103.212.81.231200 OK 14 kB URL User Request GET HTTP/1.1 IP 103.212.81.231:443
Certificate IssuerLet's Encrypt
Subject*.nue0id.com
Fingerprint5B:12:D3:55:27:38:6A:05:81:59:86:29:8D:E8:C8:2F:69:06:B7:CE
ValidityTue, 25 Apr 2023 17:54:18 GMT - Mon, 24 Jul 2023 17:54:17 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (555)
Hash c262a34451f6ff2aa82d80419afa3264
99fc27559c9823ea3b96389a48ce6fddaa8fd270
b51d394140fd9b76bfd06b8901003e635fb87a64b8a7da51f3856a927af48095
Analyzer Verdict Alert openphish Chase Personal Banking
GET /lo/index.php HTTP/1.1
Host: nue0id.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Jun 2023 01:06:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js
104.17.25.14200 OK 4.0 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js
IP 104.17.25.14:443
Requested by https://nue0id.com/lo/index.php
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (11084), with no line terminators
Hash 65f1d21d5fcc9d21da758adababd0c3c
e0661d07d64c00008bc9d013d16eec0a0f156dc7
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
GET /ajax/libs/modernizr/2.8.3/modernizr.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nue0id.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 10 Jun 2023 01:06:05 GMT
content-type: application/javascript; charset=utf-8
content-length: 3980
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03f26-2b4c"
last-modified: Mon, 04 May 2020 16:13:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1843365
expires: Thu, 30 May 2024 01:06:05 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H1y0IPCvY8a4nHfSGQ5IzT6F4oRxxZWaLzuYETMlhj954cPLuQ%2FwWeloVunXmtmkSOzQhBV1S4Vq3lOkn3zEnudQQefqqBfjd8w0X2A7D6QrPlx6XvNj2qUXIvqsuPj%2FcNtcI3xb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7d4db5b37e9c0afe-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
nue0id.com/lo/js/mask.js
103.212.81.231200 OK 23 kB IP 103.212.81.231:443
Requested by https://nue0id.com/lo/index.php
Certificate IssuerLet's Encrypt
Subject*.nue0id.com
Fingerprint5B:12:D3:55:27:38:6A:05:81:59:86:29:8D:E8:C8:2F:69:06:B7:CE
ValidityTue, 25 Apr 2023 17:54:18 GMT - Mon, 24 Jul 2023 17:54:17 GMT
Hash a1fb4aaee1dcbfd24e6ec0fd67ab9645
77558a30ff578aeb671e2bdb574df166751aa487
c84e4b2e9e47490ff3fa125e0aa933f617633649358da8861b4b430ab6ae9a70
Analyzer Verdict Alert openphish Chase Personal Banking
GET /lo/js/mask.js HTTP/1.1
Host: nue0id.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nue0id.com/lo/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Jun 2023 01:06:05 GMT
Content-Type: application/javascript
Content-Length: 23177
Connection: keep-alive
Last-Modified: Mon, 13 Feb 2023 15:37:44 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
nue0id.com/lo/css/master.css
103.212.81.231200 OK 6.8 kB URL GET HTTP/1.1 nue0id.com/lo/css/master.css
IP 103.212.81.231:443
Requested by https://nue0id.com/lo/index.php
Certificate IssuerLet's Encrypt
Subject*.nue0id.com
Fingerprint5B:12:D3:55:27:38:6A:05:81:59:86:29:8D:E8:C8:2F:69:06:B7:CE
ValidityTue, 25 Apr 2023 17:54:18 GMT - Mon, 24 Jul 2023 17:54:17 GMT
File type ASCII text, with very long lines (6260)
Hash 1d5a0d7ed7ffcc3b428ecbf2265a801c
c8f494894096886bb6ae61a488ad07b24a589cb6
e50e7c5e17142af4183ae25d00f2d019b7af08853bb75e6179ec0538fac6b626
Analyzer Verdict Alert openphish Chase Personal Banking
GET /lo/css/master.css HTTP/1.1
Host: nue0id.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nue0id.com/lo/index.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Jun 2023 01:06:06 GMT
Content-Type: text/css
Content-Length: 6799
Connection: keep-alive
Last-Modified: Mon, 13 Feb 2023 15:37:44 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
nue0id.com/lo/jquery.js
103.212.81.231404 Not Found 315 B IP 103.212.81.231:443
Requested by https://nue0id.com/lo/index.php
Certificate IssuerLet's Encrypt
Subject*.nue0id.com
Fingerprint5B:12:D3:55:27:38:6A:05:81:59:86:29:8D:E8:C8:2F:69:06:B7:CE
ValidityTue, 25 Apr 2023 17:54:18 GMT - Mon, 24 Jul 2023 17:54:17 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert openphish Chase Personal Banking
GET /lo/jquery.js HTTP/1.1
Host: nue0id.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nue0id.com/lo/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 10 Jun 2023 01:06:06 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 315
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 95a94d12a9fc00a37c7e34de10e678b7
e2339ec07c410aa01864fd29eb0d99a7ccecc37c
79fc04cdd5d05f242eb5ba0ad8111f3609197a7d41f8a451dc2314b8280ed5cf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Jun 2023 01:06:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/bframe?hl=en&v=tNAc29ZZrpcOCErva2nr4BS9&k=6Lccd-gdAAAAAA_2hxUjPHxPYWVkO1D7I1LN1W2J
142.250.74.132200 OK 1.2 kB URL GET HTTP/2 www.google.com/recaptcha/api2/bframe?hl=en&v=tNAc29ZZrpcOCErva2nr4BS9&k=6Lccd-gdAAAAAA_2hxUjPHxPYWVkO1D7I1LN1W2J
IP 142.250.74.132:443
Requested by https://nue0id.com/lo/index.php
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintA8:95:C3:CB:D6:3F:BC:0A:7D:FF:36:72:5E:2F:56:26:9F:EB:77:0E
ValidityFri, 19 May 2023 12:58:13 GMT - Fri, 11 Aug 2023 12:58:12 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash dfbbf6dd11812f9e271da3210835d225
5f5608a862a742dd2ff1ac4865371712cf98b5fc
1e55453140e0d38ded50875180fc0e76af39c9743cbedacdc3534b0496243a9d
GET /recaptcha/api2/bframe?hl=en&v=tNAc29ZZrpcOCErva2nr4BS9&k=6Lccd-gdAAAAAA_2hxUjPHxPYWVkO1D7I1LN1W2J HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nue0id.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 10 Jun 2023 01:06:06 GMT
content-security-policy: script-src 'nonce-E2s-bIcwV-ro6IEyHShTPA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1156
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 6c61fb42405abc811f67aabeace702b2
0d41286eb5a6f7f82734de50e0fdbc7e752e3d8e
bd7a264bf9a25dd4e67665c894ea85fd985546fb75f9e69da4bbfb5ba2fabab5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Jun 2023 01:06:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 6109dc90074997c867d10212ff8f9a81
4f26dbb187f908c7eb6bc2a550034c85cfe6fc8b
d964eec14e1b68dc5ee99e7b1bc4cbb509255de0c49801ca5034253d4cd16be5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Jun 2023 01:06:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 6109dc90074997c867d10212ff8f9a81
4f26dbb187f908c7eb6bc2a550034c85cfe6fc8b
d964eec14e1b68dc5ee99e7b1bc4cbb509255de0c49801ca5034253d4cd16be5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Jun 2023 01:06:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__en.js
142.250.74.35404 Not Found 1.6 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__en.js
IP 142.250.74.35:443
Requested by https://www.google.com/recaptcha/api2/bframe?hl=en&v=tNAc29ZZrpcOCErva2nr4BS9&k=6Lccd-gdAAAAAA_2hxUjPHxPYWVkO1D7I1LN1W2J
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash b7aa082bd1ad4982af50f447b5f7d1cc
5eb95c9716127e9c96609115f03fe169c926ab3c
ca037b6d105db8f02a2bf5d89f59c17a0edb1eee19f02b205a9bdf5e170f4a07
GET /recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
date: Sat, 10 Jun 2023 01:06:06 GMT
content-type: text/html; charset=UTF-8
server: sffe
content-length: 1621
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash cfa2f4faaa3c178ca36297b0c4264e37
7a77047e893a983873f15a67f94b2be4b114be43
faebb1831224e4843915d60cdc5f707ea6de1fd82d1e3b9620bc5c9b611729b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Jun 2023 01:06:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/styles__ltr.css
142.250.74.35404 Not Found 1.6 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/styles__ltr.css
IP 142.250.74.35:443
Requested by https://www.google.com/recaptcha/api2/bframe?hl=en&v=tNAc29ZZrpcOCErva2nr4BS9&k=6Lccd-gdAAAAAA_2hxUjPHxPYWVkO1D7I1LN1W2J
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 753fe14bbf5da43ab3b14070e6f3a0c1
647035ef68ccc1c56d03623ce546288cae206f28
b3877a254b983829525b4f908b71f48b544f3953266cfca910d70695c40d7694
GET /recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
date: Sat, 10 Jun 2023 01:06:06 GMT
content-type: text/html; charset=UTF-8
server: sffe
content-length: 1620
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__en.js
142.250.74.35404 Not Found 1.6 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__en.js
IP 142.250.74.35:443
Requested by https://www.google.com/recaptcha/api2/bframe?hl=en&v=tNAc29ZZrpcOCErva2nr4BS9&k=6Lccd-gdAAAAAA_2hxUjPHxPYWVkO1D7I1LN1W2J
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash b7aa082bd1ad4982af50f447b5f7d1cc
5eb95c9716127e9c96609115f03fe169c926ab3c
ca037b6d105db8f02a2bf5d89f59c17a0edb1eee19f02b205a9bdf5e170f4a07
GET /recaptcha/releases/tNAc29ZZrpcOCErva2nr4BS9/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
date: Sat, 10 Jun 2023 01:06:06 GMT
content-type: text/html; charset=UTF-8
server: sffe
content-length: 1621
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
clientbackarea.site/ch_files/ca/csspage2.php?page=signin&t=onc8f2e5fybs45k
0.0.0.0 0 B URL GET clientbackarea.site/ch_files/ca/csspage2.php?page=signin&t=onc8f2e5fybs45k
IP 0.0.0.0:0
Requested by https://nue0id.com/lo/index.php
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /ch_files/ca/csspage2.php?page=signin&t=onc8f2e5fybs45k HTTP/1.1
Host: clientbackarea.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nue0id.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
clientbackarea.site/ch_files/lib/js/jquery-3.3.1.min.js
0.0.0.0 0 B URL GET clientbackarea.site/ch_files/lib/js/jquery-3.3.1.min.js
IP 0.0.0.0:0
Requested by https://nue0id.com/lo/index.php
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /ch_files/lib/js/jquery-3.3.1.min.js HTTP/1.1
Host: clientbackarea.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nue0id.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
clientbackarea.site/ch_files/lib/js/jquery-3.3.1.min.js
0.0.0.0 0 B URL GET clientbackarea.site/ch_files/lib/js/jquery-3.3.1.min.js
IP 0.0.0.0:0
Requested by https://nue0id.com/lo/index.php
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /ch_files/lib/js/jquery-3.3.1.min.js HTTP/1.1
Host: clientbackarea.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nue0id.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
clientbackarea.site/ch_files/lib/pics/favi.png
0.0.0.0 0 B URL GET clientbackarea.site/ch_files/lib/pics/favi.png
IP 0.0.0.0:0
Requested by https://nue0id.com/lo/index.php
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /ch_files/lib/pics/favi.png HTTP/1.1
Host: clientbackarea.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nue0id.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
clientbackarea.site/ch_files/lib/pics/favi.ico
0.0.0.0 0 B URL GET clientbackarea.site/ch_files/lib/pics/favi.ico
IP 0.0.0.0:0
Requested by https://nue0id.com/lo/index.php
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /ch_files/lib/pics/favi.ico HTTP/1.1
Host: clientbackarea.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nue0id.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
clientbackarea.site/ch_files/ca/csspage2.php?page=signin&t=onc8f2e5fybs45k
0.0.0.0 0 B URL GET clientbackarea.site/ch_files/ca/csspage2.php?page=signin&t=onc8f2e5fybs45k
IP 0.0.0.0:0
Requested by https://nue0id.com/lo/index.php
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /ch_files/ca/csspage2.php?page=signin&t=onc8f2e5fybs45k HTTP/1.1
Host: clientbackarea.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nue0id.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache