Report - 041fcf0.netsolhost.com/secure01.chase/secure.php?72dafc46d133ed4ebe236552cb5f2d92=

Report Overview

Submitted URL
041fcf0.netsolhost.com/secure01.chase/secure.php?72dafc46d133ed4ebe236552cb5f2d92=
IP
206.188.192.140
ASN
#19871 NETWORK-SOLUTIONS-HOSTING
Submitted
2023-06-09 18:45:28
Access
public
Website Title
Final URL
Tags
chase financial phishing
urlquery detections
Phishing - Chase

Detections

urlquery
25
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-06-09	999 B	2.1 kB	142.250.74.131
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2023-06-09	879 B	66 kB	216.58.211.10
041fcf0.netsolhost.com	unknown	2004-09-21	2022-05-26	2023-06-09	6.9 kB	990 kB	206.188.192.140
ocsp.sectigo.com	487	2018-08-16	2019-11-29	2023-06-09	330 B	964 B	104.18.15.101
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2023-06-09	933 B	12 kB	104.17.25.14

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (6)

	URL	Size	First Seen	Last Seen
	cdnjs.cloudflare.com/ajax/libs/jquery-form-validator/2.3.26/toggleDisabled.js	1.5 kB	2023-03-07	2024-03-27
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery-form-validator/2.3.26/toggleDisabled.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:38 Last Seen2024-03-27 07:18:37 Times Seen1944 Hash 63b5a507f54e01418d48f37a53d90896 2b80dcd3c5d18e56b35a451d09838fab7a506471 256a06c938ecc394af763d147219fa14033d3528b1ed9da5f1e2f2ddbc8d2b08 Loading...

	041fcf0.netsolhost.com/secure01.chase/secure.php?72dafc46d133ed4ebe236552cb5f2d92=	0 B	2023-03-07	2024-04-23
Pretty URL 041fcf0.netsolhost.com/secure01.chase/secure.php?72dafc46d133ed4ebe236552cb5f2d92= IP 206.188.192.140 ASN #19871 NETWORK-SOLUTIONS-HOSTING Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-23 10:11:12 Times Seen37018490 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js	88 kB	2023-03-07	2024-04-23
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js IP 216.58.211.10 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-04-23 09:10:50 Times Seen95302 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js	93 kB	2023-03-07	2024-04-22
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js IP 216.58.211.10 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-22 02:04:43 Times Seen16775 Hash e0e0559014b222245deb26b6ae8bd940 e2f3603e23711f6446f278a411d905623d65201e 89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery-form-validator/2.3.26/jquery.form-validator.min.js	29 kB	2023-03-07	2024-04-18
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery-form-validator/2.3.26/jquery.form-validator.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:37 Last Seen2024-04-18 08:11:07 Times Seen4162 Hash 65d26571933bceaf63fb8cc76e7cbee3 ced024e4ee91e3b87f0d068c35008118c7fb60e8 f1264020dbe3f8813dceb1e15a7d5f4a48f2142e413cb310e7a256f4999d949a Loading...

	041fcf0.netsolhost.com/secure01.chase/secure.php?72dafc46d133ed4ebe236552cb5f2d92=	0 B	2023-03-07	2024-04-23
Pretty URL 041fcf0.netsolhost.com/secure01.chase/secure.php?72dafc46d133ed4ebe236552cb5f2d92= IP 206.188.192.140 ASN #19871 NETWORK-SOLUTIONS-HOSTING Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-23 10:11:12 Times Seen37018490 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (21)

URL IP Response Size

ocsp.sectigo.com/

104.18.15.101

472 B

URL
ocsp.sectigo.com/
IP
104.18.15.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
777f0933f51586a7b18a7f7fff138239
552efa592f022f2b125d4ccbb5271458d1dc5b18
74259d61572e53411f9416423dc5f5cec78f5ffa7c760099a18c6a9fb2617748

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 18:45:09 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 06 Jun 2023 08:01:43 GMT
Expires: Tue, 13 Jun 2023 08:01:42 GMT
Etag: "552efa592f022f2b125d4ccbb5271458d1dc5b18"
Cache-Control: max-age=307409,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d4b87ad2e34b50c-OSL

cdnjs.cloudflare.com/ajax/libs/jquery-form-validator/2.3.26/jquery.form-validator.min.js

104.17.25.14

200 OK

8.2 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery-form-validator/2.3.26/jquery.form-validator.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://041fcf0.netsolhost.com/secure01.chase/secure.php?72dafc46d133ed4ebe236552cb5f2d92=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT

File type
ASCII text, with very long lines (29177)
Size
8.2 kB (8247 bytes)
Hash
65d26571933bceaf63fb8cc76e7cbee3
ced024e4ee91e3b87f0d068c35008118c7fb60e8
f1264020dbe3f8813dceb1e15a7d5f4a48f2142e413cb310e7a256f4999d949a

HTTP Headers

GET /ajax/libs/jquery-form-validator/2.3.26/jquery.form-validator.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://041fcf0.netsolhost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 09 Jun 2023 18:45:09 GMT
content-type: application/javascript; charset=utf-8
content-length: 8247
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec2-72c7"
last-modified: Mon, 04 May 2020 16:11:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 14684183
expires: Wed, 29 May 2024 18:45:09 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s32ErkpnGlMEnNw9jlADMeN8rIXUKUTJal%2FMhcUKKs6IiZBK08ASMh2XncZC6TF3QZGiq%2FMQZ2ewjZ0hRJwTiJy59A1kWHXIpQ4ZspPQqtFQatb9DWvbHeQK4sA8OxL0vFWtkntq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7d4b87affc5eb4fa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
df893f12f5cf31daedf4910ffcc872c8
bbd271b0e76cd11d6a00327914b74882c95655fb
134d16adfc51baecc40c9fba86cc6c2d37b489435c99878912d1948543a0337b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Jun 2023 18:45:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
df893f12f5cf31daedf4910ffcc872c8
bbd271b0e76cd11d6a00327914b74882c95655fb
134d16adfc51baecc40c9fba86cc6c2d37b489435c99878912d1948543a0337b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Jun 2023 18:45:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

216.58.211.10

200 OK

31 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP
216.58.211.10:443
ASN
#15169 GOOGLE

Requested by
https://041fcf0.netsolhost.com/secure01.chase/secure.php?72dafc46d133ed4ebe236552cb5f2d92=
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint3F:94:23:08:F7:DB:8B:36:93:90:93:F4:9E:46:A6:6A:93:75:15:C0
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT

File type
ASCII text, with very long lines (65451)
Size
31 kB (30774 bytes)
Hash
220afd743d9e9643852e31a135a9f3ae
88523924351bac0b5d560fe0c5781e2556e7693d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

HTTP Headers

GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://041fcf0.netsolhost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Jun 2023 08:55:57 GMT
expires: Thu, 06 Jun 2024 08:55:57 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 208152
last-modified: Mon, 13 May 2019 14:37:17 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

216.58.211.10

200 OK

33 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
IP
216.58.211.10:443
ASN
#15169 GOOGLE

Requested by
https://041fcf0.netsolhost.com/secure01.chase/secure.php?72dafc46d133ed4ebe236552cb5f2d92=
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint3F:94:23:08:F7:DB:8B:36:93:90:93:F4:9E:46:A6:6A:93:75:15:C0
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT

File type
ASCII text, with very long lines (32072)
Size
33 kB (32954 bytes)
Hash
e0e0559014b222245deb26b6ae8bd940
e2f3603e23711f6446f278a411d905623d65201e
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

HTTP Headers

GET /ajax/libs/jquery/1.10.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://041fcf0.netsolhost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 32954
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Jun 2023 23:52:16 GMT
expires: Fri, 07 Jun 2024 23:52:16 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 67973
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
df893f12f5cf31daedf4910ffcc872c8
bbd271b0e76cd11d6a00327914b74882c95655fb
134d16adfc51baecc40c9fba86cc6c2d37b489435c99878912d1948543a0337b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Jun 2023 18:45:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

041fcf0.netsolhost.com/secure01.chase/chase/css/dashboard.css

206.188.192.140

200 OK

290 kB

URL GET HTTP/2
041fcf0.netsolhost.com/secure01.chase/chase/css/dashboard.css
IP
206.188.192.140:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://041fcf0.netsolhost.com/secure01.chase/secure.php?72dafc46d133ed4ebe236552cb5f2d92=
Certificate
IssuerSectigo Limited
Subject*.netsolhost.com
Fingerprint20:F7:49:9E:35:53:07:7F:27:F6:8F:21:09:B4:D2:3F:6A:79:6F:CF
ValiditySat, 06 Aug 2022 00:00:00 GMT - Wed, 06 Sep 2023 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix\012- data
Size
290 kB (290374 bytes)
Hash
8236f8d10efa8debf26541353d7dbe65
e27330bc6cdcc013d9fa624c72c37b577e44b923
9f9c353e442d36d76fa931c61d98b0cde4c883994ff9506acaab092ef9c7018d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Chase
urlquery	phishing	Phishing - Chase

HTTP Headers

GET /secure01.chase/chase/css/dashboard.css HTTP/1.1
Host: 041fcf0.netsolhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://041fcf0.netsolhost.com/secure01.chase/secure.php?72dafc46d133ed4ebe236552cb5f2d92=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Fri, 09 Jun 2023 18:45:09 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 02 Mar 2022 15:09:37 GMT
etag: W/"1d3ad5-5d93dab82df8c"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2

041fcf0.netsolhost.com/secure01.chase/chase/img/wordmark-white.svg

206.188.192.140

200 OK

1.4 kB

URL GET HTTP/2
041fcf0.netsolhost.com/secure01.chase/chase/img/wordmark-white.svg
IP
206.188.192.140:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://041fcf0.netsolhost.com/secure01.chase/secure.php?72dafc46d133ed4ebe236552cb5f2d92=
Certificate
IssuerSectigo Limited
Subject*.netsolhost.com
Fingerprint20:F7:49:9E:35:53:07:7F:27:F6:8F:21:09:B4:D2:3F:6A:79:6F:CF
ValiditySat, 06 Aug 2022 00:00:00 GMT - Wed, 06 Sep 2023 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text
Size
1.4 kB (1409 bytes)
Hash
b55b042f907bc7108f5dca2103a8476b
9fcdcc86bfe1f3c7d4f774775670fbd08fe7556c
d3bf9c143e5e360da41736b1d4e833b5ac6b6f7093ddc91ffc538233a78488d0

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Chase
urlquery	phishing	Phishing - Chase

HTTP Headers

GET /secure01.chase/chase/img/wordmark-white.svg HTTP/1.1
Host: 041fcf0.netsolhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://041fcf0.netsolhost.com/secure01.chase/chase/css/logon.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Fri, 09 Jun 2023 18:45:12 GMT
content-type: image/svg+xml
content-length: 1409
last-modified: Wed, 02 Mar 2022 15:09:43 GMT
etag: "581-5d93dabe27431"
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2

041fcf0.netsolhost.com/secure01.chase/chase/css/blue-ui.css

206.188.192.140

200 OK

96 kB

URL GET HTTP/2
041fcf0.netsolhost.com/secure01.chase/chase/css/blue-ui.css
IP
206.188.192.140:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://041fcf0.netsolhost.com/secure01.chase/secure.php?72dafc46d133ed4ebe236552cb5f2d92=
Certificate
IssuerSectigo Limited
Subject*.netsolhost.com
Fingerprint20:F7:49:9E:35:53:07:7F:27:F6:8F:21:09:B4:D2:3F:6A:79:6F:CF
ValiditySat, 06 Aug 2022 00:00:00 GMT - Wed, 06 Sep 2023 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix\012- data
Size
96 kB (96411 bytes)
Hash
dd666cb6ed3ed80044f522c21ddcd39d
f4de4a0f74d104f4f309b4a8fea5c8e2f2e5af5d
123b70c2678b09b5328ce309e7a773fa66f38d578c01003d9076a1ab932e6912

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Chase
urlquery	phishing	Phishing - Chase

HTTP Headers

GET /secure01.chase/chase/css/blue-ui.css HTTP/1.1
Host: 041fcf0.netsolhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://041fcf0.netsolhost.com/secure01.chase/chase/css/dashboard.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Fri, 09 Jun 2023 18:45:11 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 02 Mar 2022 15:09:36 GMT
etag: W/"6898b-5d93dab7508b5"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2

041fcf0.netsolhost.com/secure01.chase/chase/css/blue-ui2.css

206.188.192.140

200 OK

136 kB

URL GET HTTP/2
041fcf0.netsolhost.com/secure01.chase/chase/css/blue-ui2.css
IP
206.188.192.140:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://041fcf0.netsolhost.com/secure01.chase/secure.php?72dafc46d133ed4ebe236552cb5f2d92=
Certificate
IssuerSectigo Limited
Subject*.netsolhost.com
Fingerprint20:F7:49:9E:35:53:07:7F:27:F6:8F:21:09:B4:D2:3F:6A:79:6F:CF
ValiditySat, 06 Aug 2022 00:00:00 GMT - Wed, 06 Sep 2023 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix\012- data
Size
136 kB (135512 bytes)
Hash
741b4d49c7d29c397caf89d9af0417f3
01ebeec076b79fa82493b902c5e1d26f5c82345d
2ac54c4b411738848276e2299169baeab78b7d9b697e7f0bb2f130c42577a3bc

HTTP Headers

GET /secure01.chase/chase/css/blue-ui2.css HTTP/1.1
Host: 041fcf0.netsolhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://041fcf0.netsolhost.com/secure01.chase/secure.php?72dafc46d133ed4ebe236552cb5f2d92=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Fri, 09 Jun 2023 18:45:10 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 02 Mar 2022 15:09:36 GMT
etag: W/"781e1-5d93dab78c1d4"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2

041fcf0.netsolhost.com/secure01.chase/chase/img/background.desktop.night.12.jpeg

206.188.192.140

200 OK

187 kB

URL GET HTTP/2
041fcf0.netsolhost.com/secure01.chase/chase/img/background.desktop.night.12.jpeg
IP
206.188.192.140:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://041fcf0.netsolhost.com/secure01.chase/secure.php?72dafc46d133ed4ebe236552cb5f2d92=
Certificate
IssuerSectigo Limited
Subject*.netsolhost.com
Fingerprint20:F7:49:9E:35:53:07:7F:27:F6:8F:21:09:B4:D2:3F:6A:79:6F:CF
ValiditySat, 06 Aug 2022 00:00:00 GMT - Wed, 06 Sep 2023 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x1080, components 3\012- data
Size
187 kB (187031 bytes)
Hash
ea18a7bc097d50f19da32e98f80a36ac
f89ad5f1b633e545fdd985f2f0c819ed5d9a1bf7
9b92c0a5ed030335751624ba19a830c8182ef2b82a33c408154d5f71d2ec2e69

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Chase
urlquery	phishing	Phishing - Chase

HTTP Headers

GET /secure01.chase/chase/img/background.desktop.night.12.jpeg HTTP/1.1
Host: 041fcf0.netsolhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://041fcf0.netsolhost.com/secure01.chase/chase/css/login.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Fri, 09 Jun 2023 18:45:12 GMT
content-type: image/jpeg
content-length: 187031
last-modified: Wed, 02 Mar 2022 15:09:41 GMT
etag: "2da97-5d93dabbbd740"
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2

041fcf0.netsolhost.com/secure01.chase/chase/css/fonts/opensans-semibold.woff

206.188.192.140

200 OK

25 kB

URL GET HTTP/2
041fcf0.netsolhost.com/secure01.chase/chase/css/fonts/opensans-semibold.woff
IP
206.188.192.140:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://041fcf0.netsolhost.com/secure01.chase/secure.php?72dafc46d133ed4ebe236552cb5f2d92=
Certificate
IssuerSectigo Limited
Subject*.netsolhost.com
Fingerprint20:F7:49:9E:35:53:07:7F:27:F6:8F:21:09:B4:D2:3F:6A:79:6F:CF
ValiditySat, 06 Aug 2022 00:00:00 GMT - Wed, 06 Sep 2023 23:59:59 GMT

File type
Web Open Font Format, TrueType, length 25108, version 1.0\012- data
Size
25 kB (25108 bytes)
Hash
33b58dcbc5aa1ae12fa76473c21ffe44
82a3345756101d0f95fe1dab285e9f9c4e79871f
d2113460c69de50edc6206a20deec3c2bc2733929f53817f1faca74ab34c33e3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Chase
urlquery	phishing	Phishing - Chase

HTTP Headers

GET /secure01.chase/chase/css/fonts/opensans-semibold.woff HTTP/1.1
Host: 041fcf0.netsolhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://041fcf0.netsolhost.com/secure01.chase/chase/css/login.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Fri, 09 Jun 2023 18:45:12 GMT
content-type: font/woff
content-length: 25108
last-modified: Wed, 02 Mar 2022 15:09:39 GMT
etag: "6214-5d93daba697ef"
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2

