www.spar-captcha.click/de/com/
185.242.86.251302 Found 0 B URL HTTP/1.1 www.spar-captcha.click/de/com/
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Commerzbank AG
fortinet Malware
GET /de/com/ HTTP/1.1
Host: www.spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Sun, 01 Jan 2023 17:59:12 GMT
Server: Apache/2.4.41 (Ubuntu)
Location: white.php?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d3098a490e8d38d4150d961624aa7b64
6ecbca59302d0ac5436f1723137d42523f629ea1
158e277ba0220577b59b15e4017b6c27f59295bcd7e5d0e52d027dc7c4309f0b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "158E277BA0220577B59B15E4017B6C27F59295BCD7E5D0E52D027DC7C4309F0B"
Last-Modified: Fri, 30 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9040
Expires: Sun, 01 Jan 2023 20:29:52 GMT
Date: Sun, 01 Jan 2023 17:59:12 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 0e93d32de9bcebd3483b40a8fed30718
7e1fe5db1f08b75a079780717e4f18ad76767212
4f0aaacfefd27c89225a1a0d2fbe778ec4f3369b5e4e1599255bf12866196cd4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4F0AAACFEFD27C89225A1A0D2FBE778EC4F3369B5E4E1599255BF12866196CD4"
Last-Modified: Fri, 30 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12972
Expires: Sun, 01 Jan 2023 21:35:24 GMT
Date: Sun, 01 Jan 2023 17:59:12 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 01 Jan 2023 17:47:18 GMT
content-type: application/json
age: 714
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 3b0a4b7e28ad3a91135d52c7457790b5
075f22ab45d169766252467ae44903250e480f9b
312744aeb6fcc4296025205bc70c40316dd3c8a4b626669ac43e32c33104473a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "312744AEB6FCC4296025205BC70C40316DD3C8A4B626669AC43E32C33104473A"
Last-Modified: Sat, 31 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6336
Expires: Sun, 01 Jan 2023 19:44:48 GMT
Date: Sun, 01 Jan 2023 17:59:12 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: qArp66Ab10SVik44HN4KlBAMABYgswHapx+Tss2HK1ZZ7enr78ze5T52QTcXE6w1fyimSYamzMU=
x-amz-request-id: EXYQGP8WMZHAXE0G
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 01 Jan 2023 17:00:09 GMT
age: 3543
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 01 Jan 2023 17:59:12 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.spar-captcha.click/de/com/white.php?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
185.242.86.251200 OK 499 B URL HTTP/1.1 www.spar-captcha.click/de/com/white.php?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 991d9a2ef0aa45266a7dc3a0ce82c55e
91ab3b25c357ac00cdc6aa49c46700589de07f41
7b2ca70cce21002db22e05e15fb0ff650586d01c8e6dae9bee292656841b0bfe
GET /de/com/white.php?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443 HTTP/1.1
Host: www.spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 01 Jan 2023 17:59:12 GMT
Server: Apache/2.4.41 (Ubuntu)
Set-Cookie: real=OK
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 499
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
www.spar-captcha.click/favicon.ico
185.242.86.251404 Not Found 284 B URL HTTP/1.1 www.spar-captcha.click/favicon.ico
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e65b179c48c750f62d3dc23e4f13b7ec
e96b56e6092d5f7a7e37f3937b68842f31348dc1
948c669bec5b935be06fd02f8ae63a0228e340f93655228af4b0c2ecd6ffa84e
GET /favicon.ico HTTP/1.1
Host: www.spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.spar-captcha.click/de/com/white.php?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
HTTP/1.1 404 Not Found
Date: Sun, 01 Jan 2023 17:59:12 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 284
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Alert, ETag, Content-Type, Last-Modified, Cache-Control, Expires, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 01 Jan 2023 17:08:11 GMT
age: 3062
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e2a99db6956684dc306ada584f1907d8
21c3fc85b00308907c1cffcb36b1ba1a4617f613
cf568c4a26fb352228e849b18fbca0f6fd3b3a89055cd5f4fc0cdd11f9b9733e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2135
Cache-Control: max-age=142991
Content-Type: application/ocsp-response
Date: Sun, 01 Jan 2023 17:59:13 GMT
Etag: "63b14d29-1d7"
Expires: Tue, 03 Jan 2023 09:42:24 GMT
Last-Modified: Sun, 01 Jan 2023 09:06:49 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.165.41.15101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.165.41.15:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Oio7K/L40Z2tCbprg5tThw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QhXEdEI0NWPHBbFYD7Ux1aqIYrM=
www.spar-captcha.click/de/com/a1b2c3/298ced858dd47b3de39578853138dffc?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
185.242.86.251301 Moved Permanently 436 B URL HTTP/1.1 www.spar-captcha.click/de/com/a1b2c3/298ced858dd47b3de39578853138dffc?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 4eb98bde40c6fa22fcb68e2575d541f9
95615e79efd1fc3c2003b5ab07186473a873b771
6bd0869b485c9df2e76c190e024b37130aa8677e318fa765b154aa6ae27d868a
GET /de/com/a1b2c3/298ced858dd47b3de39578853138dffc?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443 HTTP/1.1
Host: www.spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.spar-captcha.click/de/com/white.php?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
Cookie: real=OK
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 01 Jan 2023 17:59:13 GMT
Server: Apache/2.4.41 (Ubuntu)
Location: http://www.spar-captcha.click/de/com/a1b2c3/298ced858dd47b3de39578853138dffc/?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
Content-Length: 436
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.spar-captcha.click/de/com/a1b2c3/298ced858dd47b3de39578853138dffc/?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
185.242.86.251302 Found 0 B URL HTTP/1.1 www.spar-captcha.click/de/com/a1b2c3/298ced858dd47b3de39578853138dffc/?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /de/com/a1b2c3/298ced858dd47b3de39578853138dffc/?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443 HTTP/1.1
Host: www.spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.spar-captcha.click/de/com/white.php?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
Connection: keep-alive
Cookie: real=OK
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Sun, 01 Jan 2023 17:59:13 GMT
Server: Apache/2.4.41 (Ubuntu)
Set-Cookie: bid=298ced858dd47b3de39578853138dffc; expires=Tue, 31-Jan-2023 17:59:13 GMT; Max-Age=2592000; path=/
location: login/?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
Content-Length: 0
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
www.googletagmanager.com/gtm.js?id=GTM-PMKT8F
142.250.74.40302 Found 250 B URL HTTP/1.1 www.googletagmanager.com/gtm.js?id=GTM-PMKT8F
IP 142.250.74.40:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 2c81d50b78438abd8f859e36fb38e53c
2312dbadd72d65b4aa5ca21066b6ea11307b5b14
1cec0cc8ad5458200c4469259d49a84b7d6a0e8ebab2f87e1e4ce3b7df27f041
GET /gtm.js?id=GTM-PMKT8F HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.spar-captcha.click/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtm.js?id=GTM-PMKT8F
Cross-Origin-Resource-Policy: cross-origin
Date: Sun, 01 Jan 2023 17:59:14 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 250
X-XSS-Protection: 0
www.spar-captcha.click/de/com/bower_components/ua-parser-js/dist/ua-parser.min.js
185.242.86.251200 OK 6.1 kB URL HTTP/1.1 www.spar-captcha.click/de/com/bower_components/ua-parser-js/dist/ua-parser.min.js
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type Unicode text, UTF-8 text, with very long lines (16817)
Hash 14da93cff6d49885bf214d2503f614db
04d64d738cd0fd2b4eee3b8abc5326dfda3f1dea
49e584e9a0aee55b81771b9e010ccf1da6278da03fb8ddba07ef7a1f0a126732
Analyzer Verdict Alert fortinet Malware
GET /de/com/bower_components/ua-parser-js/dist/ua-parser.min.js HTTP/1.1
Host: www.spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.spar-captcha.click/de/com/a1b2c3/298ced858dd47b3de39578853138dffc/login/?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
Cookie: real=OK; bid=298ced858dd47b3de39578853138dffc
HTTP/1.1 200 OK
Date: Sun, 01 Jan 2023 17:59:14 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 25 Jun 2021 06:46:16 GMT
ETag: "4298-5c5917f0c5e00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6063
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
www.spar-captcha.click/de/com/core/token/core_token.js
185.242.86.251200 OK 1.6 kB URL HTTP/1.1 www.spar-captcha.click/de/com/core/token/core_token.js
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
Hash 80faf96a3c6c8afb406d516a8973b46f
63aabfa350b855a882b1a3cbd7f42b598fb71256
5f5316de547f2f7313ded4bf6faf911faf41255517597ab3e74cc2632c6096d1
Analyzer Verdict Alert fortinet Malware
GET /de/com/core/token/core_token.js HTTP/1.1
Host: www.spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.spar-captcha.click/de/com/a1b2c3/298ced858dd47b3de39578853138dffc/login/?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
Cookie: real=OK; bid=298ced858dd47b3de39578853138dffc
HTTP/1.1 200 OK
Date: Sun, 01 Jan 2023 17:59:14 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 25 Jun 2021 06:45:48 GMT
ETag: "36c8-5c5917d611f00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1582
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
www.spar-captcha.click/de/com/core/form/core_form.js
185.242.86.251200 OK 7.7 kB URL HTTP/1.1 www.spar-captcha.click/de/com/core/form/core_form.js
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type ASCII text, with very long lines (4177)
Hash 81228f9c328026b74bc05eb1b68bdd85
9485dbd43fc2661dcee83de777a70542fcb871c9
844bf2b94b236c89977a55adec770dc0de31fa05cf67cc944e6d8f165ca344a7
Analyzer Verdict Alert fortinet Malware
GET /de/com/core/form/core_form.js HTTP/1.1
Host: www.spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.spar-captcha.click/de/com/a1b2c3/298ced858dd47b3de39578853138dffc/login/?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
Cookie: real=OK; bid=298ced858dd47b3de39578853138dffc
HTTP/1.1 200 OK
Date: Sun, 01 Jan 2023 17:59:14 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 19 Sep 2022 19:10:50 GMT
ETag: "5405-5e90c7841a280-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7670
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
www.spar-captcha.click/de/com/bower_components/font-awesome/css/font-awesome.min.css
185.242.86.251200 OK 7.1 kB URL HTTP/1.1 www.spar-captcha.click/de/com/bower_components/font-awesome/css/font-awesome.min.css
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type ASCII text, with very long lines (30837)
Hash 52f1a8a2ce85fa8432308b33bc1a2e79
fd80917af5371c8ecad0198592a1e7cce4b77b0e
07bd6a9ea0213e20f362485aadc17a88c486ecfb394004b41b8b38db6e6a35f6
GET /de/com/bower_components/font-awesome/css/font-awesome.min.css HTTP/1.1
Host: www.spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.spar-captcha.click/de/com/a1b2c3/298ced858dd47b3de39578853138dffc/login/?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
Cookie: real=OK; bid=298ced858dd47b3de39578853138dffc
HTTP/1.1 200 OK
Date: Sun, 01 Jan 2023 17:59:14 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 25 Jun 2021 06:46:18 GMT
ETag: "7918-5c5917f2ae280-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7053
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 013c85e86eac3e14a23da01d95c76be4
2a5eb994793c91b20930114d4ab82cd63a8ad602
89917b5963e8403ce7669fe867a62fbcfb286eb812fff36702899de8c2320edf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 01 Jan 2023 17:59:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.spar-captcha.click/de/com/bower_components/jquery/dist/jquery.min.js
185.242.86.251200 OK 30 kB URL HTTP/1.1 www.spar-captcha.click/de/com/bower_components/jquery/dist/jquery.min.js
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type ASCII text, with very long lines (32058)
Hash 3430607b4301113ad9394c9260eef3f0
8c4db68b161b17e31be300e968a30ab0116b3193
31e4d11375322cd6f94dba7338570426f2412d6c5fa670427966d45c3648098c
Analyzer Verdict Alert fortinet Malware
GET /de/com/bower_components/jquery/dist/jquery.min.js HTTP/1.1
Host: www.spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.spar-captcha.click/de/com/a1b2c3/298ced858dd47b3de39578853138dffc/login/?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
Cookie: real=OK; bid=298ced858dd47b3de39578853138dffc
HTTP/1.1 200 OK
Date: Sun, 01 Jan 2023 17:59:14 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 25 Jun 2021 06:46:18 GMT
ETag: "15283-5c5917f2ae280-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 30138
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
www.spar-captcha.click/de/com/a1b2c3/298ced858dd47b3de39578853138dffc/login/?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
185.242.86.251200 OK 316 kB URL HTTP/1.1 www.spar-captcha.click/de/com/a1b2c3/298ced858dd47b3de39578853138dffc/login/?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ISO-8859 text, with very long lines (49217)
Size 316 kB (315786 bytes)
Hash 2f7dec3c4e6edfb95b7a5130b90fd6ef
3264a2e8d75890a5014c22d6dc9f90d79b384a31
7226b7f5d5f240e60b717a6c2cea171812501e6e9aa99f556dfc00bc0a119a8e
GET /de/com/a1b2c3/298ced858dd47b3de39578853138dffc/login/?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443 HTTP/1.1
Host: www.spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.spar-captcha.click/de/com/white.php?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
Connection: keep-alive
Cookie: real=OK; bid=298ced858dd47b3de39578853138dffc
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 01 Jan 2023 17:59:13 GMT
Server: Apache/2.4.41 (Ubuntu)
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
www.spar-captcha.click/de/com/login/form/css.css
185.242.86.251200 OK 112 B URL HTTP/1.1 www.spar-captcha.click/de/com/login/form/css.css
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
Hash d6c9aa671f226dd6ae1fee66ae397547
79f45d4575e11268a3c8c9d14313e722f7388f38
fed843423628dbf3d60c7131aa8d5d50c0302caf03c09460cdc7b4521ee78556
GET /de/com/login/form/css.css HTTP/1.1
Host: www.spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.spar-captcha.click/de/com/a1b2c3/298ced858dd47b3de39578853138dffc/login/?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
Cookie: real=OK; bid=298ced858dd47b3de39578853138dffc
HTTP/1.1 200 OK
Date: Sun, 01 Jan 2023 17:59:14 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 25 Jun 2021 06:45:18 GMT
ETag: "9d-5c5917b975b80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 112
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.spar-captcha.click/de/com/core/form/core_form.css
185.242.86.251200 OK 689 B URL HTTP/1.1 www.spar-captcha.click/de/com/core/form/core_form.css
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
Hash 8883742b326da993d886f85d9e010dda
4ffb09dd1a71bb3097f1e38b9cbbb74978f7952f
e85e28f5cef69cda476f9ab3ae4cc0895284fb0b64453bae5c24123a53ce10ea
GET /de/com/core/form/core_form.css HTTP/1.1
Host: www.spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.spar-captcha.click/de/com/a1b2c3/298ced858dd47b3de39578853138dffc/login/?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
Cookie: real=OK; bid=298ced858dd47b3de39578853138dffc
HTTP/1.1 200 OK
Date: Sun, 01 Jan 2023 17:59:14 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Mon, 19 Sep 2022 19:31:40 GMT
ETag: "adc-5e90cc2c31f00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 689
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.spar-captcha.click/de/com/login/Web-Banking-Unauthenticated.css
185.242.86.251200 OK 132 B URL HTTP/1.1 www.spar-captcha.click/de/com/login/Web-Banking-Unauthenticated.css
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
Hash 13c23c231214868cad8d6fb728b9e976
5c3a5dc3b75b0cdea19d9e881e6e920cd61ab9a7
991749d8f8a1e7cdf207437edae84078db3c96b1a758e091c8386b396374eb2d
GET /de/com/login/Web-Banking-Unauthenticated.css HTTP/1.1
Host: www.spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.spar-captcha.click/de/com/a1b2c3/298ced858dd47b3de39578853138dffc/login/?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
Cookie: real=OK; bid=298ced858dd47b3de39578853138dffc
HTTP/1.1 200 OK
Date: Sun, 01 Jan 2023 17:59:14 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 25 Jun 2021 06:45:14 GMT
ETag: "7c-5c5917b5a5280-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 132
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.spar-captcha.click/portal/media/system/usercentrics/main.js?_c=1633599627568
185.242.86.251404 Not Found 284 B URL HTTP/1.1 www.spar-captcha.click/portal/media/system/usercentrics/main.js?_c=1633599627568
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e65b179c48c750f62d3dc23e4f13b7ec
e96b56e6092d5f7a7e37f3937b68842f31348dc1
948c669bec5b935be06fd02f8ae63a0228e340f93655228af4b0c2ecd6ffa84e
Analyzer Verdict Alert fortinet Phishing
GET /portal/media/system/usercentrics/main.js?_c=1633599627568 HTTP/1.1
Host: www.spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.spar-captcha.click/de/com/a1b2c3/298ced858dd47b3de39578853138dffc/login/?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
Cookie: bid=298ced858dd47b3de39578853138dffc
HTTP/1.1 404 Not Found
Date: Sun, 01 Jan 2023 17:59:14 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 284
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.googletagmanager.com/gtm.js?id=GTM-PMKT8F
142.250.74.40200 OK 94 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PMKT8F
IP 142.250.74.40:0
File type Unicode text, UTF-8 text, with very long lines (45950)
Hash e8be31c0d1021d218252924ab8d94e18
81186e0386dced95b8c74dc0f33ebc22acaa670b
87f012ef1eddb3847c577bc85afb7c1756070fc122e89ce1c2dc4828b36172f9
GET /gtm.js?id=GTM-PMKT8F HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.spar-captcha.click/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 01 Jan 2023 17:59:14 GMT
expires: Sun, 01 Jan 2023 17:59:14 GMT
cache-control: private, max-age=900
last-modified: Sun, 01 Jan 2023 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 94117
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.spar-captcha.click/de/com/login/files/main.css
185.242.86.251404 Not Found 284 B URL HTTP/1.1 www.spar-captcha.click/de/com/login/files/main.css
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e65b179c48c750f62d3dc23e4f13b7ec
e96b56e6092d5f7a7e37f3937b68842f31348dc1
948c669bec5b935be06fd02f8ae63a0228e340f93655228af4b0c2ecd6ffa84e
GET /de/com/login/files/main.css HTTP/1.1
Host: www.spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.spar-captcha.click/de/com/a1b2c3/298ced858dd47b3de39578853138dffc/login/?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
Connection: keep-alive
Cookie: real=OK; bid=298ced858dd47b3de39578853138dffc
HTTP/1.1 404 Not Found
Date: Sun, 01 Jan 2023 17:59:14 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 284
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.spar-captcha.click/de/com/login/files/cms.css
185.242.86.251404 Not Found 284 B URL HTTP/1.1 www.spar-captcha.click/de/com/login/files/cms.css
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e65b179c48c750f62d3dc23e4f13b7ec
e96b56e6092d5f7a7e37f3937b68842f31348dc1
948c669bec5b935be06fd02f8ae63a0228e340f93655228af4b0c2ecd6ffa84e
GET /de/com/login/files/cms.css HTTP/1.1
Host: www.spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.spar-captcha.click/de/com/a1b2c3/298ced858dd47b3de39578853138dffc/login/?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
Connection: keep-alive
Cookie: real=OK; bid=298ced858dd47b3de39578853138dffc
HTTP/1.1 404 Not Found
Date: Sun, 01 Jan 2023 17:59:14 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 284
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.spar-captcha.click/de/com/login/files/header_login.css
185.242.86.251404 Not Found 284 B URL HTTP/1.1 www.spar-captcha.click/de/com/login/files/header_login.css
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e65b179c48c750f62d3dc23e4f13b7ec
e96b56e6092d5f7a7e37f3937b68842f31348dc1
948c669bec5b935be06fd02f8ae63a0228e340f93655228af4b0c2ecd6ffa84e
GET /de/com/login/files/header_login.css HTTP/1.1
Host: www.spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.spar-captcha.click/de/com/a1b2c3/298ced858dd47b3de39578853138dffc/login/?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
Connection: keep-alive
Cookie: real=OK; bid=298ced858dd47b3de39578853138dffc
HTTP/1.1 404 Not Found
Date: Sun, 01 Jan 2023 17:59:14 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 284
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.spar-captcha.click/portal/media/system/33.141.18/js/jquery_1_12_4.js
185.242.86.251404 Not Found 284 B URL HTTP/1.1 www.spar-captcha.click/portal/media/system/33.141.18/js/jquery_1_12_4.js
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e65b179c48c750f62d3dc23e4f13b7ec
e96b56e6092d5f7a7e37f3937b68842f31348dc1
948c669bec5b935be06fd02f8ae63a0228e340f93655228af4b0c2ecd6ffa84e
Analyzer Verdict Alert fortinet Phishing
GET /portal/media/system/33.141.18/js/jquery_1_12_4.js HTTP/1.1
Host: www.spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.spar-captcha.click/de/com/a1b2c3/298ced858dd47b3de39578853138dffc/login/?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
Connection: keep-alive
Cookie: bid=298ced858dd47b3de39578853138dffc
HTTP/1.1 404 Not Found
Date: Sun, 01 Jan 2023 17:59:14 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 284
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.spar-captcha.click/portal/media/system/33.141.18/js/jquery_ui_1_12_1.js
185.242.86.251404 Not Found 284 B URL HTTP/1.1 www.spar-captcha.click/portal/media/system/33.141.18/js/jquery_ui_1_12_1.js
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e65b179c48c750f62d3dc23e4f13b7ec
e96b56e6092d5f7a7e37f3937b68842f31348dc1
948c669bec5b935be06fd02f8ae63a0228e340f93655228af4b0c2ecd6ffa84e
Analyzer Verdict Alert fortinet Phishing
GET /portal/media/system/33.141.18/js/jquery_ui_1_12_1.js HTTP/1.1
Host: www.spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.spar-captcha.click/de/com/a1b2c3/298ced858dd47b3de39578853138dffc/login/?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
Connection: keep-alive
Cookie: bid=298ced858dd47b3de39578853138dffc
HTTP/1.1 404 Not Found
Date: Sun, 01 Jan 2023 17:59:14 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 284
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.spar-captcha.click/de/com/bower_components/angular/angular.min.js
185.242.86.251200 OK 59 kB URL HTTP/1.1 www.spar-captcha.click/de/com/bower_components/angular/angular.min.js
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type ASCII text, with very long lines (552)
Hash ef8273bb5f21cf02cdb9ccd56513e7c1
0de400b680cfc9a05f3d182ea010b4ecb6166f7a
369f26576626b7705342e67ae37363858a5655c66755ddff450054dfe9c70bc4
Analyzer Verdict Alert fortinet Malware
GET /de/com/bower_components/angular/angular.min.js HTTP/1.1
Host: www.spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.spar-captcha.click/de/com/a1b2c3/298ced858dd47b3de39578853138dffc/login/?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
Cookie: real=OK; bid=298ced858dd47b3de39578853138dffc
HTTP/1.1 200 OK
Date: Sun, 01 Jan 2023 17:59:14 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 25 Jun 2021 06:46:16 GMT
ETag: "2937c-5c5917f0c5e00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
www.spar-captcha.click/portal/media/system/33.141.18/js/lib_head.js
185.242.86.251404 Not Found 284 B URL HTTP/1.1 www.spar-captcha.click/portal/media/system/33.141.18/js/lib_head.js
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e65b179c48c750f62d3dc23e4f13b7ec
e96b56e6092d5f7a7e37f3937b68842f31348dc1
948c669bec5b935be06fd02f8ae63a0228e340f93655228af4b0c2ecd6ffa84e
Analyzer Verdict Alert fortinet Phishing
GET /portal/media/system/33.141.18/js/lib_head.js HTTP/1.1
Host: www.spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.spar-captcha.click/de/com/a1b2c3/298ced858dd47b3de39578853138dffc/login/?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
Connection: keep-alive
Cookie: bid=298ced858dd47b3de39578853138dffc
HTTP/1.1 404 Not Found
Date: Sun, 01 Jan 2023 17:59:14 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 284
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.spar-captcha.click/portal/media/system/33.141.18/js/lib_main.js
185.242.86.251404 Not Found 284 B URL HTTP/1.1 www.spar-captcha.click/portal/media/system/33.141.18/js/lib_main.js
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e65b179c48c750f62d3dc23e4f13b7ec
e96b56e6092d5f7a7e37f3937b68842f31348dc1
948c669bec5b935be06fd02f8ae63a0228e340f93655228af4b0c2ecd6ffa84e
Analyzer Verdict Alert fortinet Phishing
GET /portal/media/system/33.141.18/js/lib_main.js HTTP/1.1
Host: www.spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.spar-captcha.click/de/com/a1b2c3/298ced858dd47b3de39578853138dffc/login/?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
Connection: keep-alive
Cookie: bid=298ced858dd47b3de39578853138dffc
HTTP/1.1 404 Not Found
Date: Sun, 01 Jan 2023 17:59:14 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 284
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.spar-captcha.click/portal/media/system/usercentrics/bundle.js
185.242.86.251404 Not Found 284 B URL HTTP/1.1 www.spar-captcha.click/portal/media/system/usercentrics/bundle.js
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e65b179c48c750f62d3dc23e4f13b7ec
e96b56e6092d5f7a7e37f3937b68842f31348dc1
948c669bec5b935be06fd02f8ae63a0228e340f93655228af4b0c2ecd6ffa84e
Analyzer Verdict Alert fortinet Phishing
GET /portal/media/system/usercentrics/bundle.js HTTP/1.1
Host: www.spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.spar-captcha.click/de/com/a1b2c3/298ced858dd47b3de39578853138dffc/login/?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
Connection: keep-alive
Cookie: bid=298ced858dd47b3de39578853138dffc
HTTP/1.1 404 Not Found
Date: Sun, 01 Jan 2023 17:59:14 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 284
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.spar-captcha.click/portal/media/system/33.141.18/js/lib_cms.js
185.242.86.251404 Not Found 284 B URL HTTP/1.1 www.spar-captcha.click/portal/media/system/33.141.18/js/lib_cms.js
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e65b179c48c750f62d3dc23e4f13b7ec
e96b56e6092d5f7a7e37f3937b68842f31348dc1
948c669bec5b935be06fd02f8ae63a0228e340f93655228af4b0c2ecd6ffa84e
Analyzer Verdict Alert fortinet Phishing
GET /portal/media/system/33.141.18/js/lib_cms.js HTTP/1.1
Host: www.spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.spar-captcha.click/de/com/a1b2c3/298ced858dd47b3de39578853138dffc/login/?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
Connection: keep-alive
Cookie: bid=298ced858dd47b3de39578853138dffc
HTTP/1.1 404 Not Found
Date: Sun, 01 Jan 2023 17:59:14 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 284
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.spar-captcha.click/portal/media/system/33.141.18/js/lib_header_login.js
185.242.86.251404 Not Found 284 B URL HTTP/1.1 www.spar-captcha.click/portal/media/system/33.141.18/js/lib_header_login.js
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e65b179c48c750f62d3dc23e4f13b7ec
e96b56e6092d5f7a7e37f3937b68842f31348dc1
948c669bec5b935be06fd02f8ae63a0228e340f93655228af4b0c2ecd6ffa84e
Analyzer Verdict Alert fortinet Phishing
GET /portal/media/system/33.141.18/js/lib_header_login.js HTTP/1.1
Host: www.spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.spar-captcha.click/de/com/a1b2c3/298ced858dd47b3de39578853138dffc/login/?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
Connection: keep-alive
Cookie: bid=298ced858dd47b3de39578853138dffc
HTTP/1.1 404 Not Found
Date: Sun, 01 Jan 2023 17:59:14 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 284
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.spar-captcha.click/portal/media/system/33.141.18/js/html5shiv-printshiv.js
185.242.86.251404 Not Found 284 B URL HTTP/1.1 www.spar-captcha.click/portal/media/system/33.141.18/js/html5shiv-printshiv.js
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e65b179c48c750f62d3dc23e4f13b7ec
e96b56e6092d5f7a7e37f3937b68842f31348dc1
948c669bec5b935be06fd02f8ae63a0228e340f93655228af4b0c2ecd6ffa84e
Analyzer Verdict Alert fortinet Phishing
GET /portal/media/system/33.141.18/js/html5shiv-printshiv.js HTTP/1.1
Host: www.spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.spar-captcha.click/de/com/a1b2c3/298ced858dd47b3de39578853138dffc/login/?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
Connection: keep-alive
Cookie: bid=298ced858dd47b3de39578853138dffc
HTTP/1.1 404 Not Found
Date: Sun, 01 Jan 2023 17:59:14 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 284
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0468fec435ade9da599ed1f46bb61464
61294530d9be7c2a732758fb6b06ae51170f02b6
48497874c626a3cd466af1566fa28103970006af3756f9b5c0256cddcbd9dade
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 01 Jan 2023 17:59:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.imgur.com/YF5NeT9.jpg
151.101.84.193200 OK 25 kB IP 151.101.84.193:0
File type JPEG image data, baseline, precision 8, 1280x170, components 3\012- data
Hash 8527f1d726cacc1948dc9b53dfc4e2a8
f1e39e14496abb3ae5294c22a5442a76534bff41
0d19a20899113e84343091920c3a335625bf7d9dbfc17f9cfe64595dc2f4c20c
GET /YF5NeT9.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.spar-captcha.click/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 19 Sep 2022 17:13:17 GMT
etag: "8527f1d726cacc1948dc9b53dfc4e2a8"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sun, 01 Jan 2023 17:59:14 GMT
age: 170245
x-served-by: cache-iad-kjyo7100088-IAD, cache-bma1632-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1672595954.327716,VS0,VE2
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 24849
X-Firefox-Spdy: h2
www.spar-captcha.click/de/com/login/token/token.js?v=63b1c9f210b03
185.242.86.251200 OK 521 B URL HTTP/1.1 www.spar-captcha.click/de/com/login/token/token.js?v=63b1c9f210b03
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
Hash d3b565ef26b0461dfc7f4a535c374e3e
ae7b09853ddcbb284c3f0637db296e829892b257
8996f1947528614052bf33337236c80e9592521c6fea667f1682c91fc5584172
GET /de/com/login/token/token.js?v=63b1c9f210b03 HTTP/1.1
Host: www.spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.spar-captcha.click/de/com/a1b2c3/298ced858dd47b3de39578853138dffc/login/?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
Connection: keep-alive
Cookie: real=OK; bid=298ced858dd47b3de39578853138dffc
HTTP/1.1 200 OK
Date: Sun, 01 Jan 2023 17:59:14 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 25 Jun 2021 06:45:18 GMT
ETag: "4eb-5c5917b975b80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 521
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.spar-captcha.click/de/com/login/form/form.js?v=63b1c9f210af9
185.242.86.251200 OK 709 B URL HTTP/1.1 www.spar-captcha.click/de/com/login/form/form.js?v=63b1c9f210af9
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
Hash 42018b123357c5b2ce388ae78890b0f6
a8f7c33e594052eb4e5c5ebfea63079b402166aa
8ded9dda8bfa0bf3bbb1bb4577b99ccb105ba6ca04e7a583adcb8f59c71835d8
Analyzer Verdict Alert fortinet Malware
GET /de/com/login/form/form.js?v=63b1c9f210af9 HTTP/1.1
Host: www.spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.spar-captcha.click/de/com/a1b2c3/298ced858dd47b3de39578853138dffc/login/?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
Connection: keep-alive
Cookie: real=OK; bid=298ced858dd47b3de39578853138dffc
HTTP/1.1 200 OK
Date: Sun, 01 Jan 2023 17:59:14 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 25 Jun 2021 06:45:18 GMT
ETag: "bf7-5c5917b975b80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 709
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.spar-captcha.click/de/com/login/ng/ng.js?v=63b1c9f210b04
185.242.86.251200 OK 1.4 kB URL HTTP/1.1 www.spar-captcha.click/de/com/login/ng/ng.js?v=63b1c9f210b04
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
Hash 12dd579b46c8940b4c2d03edd283cc67
974585ecd07612d419be32625bc334cd3b7e6875
660bfe05e9063473651297e0b5a119a2550b68520b253737cbe2eb19e07b2cc8
GET /de/com/login/ng/ng.js?v=63b1c9f210b04 HTTP/1.1
Host: www.spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.spar-captcha.click/de/com/a1b2c3/298ced858dd47b3de39578853138dffc/login/?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
Connection: keep-alive
Cookie: real=OK; bid=298ced858dd47b3de39578853138dffc
HTTP/1.1 200 OK
Date: Sun, 01 Jan 2023 17:59:14 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 25 Jun 2021 06:45:18 GMT
ETag: "152c-5c5917b975b80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1389
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.spar-captcha.click/portal/media/system/usercentrics/main.js?_c=1633599627568
185.242.86.251404 Not Found 284 B URL HTTP/1.1 www.spar-captcha.click/portal/media/system/usercentrics/main.js?_c=1633599627568
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e65b179c48c750f62d3dc23e4f13b7ec
e96b56e6092d5f7a7e37f3937b68842f31348dc1
948c669bec5b935be06fd02f8ae63a0228e340f93655228af4b0c2ecd6ffa84e
Analyzer Verdict Alert fortinet Phishing
GET /portal/media/system/usercentrics/main.js?_c=1633599627568 HTTP/1.1
Host: www.spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.spar-captcha.click/de/com/a1b2c3/298ced858dd47b3de39578853138dffc/login/?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
Cookie: bid=298ced858dd47b3de39578853138dffc
HTTP/1.1 404 Not Found
Date: Sun, 01 Jan 2023 17:59:14 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 284
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.spar-captcha.click/de/com/login/files/cms.css
185.242.86.251404 Not Found 284 B URL HTTP/1.1 www.spar-captcha.click/de/com/login/files/cms.css
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e65b179c48c750f62d3dc23e4f13b7ec
e96b56e6092d5f7a7e37f3937b68842f31348dc1
948c669bec5b935be06fd02f8ae63a0228e340f93655228af4b0c2ecd6ffa84e
GET /de/com/login/files/cms.css HTTP/1.1
Host: www.spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.spar-captcha.click/de/com/a1b2c3/298ced858dd47b3de39578853138dffc/login/?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
Connection: keep-alive
Cookie: real=OK; bid=298ced858dd47b3de39578853138dffc
HTTP/1.1 404 Not Found
Date: Sun, 01 Jan 2023 17:59:14 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 284
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.spar-captcha.click/de/com/login/files/main.css
185.242.86.251404 Not Found 284 B URL HTTP/1.1 www.spar-captcha.click/de/com/login/files/main.css
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e65b179c48c750f62d3dc23e4f13b7ec
e96b56e6092d5f7a7e37f3937b68842f31348dc1
948c669bec5b935be06fd02f8ae63a0228e340f93655228af4b0c2ecd6ffa84e
GET /de/com/login/files/main.css HTTP/1.1
Host: www.spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.spar-captcha.click/de/com/a1b2c3/298ced858dd47b3de39578853138dffc/login/?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
Connection: keep-alive
Cookie: real=OK; bid=298ced858dd47b3de39578853138dffc
HTTP/1.1 404 Not Found
Date: Sun, 01 Jan 2023 17:59:14 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 284
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.spar-captcha.click/de/com/login/files/header_login.css
185.242.86.251404 Not Found 284 B URL HTTP/1.1 www.spar-captcha.click/de/com/login/files/header_login.css
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e65b179c48c750f62d3dc23e4f13b7ec
e96b56e6092d5f7a7e37f3937b68842f31348dc1
948c669bec5b935be06fd02f8ae63a0228e340f93655228af4b0c2ecd6ffa84e
GET /de/com/login/files/header_login.css HTTP/1.1
Host: www.spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.spar-captcha.click/de/com/a1b2c3/298ced858dd47b3de39578853138dffc/login/?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
Connection: keep-alive
Cookie: real=OK; bid=298ced858dd47b3de39578853138dffc
HTTP/1.1 404 Not Found
Date: Sun, 01 Jan 2023 17:59:14 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 284
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.spar-captcha.click/portal/media/system/33.141.18/js/jquery_1_12_4.js
185.242.86.251404 Not Found 284 B URL HTTP/1.1 www.spar-captcha.click/portal/media/system/33.141.18/js/jquery_1_12_4.js
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e65b179c48c750f62d3dc23e4f13b7ec
e96b56e6092d5f7a7e37f3937b68842f31348dc1
948c669bec5b935be06fd02f8ae63a0228e340f93655228af4b0c2ecd6ffa84e
Analyzer Verdict Alert fortinet Phishing
GET /portal/media/system/33.141.18/js/jquery_1_12_4.js HTTP/1.1
Host: www.spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.spar-captcha.click/de/com/a1b2c3/298ced858dd47b3de39578853138dffc/login/?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
Connection: keep-alive
Cookie: bid=298ced858dd47b3de39578853138dffc
HTTP/1.1 404 Not Found
Date: Sun, 01 Jan 2023 17:59:14 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 284
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.spar-captcha.click/portal/media/system/33.141.18/js/jquery_ui_1_12_1.js
185.242.86.251404 Not Found 284 B URL HTTP/1.1 www.spar-captcha.click/portal/media/system/33.141.18/js/jquery_ui_1_12_1.js
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e65b179c48c750f62d3dc23e4f13b7ec
e96b56e6092d5f7a7e37f3937b68842f31348dc1
948c669bec5b935be06fd02f8ae63a0228e340f93655228af4b0c2ecd6ffa84e
Analyzer Verdict Alert fortinet Phishing
GET /portal/media/system/33.141.18/js/jquery_ui_1_12_1.js HTTP/1.1
Host: www.spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.spar-captcha.click/de/com/a1b2c3/298ced858dd47b3de39578853138dffc/login/?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
Connection: keep-alive
Cookie: bid=298ced858dd47b3de39578853138dffc
HTTP/1.1 404 Not Found
Date: Sun, 01 Jan 2023 17:59:14 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 284
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.spar-captcha.click/portal/media/system/33.141.18/js/lib_head.js
185.242.86.251404 Not Found 284 B URL HTTP/1.1 www.spar-captcha.click/portal/media/system/33.141.18/js/lib_head.js
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e65b179c48c750f62d3dc23e4f13b7ec
e96b56e6092d5f7a7e37f3937b68842f31348dc1
948c669bec5b935be06fd02f8ae63a0228e340f93655228af4b0c2ecd6ffa84e
Analyzer Verdict Alert fortinet Phishing
GET /portal/media/system/33.141.18/js/lib_head.js HTTP/1.1
Host: www.spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.spar-captcha.click/de/com/a1b2c3/298ced858dd47b3de39578853138dffc/login/?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
Connection: keep-alive
Cookie: bid=298ced858dd47b3de39578853138dffc
HTTP/1.1 404 Not Found
Date: Sun, 01 Jan 2023 17:59:14 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 284
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.spar-captcha.click/portal/media/system/usercentrics/bundle.js
185.242.86.251404 Not Found 284 B URL HTTP/1.1 www.spar-captcha.click/portal/media/system/usercentrics/bundle.js
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e65b179c48c750f62d3dc23e4f13b7ec
e96b56e6092d5f7a7e37f3937b68842f31348dc1
948c669bec5b935be06fd02f8ae63a0228e340f93655228af4b0c2ecd6ffa84e
Analyzer Verdict Alert fortinet Phishing
GET /portal/media/system/usercentrics/bundle.js HTTP/1.1
Host: www.spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.spar-captcha.click/de/com/a1b2c3/298ced858dd47b3de39578853138dffc/login/?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
Connection: keep-alive
Cookie: bid=298ced858dd47b3de39578853138dffc
HTTP/1.1 404 Not Found
Date: Sun, 01 Jan 2023 17:59:14 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 284
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.spar-captcha.click/de/com/login/files/jquery.js
185.242.86.251404 Not Found 284 B URL HTTP/1.1 www.spar-captcha.click/de/com/login/files/jquery.js
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e65b179c48c750f62d3dc23e4f13b7ec
e96b56e6092d5f7a7e37f3937b68842f31348dc1
948c669bec5b935be06fd02f8ae63a0228e340f93655228af4b0c2ecd6ffa84e
Analyzer Verdict Alert fortinet Malware
GET /de/com/login/files/jquery.js HTTP/1.1
Host: www.spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.spar-captcha.click/de/com/a1b2c3/298ced858dd47b3de39578853138dffc/login/?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
Connection: keep-alive
Cookie: real=OK; bid=298ced858dd47b3de39578853138dffc
HTTP/1.1 404 Not Found
Date: Sun, 01 Jan 2023 17:59:14 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 284
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.spar-captcha.click/portal/media/system/33.141.18/js/lib_main.js
185.242.86.251404 Not Found 284 B URL HTTP/1.1 www.spar-captcha.click/portal/media/system/33.141.18/js/lib_main.js
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e65b179c48c750f62d3dc23e4f13b7ec
e96b56e6092d5f7a7e37f3937b68842f31348dc1
948c669bec5b935be06fd02f8ae63a0228e340f93655228af4b0c2ecd6ffa84e
Analyzer Verdict Alert fortinet Phishing
GET /portal/media/system/33.141.18/js/lib_main.js HTTP/1.1
Host: www.spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.spar-captcha.click/de/com/a1b2c3/298ced858dd47b3de39578853138dffc/login/?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
Connection: keep-alive
Cookie: bid=298ced858dd47b3de39578853138dffc
HTTP/1.1 404 Not Found
Date: Sun, 01 Jan 2023 17:59:14 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 284
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.spar-captcha.click/de/com/login/icons_woff.woff
185.242.86.251404 Not Found 284 B URL HTTP/1.1 www.spar-captcha.click/de/com/login/icons_woff.woff
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e65b179c48c750f62d3dc23e4f13b7ec
e96b56e6092d5f7a7e37f3937b68842f31348dc1
948c669bec5b935be06fd02f8ae63a0228e340f93655228af4b0c2ecd6ffa84e
Analyzer Verdict Alert fortinet Malware
GET /de/com/login/icons_woff.woff HTTP/1.1
Host: www.spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.spar-captcha.click/de/com/a1b2c3/298ced858dd47b3de39578853138dffc/login/?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
Cookie: real=OK; bid=298ced858dd47b3de39578853138dffc
HTTP/1.1 404 Not Found
Date: Sun, 01 Jan 2023 17:59:14 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 284
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.spar-captcha.click/portal/media/system/33.141.18/js/lib_cms.js
185.242.86.251404 Not Found 284 B URL HTTP/1.1 www.spar-captcha.click/portal/media/system/33.141.18/js/lib_cms.js
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e65b179c48c750f62d3dc23e4f13b7ec
e96b56e6092d5f7a7e37f3937b68842f31348dc1
948c669bec5b935be06fd02f8ae63a0228e340f93655228af4b0c2ecd6ffa84e
Analyzer Verdict Alert fortinet Phishing
GET /portal/media/system/33.141.18/js/lib_cms.js HTTP/1.1
Host: www.spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.spar-captcha.click/de/com/a1b2c3/298ced858dd47b3de39578853138dffc/login/?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
Connection: keep-alive
Cookie: bid=298ced858dd47b3de39578853138dffc
HTTP/1.1 404 Not Found
Date: Sun, 01 Jan 2023 17:59:14 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 284
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp2.globalsign.com/rootr3
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/rootr3
IP 104.18.20.226:0
Hash 4628684b604294d1cbedb935eddea129
2617e4f2393181705f5c8fd7228ba1630460e235
cf0ec6be0d9d7988e6362d144538a5d59c7d4a78c0b8ed9e84340f1aad0a22e1
POST /rootr3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 81
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 01 Jan 2023 17:59:14 GMT
Content-Type: application/ocsp-response
Content-Length: 1434
Connection: keep-alive
Expires: Thu, 05 Jan 2023 15:10:58 GMT
ETag: "2617e4f2393181705f5c8fd7228ba1630460e235"
Last-Modified: Sun, 01 Jan 2023 15:10:59 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2621
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 782d25cd6945b51b-OSL
ocsp2.globalsign.com/gsextendvalsha2g3r3
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsextendvalsha2g3r3
IP 104.18.20.226:0
Hash 0d316a44378472146a8ff8eb9a4e058a
0c1639f2f93d5ec56fb4497923a68bc4d68facb5
792ea85a381f7b66422d8fac5b4641deb80ab0547d6d4d15d7ffd06edf97e45c
POST /gsextendvalsha2g3r3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 01 Jan 2023 17:59:14 GMT
Content-Type: application/ocsp-response
Content-Length: 1444
Connection: keep-alive
Expires: Thu, 05 Jan 2023 14:34:13 GMT
ETag: "0c1639f2f93d5ec56fb4497923a68bc4d68facb5"
Last-Modified: Sun, 01 Jan 2023 14:34:14 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2783
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 782d25cd8966b51b-OSL
www.spar-captcha.click/portal/media/system/33.141.18/js/lib_header_login.js
185.242.86.251404 Not Found 284 B URL HTTP/1.1 www.spar-captcha.click/portal/media/system/33.141.18/js/lib_header_login.js
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e65b179c48c750f62d3dc23e4f13b7ec
e96b56e6092d5f7a7e37f3937b68842f31348dc1
948c669bec5b935be06fd02f8ae63a0228e340f93655228af4b0c2ecd6ffa84e
Analyzer Verdict Alert fortinet Phishing
GET /portal/media/system/33.141.18/js/lib_header_login.js HTTP/1.1
Host: www.spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.spar-captcha.click/de/com/a1b2c3/298ced858dd47b3de39578853138dffc/login/?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
Connection: keep-alive
Cookie: bid=298ced858dd47b3de39578853138dffc
HTTP/1.1 404 Not Found
Date: Sun, 01 Jan 2023 17:59:14 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 284
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp2.globalsign.com/gsextendvalsha2g3r3
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsextendvalsha2g3r3
IP 104.18.20.226:0
Hash 0d316a44378472146a8ff8eb9a4e058a
0c1639f2f93d5ec56fb4497923a68bc4d68facb5
792ea85a381f7b66422d8fac5b4641deb80ab0547d6d4d15d7ffd06edf97e45c
POST /gsextendvalsha2g3r3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 01 Jan 2023 17:59:14 GMT
Content-Type: application/ocsp-response
Content-Length: 1444
Connection: keep-alive
Expires: Thu, 05 Jan 2023 14:34:13 GMT
ETag: "0c1639f2f93d5ec56fb4497923a68bc4d68facb5"
Last-Modified: Sun, 01 Jan 2023 14:34:14 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2783
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 782d25cd997cb51b-OSL
www.spar-captcha.click/portal/media/system/33.141.18/js/html5shiv-printshiv.js
185.242.86.251404 Not Found 284 B URL HTTP/1.1 www.spar-captcha.click/portal/media/system/33.141.18/js/html5shiv-printshiv.js
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e65b179c48c750f62d3dc23e4f13b7ec
e96b56e6092d5f7a7e37f3937b68842f31348dc1
948c669bec5b935be06fd02f8ae63a0228e340f93655228af4b0c2ecd6ffa84e
Analyzer Verdict Alert fortinet Phishing
GET /portal/media/system/33.141.18/js/html5shiv-printshiv.js HTTP/1.1
Host: www.spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.spar-captcha.click/de/com/a1b2c3/298ced858dd47b3de39578853138dffc/login/?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
Connection: keep-alive
Cookie: bid=298ced858dd47b3de39578853138dffc
HTTP/1.1 404 Not Found
Date: Sun, 01 Jan 2023 17:59:14 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 284
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
kunden.commerzbank.de/portal/media/system/images/bg_metanav_gif.gif
212.149.50.15200 OK 1.1 kB URL HTTP/1.1 kunden.commerzbank.de/portal/media/system/images/bg_metanav_gif.gif
IP 212.149.50.15:0
ASN #16365 Commerzbank Aktiengesellschaft
File type GIF image data, version 89a, 1 x 61\012- data
Hash 28e2af3a5d79cebdadbeed1fac34043b
b9da0fb8ade838ff42e1a017305b235827114a25
ae247f0ee2d331e7f89a54b2d683589de735b83bda69b00b29bf728e1cc31e75
GET /portal/media/system/images/bg_metanav_gif.gif HTTP/1.1
Host: kunden.commerzbank.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.spar-captcha.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 01 Jan 2023 17:59:14 GMT
Server: Apache
etag: "-2129675650"
expires: Sun, 01 Jan 2023 17:19:27 GMT
last-modified: Mon, 21 Nov 2022 05:17:44 GMT
content-language: de-DE
content-length: 1124
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
com-coba-cif-csrf-protection: 71bfc6a61c3be02e07991d1c3ebb27f80ded946e56e89ec9e471193f046386ea
strict-transport-security: max-age=31536000
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: image/gif
www.spar-captcha.click/portal/media/system/usercentrics/main.js?_c=1633599627568
185.242.86.251404 Not Found 284 B URL HTTP/1.1 www.spar-captcha.click/portal/media/system/usercentrics/main.js?_c=1633599627568
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e65b179c48c750f62d3dc23e4f13b7ec
e96b56e6092d5f7a7e37f3937b68842f31348dc1
948c669bec5b935be06fd02f8ae63a0228e340f93655228af4b0c2ecd6ffa84e
Analyzer Verdict Alert fortinet Phishing
GET /portal/media/system/usercentrics/main.js?_c=1633599627568 HTTP/1.1
Host: www.spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.spar-captcha.click/de/com/a1b2c3/298ced858dd47b3de39578853138dffc/login/?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
Connection: keep-alive
Cookie: bid=298ced858dd47b3de39578853138dffc
HTTP/1.1 404 Not Found
Date: Sun, 01 Jan 2023 17:59:14 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 284
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 118862dd91acadbe96bd8df464b5d944
1f18ca3394c0502b2447001d8115d8f69211a72b
599a2f13cae2edc7b4ffbaee442cc40363b809400452364e21a05fd3599f72c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "599A2F13CAE2EDC7B4FFBAEE442CC40363B809400452364E21A05FD3599F72C6"
Last-Modified: Fri, 30 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12943
Expires: Sun, 01 Jan 2023 21:34:57 GMT
Date: Sun, 01 Jan 2023 17:59:14 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 118862dd91acadbe96bd8df464b5d944
1f18ca3394c0502b2447001d8115d8f69211a72b
599a2f13cae2edc7b4ffbaee442cc40363b809400452364e21a05fd3599f72c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "599A2F13CAE2EDC7B4FFBAEE442CC40363B809400452364E21A05FD3599F72C6"
Last-Modified: Fri, 30 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12943
Expires: Sun, 01 Jan 2023 21:34:57 GMT
Date: Sun, 01 Jan 2023 17:59:14 GMT
Connection: keep-alive
ocsp2.globalsign.com/gsextendvalsha2g3r3
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsextendvalsha2g3r3
IP 104.18.20.226:0
Hash 7c14d7b2513771d55bdf44951241aa46
e5265dd8c0df783d3c002850f4bc3c2ae7914650
fab9455fba454aec1a2f8cf69419bdd871715867cc3cc69f038c615347e67276
POST /gsextendvalsha2g3r3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 01 Jan 2023 17:59:14 GMT
Content-Type: application/ocsp-response
Content-Length: 1444
Connection: keep-alive
Expires: Thu, 05 Jan 2023 16:18:37 GMT
ETag: "e5265dd8c0df783d3c002850f4bc3c2ae7914650"
Last-Modified: Sun, 01 Jan 2023 16:18:38 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2781
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 782d25ce9b06b51b-OSL
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6390ab-134c-4c14-ae9e-9591400607a3.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6390ab-134c-4c14-ae9e-9591400607a3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2a92938ba6a58bd49a9938a24e404cba
2adeb5279f5a130a4ddc05199bc7b0b197a3cabc
1779831cec3a72aa82e2dab789c043da6a7fa432ff75a644733b0ee5f81b965b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6390ab-134c-4c14-ae9e-9591400607a3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10426
x-amzn-requestid: b6ad4eac-168a-477b-9883-f77fffc6468f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d5ZfRG7XIAMF7zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ad3c61-7766d0293ca12d6e2436ac66;Sampled=0
x-amzn-remapped-date: Thu, 29 Dec 2022 07:06:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: fbLIBt1nYKjHIB6qMh22u5A92HgG0_f84qqlf5rqpwl4brcU5UB8eQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 01 Jan 2023 13:01:40 GMT
age: 17854
etag: "2adeb5279f5a130a4ddc05199bc7b0b197a3cabc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21ed4431-081e-4d12-961f-aa4e653e835e.jpeg
34.120.237.76200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21ed4431-081e-4d12-961f-aa4e653e835e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 542c50a9c4ddc940c0b46f84973f26a6
adec3ce0b331c1ae542b07e3105ccbb7e517699a
2e6efc9930b8b281f4b4282a3f1f9815708b245760319bd711844c66f1b1cfb3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21ed4431-081e-4d12-961f-aa4e653e835e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4574
x-amzn-requestid: 5656411c-79b6-424e-ba7c-9a546cb6f99b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d42MyGYVIAMFXig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ad03eb-62d0a04f49947a6e42e6083d;Sampled=0
x-amzn-remapped-date: Thu, 29 Dec 2022 03:05:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DFqVV_GbqyTSmrx57w2P_yiSWPvSCcFLQZwwBJbcbmvLautLFMR0CQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 01 Jan 2023 04:13:33 GMT
age: 49541
etag: "adec3ce0b331c1ae542b07e3105ccbb7e517699a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.spar-captcha.click/de/com/home.php?pl=token&link=Commerzbank&bid=298ced858dd47b3de39578853138dffc&callback=jQuery321031395855109773263_1672595946648&data=%7B%22mes%22%3A%22User%20on%20login%20page%22%7D&_=1672595946649
185.242.86.251200 OK 0 B URL HTTP/1.1 www.spar-captcha.click/de/com/home.php?pl=token&link=Commerzbank&bid=298ced858dd47b3de39578853138dffc&callback=jQuery321031395855109773263_1672595946648&data=%7B%22mes%22%3A%22User%20on%20login%20page%22%7D&_=1672595946649
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /de/com/home.php?pl=token&link=Commerzbank&bid=298ced858dd47b3de39578853138dffc&callback=jQuery321031395855109773263_1672595946648&data=%7B%22mes%22%3A%22User%20on%20login%20page%22%7D&_=1672595946649 HTTP/1.1
Host: www.spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.spar-captcha.click/de/com/a1b2c3/298ced858dd47b3de39578853138dffc/login/?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Cookie: real=OK; bid=298ced858dd47b3de39578853138dffc
HTTP/1.1 200 OK
Date: Sun, 01 Jan 2023 17:59:14 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 0
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: application/json
kunden.commerzbank.de/portal/media/system/fonts/icons_ttf.ttf
212.149.50.15200 16 kB URL HTTP/1.1 kunden.commerzbank.de/portal/media/system/fonts/icons_ttf.ttf
IP 212.149.50.15:0
ASN #16365 Commerzbank Aktiengesellschaft
Hash bf4eb7fa7530af7abfebba152344cb43
05bbbc462fb0d3d9ba5cc68ff517b5347b03a5f8
ef53ac4bd095b4a1e1b24eabf02f6f8485f2614a073179dfb4d39eb30210d145
GET /portal/media/system/fonts/icons_ttf.ttf HTTP/1.1
Host: kunden.commerzbank.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.spar-captcha.click
Connection: keep-alive
Referer: http://www.spar-captcha.click/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Date: Sun, 01 Jan 2023 17:59:14 GMT
Server: Apache
cache-control: private
etag: "-319645690-gzip"
expires: Sun, 01 Jan 2023 18:04:14 GMT
last-modified: Mon, 21 Nov 2022 05:17:38 GMT
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
com-coba-cif-csrf-protection: d4f05670401f591f1add9ff26dee9d46b2baa451d22df924447438a55e1ab430
content-type: font/ttf;charset=ISO-8859-1
content-language: en-US
strict-transport-security: max-age=31536000
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 24829
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff91ff871-3f80-4a32-932c-b81a53066ccd.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff91ff871-3f80-4a32-932c-b81a53066ccd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4367f9a4e85a0b03fc104148023c73e6
81b2d64110d0f5853a7190be93252dac4a428b7a
ec0b378ad8bea69e474ba2fd53321467a04143b39da7f438924b0a7604fa6751
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff91ff871-3f80-4a32-932c-b81a53066ccd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8884
x-amzn-requestid: d0b8e033-5a7a-4c2c-8cee-7cd14d205e5e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d-XYNFV6IAMFoog=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63af3901-1f152c56526a8cfd6aab77d1;Sampled=0
x-amzn-remapped-date: Fri, 30 Dec 2022 19:16:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -NKgGBkJUbNdMOK5TlrSwxH_I-xI6kENYZyEAPatO-GJB72OciVqbQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 01 Jan 2023 03:12:06 GMT
age: 53228
etag: "81b2d64110d0f5853a7190be93252dac4a428b7a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F625ac435-5ac8-46ca-9178-7aa9cb621f60.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F625ac435-5ac8-46ca-9178-7aa9cb621f60.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c820340d5ed98c9573754e3a749bf40c
09d31b45d4cc16c4d321e616e5445d9ba921a1ba
2a69c58358ae763ddef6603f783d7d25c465ff4d3777e6bd540c1b673381813a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F625ac435-5ac8-46ca-9178-7aa9cb621f60.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8307
x-amzn-requestid: 978a4b33-aded-49d7-a4a8-2ff5ee894b02
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d0Oh0EhpIAMFyYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ab2ad8-485bd7767c2ad3756ae98e7d;Sampled=0
x-amzn-remapped-date: Tue, 27 Dec 2022 17:26:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bcdvyTj9Ys4hBF3rNrUfgzes7CLPom3b4l5S2NLa_8VM__qQdg9Vkw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 31 Dec 2022 21:57:00 GMT
age: 72134
etag: "09d31b45d4cc16c4d321e616e5445d9ba921a1ba"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67b75ebf-7439-4cd2-bd89-000ec5f3aab8.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67b75ebf-7439-4cd2-bd89-000ec5f3aab8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c0dc083dd00810ff8d197c5ad7fb6f7
9e1ca8f2da2a53f7941b6869684b458a3c72a96f
6abddb307b4eab72eeafc413d0eb005773e5100120c4e074f7f3baadf12fa954
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67b75ebf-7439-4cd2-bd89-000ec5f3aab8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8537
x-amzn-requestid: 4e0f7a60-ab06-4494-984d-34fcacf63ba1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d_oI7GZfIAMFkGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63afba38-6a6424991c4612dd6d3888fa;Sampled=0
x-amzn-remapped-date: Sat, 31 Dec 2022 04:27:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: HVSax8zutp54N838OPZjYA6MGIF5tCK3plkg9G7R4fg9jm71_Mdcvg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 31 Dec 2022 23:39:54 GMT
age: 65960
etag: "9e1ca8f2da2a53f7941b6869684b458a3c72a96f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56ecc912-7c04-44d7-a43d-91f5105e563b.jpeg
34.120.237.76200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56ecc912-7c04-44d7-a43d-91f5105e563b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9c106ab8d6891b9865ef89c4cd6c6cb
784caa00a9877cb4cc6ad9037a9676b6d3b37fd2
84440ac9326499d9ce81d6fe8b58fa4f7430f60d5624a2acf5d66f906fe6f898
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56ecc912-7c04-44d7-a43d-91f5105e563b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4560
x-amzn-requestid: 26f5e408-f9d0-46b9-90a7-5cdf29d5a27c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eB__3ETBoAMFU3g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b0ad32-2b1520235d6b63862bebc2d5;Sampled=0
x-amzn-remapped-date: Sat, 31 Dec 2022 21:44:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: hs_04b29c6nhQo4WrQEpVJj8bkqTsfTAv54dajHxsMIjre-g2uesvw==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 31 Dec 2022 21:44:29 GMT
age: 72885
etag: "784caa00a9877cb4cc6ad9037a9676b6d3b37fd2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.14200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.spar-captcha.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 01 Jan 2023 17:34:02 GMT
expires: Sun, 01 Jan 2023 19:34:02 GMT
cache-control: public, max-age=7200
age: 1513
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.commerzbank.de/portal/media/system/usercentrics/cdcs-iframe-index.html?_fs=kunden
212.149.50.185200 859 B URL HTTP/1.1 www.commerzbank.de/portal/media/system/usercentrics/cdcs-iframe-index.html?_fs=kunden
IP 212.149.50.185:0
ASN #16365 Commerzbank Aktiengesellschaft
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 5e8e6d207dfb15055cf197fe96afefc5
c23f85a8ff36a455e182bc5a07c2b0fe3d1c5083
79739d5372546a78193ebd5ac57dda67f037731c277b53c8cbc35d4deaa13e4b
GET /portal/media/system/usercentrics/cdcs-iframe-index.html?_fs=kunden HTTP/1.1
Host: www.commerzbank.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.spar-captcha.click/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Date: Sun, 01 Jan 2023 17:59:14 GMT
Server: Apache
cache-control: private
etag: "-1783573157-gzip"
expires: Sun, 01 Jan 2023 18:04:15 GMT
last-modified: Mon, 21 Nov 2022 05:22:58 GMT
x-ua-compatible: IE=edge,chrome=1
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
com-coba-cif-csrf-protection: 5797d1d1dd10559e0b7dd147e6e7537201cf606834ba53dc3d71174a2465d89f
content-type: text/html;charset=UTF-8
content-language: en-US
strict-transport-security: max-age=31536000
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 859
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
www.spar-captcha.click/de/com/login/files/app_icon.png
185.242.86.251404 Not Found 284 B URL HTTP/1.1 www.spar-captcha.click/de/com/login/files/app_icon.png
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e65b179c48c750f62d3dc23e4f13b7ec
e96b56e6092d5f7a7e37f3937b68842f31348dc1
948c669bec5b935be06fd02f8ae63a0228e340f93655228af4b0c2ecd6ffa84e
GET /de/com/login/files/app_icon.png HTTP/1.1
Host: www.spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.spar-captcha.click/de/com/a1b2c3/298ced858dd47b3de39578853138dffc/login/?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
Connection: keep-alive
Cookie: real=OK; bid=298ced858dd47b3de39578853138dffc
HTTP/1.1 404 Not Found
Date: Sun, 01 Jan 2023 17:59:15 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 284
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.spar-captcha.click/de/com/login/files/favicon.ico
185.242.86.251404 Not Found 284 B URL HTTP/1.1 www.spar-captcha.click/de/com/login/files/favicon.ico
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e65b179c48c750f62d3dc23e4f13b7ec
e96b56e6092d5f7a7e37f3937b68842f31348dc1
948c669bec5b935be06fd02f8ae63a0228e340f93655228af4b0c2ecd6ffa84e
GET /de/com/login/files/favicon.ico HTTP/1.1
Host: www.spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.spar-captcha.click/de/com/a1b2c3/298ced858dd47b3de39578853138dffc/login/?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
Connection: keep-alive
Cookie: real=OK; bid=298ced858dd47b3de39578853138dffc
HTTP/1.1 404 Not Found
Date: Sun, 01 Jan 2023 17:59:15 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 284
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.commerzbank.de/portal/media/system/usercentrics/cdcs.js
212.149.50.185200 OK 1.7 kB URL HTTP/1.1 www.commerzbank.de/portal/media/system/usercentrics/cdcs.js
IP 212.149.50.185:0
ASN #16365 Commerzbank Aktiengesellschaft
File type ASCII text, with very long lines (4327), with no line terminators
Hash feb92f8c0a0dcb5c9e85c29b8253bf8a
ef6e80bd8f24603391021031d87d77b0ebf5462b
c64c0472a9cdc95814552d9bb1a8a072bcfd9b5ea84b2ed8d3f0edae0aac6f87
GET /portal/media/system/usercentrics/cdcs.js HTTP/1.1
Host: www.commerzbank.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.commerzbank.de/portal/media/system/usercentrics/cdcs-iframe-index.html?_fs=kunden
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 01 Jan 2023 17:59:15 GMT
Server: Apache
etag: "-221108930-gzip"
expires: Sun, 01 Jan 2023 17:59:50 GMT
last-modified: Mon, 21 Nov 2022 05:17:57 GMT
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
com-coba-cif-csrf-protection: e1ff7d91e83dd76a29869ff6ffe9a5644b1bf414cef6391ec9a5124a948ea0c0
content-language: de
strict-transport-security: max-age=31536000
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1675
Age: 266
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: application/javascript;charset=UTF-8
www.spar-captcha.click/de/com/login/form/newloader.gif
185.242.86.251200 OK 557 kB URL HTTP/1.1 www.spar-captcha.click/de/com/login/form/newloader.gif
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
File type GIF image data, version 89a, 480 x 480\012- data
Size 557 kB (557122 bytes)
Hash ef8d4e6b20b0cf0d68713fb2f6069042
d62bb4b1a169c88879de3bd2f5c4292b6259a952
32bfc673211421c1a5a33acc98291840183582f11d15490954b42a81d79d4630
GET /de/com/login/form/newloader.gif HTTP/1.1
Host: www.spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.spar-captcha.click/de/com/a1b2c3/298ced858dd47b3de39578853138dffc/login/?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
Connection: keep-alive
Cookie: real=OK; bid=298ced858dd47b3de39578853138dffc
HTTP/1.1 200 OK
Date: Sun, 01 Jan 2023 17:59:14 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Fri, 25 Jun 2021 06:45:18 GMT
ETag: "88042-5c5917b975b80"
Accept-Ranges: bytes
Content-Length: 557122
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/gif
www.spar-captcha.click/de/com/home.php?pl=token&link=Commerzbank&bid=298ced858dd47b3de39578853138dffc&callback=jQuery321031395855109773263_1672595946646&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1672595946650
185.242.86.251200 OK 0 B URL HTTP/1.1 www.spar-captcha.click/de/com/home.php?pl=token&link=Commerzbank&bid=298ced858dd47b3de39578853138dffc&callback=jQuery321031395855109773263_1672595946646&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1672595946650
IP 185.242.86.251:0
ASN #28753 Leaseweb Deutschland GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /de/com/home.php?pl=token&link=Commerzbank&bid=298ced858dd47b3de39578853138dffc&callback=jQuery321031395855109773263_1672595946646&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1672595946650 HTTP/1.1
Host: www.spar-captcha.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.spar-captcha.click/de/com/a1b2c3/298ced858dd47b3de39578853138dffc/login/?index=7495&feeder=dd59e11e648423f8b65d8958301323ed37308443
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Cookie: real=OK; bid=298ced858dd47b3de39578853138dffc
HTTP/1.1 200 OK
Date: Sun, 01 Jan 2023 17:59:19 GMT
Server: Apache/2.4.41 (Ubuntu)
Content-Length: 0
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/json