| | 193.109.244.197 | 302 Found | 0 B |
URL User Request GET HTTP/1.0IP193.109.244.197:443 ASN#20983 PZU Centrum Operacji S.A.
CertificateIssuerUnizeto Technologies S.A. Subject*.pzu.pl Fingerprint2C:5C:19:13:96:28:09:F3:BA:4F:BE:98:68:61:6C:D1:B0:CD:6B:A5 ValidityMon, 11 Mar 2024 10:53:38 GMT - Tue, 11 Mar 2025 10:53:37 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 193.109.244.197
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 302 Moved Temporarily
Location: https://193.109.244.197/
Server: BigIP
Connection: Keep-Alive
Content-Length: 0
|
|
| | 193.109.244.197 | 302 Found | 0 B |
URL User Request GET HTTP/1.0IP193.109.244.197:443 ASN#20983 PZU Centrum Operacji S.A.
CertificateIssuerUnizeto Technologies S.A. Subject*.pzu.pl Fingerprint2C:5C:19:13:96:28:09:F3:BA:4F:BE:98:68:61:6C:D1:B0:CD:6B:A5 ValidityMon, 11 Mar 2024 10:53:38 GMT - Tue, 11 Mar 2025 10:53:37 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 193.109.244.197
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 302 Found
Server: BigIP
Cache-Control: no-cache, no-store
Content-Length: 0
Location: /vdesk/hangup.php3
Set-Cookie: LastMRH_Session=;path=/;secure
MRHSession=;path=/;secure
Connection: close
|
|
| 193.109.244.197/vdesk/hangup.php3 | 193.109.244.197 | 200 OK | 4.7 kB |
URL GET HTTP/1.1193.109.244.197/vdesk/hangup.php3 IP193.109.244.197:443 ASN#20983 PZU Centrum Operacji S.A.
Requested byhttps://193.109.244.197/vdesk/hangup.php3 CertificateIssuerUnizeto Technologies S.A. Subject*.pzu.pl Fingerprint2C:5C:19:13:96:28:09:F3:BA:4F:BE:98:68:61:6C:D1:B0:CD:6B:A5 ValidityMon, 11 Mar 2024 10:53:38 GMT - Tue, 11 Mar 2025 10:53:37 GMT
File typeHTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators Hashc19e2ffddf4fedc2a99c14245b6964c9 b94bc76b587f2540f42a2c64f2cef4d8199d6f96 7a70de8d9dee01dea9f8f9c6dd48288cf43df314d8ca05bb2032502ccb2c147f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /vdesk/hangup.php3 HTTP/1.1
Host: 193.109.244.197
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: LastMRH_Session=; MRHSession=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 03:18:21 GMT
Server: BigIP
Content-Length: 4732
X-Cnection: close
Content-Type: text/html; charset=utf-8
X-Frame-Options: DENY
Set-Cookie: MRHSession=deleted;expires=Thu, 01-Jan-1970 00:00:01 GMT;path=/;secure
F5_ST=deleted;expires=Thu, 01-Jan-1970 00:00:01 GMT;path=/;secure
MRHSHint=deleted;expires=Thu, 01-Jan-1970 00:00:01 GMT;path=/;secure
F5_HT_shrinked=deleted;expires=Thu, 01-Jan-1970 00:00:01 GMT;path=/;secure
F5_fullWT=deleted;expires=Thu, 01-Jan-1970 00:00:01 GMT;path=/;secure
MRHSequence=deleted;expires=Thu, 01-Jan-1970 00:00:01 GMT;path=/;secure
Pragma: no-cache
Cache-Control: no-cache, must-revalidate
|
|
| 193.109.244.197/public/include/css/apm.css | 193.109.244.197 | 200 OK | 42 kB |
URL GET HTTP/1.1193.109.244.197/public/include/css/apm.css IP193.109.244.197:443 ASN#20983 PZU Centrum Operacji S.A.
Requested byhttps://193.109.244.197/vdesk/hangup.php3 CertificateIssuerUnizeto Technologies S.A. Subject*.pzu.pl Fingerprint2C:5C:19:13:96:28:09:F3:BA:4F:BE:98:68:61:6C:D1:B0:CD:6B:A5 ValidityMon, 11 Mar 2024 10:53:38 GMT - Tue, 11 Mar 2025 10:53:37 GMT
File typeUnicode text, UTF-8 text, with CRLF, LF line terminators Hash244be13a427d3ba9f767984945fce1eb d220b42fc5ba2102c9f3c7598f17742c184001c9 b2b6704fde7f2ceec0d05a849e8b752a4ff9b2827929b8d20f4607dc612f8fb0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /public/include/css/apm.css HTTP/1.1
Host: 193.109.244.197
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.109.244.197/vdesk/hangup.php3
Cookie: LastMRH_Session=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: BigIP
Cache-Control: max-age=3600
Content-Type: text/css; charset=utf-8
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Frame-Options: DENY
Accept-Ranges: bytes
Connection: Keep-Alive
Date: Wed, 24 Apr 2024 03:18:21 GMT
Age: 1490
Content-Length: 42215
|
|
| 193.109.244.197/public/include/js/u_plugin.js | 193.109.244.197 | 200 OK | 42 kB |
URL GET HTTP/1.1193.109.244.197/public/include/js/u_plugin.js IP193.109.244.197:443 ASN#20983 PZU Centrum Operacji S.A.
Requested byhttps://193.109.244.197/vdesk/hangup.php3 CertificateIssuerUnizeto Technologies S.A. Subject*.pzu.pl Fingerprint2C:5C:19:13:96:28:09:F3:BA:4F:BE:98:68:61:6C:D1:B0:CD:6B:A5 ValidityMon, 11 Mar 2024 10:53:38 GMT - Tue, 11 Mar 2025 10:53:37 GMT
Hashdbff6fa8977ccacd0956dabe824956cf 402650c20d975a87db2ca5958e37ac8133efea65 827e5746a19ee37010e7e9d0536e38466b37e75c41e883f803107d0d184b1401
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /public/include/js/u_plugin.js HTTP/1.1
Host: 193.109.244.197
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.109.244.197/vdesk/hangup.php3
Cookie: LastMRH_Session=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: BigIP
Last-Modified: Sat, 18 Oct 2014 00:01:17 GMT
ETag: "a2eb-505a72e3d4d40"
Accept-Ranges: bytes
Content-Type: application/javascript
Connection: Keep-Alive
Date: Wed, 24 Apr 2024 03:18:21 GMT
Age: 33430
Content-Length: 41707
|
|
| 193.109.244.197/public/include/js/common.js | 193.109.244.197 | 200 OK | 14 kB |
URL GET HTTP/1.1193.109.244.197/public/include/js/common.js IP193.109.244.197:443 ASN#20983 PZU Centrum Operacji S.A.
Requested byhttps://193.109.244.197/vdesk/hangup.php3 CertificateIssuerUnizeto Technologies S.A. Subject*.pzu.pl Fingerprint2C:5C:19:13:96:28:09:F3:BA:4F:BE:98:68:61:6C:D1:B0:CD:6B:A5 ValidityMon, 11 Mar 2024 10:53:38 GMT - Tue, 11 Mar 2025 10:53:37 GMT
Hash5792c15121e1ba5d118283ef936373cf 2cd9dddc82a95d55d143853051434c4f45bb7cd6 1b865469a8507b4430ce5f8d484a7319b152facad9c6c9105151c65509b46bc4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /public/include/js/common.js HTTP/1.1
Host: 193.109.244.197
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.109.244.197/vdesk/hangup.php3
Cookie: LastMRH_Session=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: BigIP
Last-Modified: Mon, 26 Jun 2023 07:48:50 GMT
ETag: "353c-5ff0394ccfc80"
Accept-Ranges: bytes
Content-Type: application/javascript
Connection: Keep-Alive
Date: Wed, 24 Apr 2024 03:18:22 GMT
Age: 2391
Content-Length: 13628
|
|
| 193.109.244.197/public/images/customization/Common/apm_kerberos_on_401_spnego_multi_app_sso_general_ui/logo_image_en.png | 193.109.244.197 | 200 OK | 23 kB |
URL GET HTTP/1.1193.109.244.197/public/images/customization/Common/apm_kerberos_on_401_spnego_multi_app_sso_general_ui/logo_image_en.png IP193.109.244.197:443 ASN#20983 PZU Centrum Operacji S.A.
Requested byhttps://193.109.244.197/vdesk/hangup.php3 CertificateIssuerUnizeto Technologies S.A. Subject*.pzu.pl Fingerprint2C:5C:19:13:96:28:09:F3:BA:4F:BE:98:68:61:6C:D1:B0:CD:6B:A5 ValidityMon, 11 Mar 2024 10:53:38 GMT - Tue, 11 Mar 2025 10:53:37 GMT
File typePNG image data, 148 x 148, 8-bit/color RGB, non-interlaced Hash0f3afe0ec03b01a92bfc4013e112fd26 3e226accb7695e131655b35de0f4adabb6732f1f 1c94376c08a71c163c2ef76b497c6329e187250cd34d8643cb9bd839192cb30d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /public/images/customization/Common/apm_kerberos_on_401_spnego_multi_app_sso_general_ui/logo_image_en.png HTTP/1.1
Host: 193.109.244.197
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.109.244.197/vdesk/hangup.php3
Cookie: LastMRH_Session=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: BigIP
Last-Modified: Fri, 15 Mar 2024 20:26:55 GMT
ETag: "582f-613b8d42ea1c0"
Accept-Ranges: bytes
Content-Type: image/png
Connection: Keep-Alive
Date: Wed, 24 Apr 2024 03:18:22 GMT
Age: 10491
Content-Length: 22575
|
|
| 193.109.244.197/public/images/my/header-white.png | 193.109.244.197 | 302 Found | 0 B |
URL GET HTTP/1.0193.109.244.197/public/images/my/header-white.png IP193.109.244.197:443 ASN#20983 PZU Centrum Operacji S.A.
Requested byhttps://193.109.244.197/vdesk/hangup.php3 CertificateIssuerUnizeto Technologies S.A. Subject*.pzu.pl Fingerprint2C:5C:19:13:96:28:09:F3:BA:4F:BE:98:68:61:6C:D1:B0:CD:6B:A5 ValidityMon, 11 Mar 2024 10:53:38 GMT - Tue, 11 Mar 2025 10:53:37 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /public/images/my/header-white.png HTTP/1.1
Host: 193.109.244.197
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.109.244.197/public/include/css/apm.css
Cookie: LastMRH_Session=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 302 Found
Server: BigIP
Cache-Control: no-cache, no-store
Content-Length: 0
Location: /vdesk/hangup.php3
Set-Cookie: LastMRH_Session=;path=/;secure
MRHSession=;path=/;secure
Connection: close
|
|
| 193.109.244.197/vdesk/hangup.php3 | 193.109.244.197 | 200 OK | 4.7 kB |
URL GET HTTP/1.1193.109.244.197/vdesk/hangup.php3 IP193.109.244.197:443 ASN#20983 PZU Centrum Operacji S.A.
Requested byhttps://193.109.244.197/vdesk/hangup.php3 CertificateIssuerUnizeto Technologies S.A. Subject*.pzu.pl Fingerprint2C:5C:19:13:96:28:09:F3:BA:4F:BE:98:68:61:6C:D1:B0:CD:6B:A5 ValidityMon, 11 Mar 2024 10:53:38 GMT - Tue, 11 Mar 2025 10:53:37 GMT
File typeHTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators Hashc19e2ffddf4fedc2a99c14245b6964c9 b94bc76b587f2540f42a2c64f2cef4d8199d6f96 7a70de8d9dee01dea9f8f9c6dd48288cf43df314d8ca05bb2032502ccb2c147f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /vdesk/hangup.php3 HTTP/1.1
Host: 193.109.244.197
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://193.109.244.197/public/include/css/apm.css
DNT: 1
Connection: keep-alive
Cookie: LastMRH_Session=; MRHSession=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: BigIP
Content-Type: text/html; charset=utf-8
Accept-Ranges: bytes
Connection: Keep-Alive
Date: Wed, 24 Apr 2024 03:18:22 GMT
Age: 1
Content-Length: 4732
X-Frame-Options: DENY
Set-Cookie: MRHSession=deleted;expires=Thu, 01-Jan-1970 00:00:01 GMT;path=/;secure
F5_ST=deleted;expires=Thu, 01-Jan-1970 00:00:01 GMT;path=/;secure
MRHSHint=deleted;expires=Thu, 01-Jan-1970 00:00:01 GMT;path=/;secure
F5_HT_shrinked=deleted;expires=Thu, 01-Jan-1970 00:00:01 GMT;path=/;secure
F5_fullWT=deleted;expires=Thu, 01-Jan-1970 00:00:01 GMT;path=/;secure
MRHSequence=deleted;expires=Thu, 01-Jan-1970 00:00:01 GMT;path=/;secure
Pragma: no-cache
Cache-Control: no-cache, must-revalidate
|
|
| 193.109.244.197/favicon.ico | 193.109.244.197 | 200 OK | 1.2 kB |
URL GET HTTP/1.1193.109.244.197/favicon.ico IP193.109.244.197:443 ASN#20983 PZU Centrum Operacji S.A.
Requested byhttps://193.109.244.197/vdesk/hangup.php3 CertificateIssuerUnizeto Technologies S.A. Subject*.pzu.pl Fingerprint2C:5C:19:13:96:28:09:F3:BA:4F:BE:98:68:61:6C:D1:B0:CD:6B:A5 ValidityMon, 11 Mar 2024 10:53:38 GMT - Tue, 11 Mar 2025 10:53:37 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hash486373b021971d0a95af04c811799e21 47216f4da8d00e7df4d5d4c84a019b95a08ec276 492d59030435c1398699fe177a0d1c859d92cd4e284236974f785ece8988fe21
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: 193.109.244.197
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.109.244.197/vdesk/hangup.php3
Cookie: LastMRH_Session=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: BigIP
Last-Modified: Fri, 12 Dec 2008 00:11:58 GMT
ETag: "47e-45dce57692f80"
Accept-Ranges: bytes
Content-Type: image/x-icon
Connection: Keep-Alive
Date: Wed, 24 Apr 2024 03:18:22 GMT
Age: 29989
Content-Length: 1150
|
|