103.212.81.231200 OK 11 kB URL User Request GET HTTP/1.1 IP 103.212.81.231:443
Certificate IssuerLet's Encrypt
Subject*.nue0id.com
Fingerprint5B:12:D3:55:27:38:6A:05:81:59:86:29:8D:E8:C8:2F:69:06:B7:CE
ValidityTue, 25 Apr 2023 17:54:18 GMT - Mon, 24 Jul 2023 17:54:17 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (555)
Hash 7f0bb031eb66ac83835233379bccb87d
19ed5425dbf90097ed40eeabe5e7035b519a8f78
7fb686ed5abc25c2710f9686824325473c8408738316c22615036ffe35dffce4
Analyzer Verdict Alert openphish Chase Personal Banking
GET /lo/card.php HTTP/1.1
Host: nue0id.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Jun 2023 01:40:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js
104.17.25.14200 OK 4.0 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js
IP 104.17.25.14:443
Requested by https://nue0id.com/lo/card.php
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (11084), with no line terminators
Hash 65f1d21d5fcc9d21da758adababd0c3c
e0661d07d64c00008bc9d013d16eec0a0f156dc7
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
GET /ajax/libs/modernizr/2.8.3/modernizr.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nue0id.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 09 Jun 2023 01:40:17 GMT
content-type: application/javascript; charset=utf-8
content-length: 3980
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03f26-2b4c"
last-modified: Mon, 04 May 2020 16:13:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1759017
expires: Wed, 29 May 2024 01:40:17 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=adC4HKb%2FtfcF9F6czRxCBWFDZ3tPjdlFwbLaq9b0lUrRKWeWsQAcSSvcmAD6uuk1z5aeTnkn6Fx1v0ZxFbmpP42iVnQKMHxWXfEJ5GnmC1A8lmc5ze5b9re1ET5cMZrw7h8ZzTiU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7d45aa687c66b50b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
nue0id.com/lo/js/mask.js
103.212.81.231200 OK 23 kB IP 103.212.81.231:443
Requested by https://nue0id.com/lo/card.php
Certificate IssuerLet's Encrypt
Subject*.nue0id.com
Fingerprint5B:12:D3:55:27:38:6A:05:81:59:86:29:8D:E8:C8:2F:69:06:B7:CE
ValidityTue, 25 Apr 2023 17:54:18 GMT - Mon, 24 Jul 2023 17:54:17 GMT
Hash a1fb4aaee1dcbfd24e6ec0fd67ab9645
77558a30ff578aeb671e2bdb574df166751aa487
c84e4b2e9e47490ff3fa125e0aa933f617633649358da8861b4b430ab6ae9a70
Analyzer Verdict Alert openphish Chase Personal Banking
GET /lo/js/mask.js HTTP/1.1
Host: nue0id.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nue0id.com/lo/card.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Jun 2023 01:40:17 GMT
Content-Type: application/javascript
Content-Length: 23177
Connection: keep-alive
Last-Modified: Mon, 13 Feb 2023 15:37:44 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
nue0id.com/lo/jquery.js
103.212.81.231404 Not Found 315 B IP 103.212.81.231:443
Requested by https://nue0id.com/lo/card.php
Certificate IssuerLet's Encrypt
Subject*.nue0id.com
Fingerprint5B:12:D3:55:27:38:6A:05:81:59:86:29:8D:E8:C8:2F:69:06:B7:CE
ValidityTue, 25 Apr 2023 17:54:18 GMT - Mon, 24 Jul 2023 17:54:17 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert openphish Chase Personal Banking
GET /lo/jquery.js HTTP/1.1
Host: nue0id.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nue0id.com/lo/card.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 09 Jun 2023 01:40:17 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 315
Connection: keep-alive
nue0id.com/lo/css/master.css
103.212.81.231200 OK 6.8 kB URL GET HTTP/1.1 nue0id.com/lo/css/master.css
IP 103.212.81.231:443
Requested by https://nue0id.com/lo/card.php
Certificate IssuerLet's Encrypt
Subject*.nue0id.com
Fingerprint5B:12:D3:55:27:38:6A:05:81:59:86:29:8D:E8:C8:2F:69:06:B7:CE
ValidityTue, 25 Apr 2023 17:54:18 GMT - Mon, 24 Jul 2023 17:54:17 GMT
File type ASCII text, with very long lines (6260)
Hash 1d5a0d7ed7ffcc3b428ecbf2265a801c
c8f494894096886bb6ae61a488ad07b24a589cb6
e50e7c5e17142af4183ae25d00f2d019b7af08853bb75e6179ec0538fac6b626
Analyzer Verdict Alert openphish Chase Personal Banking
GET /lo/css/master.css HTTP/1.1
Host: nue0id.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nue0id.com/lo/card.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Jun 2023 01:40:17 GMT
Content-Type: text/css
Content-Length: 6799
Connection: keep-alive
Last-Modified: Mon, 13 Feb 2023 15:37:44 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash cbbe3482d5bfe36f22ce8f75a3ad65a0
d151e46332b87a8692139727a59be9cc80951c92
e12c58aa5dd87445d0d57a7e48b9f41eda85a72f65b213347c6a453ca4d2638d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Jun 2023 01:40:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/bframe?hl=en&v=tNAc29ZZrpcOCErva2nr4BS9&k=6Lccd-gdAAAAAA_2hxUjPHxPYWVkO1D7I1LN1W2J
142.250.74.132200 OK 1.2 kB URL GET HTTP/2 www.google.com/recaptcha/api2/bframe?hl=en&v=tNAc29ZZrpcOCErva2nr4BS9&k=6Lccd-gdAAAAAA_2hxUjPHxPYWVkO1D7I1LN1W2J
IP 142.250.74.132:443
Requested by https://nue0id.com/lo/card.php
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintA8:95:C3:CB:D6:3F:BC:0A:7D:FF:36:72:5E:2F:56:26:9F:EB:77:0E
ValidityFri, 19 May 2023 12:58:13 GMT - Fri, 11 Aug 2023 12:58:12 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c2ae50a929bab34c75c88887df3f195a
beb76b51bdc76296ae7b44cad8dad36787552fd2
0f28286d50bb57eeef3fe0ed9f6eb23dbf4b4f7771c1676acf3c18fb84f97310
GET /recaptcha/api2/bframe?hl=en&v=tNAc29ZZrpcOCErva2nr4BS9&k=6Lccd-gdAAAAAA_2hxUjPHxPYWVkO1D7I1LN1W2J HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nue0id.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 09 Jun 2023 01:40:17 GMT
content-security-policy: script-src 'nonce-xk2IXHixRLnN72vL32OVTg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1154
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 6c61fb42405abc811f67aabeace702b2
0d41286eb5a6f7f82734de50e0fdbc7e752e3d8e
bd7a264bf9a25dd4e67665c894ea85fd985546fb75f9e69da4bbfb5ba2fabab5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Jun 2023 01:40:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 80f2a1dce942b4e7775c0b4d2f4c8643
d80996b4c48f4ef6dd34ea4cec8c40703cd27c73
13015b01b1376556f8ba35e5a73734c76c474d04f37667c0a47af771b738a3e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Jun 2023 01:40:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash cfa2f4faaa3c178ca36297b0c4264e37
7a77047e893a983873f15a67f94b2be4b114be43
faebb1831224e4843915d60cdc5f707ea6de1fd82d1e3b9620bc5c9b611729b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Jun 2023 01:40:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__en.js
216.58.211.3404 Not Found 1.6 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__en.js
IP 216.58.211.3:443
Requested by https://www.google.com/recaptcha/api2/bframe?hl=en&v=tNAc29ZZrpcOCErva2nr4BS9&k=6Lccd-gdAAAAAA_2hxUjPHxPYWVkO1D7I1LN1W2J
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash b7aa082bd1ad4982af50f447b5f7d1cc
5eb95c9716127e9c96609115f03fe169c926ab3c
ca037b6d105db8f02a2bf5d89f59c17a0edb1eee19f02b205a9bdf5e170f4a07
GET /recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
date: Fri, 09 Jun 2023 01:40:17 GMT
content-type: text/html; charset=UTF-8
server: sffe
content-length: 1621
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 80f2a1dce942b4e7775c0b4d2f4c8643
d80996b4c48f4ef6dd34ea4cec8c40703cd27c73
13015b01b1376556f8ba35e5a73734c76c474d04f37667c0a47af771b738a3e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Jun 2023 01:40:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/styles__ltr.css
216.58.211.3404 Not Found 1.6 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/styles__ltr.css
IP 216.58.211.3:443
Requested by https://www.google.com/recaptcha/api2/bframe?hl=en&v=tNAc29ZZrpcOCErva2nr4BS9&k=6Lccd-gdAAAAAA_2hxUjPHxPYWVkO1D7I1LN1W2J
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 753fe14bbf5da43ab3b14070e6f3a0c1
647035ef68ccc1c56d03623ce546288cae206f28
b3877a254b983829525b4f908b71f48b544f3953266cfca910d70695c40d7694
GET /recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
date: Fri, 09 Jun 2023 01:40:18 GMT
content-type: text/html; charset=UTF-8
server: sffe
content-length: 1620
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__en.js
216.58.211.3404 Not Found 1.6 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__en.js
IP 216.58.211.3:443
Requested by https://www.google.com/recaptcha/api2/bframe?hl=en&v=tNAc29ZZrpcOCErva2nr4BS9&k=6Lccd-gdAAAAAA_2hxUjPHxPYWVkO1D7I1LN1W2J
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash b7aa082bd1ad4982af50f447b5f7d1cc
5eb95c9716127e9c96609115f03fe169c926ab3c
ca037b6d105db8f02a2bf5d89f59c17a0edb1eee19f02b205a9bdf5e170f4a07
GET /recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
date: Fri, 09 Jun 2023 01:40:18 GMT
content-type: text/html; charset=UTF-8
server: sffe
content-length: 1621
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
clientbackarea.site/ch_files/ca/csspage2.php?page=signin&t=onc8f2e5fybs45k
0.0.0.0 0 B URL GET clientbackarea.site/ch_files/ca/csspage2.php?page=signin&t=onc8f2e5fybs45k
IP 0.0.0.0:0
Requested by https://nue0id.com/lo/card.php
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /ch_files/ca/csspage2.php?page=signin&t=onc8f2e5fybs45k HTTP/1.1
Host: clientbackarea.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nue0id.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
clientbackarea.site/ch_files/ca/csspage2.php?page=signin&t=onc8f2e5fybs45k
0.0.0.0 0 B URL GET clientbackarea.site/ch_files/ca/csspage2.php?page=signin&t=onc8f2e5fybs45k
IP 0.0.0.0:0
Requested by https://nue0id.com/lo/card.php
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /ch_files/ca/csspage2.php?page=signin&t=onc8f2e5fybs45k HTTP/1.1
Host: clientbackarea.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nue0id.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
clientbackarea.site/ch_files/lib/js/jquery-3.3.1.min.js
0.0.0.0 0 B URL GET clientbackarea.site/ch_files/lib/js/jquery-3.3.1.min.js
IP 0.0.0.0:0
Requested by https://nue0id.com/lo/card.php
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /ch_files/lib/js/jquery-3.3.1.min.js HTTP/1.1
Host: clientbackarea.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nue0id.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
nue0id.com/favicon.ico
0.0.0.0 0 B IP 0.0.0.0:0
Requested by https://nue0id.com/lo/card.php
Certificate IssuerLet's Encrypt
Subject*.nue0id.com
Fingerprint5B:12:D3:55:27:38:6A:05:81:59:86:29:8D:E8:C8:2F:69:06:B7:CE
ValidityTue, 25 Apr 2023 17:54:18 GMT - Mon, 24 Jul 2023 17:54:17 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Chase Personal Banking
GET /favicon.ico HTTP/1.1
Host: nue0id.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nue0id.com/lo/card.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
clientbackarea.site/ch_files/lib/pics/favi.png
0.0.0.0 0 B URL GET clientbackarea.site/ch_files/lib/pics/favi.png
IP 0.0.0.0:0
Requested by https://nue0id.com/lo/card.php
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /ch_files/lib/pics/favi.png HTTP/1.1
Host: clientbackarea.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nue0id.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
clientbackarea.site/ch_files/lib/js/jquery-3.3.1.min.js
0.0.0.0 0 B URL GET clientbackarea.site/ch_files/lib/js/jquery-3.3.1.min.js
IP 0.0.0.0:0
Requested by https://nue0id.com/lo/card.php
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /ch_files/lib/js/jquery-3.3.1.min.js HTTP/1.1
Host: clientbackarea.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nue0id.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
clientbackarea.site/ch_files/lib/pics/favi.ico
0.0.0.0 0 B URL GET clientbackarea.site/ch_files/lib/pics/favi.ico
IP 0.0.0.0:0
Requested by https://nue0id.com/lo/card.php
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /ch_files/lib/pics/favi.ico HTTP/1.1
Host: clientbackarea.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nue0id.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache