r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ab3625faa748b97df39d95f3265ccd14
3930df2e3cb45a1abe47de735002fba535de4f08
0b0a1eb64c4a23598884f08be0a9694c8fcaeffc4b0df790a678104f44fe1c14
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0B0A1EB64C4A23598884F08BE0A9694C8FCAEFFC4B0DF790A678104F44FE1C14"
Last-Modified: Fri, 30 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3996
Expires: Sat, 31 Dec 2022 06:52:29 GMT
Date: Sat, 31 Dec 2022 05:45:53 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d3098a490e8d38d4150d961624aa7b64
6ecbca59302d0ac5436f1723137d42523f629ea1
158e277ba0220577b59b15e4017b6c27f59295bcd7e5d0e52d027dc7c4309f0b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "158E277BA0220577B59B15E4017B6C27F59295BCD7E5D0E52D027DC7C4309F0B"
Last-Modified: Fri, 30 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11534
Expires: Sat, 31 Dec 2022 08:58:07 GMT
Date: Sat, 31 Dec 2022 05:45:53 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 31 Dec 2022 04:47:06 GMT
content-type: application/json
age: 3527
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 428881081ad357fb55af33ebf9d12c16
29b7be72f76da07db4a03fb1bc57ffe16d520a22
9adff7f91b147b0d93166bc4ece0dd31fd19fd8b2c269a6a596a1e902f49a1fe
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9ADFF7F91B147B0D93166BC4ECE0DD31FD19FD8B2C269A6A596A1E902F49A1FE"
Last-Modified: Wed, 28 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7659
Expires: Sat, 31 Dec 2022 07:53:32 GMT
Date: Sat, 31 Dec 2022 05:45:53 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: JnsrVgdbBWP2sR291YC6tZVEPuS3iyxRNDzy5mzzedR3jeWRRBBOD7BwYPMT6uoFsiPzMwTfuXU=
x-amz-request-id: CMWH42ZZEE7MF1T3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 31 Dec 2022 04:59:29 GMT
age: 2784
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7fd8d0af5095e8b3c8b0be038e712652
2f43a996f9ecd3d6d3b0257aa82b25fcc34b9293
4e8bdccb042b0c6bcbd501d4b9a3f6458bfc7cc571563256b562ef1ce7d90b87
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4E8BDCCB042B0C6BCBD501D4B9A3F6458BFC7CC571563256B562EF1CE7D90B87"
Last-Modified: Thu, 29 Dec 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21573
Expires: Sat, 31 Dec 2022 11:45:26 GMT
Date: Sat, 31 Dec 2022 05:45:53 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 31 Dec 2022 05:45:53 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Alert, ETag, Content-Type, Last-Modified, Cache-Control, Expires, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 31 Dec 2022 05:08:10 GMT
age: 2263
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
spar-captcha.click/de/com/white.php?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
185.242.86.251200 OK 498 B URL HTTP/1.1 spar-captcha.click/de/com/white.php?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 7f5dec6bbf5865d70bc328705b8fb985
ea7b3829a2d74eeb33a93bed9692d497faffe043
817ec927894c472c091cc75b1679e3fe513d3b748b659fdb70ebde52286e4d30
GET /de/com/white.php?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f HTTP/1.1
Host: spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Sat, 31 Dec 2022 05:45:53 GMT
Server: Apache/2.4.41 (Ubuntu)
Set-Cookie: real=OK
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 498
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
spar-captcha.click/favicon.ico
185.242.86.251404 Not Found 281 B URL HTTP/1.1 spar-captcha.click/favicon.ico
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9ba08157c649e978e18eba6ad0138194
54366db6a58636ffc4bdff533ed5e32bd94b9044
54054af5cdc1c2c86f998497253b90efd1fea4b2bd3f43606dbe50c1674410a2
GET /favicon.ico HTTP/1.1
Host: spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://spar-captcha.click/de/com/white.php?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Sat, 31 Dec 2022 05:45:53 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 281
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 553f97ab8a2c2f1abe4ee932cf6dab42
9e9433075523efb0cf7d13b6811d237c4b48f099
8a7c26f298fb34ec9d5cbd977a2677118b9360ad3134bb56171c13d4d13da540
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3731
Cache-Control: max-age=102184
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 05:45:54 GMT
Etag: "63aeaa27-1d7"
Expires: Sun, 01 Jan 2023 10:08:58 GMT
Last-Modified: Fri, 30 Dec 2022 09:06:47 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.200.107.47101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.200.107.47:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5frbfJ3lrkvtPKONm8zIdg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6lbqCAsBqRGu4L3v+kwgg2oGwlA=
spar-captcha.click/de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
185.242.86.251301 Moved Permanently 431 B URL HTTP/1.1 spar-captcha.click/de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9cffb6e1838c52915d4e7c50e3981c9a
48c95c050e83050bd739c8da9ec8429465ae8c6a
9ddb460f961a249c90d5fbb77deb805be28a1639d44d76aac0a93c1d730de71d
GET /de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f HTTP/1.1
Host: spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://spar-captcha.click/de/com/white.php?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
Cookie: real=OK
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 301 Moved Permanently
Date: Sat, 31 Dec 2022 05:45:54 GMT
Server: Apache/2.4.41 (Ubuntu)
Location: https://spar-captcha.click/de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
Content-Length: 431
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
spar-captcha.click/de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
185.242.86.251302 Found 0 B URL HTTP/1.1 spar-captcha.click/de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f HTTP/1.1
Host: spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spar-captcha.click/de/com/white.php?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
Connection: keep-alive
Cookie: real=OK
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Date: Sat, 31 Dec 2022 05:45:54 GMT
Server: Apache/2.4.41 (Ubuntu)
Set-Cookie: bid=5ef3e359f7226011da79f929ec0a19f8; expires=Mon, 30-Jan-2023 05:45:54 GMT; Max-Age=2592000; path=/
location: login/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
Content-Length: 0
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2b5593d2ab79d3712ed8b96dd22b5465
653a41ce6edf4a7bba2ddf88cd525291fcb2ca0b
34fc88630bd744b6e764b96eecfbddb1bb9166eec8de596081e3e97839631dea
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 05:45:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
spar-captcha.click/de/com/bower_components/ua-parser-js/dist/ua-parser.min.js
185.242.86.251200 OK 6.1 kB URL HTTP/1.1 spar-captcha.click/de/com/bower_components/ua-parser-js/dist/ua-parser.min.js
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type Unicode text, UTF-8 text, with very long lines (16817)
Hash 14da93cff6d49885bf214d2503f614db
04d64d738cd0fd2b4eee3b8abc5326dfda3f1dea
49e584e9a0aee55b81771b9e010ccf1da6278da03fb8ddba07ef7a1f0a126732
Analyzer Verdict Alert fortinet Malware
GET /de/com/bower_components/ua-parser-js/dist/ua-parser.min.js HTTP/1.1
Host: spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://spar-captcha.click/de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8/login/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
Cookie: real=OK; bid=5ef3e359f7226011da79f929ec0a19f8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 31 Dec 2022 05:45:55 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 25 Jun 2021 06:46:16 GMT
ETag: "4298-5c5917f0c5e00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6063
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
spar-captcha.click/de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8/login/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
185.242.86.251200 OK 316 kB URL HTTP/1.1 spar-captcha.click/de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8/login/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ISO-8859 text, with very long lines (49217)
Size 316 kB (315785 bytes)
Hash 64a5346518855765cde01a01991e3e63
0f4e2afd58055257808c02f1ba936fa478c893b7
8e4073214478dd39ba4c5c4d27452fef8b9220d5707c0a34e0a6de35e3f4399b
GET /de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8/login/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f HTTP/1.1
Host: spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spar-captcha.click/de/com/white.php?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
Connection: keep-alive
Cookie: real=OK; bid=5ef3e359f7226011da79f929ec0a19f8
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 31 Dec 2022 05:45:54 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
spar-captcha.click/de/com/bower_components/font-awesome/css/font-awesome.min.css
185.242.86.251200 OK 7.1 kB URL HTTP/1.1 spar-captcha.click/de/com/bower_components/font-awesome/css/font-awesome.min.css
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type ASCII text, with very long lines (30837)
Hash 52f1a8a2ce85fa8432308b33bc1a2e79
fd80917af5371c8ecad0198592a1e7cce4b77b0e
07bd6a9ea0213e20f362485aadc17a88c486ecfb394004b41b8b38db6e6a35f6
GET /de/com/bower_components/font-awesome/css/font-awesome.min.css HTTP/1.1
Host: spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://spar-captcha.click/de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8/login/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
Cookie: real=OK; bid=5ef3e359f7226011da79f929ec0a19f8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 31 Dec 2022 05:45:55 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 25 Jun 2021 06:46:18 GMT
ETag: "7918-5c5917f2ae280-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7053
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
spar-captcha.click/de/com/core/form/core_form.js
185.242.86.251200 OK 7.7 kB URL HTTP/1.1 spar-captcha.click/de/com/core/form/core_form.js
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type ASCII text, with very long lines (4177)
Hash 81228f9c328026b74bc05eb1b68bdd85
9485dbd43fc2661dcee83de777a70542fcb871c9
844bf2b94b236c89977a55adec770dc0de31fa05cf67cc944e6d8f165ca344a7
Analyzer Verdict Alert fortinet Malware
GET /de/com/core/form/core_form.js HTTP/1.1
Host: spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://spar-captcha.click/de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8/login/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
Cookie: real=OK; bid=5ef3e359f7226011da79f929ec0a19f8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 31 Dec 2022 05:45:55 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 19 Sep 2022 19:10:50 GMT
ETag: "5405-5e90c7841a280-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7670
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
spar-captcha.click/de/com/core/token/core_token.js
185.242.86.251200 OK 1.6 kB URL HTTP/1.1 spar-captcha.click/de/com/core/token/core_token.js
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
Hash 80faf96a3c6c8afb406d516a8973b46f
63aabfa350b855a882b1a3cbd7f42b598fb71256
5f5316de547f2f7313ded4bf6faf911faf41255517597ab3e74cc2632c6096d1
Analyzer Verdict Alert fortinet Malware
GET /de/com/core/token/core_token.js HTTP/1.1
Host: spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://spar-captcha.click/de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8/login/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
Cookie: real=OK; bid=5ef3e359f7226011da79f929ec0a19f8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 31 Dec 2022 05:45:55 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 25 Jun 2021 06:45:48 GMT
ETag: "36c8-5c5917d611f00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1582
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
spar-captcha.click/de/com/core/form/core_form.css
185.242.86.251200 OK 689 B URL HTTP/1.1 spar-captcha.click/de/com/core/form/core_form.css
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
Hash 8883742b326da993d886f85d9e010dda
4ffb09dd1a71bb3097f1e38b9cbbb74978f7952f
e85e28f5cef69cda476f9ab3ae4cc0895284fb0b64453bae5c24123a53ce10ea
GET /de/com/core/form/core_form.css HTTP/1.1
Host: spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://spar-captcha.click/de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8/login/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
Cookie: real=OK; bid=5ef3e359f7226011da79f929ec0a19f8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 31 Dec 2022 05:45:55 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 19 Sep 2022 19:31:40 GMT
ETag: "adc-5e90cc2c31f00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 689
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
www.googletagmanager.com/gtm.js?id=GTM-PMKT8F
142.250.74.168200 OK 94 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PMKT8F
IP 142.250.74.168:0
File type Unicode text, UTF-8 text, with very long lines (45950)
Hash 8edb1a7e92112a2cefe603365438ad46
7b51ce26d6908bc5db3ba52bbeb05bd0d9701124
d951fb8ddd1fdc369db12aac2d892aa483f9532991c0c03a0f2fdecfe5358faf
GET /gtm.js?id=GTM-PMKT8F HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://spar-captcha.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 31 Dec 2022 05:45:55 GMT
expires: Sat, 31 Dec 2022 05:45:55 GMT
cache-control: private, max-age=900
last-modified: Sat, 31 Dec 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 94052
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
spar-captcha.click/de/com/bower_components/jquery/dist/jquery.min.js
185.242.86.251200 OK 30 kB URL HTTP/1.1 spar-captcha.click/de/com/bower_components/jquery/dist/jquery.min.js
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type ASCII text, with very long lines (32058)
Hash 3430607b4301113ad9394c9260eef3f0
8c4db68b161b17e31be300e968a30ab0116b3193
31e4d11375322cd6f94dba7338570426f2412d6c5fa670427966d45c3648098c
Analyzer Verdict Alert fortinet Malware
GET /de/com/bower_components/jquery/dist/jquery.min.js HTTP/1.1
Host: spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://spar-captcha.click/de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8/login/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
Cookie: real=OK; bid=5ef3e359f7226011da79f929ec0a19f8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 31 Dec 2022 05:45:55 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 25 Jun 2021 06:46:18 GMT
ETag: "15283-5c5917f2ae280-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 30138
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
spar-captcha.click/de/com/bower_components/jquery.maskedinput/dist/jquery.maskedinput.min.js
185.242.86.251200 OK 3.3 kB URL HTTP/1.1 spar-captcha.click/de/com/bower_components/jquery.maskedinput/dist/jquery.maskedinput.min.js
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
Hash 4d50860adbc3bac5b59f9c900670b2e4
19fb9ee275b56a0b239a76bc301b6d6ef3eae25f
6167a19f3ce290fe0a5620e7240f6a9b8e5137e7b080c2442c0e58b7e1bcbb02
Analyzer Verdict Alert fortinet Malware
GET /de/com/bower_components/jquery.maskedinput/dist/jquery.maskedinput.min.js HTTP/1.1
Host: spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://spar-captcha.click/de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8/login/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
Cookie: real=OK; bid=5ef3e359f7226011da79f929ec0a19f8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 31 Dec 2022 05:45:55 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 25 Jun 2021 06:46:18 GMT
ETag: "4001-5c5917f2ae280-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3284
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
spar-captcha.click/de/com/login/form/css.css
185.242.86.251200 OK 112 B URL HTTP/1.1 spar-captcha.click/de/com/login/form/css.css
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
Hash d6c9aa671f226dd6ae1fee66ae397547
79f45d4575e11268a3c8c9d14313e722f7388f38
fed843423628dbf3d60c7131aa8d5d50c0302caf03c09460cdc7b4521ee78556
GET /de/com/login/form/css.css HTTP/1.1
Host: spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://spar-captcha.click/de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8/login/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
Cookie: real=OK; bid=5ef3e359f7226011da79f929ec0a19f8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 31 Dec 2022 05:45:55 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 25 Jun 2021 06:45:18 GMT
ETag: "9d-5c5917b975b80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 112
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
spar-captcha.click/de/com/login/Web-Banking-Unauthenticated.css
185.242.86.251200 OK 132 B URL HTTP/1.1 spar-captcha.click/de/com/login/Web-Banking-Unauthenticated.css
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
Hash 13c23c231214868cad8d6fb728b9e976
5c3a5dc3b75b0cdea19d9e881e6e920cd61ab9a7
991749d8f8a1e7cdf207437edae84078db3c96b1a758e091c8386b396374eb2d
GET /de/com/login/Web-Banking-Unauthenticated.css HTTP/1.1
Host: spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://spar-captcha.click/de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8/login/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
Cookie: real=OK; bid=5ef3e359f7226011da79f929ec0a19f8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 31 Dec 2022 05:45:55 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 25 Jun 2021 06:45:14 GMT
ETag: "7c-5c5917b5a5280-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 132
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
spar-captcha.click/de/com/login/files/main.css
185.242.86.251404 Not Found 281 B URL HTTP/1.1 spar-captcha.click/de/com/login/files/main.css
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9ba08157c649e978e18eba6ad0138194
54366db6a58636ffc4bdff533ed5e32bd94b9044
54054af5cdc1c2c86f998497253b90efd1fea4b2bd3f43606dbe50c1674410a2
GET /de/com/login/files/main.css HTTP/1.1
Host: spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spar-captcha.click/de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8/login/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
Connection: keep-alive
Cookie: real=OK; bid=5ef3e359f7226011da79f929ec0a19f8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Sat, 31 Dec 2022 05:45:55 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 281
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
spar-captcha.click/de/com/bower_components/angular/angular.min.js
185.242.86.251200 OK 59 kB URL HTTP/1.1 spar-captcha.click/de/com/bower_components/angular/angular.min.js
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type ASCII text, with very long lines (552)
Hash ef8273bb5f21cf02cdb9ccd56513e7c1
0de400b680cfc9a05f3d182ea010b4ecb6166f7a
369f26576626b7705342e67ae37363858a5655c66755ddff450054dfe9c70bc4
Analyzer Verdict Alert fortinet Malware
GET /de/com/bower_components/angular/angular.min.js HTTP/1.1
Host: spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://spar-captcha.click/de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8/login/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
Cookie: real=OK; bid=5ef3e359f7226011da79f929ec0a19f8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 31 Dec 2022 05:45:55 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 25 Jun 2021 06:46:16 GMT
ETag: "2937c-5c5917f0c5e00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
spar-captcha.click/de/com/login/files/cms.css
185.242.86.251404 Not Found 281 B URL HTTP/1.1 spar-captcha.click/de/com/login/files/cms.css
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9ba08157c649e978e18eba6ad0138194
54366db6a58636ffc4bdff533ed5e32bd94b9044
54054af5cdc1c2c86f998497253b90efd1fea4b2bd3f43606dbe50c1674410a2
GET /de/com/login/files/cms.css HTTP/1.1
Host: spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spar-captcha.click/de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8/login/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
Connection: keep-alive
Cookie: real=OK; bid=5ef3e359f7226011da79f929ec0a19f8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Sat, 31 Dec 2022 05:45:55 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 281
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
spar-captcha.click/de/com/login/files/header_login.css
185.242.86.251404 Not Found 281 B URL HTTP/1.1 spar-captcha.click/de/com/login/files/header_login.css
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9ba08157c649e978e18eba6ad0138194
54366db6a58636ffc4bdff533ed5e32bd94b9044
54054af5cdc1c2c86f998497253b90efd1fea4b2bd3f43606dbe50c1674410a2
GET /de/com/login/files/header_login.css HTTP/1.1
Host: spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spar-captcha.click/de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8/login/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
Connection: keep-alive
Cookie: real=OK; bid=5ef3e359f7226011da79f929ec0a19f8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Sat, 31 Dec 2022 05:45:55 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 281
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
spar-captcha.click/portal/media/system/33.141.18/js/jquery_1_12_4.js
185.242.86.251404 Not Found 281 B URL HTTP/1.1 spar-captcha.click/portal/media/system/33.141.18/js/jquery_1_12_4.js
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9ba08157c649e978e18eba6ad0138194
54366db6a58636ffc4bdff533ed5e32bd94b9044
54054af5cdc1c2c86f998497253b90efd1fea4b2bd3f43606dbe50c1674410a2
Analyzer Verdict Alert fortinet Malware
GET /portal/media/system/33.141.18/js/jquery_1_12_4.js HTTP/1.1
Host: spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spar-captcha.click/de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8/login/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
Connection: keep-alive
Cookie: bid=5ef3e359f7226011da79f929ec0a19f8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Sat, 31 Dec 2022 05:45:55 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 281
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
spar-captcha.click/portal/media/system/33.141.18/js/jquery_ui_1_12_1.js
185.242.86.251404 Not Found 281 B URL HTTP/1.1 spar-captcha.click/portal/media/system/33.141.18/js/jquery_ui_1_12_1.js
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9ba08157c649e978e18eba6ad0138194
54366db6a58636ffc4bdff533ed5e32bd94b9044
54054af5cdc1c2c86f998497253b90efd1fea4b2bd3f43606dbe50c1674410a2
Analyzer Verdict Alert fortinet Malware
GET /portal/media/system/33.141.18/js/jquery_ui_1_12_1.js HTTP/1.1
Host: spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spar-captcha.click/de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8/login/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
Connection: keep-alive
Cookie: bid=5ef3e359f7226011da79f929ec0a19f8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Sat, 31 Dec 2022 05:45:55 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 281
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
i.imgur.com/YF5NeT9.jpg
151.101.244.193200 OK 25 kB IP 151.101.244.193:0
File type JPEG image data, baseline, precision 8, 1280x170, components 3\012- data
Hash 8527f1d726cacc1948dc9b53dfc4e2a8
f1e39e14496abb3ae5294c22a5442a76534bff41
0d19a20899113e84343091920c3a335625bf7d9dbfc17f9cfe64595dc2f4c20c
GET /YF5NeT9.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spar-captcha.click/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 19 Sep 2022 17:13:17 GMT
etag: "8527f1d726cacc1948dc9b53dfc4e2a8"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 31 Dec 2022 05:45:55 GMT
age: 39845
x-served-by: cache-iad-kjyo7100088-IAD, cache-hel1410022-HEL
x-cache: HIT, HIT
x-cache-hits: 25, 2
x-timer: S1672465555.331268,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 24849
X-Firefox-Spdy: h2
spar-captcha.click/portal/media/system/33.141.18/js/lib_head.js
185.242.86.251404 Not Found 281 B URL HTTP/1.1 spar-captcha.click/portal/media/system/33.141.18/js/lib_head.js
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9ba08157c649e978e18eba6ad0138194
54366db6a58636ffc4bdff533ed5e32bd94b9044
54054af5cdc1c2c86f998497253b90efd1fea4b2bd3f43606dbe50c1674410a2
Analyzer Verdict Alert fortinet Malware
GET /portal/media/system/33.141.18/js/lib_head.js HTTP/1.1
Host: spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spar-captcha.click/de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8/login/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
Connection: keep-alive
Cookie: bid=5ef3e359f7226011da79f929ec0a19f8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Sat, 31 Dec 2022 05:45:55 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 281
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
spar-captcha.click/portal/media/system/33.141.18/js/lib_main.js
185.242.86.251404 Not Found 281 B URL HTTP/1.1 spar-captcha.click/portal/media/system/33.141.18/js/lib_main.js
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9ba08157c649e978e18eba6ad0138194
54366db6a58636ffc4bdff533ed5e32bd94b9044
54054af5cdc1c2c86f998497253b90efd1fea4b2bd3f43606dbe50c1674410a2
Analyzer Verdict Alert fortinet Malware
GET /portal/media/system/33.141.18/js/lib_main.js HTTP/1.1
Host: spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spar-captcha.click/de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8/login/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
Connection: keep-alive
Cookie: bid=5ef3e359f7226011da79f929ec0a19f8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Sat, 31 Dec 2022 05:45:55 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 281
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
spar-captcha.click/portal/media/system/33.141.18/js/lib_cms.js
185.242.86.251404 Not Found 281 B URL HTTP/1.1 spar-captcha.click/portal/media/system/33.141.18/js/lib_cms.js
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9ba08157c649e978e18eba6ad0138194
54366db6a58636ffc4bdff533ed5e32bd94b9044
54054af5cdc1c2c86f998497253b90efd1fea4b2bd3f43606dbe50c1674410a2
Analyzer Verdict Alert fortinet Malware
GET /portal/media/system/33.141.18/js/lib_cms.js HTTP/1.1
Host: spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spar-captcha.click/de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8/login/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
Connection: keep-alive
Cookie: bid=5ef3e359f7226011da79f929ec0a19f8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Sat, 31 Dec 2022 05:45:55 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 281
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
spar-captcha.click/portal/media/system/usercentrics/bundle.js
185.242.86.251404 Not Found 281 B URL HTTP/1.1 spar-captcha.click/portal/media/system/usercentrics/bundle.js
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9ba08157c649e978e18eba6ad0138194
54366db6a58636ffc4bdff533ed5e32bd94b9044
54054af5cdc1c2c86f998497253b90efd1fea4b2bd3f43606dbe50c1674410a2
Analyzer Verdict Alert fortinet Malware
GET /portal/media/system/usercentrics/bundle.js HTTP/1.1
Host: spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spar-captcha.click/de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8/login/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
Connection: keep-alive
Cookie: bid=5ef3e359f7226011da79f929ec0a19f8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Sat, 31 Dec 2022 05:45:55 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 281
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
spar-captcha.click/de/com/login/files/jquery.js
185.242.86.251404 Not Found 281 B URL HTTP/1.1 spar-captcha.click/de/com/login/files/jquery.js
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9ba08157c649e978e18eba6ad0138194
54366db6a58636ffc4bdff533ed5e32bd94b9044
54054af5cdc1c2c86f998497253b90efd1fea4b2bd3f43606dbe50c1674410a2
Analyzer Verdict Alert fortinet Malware
GET /de/com/login/files/jquery.js HTTP/1.1
Host: spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spar-captcha.click/de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8/login/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
Connection: keep-alive
Cookie: real=OK; bid=5ef3e359f7226011da79f929ec0a19f8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Sat, 31 Dec 2022 05:45:55 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 281
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
spar-captcha.click/portal/media/system/33.141.18/js/lib_header_login.js
185.242.86.251404 Not Found 281 B URL HTTP/1.1 spar-captcha.click/portal/media/system/33.141.18/js/lib_header_login.js
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9ba08157c649e978e18eba6ad0138194
54366db6a58636ffc4bdff533ed5e32bd94b9044
54054af5cdc1c2c86f998497253b90efd1fea4b2bd3f43606dbe50c1674410a2
Analyzer Verdict Alert fortinet Malware
GET /portal/media/system/33.141.18/js/lib_header_login.js HTTP/1.1
Host: spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spar-captcha.click/de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8/login/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
Connection: keep-alive
Cookie: bid=5ef3e359f7226011da79f929ec0a19f8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Sat, 31 Dec 2022 05:45:55 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 281
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
spar-captcha.click/portal/media/system/33.141.18/js/html5shiv-printshiv.js
185.242.86.251404 Not Found 281 B URL HTTP/1.1 spar-captcha.click/portal/media/system/33.141.18/js/html5shiv-printshiv.js
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9ba08157c649e978e18eba6ad0138194
54366db6a58636ffc4bdff533ed5e32bd94b9044
54054af5cdc1c2c86f998497253b90efd1fea4b2bd3f43606dbe50c1674410a2
Analyzer Verdict Alert fortinet Malware
GET /portal/media/system/33.141.18/js/html5shiv-printshiv.js HTTP/1.1
Host: spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spar-captcha.click/de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8/login/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
Connection: keep-alive
Cookie: bid=5ef3e359f7226011da79f929ec0a19f8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Sat, 31 Dec 2022 05:45:55 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 281
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
spar-captcha.click/de/com/login/form/form.js?v=63afcc9314696
185.242.86.251200 OK 709 B URL HTTP/1.1 spar-captcha.click/de/com/login/form/form.js?v=63afcc9314696
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
Hash 42018b123357c5b2ce388ae78890b0f6
a8f7c33e594052eb4e5c5ebfea63079b402166aa
8ded9dda8bfa0bf3bbb1bb4577b99ccb105ba6ca04e7a583adcb8f59c71835d8
GET /de/com/login/form/form.js?v=63afcc9314696 HTTP/1.1
Host: spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spar-captcha.click/de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8/login/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
Connection: keep-alive
Cookie: real=OK; bid=5ef3e359f7226011da79f929ec0a19f8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 31 Dec 2022 05:45:55 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 25 Jun 2021 06:45:18 GMT
ETag: "bf7-5c5917b975b80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 709
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
spar-captcha.click/de/com/login/token/token.js?v=63afcc931469f
185.242.86.251200 OK 521 B URL HTTP/1.1 spar-captcha.click/de/com/login/token/token.js?v=63afcc931469f
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
Hash d3b565ef26b0461dfc7f4a535c374e3e
ae7b09853ddcbb284c3f0637db296e829892b257
8996f1947528614052bf33337236c80e9592521c6fea667f1682c91fc5584172
Analyzer Verdict Alert fortinet Malware
GET /de/com/login/token/token.js?v=63afcc931469f HTTP/1.1
Host: spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spar-captcha.click/de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8/login/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
Connection: keep-alive
Cookie: real=OK; bid=5ef3e359f7226011da79f929ec0a19f8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 31 Dec 2022 05:45:55 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 25 Jun 2021 06:45:18 GMT
ETag: "4eb-5c5917b975b80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 521
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
spar-captcha.click/de/com/login/ng/ng.js?v=63afcc93146a0
185.242.86.251200 OK 1.4 kB URL HTTP/1.1 spar-captcha.click/de/com/login/ng/ng.js?v=63afcc93146a0
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
Hash 12dd579b46c8940b4c2d03edd283cc67
974585ecd07612d419be32625bc334cd3b7e6875
660bfe05e9063473651297e0b5a119a2550b68520b253737cbe2eb19e07b2cc8
Analyzer Verdict Alert fortinet Malware
GET /de/com/login/ng/ng.js?v=63afcc93146a0 HTTP/1.1
Host: spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spar-captcha.click/de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8/login/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
Connection: keep-alive
Cookie: real=OK; bid=5ef3e359f7226011da79f929ec0a19f8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 31 Dec 2022 05:45:55 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 25 Jun 2021 06:45:18 GMT
ETag: "152c-5c5917b975b80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1389
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
spar-captcha.click/portal/media/system/usercentrics/main.js?_c=1633599627568
185.242.86.251404 Not Found 281 B URL HTTP/1.1 spar-captcha.click/portal/media/system/usercentrics/main.js?_c=1633599627568
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9ba08157c649e978e18eba6ad0138194
54366db6a58636ffc4bdff533ed5e32bd94b9044
54054af5cdc1c2c86f998497253b90efd1fea4b2bd3f43606dbe50c1674410a2
GET /portal/media/system/usercentrics/main.js?_c=1633599627568 HTTP/1.1
Host: spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://spar-captcha.click/de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8/login/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
Cookie: bid=5ef3e359f7226011da79f929ec0a19f8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Sat, 31 Dec 2022 05:45:55 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 281
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
spar-captcha.click/de/com/login/files/header_login.css
185.242.86.251404 Not Found 281 B URL HTTP/1.1 spar-captcha.click/de/com/login/files/header_login.css
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9ba08157c649e978e18eba6ad0138194
54366db6a58636ffc4bdff533ed5e32bd94b9044
54054af5cdc1c2c86f998497253b90efd1fea4b2bd3f43606dbe50c1674410a2
GET /de/com/login/files/header_login.css HTTP/1.1
Host: spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spar-captcha.click/de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8/login/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
Connection: keep-alive
Cookie: real=OK; bid=5ef3e359f7226011da79f929ec0a19f8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Sat, 31 Dec 2022 05:45:55 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 281
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
spar-captcha.click/de/com/login/files/main.css
185.242.86.251404 Not Found 281 B URL HTTP/1.1 spar-captcha.click/de/com/login/files/main.css
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9ba08157c649e978e18eba6ad0138194
54366db6a58636ffc4bdff533ed5e32bd94b9044
54054af5cdc1c2c86f998497253b90efd1fea4b2bd3f43606dbe50c1674410a2
GET /de/com/login/files/main.css HTTP/1.1
Host: spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spar-captcha.click/de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8/login/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
Connection: keep-alive
Cookie: real=OK; bid=5ef3e359f7226011da79f929ec0a19f8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Sat, 31 Dec 2022 05:45:55 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 281
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
spar-captcha.click/de/com/login/files/cms.css
185.242.86.251404 Not Found 281 B URL HTTP/1.1 spar-captcha.click/de/com/login/files/cms.css
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9ba08157c649e978e18eba6ad0138194
54366db6a58636ffc4bdff533ed5e32bd94b9044
54054af5cdc1c2c86f998497253b90efd1fea4b2bd3f43606dbe50c1674410a2
GET /de/com/login/files/cms.css HTTP/1.1
Host: spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spar-captcha.click/de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8/login/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
Connection: keep-alive
Cookie: real=OK; bid=5ef3e359f7226011da79f929ec0a19f8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Sat, 31 Dec 2022 05:45:55 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 281
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
spar-captcha.click/portal/media/system/33.141.18/js/jquery_1_12_4.js
185.242.86.251404 Not Found 281 B URL HTTP/1.1 spar-captcha.click/portal/media/system/33.141.18/js/jquery_1_12_4.js
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9ba08157c649e978e18eba6ad0138194
54366db6a58636ffc4bdff533ed5e32bd94b9044
54054af5cdc1c2c86f998497253b90efd1fea4b2bd3f43606dbe50c1674410a2
Analyzer Verdict Alert fortinet Malware
GET /portal/media/system/33.141.18/js/jquery_1_12_4.js HTTP/1.1
Host: spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spar-captcha.click/de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8/login/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
Connection: keep-alive
Cookie: bid=5ef3e359f7226011da79f929ec0a19f8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Sat, 31 Dec 2022 05:45:55 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 281
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
spar-captcha.click/portal/media/system/33.141.18/js/jquery_ui_1_12_1.js
185.242.86.251404 Not Found 281 B URL HTTP/1.1 spar-captcha.click/portal/media/system/33.141.18/js/jquery_ui_1_12_1.js
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9ba08157c649e978e18eba6ad0138194
54366db6a58636ffc4bdff533ed5e32bd94b9044
54054af5cdc1c2c86f998497253b90efd1fea4b2bd3f43606dbe50c1674410a2
Analyzer Verdict Alert fortinet Malware
GET /portal/media/system/33.141.18/js/jquery_ui_1_12_1.js HTTP/1.1
Host: spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spar-captcha.click/de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8/login/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
Connection: keep-alive
Cookie: bid=5ef3e359f7226011da79f929ec0a19f8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Sat, 31 Dec 2022 05:45:55 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 281
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 2156f5045eb474b5c02d0c6f64f02c4e
5cc884658ca6b9b357478137cb431f694e773bd8
3e7eb661f6a47c44f20915b8384799874b0f0a69fcedd1d90caaed93f8fce4bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3E7EB661F6A47C44F20915B8384799874B0F0A69FCEDD1D90CAAED93F8FCE4BB"
Last-Modified: Fri, 30 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15148
Expires: Sat, 31 Dec 2022 09:58:23 GMT
Date: Sat, 31 Dec 2022 05:45:55 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 2156f5045eb474b5c02d0c6f64f02c4e
5cc884658ca6b9b357478137cb431f694e773bd8
3e7eb661f6a47c44f20915b8384799874b0f0a69fcedd1d90caaed93f8fce4bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3E7EB661F6A47C44F20915B8384799874B0F0A69FCEDD1D90CAAED93F8FCE4BB"
Last-Modified: Fri, 30 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15148
Expires: Sat, 31 Dec 2022 09:58:23 GMT
Date: Sat, 31 Dec 2022 05:45:55 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 2156f5045eb474b5c02d0c6f64f02c4e
5cc884658ca6b9b357478137cb431f694e773bd8
3e7eb661f6a47c44f20915b8384799874b0f0a69fcedd1d90caaed93f8fce4bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3E7EB661F6A47C44F20915B8384799874B0F0A69FCEDD1D90CAAED93F8FCE4BB"
Last-Modified: Fri, 30 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15148
Expires: Sat, 31 Dec 2022 09:58:23 GMT
Date: Sat, 31 Dec 2022 05:45:55 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 2156f5045eb474b5c02d0c6f64f02c4e
5cc884658ca6b9b357478137cb431f694e773bd8
3e7eb661f6a47c44f20915b8384799874b0f0a69fcedd1d90caaed93f8fce4bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3E7EB661F6A47C44F20915B8384799874B0F0A69FCEDD1D90CAAED93F8FCE4BB"
Last-Modified: Fri, 30 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15148
Expires: Sat, 31 Dec 2022 09:58:23 GMT
Date: Sat, 31 Dec 2022 05:45:55 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 2156f5045eb474b5c02d0c6f64f02c4e
5cc884658ca6b9b357478137cb431f694e773bd8
3e7eb661f6a47c44f20915b8384799874b0f0a69fcedd1d90caaed93f8fce4bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3E7EB661F6A47C44F20915B8384799874B0F0A69FCEDD1D90CAAED93F8FCE4BB"
Last-Modified: Fri, 30 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15148
Expires: Sat, 31 Dec 2022 09:58:23 GMT
Date: Sat, 31 Dec 2022 05:45:55 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd15a04f2-dfb7-43aa-a68f-a66b09103321.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd15a04f2-dfb7-43aa-a68f-a66b09103321.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7964d022ff14521de4d976a064f85ec2
779f19f138ec6bffc9bc7acccaaf0fb21a472c72
5afd4f020a59512b06fe5ff4e274d5b3a49682a36a0cbe7d2f008e03c524d04f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd15a04f2-dfb7-43aa-a68f-a66b09103321.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10852
x-amzn-requestid: 9857cefa-942d-4dab-b50c-48e5c45ef887
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dy0lKEHAIAMFdaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63aa9aed-7bb36efe1522c84302b926f9;Sampled=0
x-amzn-remapped-date: Tue, 27 Dec 2022 07:12:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VvTDPEelKpzQxIXf5Sj6Encj5FttGhm7_S3oDW5FfVgaU4bVmwjFrw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Dec 2022 14:26:59 GMT
age: 55136
etag: "779f19f138ec6bffc9bc7acccaaf0fb21a472c72"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40dc263f-68b0-4655-93e6-3c506845ba5d.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40dc263f-68b0-4655-93e6-3c506845ba5d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f964589a563304970c0be9354c542fe4
09d7db3bba00ca08d2664e6a73c8d4182d0214cb
abec859403f136b9b18a11511ae6ceda25763983bdaa609b1c693957624070fd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40dc263f-68b0-4655-93e6-3c506845ba5d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7590
x-amzn-requestid: 486ea200-bd0a-471f-ba63-fe950584c1ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dyRRdFimoAMFYLw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63aa626f-414211d02334dccc5cc5a834;Sampled=0
x-amzn-remapped-date: Tue, 27 Dec 2022 03:11:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: HHWitk11eb8u6r3KJER-Al9ToLVB1Ddt2bW1_a9DlXqUmM8oJVnNyA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Dec 2022 07:40:32 GMT
age: 79523
etag: "09d7db3bba00ca08d2664e6a73c8d4182d0214cb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90ce2d9e-60b4-4010-9026-a4f7c9573dfa.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90ce2d9e-60b4-4010-9026-a4f7c9573dfa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a747e4ba9f713788d8d9c13ba12d253
58726a734bd0c049ed38b760c8f235c918ac1dc4
8be489aafe2c6e61bdd234a28d9d9e0de96e9d04549e2c6638a6343112c29f55
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90ce2d9e-60b4-4010-9026-a4f7c9573dfa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9173
x-amzn-requestid: 36af4d98-e328-44ac-abdc-58f8bb3dec9e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d-sLQEh0IAMF5wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63af5a47-6ea74b1133d81bf312e5bdb2;Sampled=0
x-amzn-remapped-date: Fri, 30 Dec 2022 21:38:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 0dYlGS4Z1EAJ9y9W6pepgty5vl1f_GWzXaSSta1EXwdGex-yjjkxiw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Dec 2022 21:47:12 GMT
etag: "58726a734bd0c049ed38b760c8f235c918ac1dc4"
content-type: image/jpeg
age: 28723
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5b6e468-b326-4a07-bba9-a72a27faad13.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5b6e468-b326-4a07-bba9-a72a27faad13.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e2fa24c59bb43fabddf42a52287526fe
e42b083e19343a3b56a9e23cc6c252e7732fc32f
2cda84f01fff3d089f57d72b87a15ce3563b9ab910347dfb6127aa75bf0bda10
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5b6e468-b326-4a07-bba9-a72a27faad13.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7467
x-amzn-requestid: 6325461d-410b-42b4-8d81-035653355e92
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dy1NjEJCoAMFpMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63aa9bf0-6105344224b67fa26f55ff4b;Sampled=0
x-amzn-remapped-date: Tue, 27 Dec 2022 07:17:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dUf2JSN36c3ROEvpSQWE1uAL_MIEoEx8GOIjEfnvQ0qbDPIcTz4TAQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Dec 2022 09:18:26 GMT
age: 73649
etag: "e42b083e19343a3b56a9e23cc6c252e7732fc32f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6e3dd3e-163b-404d-a10f-230f060e85c7.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6e3dd3e-163b-404d-a10f-230f060e85c7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba629c9334582ac5e37a14fceb073b43
54adf501819f973ada947a82bf1d28c7de76ef72
9fd8cbe35dc6051926698405e2d9eac24a903148ac425d6cf314eb77b14fbc76
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6e3dd3e-163b-404d-a10f-230f060e85c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8187
x-amzn-requestid: aaf90c51-50ac-47ca-ae8f-f4afd190b0d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d5fsAEGUoAMF2Bw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ad464c-3f2838fd1d7b16e10f1beb98;Sampled=0
x-amzn-remapped-date: Thu, 29 Dec 2022 07:48:28 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VEipOlCxzx5CSXab3Xcl6vk1pk8qF23HmAbDV34A7uWMIcmFYW0W1g==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Dec 2022 21:47:21 GMT
age: 28714
etag: "54adf501819f973ada947a82bf1d28c7de76ef72"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6c2763-3047-4d8a-adab-82148ff57727.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6c2763-3047-4d8a-adab-82148ff57727.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dc62c3ca8bc387a91c7d4711b5bc2409
7a984b459227e11984faa2539569a90875a58d29
e14a0e22b58fc1f3f392b842573e3abff7b24eb66db6b351046a186acc3b2954
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6c2763-3047-4d8a-adab-82148ff57727.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7660
x-amzn-requestid: 9338abf2-1191-47da-95ff-0a201604fbc2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d-sKCEDhoAMFZ4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63af5a40-433f4ba9780dbc7a485ccbe9;Sampled=0
x-amzn-remapped-date: Fri, 30 Dec 2022 21:38:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: yR6kZT7use-SXKKXM3rRmo56EFDJN9VUcRSlzb0cG7nn_pblH0uL6g==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Dec 2022 21:47:12 GMT
etag: "7a984b459227e11984faa2539569a90875a58d29"
content-type: image/jpeg
age: 28723
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
spar-captcha.click/portal/media/system/33.141.18/js/lib_head.js
185.242.86.251404 Not Found 281 B URL HTTP/1.1 spar-captcha.click/portal/media/system/33.141.18/js/lib_head.js
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9ba08157c649e978e18eba6ad0138194
54366db6a58636ffc4bdff533ed5e32bd94b9044
54054af5cdc1c2c86f998497253b90efd1fea4b2bd3f43606dbe50c1674410a2
Analyzer Verdict Alert fortinet Malware
GET /portal/media/system/33.141.18/js/lib_head.js HTTP/1.1
Host: spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spar-captcha.click/de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8/login/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
Connection: keep-alive
Cookie: bid=5ef3e359f7226011da79f929ec0a19f8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Sat, 31 Dec 2022 05:45:55 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 281
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
spar-captcha.click/portal/media/system/usercentrics/bundle.js
185.242.86.251404 Not Found 281 B URL HTTP/1.1 spar-captcha.click/portal/media/system/usercentrics/bundle.js
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9ba08157c649e978e18eba6ad0138194
54366db6a58636ffc4bdff533ed5e32bd94b9044
54054af5cdc1c2c86f998497253b90efd1fea4b2bd3f43606dbe50c1674410a2
Analyzer Verdict Alert fortinet Malware
GET /portal/media/system/usercentrics/bundle.js HTTP/1.1
Host: spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spar-captcha.click/de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8/login/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
Connection: keep-alive
Cookie: bid=5ef3e359f7226011da79f929ec0a19f8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Sat, 31 Dec 2022 05:45:55 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 281
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
spar-captcha.click/de/com/login/files/jquery.js
185.242.86.251404 Not Found 281 B URL HTTP/1.1 spar-captcha.click/de/com/login/files/jquery.js
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9ba08157c649e978e18eba6ad0138194
54366db6a58636ffc4bdff533ed5e32bd94b9044
54054af5cdc1c2c86f998497253b90efd1fea4b2bd3f43606dbe50c1674410a2
Analyzer Verdict Alert fortinet Malware
GET /de/com/login/files/jquery.js HTTP/1.1
Host: spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spar-captcha.click/de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8/login/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
Connection: keep-alive
Cookie: real=OK; bid=5ef3e359f7226011da79f929ec0a19f8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Sat, 31 Dec 2022 05:45:55 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 281
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
spar-captcha.click/portal/media/system/33.141.18/js/lib_main.js
185.242.86.251404 Not Found 281 B URL HTTP/1.1 spar-captcha.click/portal/media/system/33.141.18/js/lib_main.js
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9ba08157c649e978e18eba6ad0138194
54366db6a58636ffc4bdff533ed5e32bd94b9044
54054af5cdc1c2c86f998497253b90efd1fea4b2bd3f43606dbe50c1674410a2
Analyzer Verdict Alert fortinet Malware
GET /portal/media/system/33.141.18/js/lib_main.js HTTP/1.1
Host: spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spar-captcha.click/de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8/login/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
Connection: keep-alive
Cookie: bid=5ef3e359f7226011da79f929ec0a19f8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Sat, 31 Dec 2022 05:45:55 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 281
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
spar-captcha.click/de/com/login/icons_woff.woff
185.242.86.251404 Not Found 281 B URL HTTP/1.1 spar-captcha.click/de/com/login/icons_woff.woff
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9ba08157c649e978e18eba6ad0138194
54366db6a58636ffc4bdff533ed5e32bd94b9044
54054af5cdc1c2c86f998497253b90efd1fea4b2bd3f43606dbe50c1674410a2
Analyzer Verdict Alert fortinet Malware
GET /de/com/login/icons_woff.woff HTTP/1.1
Host: spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://spar-captcha.click/de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8/login/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
Cookie: real=OK; bid=5ef3e359f7226011da79f929ec0a19f8
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Sat, 31 Dec 2022 05:45:55 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 281
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
spar-captcha.click/portal/media/system/33.141.18/js/lib_cms.js
185.242.86.251404 Not Found 281 B URL HTTP/1.1 spar-captcha.click/portal/media/system/33.141.18/js/lib_cms.js
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9ba08157c649e978e18eba6ad0138194
54366db6a58636ffc4bdff533ed5e32bd94b9044
54054af5cdc1c2c86f998497253b90efd1fea4b2bd3f43606dbe50c1674410a2
Analyzer Verdict Alert fortinet Malware
GET /portal/media/system/33.141.18/js/lib_cms.js HTTP/1.1
Host: spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spar-captcha.click/de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8/login/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
Connection: keep-alive
Cookie: bid=5ef3e359f7226011da79f929ec0a19f8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Sat, 31 Dec 2022 05:45:55 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 281
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
spar-captcha.click/portal/media/system/33.141.18/js/lib_header_login.js
185.242.86.251404 Not Found 281 B URL HTTP/1.1 spar-captcha.click/portal/media/system/33.141.18/js/lib_header_login.js
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9ba08157c649e978e18eba6ad0138194
54366db6a58636ffc4bdff533ed5e32bd94b9044
54054af5cdc1c2c86f998497253b90efd1fea4b2bd3f43606dbe50c1674410a2
Analyzer Verdict Alert fortinet Malware
GET /portal/media/system/33.141.18/js/lib_header_login.js HTTP/1.1
Host: spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spar-captcha.click/de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8/login/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
Connection: keep-alive
Cookie: bid=5ef3e359f7226011da79f929ec0a19f8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Sat, 31 Dec 2022 05:45:55 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 281
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
spar-captcha.click/portal/media/system/33.141.18/js/html5shiv-printshiv.js
185.242.86.251404 Not Found 281 B URL HTTP/1.1 spar-captcha.click/portal/media/system/33.141.18/js/html5shiv-printshiv.js
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9ba08157c649e978e18eba6ad0138194
54366db6a58636ffc4bdff533ed5e32bd94b9044
54054af5cdc1c2c86f998497253b90efd1fea4b2bd3f43606dbe50c1674410a2
Analyzer Verdict Alert fortinet Malware
GET /portal/media/system/33.141.18/js/html5shiv-printshiv.js HTTP/1.1
Host: spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spar-captcha.click/de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8/login/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
Connection: keep-alive
Cookie: bid=5ef3e359f7226011da79f929ec0a19f8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Sat, 31 Dec 2022 05:45:55 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 281
Keep-Alive: timeout=5, max=82
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
spar-captcha.click/portal/media/system/usercentrics/main.js?_c=1633599627568
185.242.86.251404 Not Found 281 B URL HTTP/1.1 spar-captcha.click/portal/media/system/usercentrics/main.js?_c=1633599627568
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9ba08157c649e978e18eba6ad0138194
54366db6a58636ffc4bdff533ed5e32bd94b9044
54054af5cdc1c2c86f998497253b90efd1fea4b2bd3f43606dbe50c1674410a2
GET /portal/media/system/usercentrics/main.js?_c=1633599627568 HTTP/1.1
Host: spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spar-captcha.click/de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8/login/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
Connection: keep-alive
Cookie: bid=5ef3e359f7226011da79f929ec0a19f8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Sat, 31 Dec 2022 05:45:55 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 281
Keep-Alive: timeout=5, max=81
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp2.globalsign.com/rootr3
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/rootr3
IP 104.18.20.226:0
Hash 423cdc1e7cadd1565da48c918ce0c4df
96bc03641c5474f15892e5e8f563de8c99cb44a3
b499fd2d46b27765204c18a9c3167f7fa15f091d267b2250c2b8bfcca0ffe548
POST /rootr3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 81
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 31 Dec 2022 05:45:56 GMT
Content-Type: application/ocsp-response
Content-Length: 1434
Connection: keep-alive
Expires: Wed, 04 Jan 2023 03:04:13 GMT
ETag: "96bc03641c5474f15892e5e8f563de8c99cb44a3"
Last-Modified: Sat, 31 Dec 2022 03:04:14 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2306
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7820b63d1ba4b4f4-OSL
spar-captcha.click/de/com/home.php?pl=token&link=Commerzbank&bid=5ef3e359f7226011da79f929ec0a19f8&callback=jQuery32101639503811031301_1672465548811&data=%7B%22mes%22%3A%22User%20on%20login%20page%22%7D&_=1672465548812
185.242.86.251200 OK 0 B URL HTTP/1.1 spar-captcha.click/de/com/home.php?pl=token&link=Commerzbank&bid=5ef3e359f7226011da79f929ec0a19f8&callback=jQuery32101639503811031301_1672465548811&data=%7B%22mes%22%3A%22User%20on%20login%20page%22%7D&_=1672465548812
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /de/com/home.php?pl=token&link=Commerzbank&bid=5ef3e359f7226011da79f929ec0a19f8&callback=jQuery32101639503811031301_1672465548811&data=%7B%22mes%22%3A%22User%20on%20login%20page%22%7D&_=1672465548812 HTTP/1.1
Host: spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spar-captcha.click/de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8/login/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Cookie: real=OK; bid=5ef3e359f7226011da79f929ec0a19f8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 31 Dec 2022 05:45:55 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 0
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/json
spar-captcha.click/de/com/home.php?pl=token&link=Commerzbank&bid=5ef3e359f7226011da79f929ec0a19f8&callback=jQuery32101639503811031301_1672465548809&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1672465548810
185.242.86.251200 OK 0 B URL HTTP/1.1 spar-captcha.click/de/com/home.php?pl=token&link=Commerzbank&bid=5ef3e359f7226011da79f929ec0a19f8&callback=jQuery32101639503811031301_1672465548809&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1672465548810
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /de/com/home.php?pl=token&link=Commerzbank&bid=5ef3e359f7226011da79f929ec0a19f8&callback=jQuery32101639503811031301_1672465548809&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1672465548810 HTTP/1.1
Host: spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spar-captcha.click/de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8/login/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Cookie: real=OK; bid=5ef3e359f7226011da79f929ec0a19f8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 31 Dec 2022 05:45:55 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 0
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/json
spar-captcha.click/de/com/login/form/newloader.gif
185.242.86.251200 OK 557 kB URL HTTP/1.1 spar-captcha.click/de/com/login/form/newloader.gif
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type GIF image data, version 89a, 480 x 480\012- data
Size 557 kB (557122 bytes)
Hash ef8d4e6b20b0cf0d68713fb2f6069042
d62bb4b1a169c88879de3bd2f5c4292b6259a952
32bfc673211421c1a5a33acc98291840183582f11d15490954b42a81d79d4630
GET /de/com/login/form/newloader.gif HTTP/1.1
Host: spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spar-captcha.click/de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8/login/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
Connection: keep-alive
Cookie: real=OK; bid=5ef3e359f7226011da79f929ec0a19f8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 31 Dec 2022 05:45:55 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 25 Jun 2021 06:45:18 GMT
ETag: "88042-5c5917b975b80"
Accept-Ranges: bytes
Content-Length: 557122
Keep-Alive: timeout=5, max=80
Connection: Keep-Alive
Content-Type: image/gif
ocsp2.globalsign.com/gsextendvalsha2g3r3
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsextendvalsha2g3r3
IP 104.18.20.226:0
Hash d7d0618090f1e5876bf5267f803c03a5
2bcc8a2525e6f15ae4af9604bee5717d83daa4da
ae5176360e7438d133c7b893f82f16650186caf164fb1ff83f7d06a3fe7db0c4
POST /gsextendvalsha2g3r3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 31 Dec 2022 05:45:56 GMT
Content-Type: application/ocsp-response
Content-Length: 1444
Connection: keep-alive
Expires: Wed, 04 Jan 2023 04:49:47 GMT
ETag: "2bcc8a2525e6f15ae4af9604bee5717d83daa4da"
Last-Modified: Sat, 31 Dec 2022 04:49:48 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7820b63d2bb1b4f4-OSL
spar-captcha.click/de/com/login/files/favicon.ico
185.242.86.251404 Not Found 281 B URL HTTP/1.1 spar-captcha.click/de/com/login/files/favicon.ico
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9ba08157c649e978e18eba6ad0138194
54366db6a58636ffc4bdff533ed5e32bd94b9044
54054af5cdc1c2c86f998497253b90efd1fea4b2bd3f43606dbe50c1674410a2
GET /de/com/login/files/favicon.ico HTTP/1.1
Host: spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spar-captcha.click/de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8/login/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
