Report - 041fcf0.netsolhost.com/secure01.chase/secure.php?a1109739dd2a3866114d0d375c910f66=

Report Overview

Submitted URL
041fcf0.netsolhost.com/secure01.chase/secure.php?a1109739dd2a3866114d0d375c910f66=
IP
206.188.192.140
ASN
#19871 NETWORK-SOLUTIONS-HOSTING
Submitted
2023-06-01 23:23:15
Access
public
Website Title
Final URL
Tags
chase financial phishing
urlquery detections
Phishing - Chase

Detections

urlquery
25
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ocsp.sectigo.com	487	2018-08-16	2019-11-29	2023-06-02	330 B	964 B	104.18.15.101
041fcf0.netsolhost.com	unknown	2004-09-21	2022-05-26	2023-06-01	6.9 kB	1.0 MB	206.188.192.140
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-06-01	999 B	2.1 kB	142.250.74.3
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2023-06-02	879 B	66 kB	142.250.74.138
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2023-06-01	935 B	33 kB	104.17.25.14

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (6)

	URL	Size	First Seen	Last Seen
	041fcf0.netsolhost.com/secure01.chase/secure.php?a1109739dd2a3866114d0d375c910f66=	0 B	2023-03-07	2024-04-27
Pretty URL 041fcf0.netsolhost.com/secure01.chase/secure.php?a1109739dd2a3866114d0d375c910f66= IP 206.188.192.140 ASN #19871 NETWORK-SOLUTIONS-HOSTING Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-27 02:16:38 Times Seen37108910 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js	88 kB	2023-03-07	2024-04-27
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js IP 142.250.74.138 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-04-27 01:15:23 Times Seen95673 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js	93 kB	2023-03-07	2024-04-26
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js IP 142.250.74.138 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-26 23:40:32 Times Seen16822 Hash e0e0559014b222245deb26b6ae8bd940 e2f3603e23711f6446f278a411d905623d65201e 89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery-form-validator/2.3.26/jquery.form-validator.min.js	29 kB	2023-03-07	2024-04-18
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery-form-validator/2.3.26/jquery.form-validator.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:37 Last Seen2024-04-18 08:11:07 Times Seen4162 Hash 65d26571933bceaf63fb8cc76e7cbee3 ced024e4ee91e3b87f0d068c35008118c7fb60e8 f1264020dbe3f8813dceb1e15a7d5f4a48f2142e413cb310e7a256f4999d949a Loading...

	041fcf0.netsolhost.com/secure01.chase/secure.php?a1109739dd2a3866114d0d375c910f66=	0 B	2023-03-07	2024-04-27
Pretty URL 041fcf0.netsolhost.com/secure01.chase/secure.php?a1109739dd2a3866114d0d375c910f66= IP 206.188.192.140 ASN #19871 NETWORK-SOLUTIONS-HOSTING Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-27 02:16:38 Times Seen37108910 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery-form-validator/2.3.26/toggleDisabled.js	1.5 kB	2023-03-07	2024-03-27
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery-form-validator/2.3.26/toggleDisabled.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:38 Last Seen2024-03-27 07:18:37 Times Seen1944 Hash 63b5a507f54e01418d48f37a53d90896 2b80dcd3c5d18e56b35a451d09838fab7a506471 256a06c938ecc394af763d147219fa14033d3528b1ed9da5f1e2f2ddbc8d2b08 Loading...

HTTP Transactions (21)

URL IP Response Size

ocsp.sectigo.com/

104.18.15.101

472 B

URL
ocsp.sectigo.com/
IP
104.18.15.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
4b6ba38bd24d3643b507eb2d87de0226
1581034967f8fe660b26b320554ab1850ff8a5de
54807634df11a8d007d7c097245d6b912ecf82a7408bfd71e6161d0c7f744193

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 01 Jun 2023 23:22:57 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 30 May 2023 08:01:44 GMT
Expires: Tue, 06 Jun 2023 08:01:43 GMT
Etag: "1581034967f8fe660b26b320554ab1850ff8a5de"
Cache-Control: max-age=376125,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d0b339cfa6b0b31-OSL

041fcf0.netsolhost.com/secure01.chase/secure.php?a1109739dd2a3866114d0d375c910f66=

206.188.192.140

200 OK

11 kB

URL User Request GET HTTP/2
041fcf0.netsolhost.com/secure01.chase/secure.php?a1109739dd2a3866114d0d375c910f66=
IP
206.188.192.140:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Certificate
IssuerSectigo Limited
Subject*.netsolhost.com
Fingerprint20:F7:49:9E:35:53:07:7F:27:F6:8F:21:09:B4:D2:3F:6A:79:6F:CF
ValiditySat, 06 Aug 2022 00:00:00 GMT - Wed, 06 Sep 2023 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix\012- data
Size
11 kB (10842 bytes)
Hash
bb7ff288c6ba8c845899f877d2b8c8fd
7eea9118b1f54a9923bbcc107982f3db5a6614f2
69e59400d5cefc23fb2e343299033870eb51ca33b8a6cb2bbe46b6874362aa53

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Chase
urlquery	phishing	Phishing - Chase

HTTP Headers

GET /secure01.chase/secure.php?a1109739dd2a3866114d0d375c910f66= HTTP/1.1
Host: 041fcf0.netsolhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Thu, 01 Jun 2023 23:22:57 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/5.6.40
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
02593b51cd737e1085e5837a9a47c755
aab410449655b9fddf070f3e25a1a8e5aee59530
0ea607d017e63bf06a742560b582d99802dc477bba715d9890e1d51663e50d99

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Jun 2023 23:22:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
02593b51cd737e1085e5837a9a47c755
aab410449655b9fddf070f3e25a1a8e5aee59530
0ea607d017e63bf06a742560b582d99802dc477bba715d9890e1d51663e50d99

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Jun 2023 23:22:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

142.250.74.138

200 OK

31 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://041fcf0.netsolhost.com/secure01.chase/secure.php?a1109739dd2a3866114d0d375c910f66=
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT

File type
ASCII text, with very long lines (65451)
Size
31 kB (30774 bytes)
Hash
220afd743d9e9643852e31a135a9f3ae
88523924351bac0b5d560fe0c5781e2556e7693d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

HTTP Headers

GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://041fcf0.netsolhost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 May 2023 13:53:33 GMT
expires: Sun, 26 May 2024 13:53:33 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 466164
last-modified: Mon, 13 May 2019 14:37:17 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

142.250.74.138

200 OK

33 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://041fcf0.netsolhost.com/secure01.chase/secure.php?a1109739dd2a3866114d0d375c910f66=
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT

File type
ASCII text, with very long lines (32072)
Size
33 kB (32954 bytes)
Hash
e0e0559014b222245deb26b6ae8bd940
e2f3603e23711f6446f278a411d905623d65201e
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

HTTP Headers

GET /ajax/libs/jquery/1.10.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://041fcf0.netsolhost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 32954
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 May 2023 17:51:24 GMT
expires: Wed, 29 May 2024 17:51:24 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 192693
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
02593b51cd737e1085e5837a9a47c755
aab410449655b9fddf070f3e25a1a8e5aee59530
0ea607d017e63bf06a742560b582d99802dc477bba715d9890e1d51663e50d99

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Jun 2023 23:22:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

041fcf0.netsolhost.com/secure01.chase/chase/img/chasefavicon.ico

206.188.192.140

200 OK

32 kB

URL GET HTTP/2
041fcf0.netsolhost.com/secure01.chase/chase/img/chasefavicon.ico
IP
206.188.192.140:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://041fcf0.netsolhost.com/secure01.chase/secure.php?a1109739dd2a3866114d0d375c910f66=
Certificate
IssuerSectigo Limited
Subject*.netsolhost.com
Fingerprint20:F7:49:9E:35:53:07:7F:27:F6:8F:21:09:B4:D2:3F:6A:79:6F:CF
ValiditySat, 06 Aug 2022 00:00:00 GMT - Wed, 06 Sep 2023 23:59:59 GMT

File type
MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
32 kB (32038 bytes)
Hash
5744986eb3dc6f2da92157a651889902
5a558b58498fab2aeb742acdab51e0c2fbc78385
625816f80596303e9de8e68695973369faa462b416202825b03899c781464fb9

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Chase
urlquery	phishing	Phishing - Chase

HTTP Headers

GET /secure01.chase/chase/img/chasefavicon.ico HTTP/1.1
Host: 041fcf0.netsolhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://041fcf0.netsolhost.com/secure01.chase/secure.php?a1109739dd2a3866114d0d375c910f66=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Thu, 01 Jun 2023 23:22:59 GMT
content-type: image/x-icon
content-length: 32038
last-modified: Wed, 02 Mar 2022 15:09:42 GMT
etag: "7d26-5d93dabcb7d64"
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2

041fcf0.netsolhost.com/secure01.chase/chase/css/logon.css

206.188.192.140

200 OK

24 kB

URL GET HTTP/2
041fcf0.netsolhost.com/secure01.chase/chase/css/logon.css
IP
206.188.192.140:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://041fcf0.netsolhost.com/secure01.chase/secure.php?a1109739dd2a3866114d0d375c910f66=
Certificate
IssuerSectigo Limited
Subject*.netsolhost.com
Fingerprint20:F7:49:9E:35:53:07:7F:27:F6:8F:21:09:B4:D2:3F:6A:79:6F:CF
ValiditySat, 06 Aug 2022 00:00:00 GMT - Wed, 06 Sep 2023 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix\012- data
Size
24 kB (24530 bytes)
Hash
47568fcb6c08ab26c55678db46d553c7
bc3847e2df4301edd25bf607050df8640c898878
97d8acb11ac18e57e51283b2572be7619702f3a9c988e4cec027c501865975c8

HTTP Headers

GET /secure01.chase/chase/css/logon.css HTTP/1.1
Host: 041fcf0.netsolhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://041fcf0.netsolhost.com/secure01.chase/secure.php?a1109739dd2a3866114d0d375c910f66=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Thu, 01 Jun 2023 23:22:57 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 02 Mar 2022 15:09:40 GMT
etag: W/"1ba2e-5d93dabb59421"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2

041fcf0.netsolhost.com/secure01.chase/chase/css/blue-ui.css

206.188.192.140

200 OK

72 kB

URL GET HTTP/2
041fcf0.netsolhost.com/secure01.chase/chase/css/blue-ui.css
IP
206.188.192.140:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://041fcf0.netsolhost.com/secure01.chase/secure.php?a1109739dd2a3866114d0d375c910f66=
Certificate
IssuerSectigo Limited
Subject*.netsolhost.com
Fingerprint20:F7:49:9E:35:53:07:7F:27:F6:8F:21:09:B4:D2:3F:6A:79:6F:CF
ValiditySat, 06 Aug 2022 00:00:00 GMT - Wed, 06 Sep 2023 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix\012- data
Size
72 kB (72163 bytes)
Hash
823bf44e98bd452d46675ac16b10c978
d33b1d1cd47c1195c637dd23392f3fc88821c63b
b3005ae0b75b6c063b0fddaa25ce5fb27142907bd8df9a3f70105f5248138a5f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Chase
urlquery	phishing	Phishing - Chase

HTTP Headers

GET /secure01.chase/chase/css/blue-ui.css HTTP/1.1
Host: 041fcf0.netsolhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://041fcf0.netsolhost.com/secure01.chase/chase/css/dashboard.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Thu, 01 Jun 2023 23:23:00 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 02 Mar 2022 15:09:36 GMT
etag: W/"6898b-5d93dab7508b5"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2

041fcf0.netsolhost.com/secure01.chase/chase/css/blue-ui2.css

206.188.192.140

200 OK

84 kB

URL GET HTTP/2
041fcf0.netsolhost.com/secure01.chase/chase/css/blue-ui2.css
IP
206.188.192.140:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://041fcf0.netsolhost.com/secure01.chase/secure.php?a1109739dd2a3866114d0d375c910f66=
Certificate
IssuerSectigo Limited
Subject*.netsolhost.com
Fingerprint20:F7:49:9E:35:53:07:7F:27:F6:8F:21:09:B4:D2:3F:6A:79:6F:CF
ValiditySat, 06 Aug 2022 00:00:00 GMT - Wed, 06 Sep 2023 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix\012- data
Size
84 kB (84349 bytes)
Hash
e8e3bfa2fd39bedcdfd759f9b01cec1e
685aa7a46ea77bd5f0bc4cd769bbcf1206c844c9
67aa2778355d42eba295b90c1d3a6433560e8b10e1f5f516bb9279381d49e1b9

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Chase
urlquery	phishing	Phishing - Chase

HTTP Headers

GET /secure01.chase/chase/css/blue-ui2.css HTTP/1.1
Host: 041fcf0.netsolhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://041fcf0.netsolhost.com/secure01.chase/secure.php?a1109739dd2a3866114d0d375c910f66=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Thu, 01 Jun 2023 23:22:57 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 02 Mar 2022 15:09:36 GMT
etag: W/"781e1-5d93dab78c1d4"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2

041fcf0.netsolhost.com/secure01.chase/chase/css/fonts/opensans-regular.woff

206.188.192.140

200 OK

25 kB

URL GET HTTP/2
041fcf0.netsolhost.com/secure01.chase/chase/css/fonts/opensans-regular.woff
IP
206.188.192.140:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://041fcf0.netsolhost.com/secure01.chase/secure.php?a1109739dd2a3866114d0d375c910f66=
Certificate
IssuerSectigo Limited
Subject*.netsolhost.com
Fingerprint20:F7:49:9E:35:53:07:7F:27:F6:8F:21:09:B4:D2:3F:6A:79:6F:CF
ValiditySat, 06 Aug 2022 00:00:00 GMT - Wed, 06 Sep 2023 23:59:59 GMT

File type
Web Open Font Format, TrueType, length 24876, version 1.0\012- data
Size
25 kB (24876 bytes)
Hash
4eeedb4bc24c1cae309e117eea3f102f
ad5a141ef39ad1ada22a464fcd3678fcf72ac22b
b8422277fc69c8e6ab51112dbf25048e40425cc497490fee251b56d7ef0ca179

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Chase
urlquery	phishing	Phishing - Chase

HTTP Headers

GET /secure01.chase/chase/css/fonts/opensans-regular.woff HTTP/1.1
Host: 041fcf0.netsolhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://041fcf0.netsolhost.com/secure01.chase/chase/css/login.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Thu, 01 Jun 2023 23:23:00 GMT
content-type: font/woff
content-length: 24876
last-modified: Wed, 02 Mar 2022 15:09:39 GMT
etag: "612c-5d93dab9f29a7"
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2

041fcf0.netsolhost.com/secure01.chase/chase/css/fonts/dcefont.woff

206.188.192.140

200 OK

53 kB

URL GET HTTP/2
041fcf0.netsolhost.com/secure01.chase/chase/css/fonts/dcefont.woff
IP
206.188.192.140:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://041fcf0.netsolhost.com/secure01.chase/secure.php?a1109739dd2a3866114d0d375c910f66=
Certificate
IssuerSectigo Limited
Subject*.netsolhost.com
Fingerprint20:F7:49:9E:35:53:07:7F:27:F6:8F:21:09:B4:D2:3F:6A:79:6F:CF
ValiditySat, 06 Aug 2022 00:00:00 GMT - Wed, 06 Sep 2023 23:59:59 GMT

File type
Web Open Font Format, TrueType, length 52572, version 1.0\012- data
Size
53 kB (52572 bytes)
Hash
246d7cde27d09b7212e3528b6323cef7
45043cf1de108bb0dd2ecaf98d6467f43c25624d
d53f74cb74bb7738f0fa226ead6ddd70a5de9cc9d6ee48034fc2d1f8204aceb4

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Chase
urlquery	phishing	Phishing - Chase

HTTP Headers

GET /secure01.chase/chase/css/fonts/dcefont.woff HTTP/1.1
Host: 041fcf0.netsolhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://041fcf0.netsolhost.com/secure01.chase/chase/css/blue-ui.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Thu, 01 Jun 2023 23:23:00 GMT
content-type: font/woff
content-length: 52572
last-modified: Wed, 02 Mar 2022 15:09:38 GMT
etag: "cd5c-5d93dab90781f"
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2

041fcf0.netsolhost.com/secure01.chase/chase/css/dashboard.css

206.188.192.140

200 OK

477 kB

URL GET HTTP/2
041fcf0.netsolhost.com/secure01.chase/chase/css/dashboard.css
IP
206.188.192.140:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://041fcf0.netsolhost.com/secure01.chase/secure.php?a1109739dd2a3866114d0d375c910f66=
Certificate
IssuerSectigo Limited
Subject*.netsolhost.com
Fingerprint20:F7:49:9E:35:53:07:7F:27:F6:8F:21:09:B4:D2:3F:6A:79:6F:CF
ValiditySat, 06 Aug 2022 00:00:00 GMT - Wed, 06 Sep 2023 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix\012- data
Size
477 kB (476777 bytes)
Hash
c9794c610030239be99de9bbef7dd19d
53326c1b40b17f51b7aa2e960a9174bb31e6c110
94e800bcb92bff42ce9138afb933803454569ffafa109b35fe1b8de05de30cfe

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Chase
urlquery	phishing	Phishing - Chase

HTTP Headers

GET /secure01.chase/chase/css/dashboard.css HTTP/1.1
Host: 041fcf0.netsolhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://041fcf0.netsolhost.com/secure01.chase/secure.php?a1109739dd2a3866114d0d375c910f66=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Thu, 01 Jun 2023 23:22:57 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 02 Mar 2022 15:09:37 GMT
etag: W/"1d3ad5-5d93dab82df8c"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2

041fcf0.netsolhost.com/secure01.chase/chase/css/fonts/opensans-semibold.woff

206.188.192.140

200 OK

25 kB

URL GET HTTP/2
041fcf0.netsolhost.com/secure01.chase/chase/css/fonts/opensans-semibold.woff
IP
206.188.192.140:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://041fcf0.netsolhost.com/secure01.chase/secure.php?a1109739dd2a3866114d0d375c910f66=
Certificate
IssuerSectigo Limited
Subject*.netsolhost.com
Fingerprint20:F7:49:9E:35:53:07:7F:27:F6:8F:21:09:B4:D2:3F:6A:79:6F:CF
ValiditySat, 06 Aug 2022 00:00:00 GMT - Wed, 06 Sep 2023 23:59:59 GMT

File type
Web Open Font Format, TrueType, length 25108, version 1.0\012- data
Size
25 kB (25108 bytes)
Hash
33b58dcbc5aa1ae12fa76473c21ffe44
82a3345756101d0f95fe1dab285e9f9c4e79871f
d2113460c69de50edc6206a20deec3c2bc2733929f53817f1faca74ab34c33e3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Chase
urlquery	phishing	Phishing - Chase

HTTP Headers

GET /secure01.chase/chase/css/fonts/opensans-semibold.woff HTTP/1.1
Host: 041fcf0.netsolhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://041fcf0.netsolhost.com/secure01.chase/chase/css/login.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Thu, 01 Jun 2023 23:23:00 GMT
content-type: font/woff
content-length: 25108
last-modified: Wed, 02 Mar 2022 15:09:39 GMT
etag: "6214-5d93daba697ef"
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery-form-validator/2.3.26/jquery.form-validator.min.js

104.17.25.14

200 OK

29 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery-form-validator/2.3.26/jquery.form-validator.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://041fcf0.netsolhost.com/secure01.chase/secure.php?a1109739dd2a3866114d0d375c910f66=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT

File type
ASCII text, with very long lines (29177)
Size
29 kB (29383 bytes)
Hash
65d26571933bceaf63fb8cc76e7cbee3
ced024e4ee91e3b87f0d068c35008118c7fb60e8
f1264020dbe3f8813dceb1e15a7d5f4a48f2142e413cb310e7a256f4999d949a

HTTP Headers

GET /ajax/libs/jquery-form-validator/2.3.26/jquery.form-validator.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://041fcf0.netsolhost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 01 Jun 2023 23:22:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 8247
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec2-72c7"
last-modified: Mon, 04 May 2020 16:11:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 14009651
expires: Tue, 21 May 2024 23:22:57 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yd9qEmGur8uWMxMoDTN679FuylZP%2FczAFb5IUVMEWVhmyDevHhur6Sligwel6wg1QtwfOB%2F%2FI5pvGsn8K47OKXJLkdOFynhtV53f1s2ZQh46k4TgB0wDWpnHJuhdwvtwbfjfwE4l"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7d0b339feb72b4ee-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery-form-validator/2.3.26/toggleDisabled.js

104.17.25.14

200 OK

1.5 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/jquery-form-validator/2.3.26/toggleDisabled.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://041fcf0.netsolhost.com/secure01.chase/secure.php?a1109739dd2a3866114d0d375c910f66=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT

File type
ASCII text, with very long lines (1576), with no line terminators
Size
1.5 kB (1500 bytes)
Hash
d34130f6c3f6544388dad9ff24c11648
2e76157d8b50163339b273cfdf0b171437476ea8
003013527626cce08f45520c68f0d997a8de7d48ac4956cd7dddabfd4d679357

HTTP Headers

GET /ajax/libs/jquery-form-validator/2.3.26/toggleDisabled.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://041fcf0.netsolhost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 01 Jun 2023 23:23:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 628
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec2-5dc"
last-modified: Mon, 04 May 2020 16:11:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 7428084
expires: Tue, 21 May 2024 23:23:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4A8atgee4psmaQzPgm%2FiKOIECUWNo5k0zp%2Fy4WnMPodwvYqPS3zQTXG9bMhDnBKsuQWzgqlK3YVkFw33gGOJ%2BzZySvwz5ePjm7oJVyAVvZiBe3hWCagLy%2FIUXhmc3oWIsawMY0Xx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7d0b33b05e3d0afe-OSL
alt-svc: h3=":443"; ma=86400

041fcf0.netsolhost.com/secure01.chase/chase/img/chase-touch-icon-152x152.png

206.188.192.140

200 OK

3.3 kB

URL GET HTTP/2
041fcf0.netsolhost.com/secure01.chase/chase/img/chase-touch-icon-152x152.png
IP
206.188.192.140:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://041fcf0.netsolhost.com/secure01.chase/secure.php?a1109739dd2a3866114d0d375c910f66=
Certificate
IssuerSectigo Limited
Subject*.netsolhost.com
Fingerprint20:F7:49:9E:35:53:07:7F:27:F6:8F:21:09:B4:D2:3F:6A:79:6F:CF
ValiditySat, 06 Aug 2022 00:00:00 GMT - Wed, 06 Sep 2023 23:59:59 GMT

File type
PNG image data, 152 x 152, 8-bit/color RGB, non-interlaced\012- data
Size
3.3 kB (3306 bytes)
Hash
c914a8a86590b23691476a4178ea3a52
af16ec4fc3b5446cac17ec8f0044286b835d3295
f3446f452fc926c9182a2a43780faa169e533df8446d4f9a5f62ac2fb5b375e6

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Chase
urlquery	phishing	Phishing - Chase

HTTP Headers

GET /secure01.chase/chase/img/chase-touch-icon-152x152.png HTTP/1.1
Host: 041fcf0.netsolhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://041fcf0.netsolhost.com/secure01.chase/secure.php?a1109739dd2a3866114d0d375c910f66=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Thu, 01 Jun 2023 23:22:59 GMT
content-type: image/png
content-length: 3306
last-modified: Wed, 02 Mar 2022 15:09:42 GMT
etag: "cea-5d93dabd024b6"
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2

041fcf0.netsolhost.com/secure01.chase/chase/img/wordmark-white.svg

206.188.192.140

200 OK

1.4 kB

URL GET HTTP/2
041fcf0.netsolhost.com/secure01.chase/chase/img/wordmark-white.svg
IP
206.188.192.140:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://041fcf0.netsolhost.com/secure01.chase/secure.php?a1109739dd2a3866114d0d375c910f66=
Certificate
IssuerSectigo Limited
Subject*.netsolhost.com
Fingerprint20:F7:49:9E:35:53:07:7F:27:F6:8F:21:09:B4:D2:3F:6A:79:6F:CF
ValiditySat, 06 Aug 2022 00:00:00 GMT - Wed, 06 Sep 2023 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1499), with no line terminators
Size
1.4 kB (1409 bytes)
Hash
221dcb748f74d4c0a342b0f99a1dff05
6bf2b2b40e6f6597d120e18948d5986f982ce6b4
aa740431ebff2a9dd4190701f0015ea19bac7cf737b873a45192b6b0f5deed4f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Chase
urlquery	phishing	Phishing - Chase

HTTP Headers

GET /secure01.chase/chase/img/wordmark-white.svg HTTP/1.1
Host: 041fcf0.netsolhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://041fcf0.netsolhost.com/secure01.chase/chase/css/logon.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Thu, 01 Jun 2023 23:23:00 GMT
content-type: image/svg+xml
content-length: 1409
last-modified: Wed, 02 Mar 2022 15:09:43 GMT
etag: "581-5d93dabe27431"
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2

041fcf0.netsolhost.com/secure01.chase/chase/img/background.desktop.night.12.jpeg

206.188.192.140

200 OK

187 kB

URL GET HTTP/2
041fcf0.netsolhost.com/secure01.chase/chase/img/background.desktop.night.12.jpeg
IP
206.188.192.140:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://041fcf0.netsolhost.com/secure01.chase/secure.php?a1109739dd2a3866114d0d375c910f66=
Certificate
IssuerSectigo Limited
Subject*.netsolhost.com
Fingerprint20:F7:49:9E:35:53:07:7F:27:F6:8F:21:09:B4:D2:3F:6A:79:6F:CF
ValiditySat, 06 Aug 2022 00:00:00 GMT - Wed, 06 Sep 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x1080, components 3\012- data
Size
187 kB (187031 bytes)
Hash
ea18a7bc097d50f19da32e98f80a36ac
f89ad5f1b633e545fdd985f2f0c819ed5d9a1bf7
9b92c0a5ed030335751624ba19a830c8182ef2b82a33c408154d5f71d2ec2e69

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Chase
urlquery	phishing	Phishing - Chase

HTTP Headers

GET /secure01.chase/chase/img/background.desktop.night.12.jpeg HTTP/1.1
Host: 041fcf0.netsolhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://041fcf0.netsolhost.com/secure01.chase/chase/css/login.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Thu, 01 Jun 2023 23:23:00 GMT
content-type: image/jpeg
content-length: 187031
last-modified: Wed, 02 Mar 2022 15:09:41 GMT
etag: "2da97-5d93dabbbd740"
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2

041fcf0.netsolhost.com/secure01.chase/chase/css/login.css

206.188.192.140

200 OK

13 kB

URL GET HTTP/2
041fcf0.netsolhost.com/secure01.chase/chase/css/login.css
IP
206.188.192.140:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://041fcf0.netsolhost.com/secure01.chase/secure.php?a1109739dd2a3866114d0d375c910f66=
Certificate
IssuerSectigo Limited
Subject*.netsolhost.com
Fingerprint20:F7:49:9E:35:53:07:7F:27:F6:8F:21:09:B4:D2:3F:6A:79:6F:CF
ValiditySat, 06 Aug 2022 00:00:00 GMT - Wed, 06 Sep 2023 23:59:59 GMT

File type
ASCII text, with very long lines (1856), with CRLF line terminators
Size
13 kB (12594 bytes)
Hash
5b7c30c604c6c7b760b1d19a45a0980b
e3ece94c73501c77f7e1cf5ee19828f43394cfc6
14ee14a60b6cc486ba93cf8db061a4446420e54cc63aa1921c5267f4e3ab445c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Chase
urlquery	phishing	Phishing - Chase

HTTP Headers

GET /secure01.chase/chase/css/login.css HTTP/1.1
Host: 041fcf0.netsolhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://041fcf0.netsolhost.com/secure01.chase/secure.php?a1109739dd2a3866114d0d375c910f66=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Thu, 01 Jun 2023 23:22:57 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 02 Mar 2022 15:09:40 GMT
etag: W/"3132-5d93dabb355e5"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (21)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate