| |  172.67.136.99 | 200 OK | 29 kB |
IP172.67.136.99:443
CertificateIssuerGoogle Trust Services Subjectsmartcaptchaservice.com FingerprintB7:9A:25:69:0E:00:E8:48:E4:1D:E8:E6:59:27:5D:59:24:43:2A:79 ValidityMon, 17 Mar 2025 16:02:55 GMT - Sun, 15 Jun 2025 17:01:16 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (342) Hash9023257b22a9cb046f06463862fdaca4 02440bdd4bbb061197da80e7ff3aff0521508456 e5e8bac4e1382b3cb7e8670810ff662f0718a102666295706270b320756e8e59
GET / HTTP/1.1
Host: smartcaptchaservice.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 09 May 2025 11:45:15 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=zdZcPn30J8AKFBPuekDzCrj9qTDEEbiLQrL50l5fMgKunFCraG6gEsmiq6%2BMyBOAiWY07JTFyFWLjl%2BK%2BTTJvMEn%2FkNvPyTrNY2t3ZhbSkC2yO3o3itFpAW09SV%2B2Cj7jROwTIPSB5PVZA%3D%3D"}]}
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding: br
cf-ray: 93d0f316e8fe56bb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js | 104.18.11.207 | 200 OK | 60 kB |
URL GET stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js IP104.18.11.207:443
Requested byhttps://smartcaptchaservice.com/ CertificateIssuerGoogle Trust Services Subjectbootstrapcdn.com Fingerprint90:B1:98:4A:7E:D6:37:CF:9B:DC:7D:67:82:58:17:6C:F7:F6:11:DE ValiditySun, 16 Mar 2025 01:14:49 GMT - Sat, 14 Jun 2025 02:14:23 GMT
File typeJavaScript source, ASCII text, with very long lines (59765) Hash02d223393e00c273efdcb1ade8f4f8b1 0cc93b8421d89c24a889642428b363cb831de78a 79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
GET /bootstrap/4.5.2/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://smartcaptchaservice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 09 May 2025 11:45:15 GMT
content-type: application/javascript; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"02d223393e00c273efdcb1ade8f4f8b1"
last-modified: Mon, 25 Jan 2021 22:04:11 GMT
cdn-cachedat: 03/25/2024 22:48:44
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1053
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requesttime: 0
cdn-requestid: d62bcbaaea22408f781d5342ab695aaf
cdn-cache: HIT
cf-cache-status: HIT
age: 110097
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 93d0f31a2fb1712e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| smartcaptchaservice.com/favicon.ico | 172.67.136.99 | 200 OK | 38 kB |
URL GET smartcaptchaservice.com/favicon.ico IP172.67.136.99:443
Requested byhttps://smartcaptchaservice.com/ CertificateIssuerGoogle Trust Services Subjectsmartcaptchaservice.com FingerprintB7:9A:25:69:0E:00:E8:48:E4:1D:E8:E6:59:27:5D:59:24:43:2A:79 ValidityMon, 17 Mar 2025 16:02:55 GMT - Sun, 15 Jun 2025 17:01:16 GMT
File typeMS Windows icon resource - 1 icon, 96x96, 32 bits/pixel Hashee16a37d28890b9d4aa080001ae5c920 77a208195637a5007ec396857219c1517763361c 4dcfa1db2fdba1327e789dd09f95bd8da40d4d230240bf582d2b71f343ac92ec
GET /favicon.ico HTTP/1.1
Host: smartcaptchaservice.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://smartcaptchaservice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 May 2025 11:45:16 GMT
content-type: image/vnd.microsoft.icon
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EqP%2BNUwAtpMBLvvj%2B0NScLCP9zgJ8IbCke58FggHTpzV2nau0ATctuEuAm6VaVkesSwQWCiS9b3XyP9BFCf%2B03dy9H1fPlsLY9f6gSpCYXqou6GcnR8FhSyKzaPiIj3qpDKcCxbCKAa6%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Mon, 17 Mar 2025 17:01:52 GMT
etag: W/"94be-6308cbea62e2d"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
content-encoding: br
cf-ray: 93d0f31e7ef156b9-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5446&min_rtt=644&rtt_var=5045&sent=106&recv=158&lost=0&retrans=1&sent_bytes=8884&recv_bytes=8992&delivery_rate=2779&cwnd=12000&unsent_bytes=0&cid=f878d43a69187a99&ts=1194&x=16"
|
|
| stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css | 104.18.11.207 | 200 OK | 160 kB |
URL GET stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css IP104.18.11.207:443
Requested byhttps://smartcaptchaservice.com/ CertificateIssuerGoogle Trust Services Subjectbootstrapcdn.com Fingerprint90:B1:98:4A:7E:D6:37:CF:9B:DC:7D:67:82:58:17:6C:F7:F6:11:DE ValiditySun, 16 Mar 2025 01:14:49 GMT - Sat, 14 Jun 2025 02:14:23 GMT
File typeASCII text, with very long lines (65326) Size160 kB (160302 bytes) Hash816af0eddd3b4822c2756227c7e7b7ee c470239d4c7db36d56dc3a74a080c62218c6edc4 5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
GET /bootstrap/4.5.2/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://smartcaptchaservice.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 09 May 2025 11:45:15 GMT
content-type: text/css; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"816af0eddd3b4822c2756227c7e7b7ee"
last-modified: Mon, 25 Jan 2021 22:04:11 GMT
cdn-cachedat: 05/29/2024 18:09:57
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 865
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requesttime: 0
cdn-requestid: 061a0a53f527e1164261c24aa36ff27e
cdn-cache: HIT
cf-cache-status: HIT
age: 206217
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 93d0f319def2712e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| pl25825165.effectiveratecpm.com/15/09/6c/15096cf1d35bf7379d2c1a7d11e6d0a2.js |  192.243.61.227 | 403 Forbidden | 0 B |
URL GET pl25825165.effectiveratecpm.com/15/09/6c/15096cf1d35bf7379d2c1a7d11e6d0a2.js IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://smartcaptchaservice.com/ CertificateIssuerLet's Encrypt Subjecteffectiveratecpm.com Fingerprint35:F6:4C:25:0B:28:C1:12:A6:AE:C0:7F:44:9B:AB:F2:64:A9:73:46 ValidityTue, 08 Apr 2025 21:00:03 GMT - Mon, 07 Jul 2025 21:00:02 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /15/09/6c/15096cf1d35bf7379d2c1a7d11e6d0a2.js HTTP/1.1
Host: pl25825165.effectiveratecpm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://smartcaptchaservice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Server: nginx/1.21.6
Date: Fri, 09 May 2025 11:45:16 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: pl25825165.effectiveratecpm.com
|
|
| pl25818938.effectiveratecpm.com/b4e3b87e4d0e5891d3bf81aac791b679/invoke.js |  172.240.108.84 | 403 Forbidden | 0 B |
URL GET pl25818938.effectiveratecpm.com/b4e3b87e4d0e5891d3bf81aac791b679/invoke.js IP172.240.108.84:443
Requested byhttps://smartcaptchaservice.com/ CertificateIssuerLet's Encrypt Subjecteffectiveratecpm.com Fingerprint35:F6:4C:25:0B:28:C1:12:A6:AE:C0:7F:44:9B:AB:F2:64:A9:73:46 ValidityTue, 08 Apr 2025 21:00:03 GMT - Mon, 07 Jul 2025 21:00:02 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /b4e3b87e4d0e5891d3bf81aac791b679/invoke.js HTTP/1.1
Host: pl25818938.effectiveratecpm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://smartcaptchaservice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Server: nginx/1.21.6
Date: Fri, 09 May 2025 11:45:16 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
x-envoy-upstream-service-time: 4
Host: pl25818938.effectiveratecpm.com
|
|
| code.jquery.com/jquery-3.5.1.slim.min.js | 151.101.130.137 | 200 OK | 72 kB |
URL GET code.jquery.com/jquery-3.5.1.slim.min.js IP151.101.130.137:443
Requested byhttps://smartcaptchaservice.com/ CertificateIssuerSectigo Limited Subject*.jquery.com FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5 ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65245) Hashfb8409a092adc6e8be17e87d59e0595e cf8d9821552d51bb50ce572e696aba1309065800 e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db
GET /jquery-3.5.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://smartcaptchaservice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-11abc"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 09 May 2025 11:45:15 GMT
age: 3788661
x-served-by: cache-lga21954-LGA, cache-hel1410028-HEL
x-cache: HIT, HIT
x-cache-hits: 22, 7248
x-timer: S1746791116.910409,VS0,VE0
vary: Accept-Encoding
content-length: 24606
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/@popperjs/core@2.9.3/dist/umd/popper.min.js | 151.101.65.229 | 200 OK | 19 kB |
URL GET cdn.jsdelivr.net/npm/@popperjs/core@2.9.3/dist/umd/popper.min.js IP151.101.65.229:443
Requested byhttps://smartcaptchaservice.com/ CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint6C:45:F5:9E:D3:37:60:0B:9C:A8:28:29:A4:E6:41:33:BB:2E:76:5C ValidityTue, 30 Jul 2024 15:36:05 GMT - Sun, 31 Aug 2025 15:36:04 GMT
File typeJavaScript source, ASCII text, with very long lines (18785) Hashe1a71969a95592d2d3d32bb7c1296190 f6e3039d5b647e7c9f79293dc7c46cb286003d6c ccc0ee783158d1ab3ae590ef8c982a827e38e8b82fd121551cdd4c20041fcd1b
GET /npm/@popperjs/core@2.9.3/dist/umd/popper.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://smartcaptchaservice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 2.9.3
x-jsd-version-type: version
etag: W/"49b9-9uMDnVtkfnyfeSk9x8RssoYAPWw"
content-encoding: br
accept-ranges: bytes
date: Fri, 09 May 2025 11:45:15 GMT
age: 3703687
x-served-by: cache-fra-eddf8230146-FRA, cache-hel1410033-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7057
X-Firefox-Spdy: h2
|
|
| pl25818938.effectiveratecpm.com/b4e3b87e4d0e5891d3bf81aac791b679/invoke.js | 192.243.61.225 | 403 Forbidden | 0 B |
URL GET pl25818938.effectiveratecpm.com/b4e3b87e4d0e5891d3bf81aac791b679/invoke.js IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://smartcaptchaservice.com/ CertificateIssuerLet's Encrypt Subjecteffectiveratecpm.com Fingerprint35:F6:4C:25:0B:28:C1:12:A6:AE:C0:7F:44:9B:AB:F2:64:A9:73:46 ValidityTue, 08 Apr 2025 21:00:03 GMT - Mon, 07 Jul 2025 21:00:02 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /b4e3b87e4d0e5891d3bf81aac791b679/invoke.js HTTP/1.1
Host: pl25818938.effectiveratecpm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://smartcaptchaservice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Server: nginx/1.21.6
Date: Fri, 09 May 2025 11:45:16 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: pl25818938.effectiveratecpm.com
|
|