Connection: keep-alive
Cookie: real=OK; bid=5ef3e359f7226011da79f929ec0a19f8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Sat, 31 Dec 2022 05:45:56 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 281
Keep-Alive: timeout=5, max=79
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
spar-captcha.click/de/com/login/files/app_icon.png
185.242.86.251404 Not Found 281 B URL HTTP/1.1 spar-captcha.click/de/com/login/files/app_icon.png
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9ba08157c649e978e18eba6ad0138194
54366db6a58636ffc4bdff533ed5e32bd94b9044
54054af5cdc1c2c86f998497253b90efd1fea4b2bd3f43606dbe50c1674410a2
GET /de/com/login/files/app_icon.png HTTP/1.1
Host: spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spar-captcha.click/de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8/login/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
Connection: keep-alive
Cookie: real=OK; bid=5ef3e359f7226011da79f929ec0a19f8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Sat, 31 Dec 2022 05:45:56 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 281
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.google-analytics.com/analytics.js
142.250.74.14200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://spar-captcha.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 31 Dec 2022 05:34:02 GMT
expires: Sat, 31 Dec 2022 07:34:02 GMT
cache-control: public, max-age=7200
age: 714
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsextendvalsha2g3r3
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsextendvalsha2g3r3
IP 104.18.20.226:0
Hash c637d210095b558673d96322e5a3bb9a
6e37934d1a4ccd4098c2db8f1ec6c126de89273e
a77b74da122d72bbb45942b1b214274457fc95e1833cf2d99d082e09caed0f9f
POST /gsextendvalsha2g3r3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 31 Dec 2022 05:45:56 GMT
Content-Type: application/ocsp-response
Content-Length: 1444
Connection: keep-alive
Expires: Wed, 04 Jan 2023 02:09:56 GMT
ETag: "6e37934d1a4ccd4098c2db8f1ec6c126de89273e"
Last-Modified: Sat, 31 Dec 2022 02:09:57 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7820b63de9170b41-OSL
www.commerzbank.de/portal/media/system/usercentrics/cdcs-iframe-index.html?_fs=kunden
212.149.50.185200 859 B URL HTTP/1.1 www.commerzbank.de/portal/media/system/usercentrics/cdcs-iframe-index.html?_fs=kunden
IP 212.149.50.185:0
ASN #16365 Commerzbank Aktiengesellschaft
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 7314f4869f09f64e1a7bc3cb280b0011
557d2ddf07532f53268b565bdf2c5585d63dc5b3
d4896542683d65fa7992abace6068057ce7b68229d6c71c74c64700a302721c6
GET /portal/media/system/usercentrics/cdcs-iframe-index.html?_fs=kunden HTTP/1.1
Host: www.commerzbank.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spar-captcha.click/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Date: Sat, 31 Dec 2022 05:45:56 GMT
Server: Apache
cache-control: private
etag: "-1783573157-gzip"
expires: Sat, 31 Dec 2022 05:50:56 GMT
last-modified: Mon, 21 Nov 2022 05:22:58 GMT
x-ua-compatible: IE=edge,chrome=1
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
com-coba-cif-csrf-protection: 0ef2c99cdf7ca6b5ab3e0973567cf883bf3885d4ec2d2cf57e990da85368c3b8
content-type: text/html;charset=UTF-8
content-language: en-US
strict-transport-security: max-age=31536000
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 859
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
ocsp2.globalsign.com/gsextendvalsha2g3r3
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsextendvalsha2g3r3
IP 104.18.20.226:0
Hash c637d210095b558673d96322e5a3bb9a
6e37934d1a4ccd4098c2db8f1ec6c126de89273e
a77b74da122d72bbb45942b1b214274457fc95e1833cf2d99d082e09caed0f9f
POST /gsextendvalsha2g3r3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 31 Dec 2022 05:45:56 GMT
Content-Type: application/ocsp-response
Content-Length: 1444
Connection: keep-alive
Expires: Wed, 04 Jan 2023 02:09:56 GMT
ETag: "6e37934d1a4ccd4098c2db8f1ec6c126de89273e"
Last-Modified: Sat, 31 Dec 2022 02:09:57 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7820b63dfd211c0a-OSL
kunden.commerzbank.de/portal/media/system/images/bg_metanav_gif.gif
212.149.50.15200 OK 1.1 kB URL HTTP/1.1 kunden.commerzbank.de/portal/media/system/images/bg_metanav_gif.gif
IP 212.149.50.15:0
ASN #16365 Commerzbank Aktiengesellschaft
File type GIF image data, version 89a, 1 x 61\012- data
Hash 28e2af3a5d79cebdadbeed1fac34043b
b9da0fb8ade838ff42e1a017305b235827114a25
ae247f0ee2d331e7f89a54b2d683589de735b83bda69b00b29bf728e1cc31e75
GET /portal/media/system/images/bg_metanav_gif.gif HTTP/1.1
Host: kunden.commerzbank.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://spar-captcha.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 31 Dec 2022 05:45:56 GMT
Server: Apache
etag: "-2129675650"
expires: Sat, 31 Dec 2022 05:33:00 GMT
last-modified: Mon, 21 Nov 2022 05:17:44 GMT
content-language: de
content-length: 1124
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
com-coba-cif-csrf-protection: 7365ecc6540bbe66393a3d10b49d27dcdfa59451c26bfca28128998b41b94d11
strict-transport-security: max-age=31536000
Age: 143
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: image/gif
www.commerzbank.de/portal/media/system/usercentrics/cdcs.js
212.149.50.185200 OK 1.7 kB URL HTTP/1.1 www.commerzbank.de/portal/media/system/usercentrics/cdcs.js
IP 212.149.50.185:0
ASN #16365 Commerzbank Aktiengesellschaft
File type ASCII text, with very long lines (4327), with no line terminators
Hash feb92f8c0a0dcb5c9e85c29b8253bf8a
ef6e80bd8f24603391021031d87d77b0ebf5462b
c64c0472a9cdc95814552d9bb1a8a072bcfd9b5ea84b2ed8d3f0edae0aac6f87
GET /portal/media/system/usercentrics/cdcs.js HTTP/1.1
Host: www.commerzbank.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.commerzbank.de/portal/media/system/usercentrics/cdcs-iframe-index.html?_fs=kunden
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 31 Dec 2022 05:45:56 GMT
Server: Apache
etag: "-221108930-gzip"
expires: Sat, 31 Dec 2022 05:50:15 GMT
last-modified: Mon, 21 Nov 2022 05:17:57 GMT
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
com-coba-cif-csrf-protection: b75eb687c5246055b0825235c738e74644b26a012a1384c939b3048effe09447
content-language: de
strict-transport-security: max-age=31536000
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1675
Age: 41
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: application/javascript;charset=UTF-8
spar-captcha.click/de/com/home.php?pl=token&link=Commerzbank&bid=5ef3e359f7226011da79f929ec0a19f8&callback=jQuery32101639503811031301_1672465548809&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1672465548813
185.242.86.251200 OK 0 B URL HTTP/1.1 spar-captcha.click/de/com/home.php?pl=token&link=Commerzbank&bid=5ef3e359f7226011da79f929ec0a19f8&callback=jQuery32101639503811031301_1672465548809&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1672465548813
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /de/com/home.php?pl=token&link=Commerzbank&bid=5ef3e359f7226011da79f929ec0a19f8&callback=jQuery32101639503811031301_1672465548809&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1672465548813 HTTP/1.1
Host: spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://spar-captcha.click/de/com/a1b2c3/5ef3e359f7226011da79f929ec0a19f8/login/?index=24147&feeder=69d256a7765f603a822e676a4d05b527159f7e7f
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Cookie: real=OK; bid=5ef3e359f7226011da79f929ec0a19f8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 31 Dec 2022 05:46:00 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 0
Keep-Alive: timeout=5, max=78
Connection: Keep-Alive
Content-Type: application/json
kunden.commerzbank.de/portal/media/system/fonts/icons_ttf.ttf
212.149.50.15200 0 B URL HTTP/1.1 kunden.commerzbank.de/portal/media/system/fonts/icons_ttf.ttf
IP 212.149.50.15:0
ASN #16365 Commerzbank Aktiengesellschaft
GET /portal/media/system/fonts/icons_ttf.ttf HTTP/1.1
Host: kunden.commerzbank.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://spar-captcha.click
Connection: keep-alive
Referer: https://spar-captcha.click/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Date: Sat, 31 Dec 2022 05:45:56 GMT
Server: Apache
cache-control: private
etag: "-319645690-gzip"
expires: Sat, 31 Dec 2022 05:50:56 GMT
last-modified: Mon, 21 Nov 2022 05:17:38 GMT
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
com-coba-cif-csrf-protection: 3fba36f00cf4dfe1f212fe88a16f4d365ec75063f6c71810b10753b40f1831f8
content-type: font/ttf;charset=ISO-8859-1
content-language: en-US
strict-transport-security: max-age=31536000
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked