| closestuilast.sa.com/chase/Chase/bulk/over-1.php?locale=en-US&authID=550c79f8fb885dbd4a1945f2e59184bc2f3247bd&start=1713860107&end=931803798 | 72.167.135.168 | 200 OK | 6.8 kB |
URL User Request GET HTTP/1.1closestuilast.sa.com/chase/Chase/bulk/over-1.php?locale=en-US&authID=550c79f8fb885dbd4a1945f2e59184bc2f3247bd&start=1713860107&end=931803798 IP72.167.135.168:443 ASN#398101 GO-DADDY-COM-LLC
CertificateIssuerLet's Encrypt Subjectclosestuilast.sa.com FingerprintDB:57:FA:5E:78:93:1F:24:CD:5B:4A:99:FB:45:21:49:9A:57:16:E7 ValiditySun, 21 Apr 2024 18:04:36 GMT - Sat, 20 Jul 2024 18:04:35 GMT
File typeHTML document, ASCII text Hashefd5000629ed388e8bda5c85c8cb82c1 5d434eb3a60bd74c9a79f9cf62168b441ccaea6a d72fc03f9a7f1d9f105070cdc665230e58c34898120eac8684cf613d29f7b9bd
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Chase |
GET /chase/Chase/bulk/over-1.php?locale=en-US&authID=550c79f8fb885dbd4a1945f2e59184bc2f3247bd&start=1713860107&end=931803798 HTTP/1.1
Host: closestuilast.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 23 Apr 2024 08:40:17 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=4f139d22efd3c6c87d54d078b459cbf1; path=/
Content-Length: 6843
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
|
|
| closestuilast.sa.com/chase/Chase/css/shop-homepage.css | 72.167.135.168 | 200 OK | 833 B |
URL GET HTTP/1.1closestuilast.sa.com/chase/Chase/css/shop-homepage.css IP72.167.135.168:443 ASN#398101 GO-DADDY-COM-LLC
Requested byhttps://closestuilast.sa.com/chase/Chase/bulk/over-1.php?locale=en-US&authID=550c79f8fb885dbd4a1945f2e59184bc2f3247bd&start=1713860107&end=931803798 CertificateIssuerLet's Encrypt Subjectclosestuilast.sa.com FingerprintDB:57:FA:5E:78:93:1F:24:CD:5B:4A:99:FB:45:21:49:9A:57:16:E7 ValiditySun, 21 Apr 2024 18:04:36 GMT - Sat, 20 Jul 2024 18:04:35 GMT
Hash0881cba021cc199c9a9bd7206e037d72 98ac1e31c0125c6867b815e6d289d37156eca54e 5dfcd82eae4e1292288a0778b7f82792657268e6d0dadfc64f4b32106d47106a
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Chase |
GET /chase/Chase/css/shop-homepage.css HTTP/1.1
Host: closestuilast.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://closestuilast.sa.com/chase/Chase/bulk/over-1.php?locale=en-US&authID=550c79f8fb885dbd4a1945f2e59184bc2f3247bd&start=1713860107&end=931803798
Cookie: PHPSESSID=4f139d22efd3c6c87d54d078b459cbf1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 23 Apr 2024 08:40:18 GMT
Server: Apache
Last-Modified: Wed, 08 Apr 2015 06:31:44 GMT
Accept-Ranges: bytes
Content-Length: 833
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
|
|
| closestuilast.sa.com/chase/Chase/css/bootstrap.min.css | 72.167.135.168 | 200 OK | 117 kB |
URL GET HTTP/1.1closestuilast.sa.com/chase/Chase/css/bootstrap.min.css IP72.167.135.168:443 ASN#398101 GO-DADDY-COM-LLC
Requested byhttps://closestuilast.sa.com/chase/Chase/bulk/over-1.php?locale=en-US&authID=550c79f8fb885dbd4a1945f2e59184bc2f3247bd&start=1713860107&end=931803798 CertificateIssuerLet's Encrypt Subjectclosestuilast.sa.com FingerprintDB:57:FA:5E:78:93:1F:24:CD:5B:4A:99:FB:45:21:49:9A:57:16:E7 ValiditySun, 21 Apr 2024 18:04:36 GMT - Sat, 20 Jul 2024 18:04:35 GMT
File typeASCII text, with very long lines (65371) Size117 kB (117305 bytes) Hash9c4d68b023b560e9693f0fbe30215d4f 1a6498f9ef8b19e994038f6b09f05dc6deb58777 43aace313ae0f9356214b70f498cd0e668ec2189f66992e94279d3ac70ee42f0
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Chase |
GET /chase/Chase/css/bootstrap.min.css HTTP/1.1
Host: closestuilast.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://closestuilast.sa.com/chase/Chase/bulk/over-1.php?locale=en-US&authID=550c79f8fb885dbd4a1945f2e59184bc2f3247bd&start=1713860107&end=931803798
Cookie: PHPSESSID=4f139d22efd3c6c87d54d078b459cbf1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 23 Apr 2024 08:40:18 GMT
Server: Apache
Last-Modified: Fri, 19 Jun 2015 08:05:02 GMT
Accept-Ranges: bytes
Content-Length: 117305
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
|
|
| closestuilast.sa.com/chase/Chase/js/bootstrap.min.js | 72.167.135.168 | 200 OK | 36 kB |
URL GET HTTP/1.1closestuilast.sa.com/chase/Chase/js/bootstrap.min.js IP72.167.135.168:443 ASN#398101 GO-DADDY-COM-LLC
Requested byhttps://closestuilast.sa.com/chase/Chase/bulk/over-1.php?locale=en-US&authID=550c79f8fb885dbd4a1945f2e59184bc2f3247bd&start=1713860107&end=931803798 CertificateIssuerLet's Encrypt Subjectclosestuilast.sa.com FingerprintDB:57:FA:5E:78:93:1F:24:CD:5B:4A:99:FB:45:21:49:9A:57:16:E7 ValiditySun, 21 Apr 2024 18:04:36 GMT - Sat, 20 Jul 2024 18:04:35 GMT
File typeJavaScript source, ASCII text, with very long lines (32025) Hash8c237312864d2e4c4f03544cd4f9b195 253711c6d825de55a8360552573be950da180614 d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Chase |
GET /chase/Chase/js/bootstrap.min.js HTTP/1.1
Host: closestuilast.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://closestuilast.sa.com/chase/Chase/bulk/over-1.php?locale=en-US&authID=550c79f8fb885dbd4a1945f2e59184bc2f3247bd&start=1713860107&end=931803798
Cookie: PHPSESSID=4f139d22efd3c6c87d54d078b459cbf1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 23 Apr 2024 08:40:18 GMT
Server: Apache
Last-Modified: Wed, 08 Apr 2015 06:31:44 GMT
Accept-Ranges: bytes
Content-Length: 35951
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/javascript
|
|
| closestuilast.sa.com/chase/Chase/css/styles.css | 72.167.135.168 | 200 OK | 31 kB |
URL GET HTTP/1.1closestuilast.sa.com/chase/Chase/css/styles.css IP72.167.135.168:443 ASN#398101 GO-DADDY-COM-LLC
Requested byhttps://closestuilast.sa.com/chase/Chase/bulk/over-1.php?locale=en-US&authID=550c79f8fb885dbd4a1945f2e59184bc2f3247bd&start=1713860107&end=931803798 CertificateIssuerLet's Encrypt Subjectclosestuilast.sa.com FingerprintDB:57:FA:5E:78:93:1F:24:CD:5B:4A:99:FB:45:21:49:9A:57:16:E7 ValiditySun, 21 Apr 2024 18:04:36 GMT - Sat, 20 Jul 2024 18:04:35 GMT
File typeASCII text, with CRLF line terminators Hash29129cce96c6190f95b499010c291e37 4905ce4418dcb210c0733f85926859f9ae87f1dd 5e88a56ae0f31c978dbaa6af531d902cb69caabdf6c2d5145568080641d64349
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Chase |
GET /chase/Chase/css/styles.css HTTP/1.1
Host: closestuilast.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://closestuilast.sa.com/chase/Chase/bulk/over-1.php?locale=en-US&authID=550c79f8fb885dbd4a1945f2e59184bc2f3247bd&start=1713860107&end=931803798
Cookie: PHPSESSID=4f139d22efd3c6c87d54d078b459cbf1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 23 Apr 2024 08:40:18 GMT
Server: Apache
Last-Modified: Thu, 19 Mar 2020 21:16:20 GMT
Accept-Ranges: bytes
Content-Length: 30575
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
|
|
| closestuilast.sa.com/chase/Chase/img/cap.png | 72.167.135.168 | 200 OK | 1.6 kB |
URL GET HTTP/1.1closestuilast.sa.com/chase/Chase/img/cap.png IP72.167.135.168:443 ASN#398101 GO-DADDY-COM-LLC
Requested byhttps://closestuilast.sa.com/chase/Chase/bulk/over-1.php?locale=en-US&authID=550c79f8fb885dbd4a1945f2e59184bc2f3247bd&start=1713860107&end=931803798 CertificateIssuerLet's Encrypt Subjectclosestuilast.sa.com FingerprintDB:57:FA:5E:78:93:1F:24:CD:5B:4A:99:FB:45:21:49:9A:57:16:E7 ValiditySun, 21 Apr 2024 18:04:36 GMT - Sat, 20 Jul 2024 18:04:35 GMT
File typePNG image data, 174 x 26, 8-bit/color RGBA, non-interlaced Hash46c51041103753eee58d011f174f0ee3 e9fb16dfded11b7d344b478166e390daecbce836 6147b5d1cf66c9e0ddb5de4b00307fb68df6d0af29f16717ac9f8ddecd902bfa
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Chase |
GET /chase/Chase/img/cap.png HTTP/1.1
Host: closestuilast.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://closestuilast.sa.com/chase/Chase/bulk/over-1.php?locale=en-US&authID=550c79f8fb885dbd4a1945f2e59184bc2f3247bd&start=1713860107&end=931803798
Cookie: PHPSESSID=4f139d22efd3c6c87d54d078b459cbf1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 23 Apr 2024 08:40:19 GMT
Server: Apache
Last-Modified: Sun, 26 Jan 2020 09:16:28 GMT
Accept-Ranges: bytes
Content-Length: 1629
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
|
|
| closestuilast.sa.com/chase/Chase/img/wordmark-white.svg | 72.167.135.168 | 200 OK | 1.4 kB |
URL GET HTTP/1.1closestuilast.sa.com/chase/Chase/img/wordmark-white.svg IP72.167.135.168:443 ASN#398101 GO-DADDY-COM-LLC
Requested byhttps://closestuilast.sa.com/chase/Chase/bulk/over-1.php?locale=en-US&authID=550c79f8fb885dbd4a1945f2e59184bc2f3247bd&start=1713860107&end=931803798 CertificateIssuerLet's Encrypt Subjectclosestuilast.sa.com FingerprintDB:57:FA:5E:78:93:1F:24:CD:5B:4A:99:FB:45:21:49:9A:57:16:E7 ValiditySun, 21 Apr 2024 18:04:36 GMT - Sat, 20 Jul 2024 18:04:35 GMT
File typeSVG Scalable Vector Graphics image Hashb55b042f907bc7108f5dca2103a8476b 9fcdcc86bfe1f3c7d4f774775670fbd08fe7556c d3bf9c143e5e360da41736b1d4e833b5ac6b6f7093ddc91ffc538233a78488d0
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Chase |
GET /chase/Chase/img/wordmark-white.svg HTTP/1.1
Host: closestuilast.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://closestuilast.sa.com/chase/Chase/css/styles.css
Cookie: PHPSESSID=4f139d22efd3c6c87d54d078b459cbf1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 23 Apr 2024 08:40:19 GMT
Server: Apache
Last-Modified: Mon, 11 Nov 2019 21:37:38 GMT
Accept-Ranges: bytes
Content-Length: 1409
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml
|
|
| ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=6222530beb | 172.67.139.119 | 200 OK | 91 kB |
URL GET HTTP/2ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=6222530beb IP172.67.139.119:443
Requested byhttps://closestuilast.sa.com/chase/Chase/bulk/over-1.php?locale=en-US&authID=550c79f8fb885dbd4a1945f2e59184bc2f3247bd&start=1713860107&end=931803798 CertificateIssuerGoogle Trust Services LLC Subjectka-f.fontawesome.com Fingerprint8D:43:33:42:48:C0:F5:34:71:EC:49:69:9C:62:01:4A:6F:41:11:98 ValidityTue, 05 Mar 2024 09:23:28 GMT - Mon, 03 Jun 2024 09:23:27 GMT
File typeASCII text, with very long lines (60130) Hasha12ec7ebe75a4d59a5dd6b79e2ba2e16 28f5dcc595ee6d4163481ef64170180502c8629b fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda
GET /releases/v5.15.4/css/free.min.css?token=6222530beb HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://closestuilast.sa.com/
Origin: https://closestuilast.sa.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Apr 2024 08:40:19 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 454b04b563cd5c3b9a4496e3ea346390.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P2
x-amz-cf-id: 59o4HUGk2MS-Xs2crWcEIGjenHqI-nP8ZBojuAzIZoRkZPBT1Rxytg==
age: 28443
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kokry4TdrvSyt11iXItkvZRqtKlbYCHut4xQkfyBXKd%2B67dQQiykkHA8nPJqq0g7vw8SCII%2BuPQRbFxfJb2TUN6uQcYBZNcZuG1nZuT8ux%2Ft140NG%2F%2Byj4SoeuR2TN4n99J6dMBbOA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 878c8c50efc70b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| closestuilast.sa.com/chase/Chase/js/jquery.js | 72.167.135.168 | 200 OK | 96 kB |
URL GET HTTP/1.1closestuilast.sa.com/chase/Chase/js/jquery.js IP72.167.135.168:443 ASN#398101 GO-DADDY-COM-LLC
Requested byhttps://closestuilast.sa.com/chase/Chase/bulk/over-1.php?locale=en-US&authID=550c79f8fb885dbd4a1945f2e59184bc2f3247bd&start=1713860107&end=931803798 CertificateIssuerLet's Encrypt Subjectclosestuilast.sa.com FingerprintDB:57:FA:5E:78:93:1F:24:CD:5B:4A:99:FB:45:21:49:9A:57:16:E7 ValiditySun, 21 Apr 2024 18:04:36 GMT - Sat, 20 Jul 2024 18:04:35 GMT
File typeJavaScript source, ASCII text, with very long lines (32086) Hashc2b18a7789c0f6b24d967e95d499af9c c2276b80ca147e13222e54a7eb88e13c45668f75 08abdcf2873a8643152b7c731d62affe5341935d2cd5568078ed6cab875ebed1
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Chase |
GET /chase/Chase/js/jquery.js HTTP/1.1
Host: closestuilast.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://closestuilast.sa.com/chase/Chase/bulk/over-1.php?locale=en-US&authID=550c79f8fb885dbd4a1945f2e59184bc2f3247bd&start=1713860107&end=931803798
Cookie: PHPSESSID=4f139d22efd3c6c87d54d078b459cbf1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 23 Apr 2024 08:40:18 GMT
Server: Apache
Last-Modified: Fri, 19 Jun 2015 08:05:00 GMT
Accept-Ranges: bytes
Content-Length: 95785
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/javascript
|
|
| closestuilast.sa.com/chase/Chase/fonts/opensans-regular.woff | 72.167.135.168 | 200 OK | 25 kB |
URL GET HTTP/1.1closestuilast.sa.com/chase/Chase/fonts/opensans-regular.woff IP72.167.135.168:443 ASN#398101 GO-DADDY-COM-LLC
Requested byhttps://closestuilast.sa.com/chase/Chase/bulk/over-1.php?locale=en-US&authID=550c79f8fb885dbd4a1945f2e59184bc2f3247bd&start=1713860107&end=931803798 CertificateIssuerLet's Encrypt Subjectclosestuilast.sa.com FingerprintDB:57:FA:5E:78:93:1F:24:CD:5B:4A:99:FB:45:21:49:9A:57:16:E7 ValiditySun, 21 Apr 2024 18:04:36 GMT - Sat, 20 Jul 2024 18:04:35 GMT
File typeWeb Open Font Format, TrueType, length 24876, version 1.0 Hash4eeedb4bc24c1cae309e117eea3f102f ad5a141ef39ad1ada22a464fcd3678fcf72ac22b b8422277fc69c8e6ab51112dbf25048e40425cc497490fee251b56d7ef0ca179
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Chase |
GET /chase/Chase/fonts/opensans-regular.woff HTTP/1.1
Host: closestuilast.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://closestuilast.sa.com/chase/Chase/css/styles.css
Cookie: PHPSESSID=4f139d22efd3c6c87d54d078b459cbf1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 23 Apr 2024 08:40:19 GMT
Server: Apache
Last-Modified: Sun, 10 Nov 2019 08:03:50 GMT
Accept-Ranges: bytes
Content-Length: 24876
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: font/woff
|
|
| closestuilast.sa.com/chase/Chase/img/chasefavicon.ico | 72.167.135.168 | 200 OK | 32 kB |
URL GET HTTP/1.1closestuilast.sa.com/chase/Chase/img/chasefavicon.ico IP72.167.135.168:443 ASN#398101 GO-DADDY-COM-LLC
Requested byhttps://closestuilast.sa.com/chase/Chase/bulk/over-1.php?locale=en-US&authID=550c79f8fb885dbd4a1945f2e59184bc2f3247bd&start=1713860107&end=931803798 CertificateIssuerLet's Encrypt Subjectclosestuilast.sa.com FingerprintDB:57:FA:5E:78:93:1F:24:CD:5B:4A:99:FB:45:21:49:9A:57:16:E7 ValiditySun, 21 Apr 2024 18:04:36 GMT - Sat, 20 Jul 2024 18:04:35 GMT
File typeMS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel Hash5744986eb3dc6f2da92157a651889902 5a558b58498fab2aeb742acdab51e0c2fbc78385 625816f80596303e9de8e68695973369faa462b416202825b03899c781464fb9
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Chase |
GET /chase/Chase/img/chasefavicon.ico HTTP/1.1
Host: closestuilast.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://closestuilast.sa.com/chase/Chase/bulk/over-1.php?locale=en-US&authID=550c79f8fb885dbd4a1945f2e59184bc2f3247bd&start=1713860107&end=931803798
Cookie: PHPSESSID=4f139d22efd3c6c87d54d078b459cbf1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 23 Apr 2024 08:40:19 GMT
Server: Apache
Last-Modified: Thu, 14 Sep 2017 23:13:10 GMT
Accept-Ranges: bytes
Content-Length: 32038
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/x-icon
|
|
| closestuilast.sa.com/chase/Chase/img/background.desktop.day.3.jpeg | 72.167.135.168 | 200 OK | 341 kB |
URL GET HTTP/1.1closestuilast.sa.com/chase/Chase/img/background.desktop.day.3.jpeg IP72.167.135.168:443 ASN#398101 GO-DADDY-COM-LLC
Requested byhttps://closestuilast.sa.com/chase/Chase/bulk/over-1.php?locale=en-US&authID=550c79f8fb885dbd4a1945f2e59184bc2f3247bd&start=1713860107&end=931803798 CertificateIssuerLet's Encrypt Subjectclosestuilast.sa.com FingerprintDB:57:FA:5E:78:93:1F:24:CD:5B:4A:99:FB:45:21:49:9A:57:16:E7 ValiditySun, 21 Apr 2024 18:04:36 GMT - Sat, 20 Jul 2024 18:04:35 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x1080, components 3 Size341 kB (340561 bytes) Hashbccae5576719b1cc6074473c917b32b9 158f498b8a1fb9ce60b2bb9e84e3a8b461c96603 55e2f154ffd16e75cafd5d62cf51fff15fccbd83004b42f6e84ef5c401085b9d
Analyzer | Verdict | Alert | urlquery | phishing | Phishing - Chase |
GET /chase/Chase/img/background.desktop.day.3.jpeg HTTP/1.1
Host: closestuilast.sa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://closestuilast.sa.com/chase/Chase/css/styles.css
Cookie: PHPSESSID=4f139d22efd3c6c87d54d078b459cbf1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 23 Apr 2024 08:40:19 GMT
Server: Apache
Last-Modified: Sun, 14 Mar 2021 12:31:08 GMT
Accept-Ranges: bytes
Content-Length: 340561
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
|
|
| kit.fontawesome.com/6222530beb.js | 172.64.147.188 | 200 OK | 11 kB |
URL GET HTTP/2kit.fontawesome.com/6222530beb.js IP172.64.147.188:443
Requested byhttps://closestuilast.sa.com/chase/Chase/bulk/over-1.php?locale=en-US&authID=550c79f8fb885dbd4a1945f2e59184bc2f3247bd&start=1713860107&end=931803798 CertificateIssuerDigiCert Inc Subject*.fontawesome.com Fingerprint93:F9:69:8C:73:B0:08:60:65:F3:39:41:39:66:D3:2B:78:3A:6E:3D ValidityMon, 04 Dec 2023 00:00:00 GMT - Fri, 03 Jan 2025 23:59:59 GMT
File typegzip compressed data, from Unix Hashfa2a53c1d096b9d7bd840c9f92fe842b a589323c8216d87a3cdeb6ceef76ef0522207080 d0cb9c168d8944aea79c8ef367583b62ca2bdf2aeb35d0db0c5aed2494ce3d00
GET /6222530beb.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://closestuilast.sa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Apr 2024 08:40:18 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, stale-while-revalidate=30
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: F8jCMW2T0MnNdZ0GTJzh
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 878c8c4ccd91b517-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml | 35.244.181.201 | | 444 B |
URL aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml IP35.244.181.201:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typeXML 1.0 document, ASCII text, with very long lines (332) Hash3b324dec137a87ef7e24a30a65b13dd0 c0faa95b2f1018e264b3a14aaf50d1003e6c27b3 6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463
GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-06-09-11-51-10.chain; p384ecdsa=cYFvUZVa-cs3CMuTE57hWJPksK2SkWCU__w5NDHbdfnzpDld_DN7jHFMv9KrxdYFT1kMIGDO35y1YStuCKCaBRDu2ECmDD6DFvWaV5RFnRqeyHaLqsCTHVhA6YKio42H
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: MISS
content-encoding: gzip
via: 1.1 google
date: Tue, 23 Apr 2024 08:38:57 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
content-length: 444
age: 99
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=6222530beb | 172.67.139.119 | 200 OK | 27 kB |
URL GET HTTP/2ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=6222530beb IP172.67.139.119:443
Requested byhttps://closestuilast.sa.com/chase/Chase/bulk/over-1.php?locale=en-US&authID=550c79f8fb885dbd4a1945f2e59184bc2f3247bd&start=1713860107&end=931803798 CertificateIssuerGoogle Trust Services LLC Subjectka-f.fontawesome.com Fingerprint8D:43:33:42:48:C0:F5:34:71:EC:49:69:9C:62:01:4A:6F:41:11:98 ValidityTue, 05 Mar 2024 09:23:28 GMT - Mon, 03 Jun 2024 09:23:27 GMT
File typeASCII text, with very long lines (26500) Hash76f34b71fc9fb641507ff6a822cc07f5 73ed2f8f21cd40fb496e61306acbb5849d4dbff4 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
GET /releases/v5.15.4/css/free-v4-shims.min.css?token=6222530beb HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://closestuilast.sa.com/
Origin: https://closestuilast.sa.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Apr 2024 08:40:19 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 75d52516d2e9126ccb2b4cf8db62c446.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P2
x-amz-cf-id: 2568Qj8YqqiNwXvM2SquvF-tQWaBJkG9wKPQt-L1WxYlKAjtTgohLA==
age: 28443
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=flNeYDgqVXBcEKqlVQEwJTE9UH%2Fvr0VqrU1HgYMOdK%2B5Qpl9qW3ogWqGr9j76o1fyf92qX%2B2jFCowJikRuWTTyr7eUroLZCtyPps%2FV5pxIsnRwphbyXfULEB8dyrtEoRj9EQTNkz4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 878c8c50ffc90b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-solid-900.woff2 | 172.67.139.119 | 200 OK | 78 kB |
URL GET HTTP/2ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-solid-900.woff2 IP172.67.139.119:443
Requested byhttps://closestuilast.sa.com/chase/Chase/bulk/over-1.php?locale=en-US&authID=550c79f8fb885dbd4a1945f2e59184bc2f3247bd&start=1713860107&end=931803798 CertificateIssuerGoogle Trust Services LLC Subjectka-f.fontawesome.com Fingerprint8D:43:33:42:48:C0:F5:34:71:EC:49:69:9C:62:01:4A:6F:41:11:98 ValidityTue, 05 Mar 2024 09:23:28 GMT - Mon, 03 Jun 2024 09:23:27 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 78168, version 331.-31196 Hasha9fd1225fb2cd32320e2b931dca01089 44ec5c6a868b4ce62350d9f040ed8e18f7a1d128 c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7
GET /releases/v5.15.4/webfonts/free-fa-solid-900.woff2 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://closestuilast.sa.com
DNT: 1
Connection: keep-alive
Referer: https://closestuilast.sa.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 23 Apr 2024 08:40:19 GMT
content-type: font/woff2
content-length: 78168
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:58:24 GMT
etag: "a9fd1225fb2cd32320e2b931dca01089"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: AL_a-ZGMveQ8HiY11ZkFk2kC61K7nM6Tgkb3OihWjmEvB2WAgfkT1A==
age: 28443
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HzG74dD3oOsuHeOAgfjk8WPX4bOTW4g8isgDxNPZK9z0LxhASMJKBG9M42uNx6fMjjlAFfEAJPNSiA3oz3NdANJhmHNy%2BXanXcuyUnmfAbN7R5aovSMU09%2FI4k%2FD1T9L9%2BGLWjusAg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 878c8c51a82f0b4d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|