041fcf0.netsolhost.com/secure01.chase/chase/img/chase-touch-icon-152x152.png

206.188.192.140

200 OK

3.3 kB

URL GET HTTP/2
041fcf0.netsolhost.com/secure01.chase/chase/img/chase-touch-icon-152x152.png
IP
206.188.192.140:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://041fcf0.netsolhost.com/secure01.chase/secure.php?72dafc46d133ed4ebe236552cb5f2d92=
Certificate
IssuerSectigo Limited
Subject*.netsolhost.com
Fingerprint20:F7:49:9E:35:53:07:7F:27:F6:8F:21:09:B4:D2:3F:6A:79:6F:CF
ValiditySat, 06 Aug 2022 00:00:00 GMT - Wed, 06 Sep 2023 23:59:59 GMT

File type
PNG image data, 152 x 152, 8-bit/color RGB, non-interlaced\012- data
Size
3.3 kB (3306 bytes)
Hash
c914a8a86590b23691476a4178ea3a52
af16ec4fc3b5446cac17ec8f0044286b835d3295
f3446f452fc926c9182a2a43780faa169e533df8446d4f9a5f62ac2fb5b375e6

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Chase
urlquery	phishing	Phishing - Chase

HTTP Headers

GET /secure01.chase/chase/img/chase-touch-icon-152x152.png HTTP/1.1
Host: 041fcf0.netsolhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://041fcf0.netsolhost.com/secure01.chase/secure.php?72dafc46d133ed4ebe236552cb5f2d92=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Fri, 09 Jun 2023 18:45:12 GMT
content-type: image/png
content-length: 3306
last-modified: Wed, 02 Mar 2022 15:09:42 GMT
etag: "cea-5d93dabd024b6"
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2

041fcf0.netsolhost.com/secure01.chase/chase/img/chasefavicon.ico

206.188.192.140

200 OK

32 kB

URL GET HTTP/2
041fcf0.netsolhost.com/secure01.chase/chase/img/chasefavicon.ico
IP
206.188.192.140:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://041fcf0.netsolhost.com/secure01.chase/secure.php?72dafc46d133ed4ebe236552cb5f2d92=
Certificate
IssuerSectigo Limited
Subject*.netsolhost.com
Fingerprint20:F7:49:9E:35:53:07:7F:27:F6:8F:21:09:B4:D2:3F:6A:79:6F:CF
ValiditySat, 06 Aug 2022 00:00:00 GMT - Wed, 06 Sep 2023 23:59:59 GMT

File type
MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
32 kB (32038 bytes)
Hash
5744986eb3dc6f2da92157a651889902
5a558b58498fab2aeb742acdab51e0c2fbc78385
625816f80596303e9de8e68695973369faa462b416202825b03899c781464fb9

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Chase
urlquery	phishing	Phishing - Chase

HTTP Headers

GET /secure01.chase/chase/img/chasefavicon.ico HTTP/1.1
Host: 041fcf0.netsolhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://041fcf0.netsolhost.com/secure01.chase/secure.php?72dafc46d133ed4ebe236552cb5f2d92=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Fri, 09 Jun 2023 18:45:12 GMT
content-type: image/x-icon
content-length: 32038
last-modified: Wed, 02 Mar 2022 15:09:42 GMT
etag: "7d26-5d93dabcb7d64"
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2

041fcf0.netsolhost.com/secure01.chase/chase/css/fonts/dcefont.woff

206.188.192.140

200 OK

53 kB

URL GET HTTP/2
041fcf0.netsolhost.com/secure01.chase/chase/css/fonts/dcefont.woff
IP
206.188.192.140:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://041fcf0.netsolhost.com/secure01.chase/secure.php?72dafc46d133ed4ebe236552cb5f2d92=
Certificate
IssuerSectigo Limited
Subject*.netsolhost.com
Fingerprint20:F7:49:9E:35:53:07:7F:27:F6:8F:21:09:B4:D2:3F:6A:79:6F:CF
ValiditySat, 06 Aug 2022 00:00:00 GMT - Wed, 06 Sep 2023 23:59:59 GMT

File type
Web Open Font Format, TrueType, length 52572, version 1.0\012- data
Size
53 kB (52572 bytes)
Hash
246d7cde27d09b7212e3528b6323cef7
45043cf1de108bb0dd2ecaf98d6467f43c25624d
d53f74cb74bb7738f0fa226ead6ddd70a5de9cc9d6ee48034fc2d1f8204aceb4

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Chase
urlquery	phishing	Phishing - Chase

HTTP Headers

GET /secure01.chase/chase/css/fonts/dcefont.woff HTTP/1.1
Host: 041fcf0.netsolhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://041fcf0.netsolhost.com/secure01.chase/chase/css/blue-ui.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Fri, 09 Jun 2023 18:45:12 GMT
content-type: font/woff
content-length: 52572
last-modified: Wed, 02 Mar 2022 15:09:38 GMT
etag: "cd5c-5d93dab90781f"
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery-form-validator/2.3.26/toggleDisabled.js

104.17.25.14

200 OK

1.5 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/jquery-form-validator/2.3.26/toggleDisabled.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://041fcf0.netsolhost.com/secure01.chase/secure.php?72dafc46d133ed4ebe236552cb5f2d92=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT

File type
ASCII text, with very long lines (1576), with no line terminators
Size
1.5 kB (1500 bytes)
Hash
d34130f6c3f6544388dad9ff24c11648
2e76157d8b50163339b273cfdf0b171437476ea8
003013527626cce08f45520c68f0d997a8de7d48ac4956cd7dddabfd4d679357

HTTP Headers

GET /ajax/libs/jquery-form-validator/2.3.26/toggleDisabled.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://041fcf0.netsolhost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 09 Jun 2023 18:45:12 GMT
content-type: application/javascript; charset=utf-8
content-length: 628
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec2-5dc"
last-modified: Mon, 04 May 2020 16:11:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 8102616
expires: Wed, 29 May 2024 18:45:12 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T6ywqGuUrc5OctyEZkv%2FQXdaDgSEs%2F3aY88xYQU69I2srW916ACC0qu4rPNZCY6uc2rowlJ8zs53iOKrm8cTZzf40Vt5ZRexKB0tDYhHg08c%2BLtf%2FpY0Db6oFwjBc6R97bRNsRrh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7d4b87be3b650b39-OSL
alt-svc: h3=":443"; ma=86400

041fcf0.netsolhost.com/secure01.chase/chase/css/logon.css

206.188.192.140

200 OK

113 kB

URL GET HTTP/2
041fcf0.netsolhost.com/secure01.chase/chase/css/logon.css
IP
206.188.192.140:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://041fcf0.netsolhost.com/secure01.chase/secure.php?72dafc46d133ed4ebe236552cb5f2d92=
Certificate
IssuerSectigo Limited
Subject*.netsolhost.com
Fingerprint20:F7:49:9E:35:53:07:7F:27:F6:8F:21:09:B4:D2:3F:6A:79:6F:CF
ValiditySat, 06 Aug 2022 00:00:00 GMT - Wed, 06 Sep 2023 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
113 kB (113198 bytes)
Hash
390a0e213d5d2175151d594fceb11859
a00936b699e1e9234d6d8f9be7352fa1f8a00072
1f40ea87a66d48750ed0fd7c032e7139ba42096059bd466c2a08ec607c371ed2

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Chase
urlquery	phishing	Phishing - Chase

HTTP Headers

GET /secure01.chase/chase/css/logon.css HTTP/1.1
Host: 041fcf0.netsolhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://041fcf0.netsolhost.com/secure01.chase/secure.php?72dafc46d133ed4ebe236552cb5f2d92=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Fri, 09 Jun 2023 18:45:09 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 02 Mar 2022 15:09:40 GMT
etag: W/"1ba2e-5d93dabb59421"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2

041fcf0.netsolhost.com/secure01.chase/chase/css/fonts/opensans-regular.woff

206.188.192.140

200 OK

25 kB

URL GET HTTP/2
041fcf0.netsolhost.com/secure01.chase/chase/css/fonts/opensans-regular.woff
IP
206.188.192.140:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://041fcf0.netsolhost.com/secure01.chase/secure.php?72dafc46d133ed4ebe236552cb5f2d92=
Certificate
IssuerSectigo Limited
Subject*.netsolhost.com
Fingerprint20:F7:49:9E:35:53:07:7F:27:F6:8F:21:09:B4:D2:3F:6A:79:6F:CF
ValiditySat, 06 Aug 2022 00:00:00 GMT - Wed, 06 Sep 2023 23:59:59 GMT

File type
Web Open Font Format, TrueType, length 24876, version 1.0\012- data
Size
25 kB (24876 bytes)
Hash
4eeedb4bc24c1cae309e117eea3f102f
ad5a141ef39ad1ada22a464fcd3678fcf72ac22b
b8422277fc69c8e6ab51112dbf25048e40425cc497490fee251b56d7ef0ca179

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Chase
urlquery	phishing	Phishing - Chase

HTTP Headers

GET /secure01.chase/chase/css/fonts/opensans-regular.woff HTTP/1.1
Host: 041fcf0.netsolhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://041fcf0.netsolhost.com/secure01.chase/chase/css/login.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Fri, 09 Jun 2023 18:45:12 GMT
content-type: font/woff
content-length: 24876
last-modified: Wed, 02 Mar 2022 15:09:39 GMT
etag: "612c-5d93dab9f29a7"
x-content-type-options: nosniff
x-xss-protection: "1; mode=block"
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
accept-ranges: bytes
X-Firefox-Spdy: h2

041fcf0.netsolhost.com/secure01.chase/secure.php?72dafc46d133ed4ebe236552cb5f2d92=

206.188.192.140

200 OK

9.2 kB

URL User Request GET HTTP/2
041fcf0.netsolhost.com/secure01.chase/secure.php?72dafc46d133ed4ebe236552cb5f2d92=
IP
206.188.192.140:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Certificate
IssuerSectigo Limited
Subject*.netsolhost.com
Fingerprint20:F7:49:9E:35:53:07:7F:27:F6:8F:21:09:B4:D2:3F:6A:79:6F:CF
ValiditySat, 06 Aug 2022 00:00:00 GMT - Wed, 06 Sep 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (10106), with no line terminators
Size
9.2 kB (9216 bytes)
Hash
d153e3f880079d1c1fd1f70b9c06a3ca
5b1866cc56a5ceaec83a012fde54c8acabdf854f
83d6546a834d6afedacbe473b2f665bcdeabb900509b6f2c28af61984efa3d18

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Chase
urlquery	phishing	Phishing - Chase

HTTP Headers

GET /secure01.chase/secure.php?72dafc46d133ed4ebe236552cb5f2d92= HTTP/1.1
Host: 041fcf0.netsolhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Fri, 09 Jun 2023 18:45:09 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/5.6.40
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2

041fcf0.netsolhost.com/secure01.chase/chase/css/login.css

206.188.192.140

200 OK

13 kB

URL GET HTTP/2
041fcf0.netsolhost.com/secure01.chase/chase/css/login.css
IP
206.188.192.140:443
ASN
#19871 NETWORK-SOLUTIONS-HOSTING

Requested by
https://041fcf0.netsolhost.com/secure01.chase/secure.php?72dafc46d133ed4ebe236552cb5f2d92=
Certificate
IssuerSectigo Limited
Subject*.netsolhost.com
Fingerprint20:F7:49:9E:35:53:07:7F:27:F6:8F:21:09:B4:D2:3F:6A:79:6F:CF
ValiditySat, 06 Aug 2022 00:00:00 GMT - Wed, 06 Sep 2023 23:59:59 GMT

File type
ASCII text, with very long lines (1856), with CRLF line terminators
Size
13 kB (12594 bytes)
Hash
5b7c30c604c6c7b760b1d19a45a0980b
e3ece94c73501c77f7e1cf5ee19828f43394cfc6
14ee14a60b6cc486ba93cf8db061a4446420e54cc63aa1921c5267f4e3ab445c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Chase
urlquery	phishing	Phishing - Chase

HTTP Headers

GET /secure01.chase/chase/css/login.css HTTP/1.1
Host: 041fcf0.netsolhost.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://041fcf0.netsolhost.com/secure01.chase/secure.php?72dafc46d133ed4ebe236552cb5f2d92=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty/1.19.9.1
date: Fri, 09 Jun 2023 18:45:09 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 02 Mar 2022 15:09:40 GMT
etag: W/"3132-5d93dabb355e5"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: "1; mode=block"
referrer-policy: no-referrer-when-downgrade
x-webcom-cache-status: BYPASS
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (21)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by