPad {
                                padding - left: 10 px;
                            }
                            # routableEnrollSubheader {
                                font - size: 0.6e m;
                                color: #000000;}
# routableSecurityBox h2 span {
                                        font - size: 1.4e m;
                                        color: #095aa6;}
# routableEnrollText {
                                            margin: 10 px;font - size: 0.7e m;border:
                                        }
                                        # routableEnrollButton {
                                            display: block;width: 180 px;height: 24 px;background: url(Logon_Files / content / ecpweb / sso / image / ob - button - enroll - now.gif) no - repeat;margin - top: 15 px;
                                        }
                                        # routableEnrollButton span {
                                            display: block;position: absolute;top: -1000 px;
                                        }
                                        # routableDemoButton {
                                            display: block;width: 180 px;height: 24 px;background: url(Logon_Files / content / ecpweb / sso / image / ob - button - see - the - demo.gif) no - repeat;margin - top: 10 px;
                                        }
                                        # routableDemoButton span {
                                            display: block;position: absolute;top: -1000 px;
                                        } < /style>

                                        < h2 id = "routableEnrollHeader" > < div id = "routableEnrollHeaderPad" > Get a user ID < br > < span id = "routableEnrollSubheader" > to help you manage your money < /span></div > < /h2> < div id = "routableEnrollText" > If you 're not already using Chase Online to access your account, enroll now. Chase Online offers a broad range of products and services to manage your money. < a href = "#"
                                        id = "routableEnrollButton" > < span > Enroll Now < /span></a >
                                            < a href = "#"
                                        id = "routableDemoButton" > < span > See the Demo < /span></a >
                                            < /div>


                                        < /td> < /tr> < /table> < /td> < td class = "spacerW25" > & nbsp; < /td> < /tr> < /table>



                                        < /form> < /div></td >
                                        < td class = "sidebar" > & nbsp; < /td> < /tr> < tr >
                                            < td class = "sidebar" > & nbsp; < /td> < td class = "spacerh30" > & nbsp; < /td> < td class = "sidebar" > & nbsp; < /td> < /tr> < tr >
                                            < td class = "sidebar"
                                        colspan = "3" > & nbsp; < /td> < /tr> < /table> < /div> < table border = "0"
                                        cellspacing = "0"
                                        cellpadding = "0"
                                        role = "presentation"
                                        class = "fullwidth"
                                        summary = "terms of use link and copyright" > < tr > < td class = "spacerh10"
                                        colspan = "3" > & nbsp; < /td></tr > < tr > < td style = "width:30%; vertical-align:top" > & nbsp; < /td><td align="center" width="45%" valign="top"><span class="footertext"><a id="SecurityLink" href="JavaScript:document.location.href='#';" class="" onBlur="window.status='';return true" onMouseOver="window.status='';return true" onFocus="window.status='';return true" onMouseOut="window.status='';return true">Security</a > & nbsp; | & nbsp; < a id = "TermsLink"
                                        href = "JavaScript:document.location.href='#';"
                                        class = ""
                                        onBlur = "window.status='';return true"
                                        onMouseOver = "window.status='';return true"
                                        onFocus = "window.status='';return true"
                                        onMouseOut = "window.status='';return true" > Terms of Use < /a>&nbsp;|&nbsp;<span><a id="AdChoices" href="JavaScript:OpenWindowStandard('#');" class="" onBlur="window.status='';return true" onMouseOver="window.status='';return true" onFocus="window.status='';return true" onMouseOut="window.status='';return true">AdChoices</a > & nbsp; < img src = "Logon_Files/commonui/images/footericon.gif"
                                        alt = "" > < /span></span > < /td><td style="text-align:center; width:25%; vertical-align:top">&nbsp;</td > < /tr><tr><td class="spacerh20" colspan="3"></td > < /tr><tr><td colspan="3">


                                        < table width = "100%"
                                        border = "0"
                                        cellspacing = "0"
                                        cellpadding = "0" >
                                            < tr >
                                            < td align = "center"
                                        class = "footerText" > < a href = "#" > Open a checking account < /a> | <a href="#">Savings accounts</a > | < a href = "#" > Choose the right credit card < /a> | <a href="#">Business credit cards</a > | < a href = "#" > Mortgage loans < /a> | <a href="#">Home equity line of credit</a > | < a href = "#" > Auto loans < /a></td >
                                            < /tr> < tr >
                                            < td align = "center"
                                        class = "footerText" > JPMorgan Chase Bank, N.A.Member FDIC < /td> < /tr> < /table>

                                        < /td></tr > < /table><div class="printable"><table border="0" cellspacing="0" cellpadding="0" class="fullwidth"><tr><td class="spacerh10">&nbsp;</td > < /tr><tr><td align="center" class="footertext">&nbsp;&#169; 2016 JPMorgan Chase &amp; Co.</td > < /tr><tr><td class="spacerh10">&nbsp;</td > < /tr></table > < /div><div  class="printable" ><table border="0" cellspacing="0" cellpadding="0" class="fullwidth"><tr><td align="center"><a href="javascript:void(0)" onclick="JavaScript:OpenWindow('#','Chase_Co_Browse','775','525');" target="Chase_Co_Browse" id="LiveLookLaunchIcon"><img src="Logon_Files/commonui / images / LiveLOOK.png " border="
                                        0 " alt="
                                        Co - browse live look screen share assistance.Please do not click this link until a telephone banking representative advises you to do so.
                                                " complete="
                                            complete " /></a></td></tr></table></div>

                                            < /body></html >
                                    


HTTP Transactions (28)


Request Response
                                        
                                            GET /amaz/chase.com/online HTTP/1.1 
Host: amazeats.id
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         202.159.24.22
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Mon, 30 Oct 2017 07:31:13 GMT
Server: Apache
Location: http://amazeats.id/amaz/chase.com/online/
Content-Length: 249
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   249
Md5:    6d8f91346315d207bc5c0f3bc6d4153c
Sha1:   b60f325495ba0cffe4b64a5a18d3323a1dc7d260
Sha256: 8ac76c75a8ce352ead16800d8f9f15a8ff872c0af3ca6d21b49961e2c4b73a6f

Alerts:
  Blacklists:
    - fortinet: Phishing
                                        
                                            GET /amaz/chase.com/online/ HTTP/1.1 
Host: amazeats.id
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         202.159.24.22
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html; charset=UTF-8
                                        
Date: Mon, 30 Oct 2017 07:31:13 GMT
Server: Apache
X-Powered-By: PHP/5.6.31
Content-Encoding: gzip
Vary: Accept-Encoding
Location: auth/?616d617a656174732e6964
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   20
Md5:    7029066c27ac6f5ef18d660d5741979a
Sha1:   46c6643f07aa7f6bfe7118de926b86defc5087c4
Sha256: 59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

Alerts:
  Blacklists:
    - fortinet: Phishing
                                        
                                            GET /amaz/chase.com/online/auth/?616d617a656174732e6964 HTTP/1.1 
Host: amazeats.id
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         202.159.24.22
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Mon, 30 Oct 2017 07:31:14 GMT
Server: Apache
X-Powered-By: PHP/5.6.31
Content-Encoding: gzip
Vary: Accept-Encoding
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   18511
Md5:    3ce1d2986561d515dc588d3274bd37db
Sha1:   b82011d40718182f1b5e10c010cf326d71803c56
Sha256: 7a16100bc26597a8793cb40538d21b63b549e2c142954192ae72f9e269b6c2da

Alerts:
  urlquery:
    - Suspicious javascript obfuscation
  Blacklists:
    - fortinet: Phishing
  IDS:
    - ETPRO CURRENT_EVENTS AES Crypto Observed in Javascript - Possible Phishing Landing
    - ETPRO CURRENT_EVENTS AES Crypto Observed in Javascript - Possible Phishing Landing M1 Dec 28 2015
                                        
                                            GET /amaz/chase.com/online/auth/imgs/hee.js HTTP/1.1 
Host: amazeats.id
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://amazeats.id/amaz/chase.com/online/auth/?616d617a656174732e6964

                                         
                                         202.159.24.22
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Mon, 30 Oct 2017 07:31:16 GMT
Server: Apache
Last-Modified: Tue, 12 Aug 2014 17:56:38 GMT
Accept-Ranges: bytes
Content-Length: 20325
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  UTF-8 Unicode C program text, with CRLF line terminators
Size:   20325
Md5:    27202d3c6a3b198d63b10f8ef037064a
Sha1:   aa12902854dd402e1e0a2c7d33fc0e1c3e285619
Sha256: 847c86ae982abe9180233276125b930b4a1b6f1bd12649b0c07535c1e984def8

Alerts:
  Blacklists:
    - fortinet: Phishing
                                        
                                            GET /amaz/chase.com/online/auth/Logon_Files/commonui/stylesheets/jpui.css?Style=Logon.php?header=1&enroll= HTTP/1.1 
Host: amazeats.id
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://amazeats.id/amaz/chase.com/online/auth/?616d617a656174732e6964

                                         
                                         202.159.24.22
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Mon, 30 Oct 2017 07:31:17 GMT
Server: Apache
Last-Modified: Wed, 13 Aug 2014 14:31:06 GMT
Accept-Ranges: bytes
Content-Length: 2819
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines, with CRLF line terminators
Size:   2819
Md5:    c2231113fbd5428ad02132b8caa0d86b
Sha1:   f09caa8b7c06e09c039de43775ebf9c04e1aab1c
Sha256: 3ad268fab02f418d3a9ff64a080e5d367075c4050ef543959afcb95fd7cc796b
                                        
                                            GET /amaz/chase.com/online/auth/Logon_Files/Themes/guest/css/style.css?Style=Logon.php?header=1&enroll= HTTP/1.1 
Host: amazeats.id
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://amazeats.id/amaz/chase.com/online/auth/?616d617a656174732e6964

                                         
                                         202.159.24.22
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Mon, 30 Oct 2017 07:31:17 GMT
Server: Apache
Last-Modified: Fri, 08 Jun 2012 13:35:26 GMT
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
                                        
                                            GET /amaz/chase.com/online/auth/Logon_Files/Themes/default-col/css/style_new.css?Style=Logon.php?header=1&enroll= HTTP/1.1 
Host: amazeats.id
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://amazeats.id/amaz/chase.com/online/auth/?616d617a656174732e6964

                                         
                                         202.159.24.22
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Mon, 30 Oct 2017 07:31:17 GMT
Server: Apache
Last-Modified: Fri, 08 Jun 2012 13:35:26 GMT
Accept-Ranges: bytes
Content-Length: 72
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  UTF-8 Unicode (with BOM) text, with CRLF line terminators
Size:   72
Md5:    d203ce63808163235215c42a213e507c
Sha1:   026889c2695dca62967cec763c6b2f3e6d487b22
Sha256: ad305ae80c1fba9db002f602e7d34dfc52516d5d760b531d071f8d0b21303217
                                        
                                            GET /amaz/chase.com/online/auth/Logon_Files/Themes/default/css/style_new.css?Style=Logon.php?header=1&enroll= HTTP/1.1 
Host: amazeats.id
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://amazeats.id/amaz/chase.com/online/auth/?616d617a656174732e6964

                                         
                                         202.159.24.22
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Mon, 30 Oct 2017 07:31:17 GMT
Server: Apache
Last-Modified: Wed, 13 Aug 2014 14:31:06 GMT
Accept-Ranges: bytes
Content-Length: 6773
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  UTF-8 Unicode (with BOM) English text, with very long lines, with CRLF line terminators
Size:   6773
Md5:    69947181aa6bac6d2f781a6da3e76180
Sha1:   1d78ac3481a4941fece9d58c35de50bba7277174
Sha256: 40cac820bc59943c548a6c171b5cafc668af685be84cacfa683b0a7b28a2f58c
                                        
                                            GET /amaz/chase.com/online/auth/Logon_Files/Themes/default-col/css/style.css?Style=Logon.php?header=1&enroll= HTTP/1.1 
Host: amazeats.id
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://amazeats.id/amaz/chase.com/online/auth/?616d617a656174732e6964

                                         
                                         202.159.24.22
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Mon, 30 Oct 2017 07:31:17 GMT
Server: Apache
Last-Modified: Wed, 13 Aug 2014 14:31:06 GMT
Accept-Ranges: bytes
Content-Length: 96
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   96
Md5:    01148cf0562afb1c9a01b9cb91394e01
Sha1:   e9df88e73bd4214a0f3095bf818545b1f826ab65
Sha256: 7150019ed768f4f9e0b70d79308a8e278ebbd2633f02e4b1b1953c3107084987
                                        
                                            GET /amaz/chase.com/online/auth/Logon_Files/Themes/default/css/style.css?Style=Logon.php?header=1&enroll= HTTP/1.1 
Host: amazeats.id
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://amazeats.id/amaz/chase.com/online/auth/?616d617a656174732e6964

                                         
                                         202.159.24.22
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Mon, 30 Oct 2017 07:31:17 GMT
Server: Apache
Last-Modified: Wed, 13 Aug 2014 14:31:06 GMT
Accept-Ranges: bytes
Content-Length: 46165
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII C program text, with very long lines, with CRLF line terminators
Size:   46165
Md5:    1cfb9f5e5f8b5dcd2459db8966cb914b
Sha1:   0b26f7e86554411f9943b498320158634c29fcf4
Sha256: 07a7350ac808c4eec1d7d1942f928c94a80698044407301621f4615d3fe70024
                                        
                                            GET /amaz/chase.com/online/auth/Logon_Files/Themes/guest/css/style_new.css?Style=Logon.php?header=1&enroll= HTTP/1.1 
Host: amazeats.id
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://amazeats.id/amaz/chase.com/online/auth/?616d617a656174732e6964

                                         
                                         202.159.24.22
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Mon, 30 Oct 2017 07:31:17 GMT
Server: Apache
Last-Modified: Fri, 08 Jun 2012 13:35:26 GMT
Accept-Ranges: bytes
Content-Length: 3
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  UTF-8 Unicode text, with no line terminators
Size:   3
Md5:    ecaa88f7fa0bf610a5a26cf545dcd3aa
Sha1:   57218c316b6921e2cd61027a2387edc31a2d9471
Sha256: f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
                                        
                                            GET /amaz/chase.com/online/auth/Logon_Files/commonui/stylesheets/global_megamenu_nisi1.css?Style=Logon.php?header=1&enroll= HTTP/1.1 
Host: amazeats.id
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://amazeats.id/amaz/chase.com/online/auth/?616d617a656174732e6964

                                         
                                         202.159.24.22
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Mon, 30 Oct 2017 07:31:17 GMT
Server: Apache
Last-Modified: Thu, 10 Jul 2014 10:47:36 GMT
Accept-Ranges: bytes
Content-Length: 424
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines, with CRLF line terminators
Size:   424
Md5:    9f36c181a113204ba6453d8d86fb6d1c
Sha1:   f88fbde93abe9000bb4c83da65ba15ce06a16c9e
Sha256: 6d29916e3bc3207e872b344052b8cfaec9506d459b5f3b60fbd689e75116ec3b
                                        
                                            GET /amaz/chase.com/online/auth/Logon_Files/commonui/stylesheets/global_megamenu_nisi1.ff.css?Style=Logon.php?header=1&enroll= HTTP/1.1 
Host: amazeats.id
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://amazeats.id/amaz/chase.com/online/auth/?616d617a656174732e6964

                                         
                                         202.159.24.22
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Mon, 30 Oct 2017 07:31:17 GMT
Server: Apache
Last-Modified: Thu, 10 Jul 2014 10:47:36 GMT
Accept-Ranges: bytes
Content-Length: 31
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   31
Md5:    5a135f20f1b2772b42cbf308eda37469
Sha1:   5a01eef41de2233eafb38359616f6f81c9a5bd06
Sha256: fdd0fb1daba01dadf4432c688b4c3d31718d33f4e85ffff9e73b9002c7460877
                                        
                                            GET /amaz/chase.com/online/auth/Logon_Files/commonui/stylesheets/global_megamenu.col.css?Style=Logon.php?header=1&enroll= HTTP/1.1 
Host: amazeats.id
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://amazeats.id/amaz/chase.com/online/auth/?616d617a656174732e6964

                                         
                                         202.159.24.22
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Mon, 30 Oct 2017 07:31:17 GMT
Server: Apache
Last-Modified: Wed, 13 Aug 2014 14:31:06 GMT
Accept-Ranges: bytes
Content-Length: 5592
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines, with CRLF line terminators
Size:   5592
Md5:    f0e8f485d5dcd736d8bdaffb78656dcb
Sha1:   d3aceef246d393c44046e5559639cfd2562d24b9
Sha256: 15f03990d87eacb437985c183cb64907cde19b517dbe715fc123416edbbafd79
                                        
                                            GET /amaz/chase.com/online/auth/Logon_Files/images/logo.gif HTTP/1.1 
Host: amazeats.id
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://amazeats.id/amaz/chase.com/online/auth/?616d617a656174732e6964

                                         
                                         202.159.24.22
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Mon, 30 Oct 2017 07:31:17 GMT
Server: Apache
Last-Modified: Fri, 23 Aug 2013 04:30:34 GMT
Accept-Ranges: bytes
Content-Length: 742
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 138 x 27
Size:   742
Md5:    a585a299a4215403b2312bb247426bad
Sha1:   27378ec35e166abc235b7cecd50f758c902cdcb3
Sha256: d82b8b41b5b6bcd2069fd19593e54bae7af16be3458f9765ffc30aee5b5a187f
                                        
                                            GET /amaz/chase.com/online/auth/Logon_Files/images/locker.gif HTTP/1.1 
Host: amazeats.id
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://amazeats.id/amaz/chase.com/online/auth/?616d617a656174732e6964

                                         
                                         202.159.24.22
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Mon, 30 Oct 2017 07:31:17 GMT
Server: Apache
Last-Modified: Tue, 06 Nov 2007 14:35:46 GMT
Accept-Ranges: bytes
Content-Length: 79
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 11 x 13
Size:   79
Md5:    bacb7f8bdf22dd9b332e03c287526e6f
Sha1:   a81e230b4e47efab7b3f4efc73ff858c7b8b59d1
Sha256: 6ca635b4672526ea924ee07136e8c25deb3c1626363aa8f7abba125b2e04a55a
                                        
                                            GET /amaz/chase.com/online/auth/Logon_Files/images/spacer.gif HTTP/1.1 
Host: amazeats.id
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://amazeats.id/amaz/chase.com/online/auth/?616d617a656174732e6964

                                         
                                         202.159.24.22
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Mon, 30 Oct 2017 07:31:17 GMT
Server: Apache
Last-Modified: Fri, 08 Jun 2012 13:35:26 GMT
Accept-Ranges: bytes
Content-Length: 43
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    325472601571f31e1bf00674c368d335
Sha1:   2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
Sha256: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
                                        
                                            GET /amaz/chase.com/online/auth/Logon_Files/images/contextualHelpIcon.gif HTTP/1.1 
Host: amazeats.id
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://amazeats.id/amaz/chase.com/online/auth/?616d617a656174732e6964

                                         
                                         202.159.24.22
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Mon, 30 Oct 2017 07:31:18 GMT
Server: Apache
Last-Modified: Fri, 08 Jun 2012 13:35:26 GMT
Accept-Ranges: bytes
Content-Length: 320
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 10 x 12
Size:   320
Md5:    b756eeb75dda48ede8c47aec3cb77cb4
Sha1:   ded91974a43506dca61d820084ff0471bb55ba6e
Sha256: cb4bf988e5048e2f1ba3d5f57a2b830f737548fb64703da2fd6896479a10fc76
                                        
                                            GET /amaz/chase.com/online/auth/Logon_Files/commonui/images/footericon.gif HTTP/1.1 
Host: amazeats.id
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://amazeats.id/amaz/chase.com/online/auth/?616d617a656174732e6964

                                         
                                         202.159.24.22
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Mon, 30 Oct 2017 07:31:18 GMT
Server: Apache
Last-Modified: Thu, 10 Jul 2014 10:47:52 GMT
Accept-Ranges: bytes
Content-Length: 499
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 15 x 18, 8-bit/color RGBA, non-interlaced
Size:   499
Md5:    126881f5b72656dc026520f027d1d164
Sha1:   bd2b66e48806f80bd0949aa7d60b7acb631b2c23
Sha256: fe9d4787c400374a235a6c7385e1afaf6433e7e921ba35af6ce475be82e1037b
                                        
                                            GET /amaz/chase.com/online/auth/Logon_Files/commonui/images/LiveLOOK.png HTTP/1.1 
Host: amazeats.id
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://amazeats.id/amaz/chase.com/online/auth/?616d617a656174732e6964

                                         
                                         202.159.24.22
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Mon, 30 Oct 2017 07:31:18 GMT
Server: Apache
Last-Modified: Thu, 10 Jul 2014 10:47:48 GMT
Accept-Ranges: bytes
Content-Length: 1999
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image, 30 x 30, 8-bit/color RGBA, non-interlaced
Size:   1999
Md5:    fd0b45aba9deb1fba0bb4a17bab3e01e
Sha1:   cb9713f81f4d9764e004ef7d26d895c5de7575a7
Sha256: e30b749aa08919e88c75d890c5b67a03980be61feba785a7249e134ceb2bb6bc
                                        
                                            GET /amaz/chase.com/online/auth/Logon_Files/images/favicon.ico HTTP/1.1 
Host: amazeats.id
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         202.159.24.22
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Date: Mon, 30 Oct 2017 07:31:18 GMT
Server: Apache
Last-Modified: Fri, 04 Aug 2006 10:10:46 GMT
Accept-Ranges: bytes
Content-Length: 894
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon
Size:   894
Md5:    34064e6805f82d7b6c2a182622f821cc
Sha1:   b948dc9020802c08314da2b0ba5e6794f809127d
Sha256: d4cfcb5fc5868b447b6baece891d5b38c711622b8f453739df0de21b881ef36a

Alerts:
  urlquery:
    - Phishing website detected
                                        
                                            GET /amaz/chase.com/online/auth/Logon_Files/images/logon.gif HTTP/1.1 
Host: amazeats.id
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://amazeats.id/amaz/chase.com/online/auth/?616d617a656174732e6964

                                         
                                         202.159.24.22
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Mon, 30 Oct 2017 07:31:18 GMT
Server: Apache
Last-Modified: Wed, 21 Nov 2007 11:53:42 GMT
Accept-Ranges: bytes
Content-Length: 1843
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 58 x 21
Size:   1843
Md5:    bb26f6301f82df189172dce882dc8d8c
Sha1:   3b03ed7ff1af8cb4132860c88ab62c4a1bfd4e13
Sha256: ee819bb4a70464b1dbc7951ee536ed9dd071a636b7e4062a012461c94941aa18
                                        
                                            GET /amaz/chase.com/online/auth/Logon_Files/images/dash2.gif HTTP/1.1 
Host: amazeats.id
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://amazeats.id/amaz/chase.com/online/auth/Logon_Files/Themes/default/css/style.css?Style=Logon.php?header=1&enroll=

                                         
                                         202.159.24.22
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Mon, 30 Oct 2017 07:31:18 GMT
Server: Apache
Last-Modified: Mon, 14 Feb 2005 14:43:12 GMT
Accept-Ranges: bytes
Content-Length: 36
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 4 x 1
Size:   36
Md5:    bc18f3aa53628091a302c2065c8e9b25
Sha1:   993a8921c63c6d907cab905248928b85c4db7392
Sha256: 2e6ba511d04da6693c40a5dadd61119ac78eed30cd05c5aa21fdf90c461d5738
                                        
                                            GET /amaz/chase.com/online/auth/Logon_Files/content/ecpweb/sso/image/bk-dash.gif HTTP/1.1 
Host: amazeats.id
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://amazeats.id/amaz/chase.com/online/auth/?616d617a656174732e6964

                                         
                                         202.159.24.22
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Mon, 30 Oct 2017 07:31:18 GMT
Server: Apache
Last-Modified: Wed, 04 Aug 2010 15:26:06 GMT
Accept-Ranges: bytes
Content-Length: 53
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 5 x 4
Size:   53
Md5:    2b38c9df139580ded1cb0f6a8fcf58c3
Sha1:   85b6d589fa239675bebf7ef89970a1a27ebcfb6a
Sha256: 3ae96e425d90169ed208ac9ff8ecef52e8100f0c6ebf560dde388b5e6b9c5df9
                                        
                                            GET /amaz/chase.com/online/auth/Logon_Files/content/ecpweb/sso/image/sculptured-octagon.jpg HTTP/1.1 
Host: amazeats.id
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://amazeats.id/amaz/chase.com/online/auth/?616d617a656174732e6964

                                         
                                         202.159.24.22
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Mon, 30 Oct 2017 07:31:18 GMT
Server: Apache
Last-Modified: Wed, 04 Aug 2010 15:26:38 GMT
Accept-Ranges: bytes
Content-Length: 12402
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.02
Size:   12402
Md5:    c6628b75cd960543cd1bd72a335c2ba5
Sha1:   4452e02c1c8a8ceea6a4f51ae312b184280ac272
Sha256: 4fa15bf683fd55833ce1500a9ac9177605d30ca9c5d8d4efb228f50a562318bf
                                        
                                            GET /amaz/chase.com/online/auth/Logon_Files/content/ecpweb/sso/image/blue-link-arrow.gif HTTP/1.1 
Host: amazeats.id
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://amazeats.id/amaz/chase.com/online/auth/?616d617a656174732e6964

                                         
                                         202.159.24.22
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Mon, 30 Oct 2017 07:31:18 GMT
Server: Apache
Last-Modified: Wed, 04 Aug 2010 15:26:38 GMT
Accept-Ranges: bytes
Content-Length: 50
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 4 x 8
Size:   50
Md5:    106a80c3b954ba2aa7810d99863ddafa
Sha1:   cbb922565d61fbd7ce2f350220f810b9d8947631
Sha256: 164b73f249d78f72c80ab144b628ff5f6d0d9ef6a42980d14189cd3a9c74f13a
                                        
                                            GET /amaz/chase.com/online/auth/Logon_Files/content/ecpweb/sso/image/ob-button-enroll-now.gif HTTP/1.1 
Host: amazeats.id
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://amazeats.id/amaz/chase.com/online/auth/?616d617a656174732e6964

                                         
                                         202.159.24.22
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Mon, 30 Oct 2017 07:31:18 GMT
Server: Apache
Last-Modified: Wed, 04 Aug 2010 15:26:38 GMT
Accept-Ranges: bytes
Content-Length: 3858
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 180 x 24
Size:   3858
Md5:    f0532d8ea684d241577dbfc7b80468b9
Sha1:   27d13c372b447a09e0dde62ad9c1dbdb86a5e006
Sha256: 69d71b38b85db4666d3e7c93f934edfda061b02ec497b93ca73e049ba5e17350
                                        
                                            GET /amaz/chase.com/online/auth/Logon_Files/content/ecpweb/sso/image/ob-button-see-the-demo.gif HTTP/1.1 
Host: amazeats.id
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://amazeats.id/amaz/chase.com/online/auth/?616d617a656174732e6964

                                         
                                         202.159.24.22
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Mon, 30 Oct 2017 07:31:18 GMT
Server: Apache
Last-Modified: Wed, 04 Aug 2010 15:26:38 GMT
Accept-Ranges: bytes
Content-Length: 3836
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 180 x 24
Size:   3836
Md5:    d59fe7bfa452daf9b89cb4653d79dcb9
Sha1:   baaefea48c483e7d619d18f4cc00bcbbc0fb8f36
Sha256: 0a16ba8439e3d70b8eb41a3504ecaf69799118cfc02c87d9aab3dd1cd39a279c