Report - pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php

Report Overview

Visited public
2025-02-14 16:50:17
Tags
URL
pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Finishing URL
pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
IP / ASN
104.21.32.1
#13335 CLOUDFLARENET
Title
pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
pl.logowaniie-alegrropll.com	unknown	2025-02-07	2025-02-10	2025-02-10	28 kB	1.3 MB	104.21.48.1
cdnjs.cloudflare.com	235	2009-02-17	2012-05-23	2025-02-12	451 B	28 kB	104.17.25.14
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2025-02-12	1.4 kB	81 kB	104.18.187.31
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-02-12	487 B	1.6 kB	142.250.74.10

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (14)

	URL	From	Size	First Seen	Last Seen
	cdn.jsdelivr.net/npm/intl-tel-input@18.1.1/build/js/utils.js	ScriptElement	253 kB	2023-06-05	2025-03-27
Pretty URL cdn.jsdelivr.net/npm/intl-tel-input@18.1.1/build/js/utils.js IP 104.18.187.31 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-05 08:33 Last Seen2025-03-27 03:05 Times Seen707 Hash 958ffe72993523881b77e140ce759bce 574e439ae457ca23f79d1a7cc0906457abb15c40 0399719be23112b963e66643f253e231063844e560f6e5f27cdf1be25c68cc5a Loading...

	pl.logowaniie-alegrropll.com/assets/lang.js	ScriptElement	23 kB	2025-02-10	2025-02-18
Pretty URL pl.logowaniie-alegrropll.com/assets/lang.js IP 104.21.48.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-10 16:54 Last Seen2025-02-18 07:33 Times Seen580 Hash 990a928060de3e0fd46d653f5f07008c c49b96a434cb5a3482e923be4460ef594f2e6211 7ac9e3df52956a29e90d4d650e6a04c522bb390fdf89202fce42c4c999f30fae Loading...

	pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php	ScriptElement	28 B	2025-02-10	2025-02-18
Pretty URL pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php IP 104.21.48.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-02-10 16:54 Last Seen2025-02-18 07:33 Times Seen580 Hash 9369223fc1ad6ff35c1de2dcaf2456f9 a0121e5a7c31cdd814244f80409ea789e8b564d2 e33598efc5f92227f3049879e5527a77e6bf37c2d55636358f7db77dcc9d961a Loading...

	pl.logowaniie-alegrropll.com/assets/router.js	ScriptElement	7.4 kB	2025-02-10	2025-02-18
Pretty URL pl.logowaniie-alegrropll.com/assets/router.js IP 104.21.48.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-10 16:54 Last Seen2025-02-18 07:33 Times Seen580 Hash 0cf02e455838c90eb216631cab3fddba c301856896622b5244a5b25e63674469f0dbbda8 5e18deff80a4b2a4f826d3b01e02770745ad0ffa069018e535ea37fb661c750d Loading...

	unknown	ScriptElement	1.6 kB	2025-02-10	2025-02-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-10 16:54 Last Seen2025-02-18 07:33 Times Seen580 Hash a1fda3486c53c9cd92bd181b162fffbc b943318039a67e89c60ef42f6115392b2b6cfec6 6734d6b7cc932de0f3d25385897e7cdf3c1938afecf0db99cbbb330fda1ae724 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js	ScriptElement	88 kB	2023-08-31	2025-03-28
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-31 16:03 Last Seen2025-03-28 05:53 Times Seen24968 Hash 2c872dbe60f4ba70fb85356113d8b35e ee48592d1fff952fcf06ce0b666ed4785493afdc fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a Loading...

	pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php	ScriptElement	246 B	2025-02-14	2025-02-14
Pretty URL pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php IP 104.21.48.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-02-14 16:50 Last Seen2025-02-14 16:50 Times Seen1 Hash 675f9a77988dadbaa97a88e6da8734b8 210cbf4e87163b6e98795792a3061956d1dfa9b1 8cfe9bc9e3c6a074cfd904e9309d60770c37d42e66136d63a57a3090a7e31794 Loading...

	pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php	ScriptElement	3.6 kB	2025-02-10	2025-02-18
Pretty URL pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php IP 104.21.48.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-02-10 16:54 Last Seen2025-02-18 07:33 Times Seen580 Hash 3dc50dd47c5d16d74fe005d2f38ffdc5 8a4164239cbc0b853f3b9e661d9df656cf4138c8 9056f3af27cbccb9bd72fe004e370b37fba99e10f46ea75f7f22bb180b66b7c9 Loading...

	pl.logowaniie-alegrropll.com/assets/polyfill.min.js	ScriptElement	104 B	2023-12-16	2025-03-28
Pretty URL pl.logowaniie-alegrropll.com/assets/polyfill.min.js IP 104.21.48.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-16 06:03 Last Seen2025-03-28 03:21 Times Seen6000 Hash 435a451090061be4c0254761f2f94e1f 1a873f8c9a0dfb421e3213dfbbfa8aafa9960d4c 6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2 Loading...

	pl.logowaniie-alegrropll.com/assets/inputmask.min.js	ScriptElement	102 kB	2023-03-26	2025-03-04
Pretty URL pl.logowaniie-alegrropll.com/assets/inputmask.min.js IP 104.21.48.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 14:05 Last Seen2025-03-04 20:28 Times Seen598 Hash b89f54c50010cfec39c5cf6292b8f87a 11865641875699ad1e5d8bc1b1d4270ec86d5f8f 2104a74c194968212a6b332626b10108f02e476acbe1e705c7f52a441742c96d Loading...

	pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php	ScriptElement	517 B	2025-02-10	2025-02-18
Pretty URL pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php IP 104.21.48.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-02-10 16:54 Last Seen2025-02-18 07:33 Times Seen580 Hash c91c27d77cc8b233205213ce2c705ea7 ab3e79a10c3ae2ff739d5b3d4fedaa816c3491b7 fce5628679b89d2cdf0566d9565f429da3b4b6ca2bdc9ea4db5860ac8a1a62d4 Loading...

	cdn.jsdelivr.net/npm/intl-tel-input@18.1.1/build/js/intlTelInput.min.js	ScriptElement	31 kB	2023-05-25	2025-03-23
Pretty URL cdn.jsdelivr.net/npm/intl-tel-input@18.1.1/build/js/intlTelInput.min.js IP 104.18.187.31 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-25 07:33 Last Seen2025-03-23 07:32 Times Seen713 Hash 56ac609bb900dc42d7df6667c5c3ce31 7d9df7aa529524c88873d0af057d0d92e17da8e8 116f7fd41bf96c3881805a25dc8bf19d731807de97a90316544fcf311ba5123b Loading...

	pl.logowaniie-alegrropll.com/assets/post.js	ScriptElement	11 kB	2025-02-10	2025-02-18
Pretty URL pl.logowaniie-alegrropll.com/assets/post.js IP 104.21.48.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-10 16:54 Last Seen2025-02-18 07:33 Times Seen580 Hash e95e41761a176187f9c755376a1b83dd 6872d86659fd675c9b4a18e205e5fd3329ddda0b f47c0df4ab620a3153e40ea5c0da187f921cd8bedc9cbd57ef99e1e2850b5116 Loading...

	pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php	ScriptElement	477 B	2025-02-10	2025-02-18
Pretty URL pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php IP 104.21.48.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-02-10 16:54 Last Seen2025-02-18 07:33 Times Seen579 Hash a05c5d42d5a79a8c405ceecc5ec502de 6314ffca59a6aa553b037d482cf590c535aaea16 5562a7fc3492ecb4e56abd3eadba8bffd1ca5e4b441acdd263342fced88bb0f6 Loading...

HTTP Transactions (44)

URL IP Response Size

pl.logowaniie-alegrropll.com/assets/ikea.png

104.21.48.1

200 OK

14 kB

URL
pl.logowaniie-alegrropll.com/assets/ikea.png
IP
104.21.48.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 640 x 256, 8-bit/color RGB, non-interlaced
Size
14 kB (13924 bytes)
Hash
9c79def7332dd362215740662b344341
637ca0d0707bf225daa269df5b19981d8d9f4a28
bb54d7aa1c960b0095d5b9060424ec3e1f15c98154e94a468f8e8c1d68d314dd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/ikea.png HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:49:46 GMT
content-type: image/png
content-length: 13924
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lmMdLvJ4rnkT1oRotGfZ%2FPilPcyk0ajA1HTENwzPIlyRC5guCOTQNQqUPPHfi%2B5h8FfbyqfRQoaD%2BKI41HaN%2BZtFRZle%2BTQPAPklAiV2CMAUeg111jonKBTLaz%2BBYj2SKE%2F1eBChgM%2FTTlFfmIA%2B"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 26 Jul 2024 19:06:23 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 23
accept-ranges: bytes
cf-ray: 911e8da74a725696-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js

104.17.25.14

200 OK

27 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint00:0E:39:59:53:CF:68:07:90:75:EB:68:26:B9:04:22:44:7D:9A:32
ValidityFri, 24 Jan 2025 09:16:22 GMT - Thu, 24 Apr 2025 10:16:21 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
27 kB (27446 bytes)
Hash
2c872dbe60f4ba70fb85356113d8b35e
ee48592d1fff952fcf06ce0b666ed4785493afdc
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

HTTP Headers

GET /ajax/libs/jquery/3.7.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pl.logowaniie-alegrropll.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 14 Feb 2025 16:49:46 GMT
content-type: application/javascript; charset=utf-8
content-length: 27446
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "64ed75bb-6b36"
last-modified: Tue, 29 Aug 2023 04:36:11 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 177285
expires: Wed, 04 Feb 2026 16:49:46 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2GZZtiR4%2BBOak8%2B59Nti3AeZC%2B%2FKoXQmfALK7ukDcTT6KE6OLxOTY5q4DI58zkReMYmuNa5Awq0pMSuSkJa9eVL8spGCpQwkFiq8Q7uYBZWfok2GAOQiv65TSzIJHbK502obSy0v"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 911e8da76bbf56b9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/intl-tel-input@18.1.1/build/css/intlTelInput.min.css

104.18.187.31

200 OK

2.8 kB

URL
cdn.jsdelivr.net/npm/intl-tel-input@18.1.1/build/css/intlTelInput.min.css
IP
104.18.187.31:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (19665), with no line terminators
Size
2.8 kB (2775 bytes)
Hash
b41fad07c500d63c076f70669ba7f9e6
4e55da95a7d18d3ecbde16440484df380bbaf0fe
a1e9f2c7a8c80a11fd8da5caddf517a5c28e7a64d01c84295014283897c762d8

HTTP Headers

GET /npm/intl-tel-input@18.1.1/build/css/intlTelInput.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pl.logowaniie-alegrropll.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 14 Feb 2025 16:49:46 GMT
content-type: text/css; charset=utf-8
content-length: 2775
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 18.1.1
x-jsd-version-type: version
etag: W/"4cd1-TlXalafRjT7L3hZEBITfOAu68P4"
content-encoding: br
x-served-by: cache-fra-etou8220048-FRA, cache-lga21970-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 115093
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JQW0HwKkJD6nz%2BXYxkSUWbqjA9jDpp9c8vVWQuHM8OVumGyGx8VO72Nda23qMR55cEDbLxphgBdJJvaSKfQTuBOJnvk5Ez0xdPZhIaeOgK6eut9F9TObjwlk%2By43YluD%2Ftw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 911e8da768060b65-OSL
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/intl-tel-input@18.1.1/build/js/intlTelInput.min.js

104.18.187.31

200 OK

12 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/intl-tel-input@18.1.1/build/js/intlTelInput.min.js
IP
104.18.187.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerSectigo Limited
Subject*.jsdelivr.net
Fingerprint74:7A:63:DF:06:27:1E:52:8C:E8:0D:AD:1F:89:98:B5:EB:2D:49:EE
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (27283)
Size
12 kB (11919 bytes)
Hash
56ac609bb900dc42d7df6667c5c3ce31
7d9df7aa529524c88873d0af057d0d92e17da8e8
116f7fd41bf96c3881805a25dc8bf19d731807de97a90316544fcf311ba5123b

HTTP Headers

GET /npm/intl-tel-input@18.1.1/build/js/intlTelInput.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pl.logowaniie-alegrropll.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 14 Feb 2025 16:49:46 GMT
content-type: application/javascript; charset=utf-8
content-length: 11919
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 18.1.1
x-jsd-version-type: version
etag: W/"779c-fZ33qlKVJMiIc9CvBX0NkuF9qOg"
content-encoding: br
x-served-by: cache-fra-etou8220036-FRA, cache-lga21970-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 2450201
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U6%2BIsomOnuRGiitVonFR9IdPnJSRZgSWWXwI6BRM%2B%2FtDTYv9zQewvrK1x6k%2FInOMce7uXnE9inFwo%2FF4jLslOCaN6fw5vera04%2B%2Bihenu4dF9spUrndlQBDY5mMU980PanU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 911e8da7680e0b65-OSL
X-Firefox-Spdy: h2

pl.logowaniie-alegrropll.com/assets/post.js

104.21.48.1

200 OK

1.8 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/post.js
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
JavaScript source, Unicode text, UTF-8 text
Size
1.8 kB (1842 bytes)
Hash
e95e41761a176187f9c755376a1b83dd
6872d86659fd675c9b4a18e205e5fd3329ddda0b
f47c0df4ab620a3153e40ea5c0da187f921cd8bedc9cbd57ef99e1e2850b5116

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/post.js HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:49:46 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pjkend88KPsvalmMNLZEOqqvM%2BSvB2A3CxTyl0ooEMLwC1enUn2wqoHSFR9Em8YmY%2BnCSSrFoddZ0UepGN%2Fhf8I4C4yz2VhPg%2BZ5QhmSYz2QI4DBTamnPj8%2FNwAV30OnkYRTpM00g347589XEmFv"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 27 Aug 2024 10:45:57 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 23
content-encoding: br
cf-ray: 911e8da74a765696-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css2?family=Poppins:wght@600;700;800;900&display=swap

142.250.74.10

200 OK

909 B

URL GET HTTP/2
fonts.googleapis.com/css2?family=Poppins:wght@600;700;800;900&display=swap
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint91:3E:F9:90:4B:40:4C:8E:D9:11:EA:64:14:86:3D:AD:DB:41:93:5C
ValidityMon, 20 Jan 2025 08:37:08 GMT - Mon, 14 Apr 2025 08:37:07 GMT

File type
gzip compressed data, max compression
Size
909 B (909 bytes)
Hash
cb3f6fceadf5ccf381029355681a0f58
27291d4c266203d9b232a13bdc9e6bc474927471
d0e0f0f7b278d60c71b94f8e88fd00f7822dba8f98895571a6e8718f172bc109

HTTP Headers

GET /css2?family=Poppins:wght@600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pl.logowaniie-alegrropll.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 14 Feb 2025 16:49:46 GMT
date: Fri, 14 Feb 2025 16:49:46 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/intl-tel-input@18.1.1/build/js/utils.js

104.18.187.31

200 OK

62 kB

URL GET HTTP/3
cdn.jsdelivr.net/npm/intl-tel-input@18.1.1/build/js/utils.js
IP
104.18.187.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerSectigo Limited
Subject*.jsdelivr.net
Fingerprint74:7A:63:DF:06:27:1E:52:8C:E8:0D:AD:1F:89:98:B5:EB:2D:49:EE
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (1454)
Size
62 kB (62446 bytes)
Hash
958ffe72993523881b77e140ce759bce
574e439ae457ca23f79d1a7cc0906457abb15c40
0399719be23112b963e66643f253e231063844e560f6e5f27cdf1be25c68cc5a

HTTP Headers

GET /npm/intl-tel-input@18.1.1/build/js/utils.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pl.logowaniie-alegrropll.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:49:46 GMT
content-type: application/javascript; charset=utf-8
content-length: 62446
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 18.1.1
x-jsd-version-type: version
etag: W/"3dc5d-V05DmuRXyiP3nRp8wJBkV6uxXEA"
content-encoding: br
x-served-by: cache-fra-eddf8230068-FRA, cache-lga21930-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 19377673
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HRDhubZ%2F2Kq7BaQINaOYTSI41NJJI2A7oGasoOBVxulaPrPz%2FCPYV%2Bb%2BiuHa1FzdM2E7IHF0H%2ByWvrK%2B6waNeauFV7q7L2Eteq9QayXy4pHRnO50VzYOV8kkuD0MEIXNMg4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 911e8dac5db47128-OSL
server-timing: cfExtPri

pl.logowaniie-alegrropll.com/assets/allegro.png

104.21.48.1

200 OK

33 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/allegro.png
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
PNG image data, 640 x 256, 8-bit/color RGB, non-interlaced
Size
33 kB (32558 bytes)
Hash
ab8aed89d092b2adc771e8b3f6475cf0
2b140d4932ab0f43c850f79ba21d25eebe5d67ee
33f97e008009926bf61a0595d10f115a1cc8f3c2c2fa3a1d855e056baaed2950

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/allegro.png HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:49:46 GMT
content-type: image/png
content-length: 32558
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hLDVFPn4WoNsWMdVgbFb1XewTEXHa%2FtKyax0B4p%2BQgmoaH1GLPFtidhRWHZ6Sx8v7MTHgMnkKp2dKG2FB2rDdNexWFjBfGcupJ5x9UmwZTXmzO7mYK4JZAs9VFzdCxaH2O2BJoS7CgL3C%2F%2FHyv3H"}],"group":"cf-nel","max_age":604800}
last-modified: Sat, 10 Aug 2024 21:57:36 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 21
accept-ranges: bytes
cf-ray: 911e8dac5a855696-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/lang.js

104.21.48.1

200 OK

58 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/lang.js
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
JavaScript source, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
58 kB (58510 bytes)
Hash
2eeabedc412af28cb3959eabd8c48713
eb1265824d7316f654a58816b291090baa25861f
44250e82c27989c9fcbe90724d75f4d2bbef2448189d804a06171d46806dce84

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/lang.js HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:49:46 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3EpWgn%2B02ezC8qkXyjyLHRyHk2rQSJwDTtPTGF2MCmTe7KfKpTWadTvZ274O3M15M0xN8Oa%2B1qLAVc76JmaH4fqXBVWK%2F9K7YdQxoGkqj5g5PhzDTNI26SfQSK%2FcG%2B%2F4mSSsD%2FS65iJoK%2BRDkp4y"}],"group":"cf-nel","max_age":604800}
last-modified: Wed, 28 Aug 2024 13:34:02 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 23
content-encoding: br
cf-ray: 911e8da73a6d5696-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/bank.php

104.21.48.1

200 OK

286 kB

URL POST HTTP/3
pl.logowaniie-alegrropll.com/assets/bank.php
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
Unicode text, UTF-8 text
Size
286 kB (286349 bytes)
Hash
27413cac7eaff75bd8e68970baa37c29
19cc8a1c8866270a7d156d4723a714b0e21aeeb1
7459368ffd19afa62b971e103d8c22eeb0b80549ead1086bbb69773f2ac398e1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /assets/bank.php HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Content-Length: 26
Origin: https://pl.logowaniie-alegrropll.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:49:47 GMT
content-type: text/html; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O4PmjUvO50vx8A%2BOO3U5Yr04Kzih%2BGBxyyHEn%2FCocnAy9fUEiYK8EIji0RjuRpQqiWF5Bh6pUzOnq7Vf50CR79m0KG8YZzFM5h4RSDJDHJDz%2B5bcauBTcURdl%2BAzjOW3CaARe5N0K1hWff%2B7rzNe"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 911e8dac6a865696-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/bankpocztowy.png

104.21.48.1

200 OK

30 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/bankpocztowy.png
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
PNG image data, 512 x 512, 8-bit/color RGB, non-interlaced
Size
30 kB (30455 bytes)
Hash
7f4d0f1b0d45cb296657777b6c1b6112
80772fe8e93176c3e6ec7a53f5cc90284b5d5153
e99791482476b8e4cb7dd71bce4258dc6e376223b4d93cb62a17cd5e4b1423dc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/bankpocztowy.png HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:49:47 GMT
content-type: image/png
content-length: 30455
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VMIJXhXFivfAjKr8rKFvx13Qessu8j1vRoJWMwGaMvtk4%2BIrwjbyiwNQKA52qUl0pHooJ%2FJjIbLZVtck71cCwTHJhdAIGiHPiLkz84lUiCvptRBwhDwSW1%2Banu3keHX%2FpumaDeRM7C9hVhc36B7n"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 26 Jul 2024 18:52:27 GMT
accept-ranges: bytes
age: 21
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 911e8dadca8d5696-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/pekao.png

104.21.48.1

200 OK

21 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/pekao.png
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
PNG image data, 512 x 512, 8-bit colormap, non-interlaced
Size
21 kB (21058 bytes)
Hash
358279bd95d5c82c4335f4d888723845
1138a9817484678815684b0c52c07f49ef262b45
6e7281b17ceb0a429c851524a6e1ed3e0547c02a6e5a81ee9baad7660dffe257

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/pekao.png HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:49:47 GMT
content-type: image/png
content-length: 21058
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6Z0Wx1aJ0RJHwAT4sTj1WM5ezlGuQI%2Fjvzx6jZVaLVgXS%2FEFKiB2Kygn23c%2BoZF3bvXNxxvdaJSRZZuBM6qxVPzWJYR7IUBe4NmfMt9vbaP%2BQ3YsYZ5WvRImay%2FHjdXMu9Q6LALxHd6N%2FhkNqv3L"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 26 Jul 2024 18:52:27 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 22
accept-ranges: bytes
cf-ray: 911e8dadca8c5696-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/agricole.png

104.21.48.1

200 OK

7.6 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/agricole.png
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
PNG image data, 720 x 720, 8-bit colormap, non-interlaced
Size
7.6 kB (7571 bytes)
Hash
c138bc3a1318831e637e8d57e968f5fe
c4e1a6f009c1ae1f462d68f27788c0e0841c33c8
22ce53106e91f1155f04ea4b6c3122bd93eeded176b23f1d33cfefaefb7cce7e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/agricole.png HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:49:47 GMT
content-type: image/png
content-length: 7571
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cdxfJ2KwaQzCEnmdsM6DFbVVRGlzFFW91oljaseuDGYUNgwp9D5KjgPa%2B%2BB%2Bo4yUDwhSOsZmF5yOruZfhjwk4bJqbU4OipQQp%2BbPIRmlTNJdo1uQDPy1UV4z5KLaiYq2x1SiOSpaLGBAzk7tAS%2BH"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 26 Jul 2024 18:52:27 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 22
accept-ranges: bytes
cf-ray: 911e8dadba895696-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/bpsbank.png

104.21.48.1

200 OK

13 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/bpsbank.png
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Size
13 kB (12782 bytes)
Hash
daac32c9131cd662edcd898647c433f5
21ea2e8dc872344a33a7f479a9c276131e7a9e36
c28f5d8f407c01ae7e38c737a1326ab7299418d539dc8061c278fbd6452e5499

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/bpsbank.png HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:49:47 GMT
content-type: image/png
content-length: 12782
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ucyqxwb8EjpLROexM9r03aWB4E%2BBknhAWk75YNQ9IMvq0ILUA%2FwEydftoaUqj7M3IYbNo%2BaGEBcsifpZzPlnlEl5wpYwYCi7EbIOneJfoCpWpCdPAmr9r6jIPVvLvnleYN%2FUQQhzo4tTKc2yLRAF"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 26 Jul 2024 18:52:27 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 22
accept-ranges: bytes
cf-ray: 911e8dadca8f5696-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/citihandlowy.png

104.21.48.1

200 OK

12 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/citihandlowy.png
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced
Size
12 kB (11581 bytes)
Hash
761b2a6138eacad1a2f18deff6a0d5d4
e6e9cfe12790d1df729433e19c3634f59cfbbe6e
555d912520b071a5829b657d5a0baafe8eb42ae77165232d1ba0c38ed9b13ccb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/citihandlowy.png HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:49:47 GMT
content-type: image/png
content-length: 11581
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5GlFRmGkgvwwjJn%2BTBcPrXpwn5T5ij9hPfx6A76GOc9KwR8CgCshLNn4xW8dRU%2BnssM%2F02OMZGCR8Zl2tpDj8xzGg2W1zqPHxMlRpaooOK%2BmE386yCT3yuCefZHb8ohyu2yMV056k9GDC3AAvUVG"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 26 Jul 2024 18:52:27 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 22
accept-ranges: bytes
cf-ray: 911e8dadca905696-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/dbnbank.png

104.21.48.1

200 OK

29 kB

URL
pl.logowaniie-alegrropll.com/assets/dbnbank.png
IP
104.21.48.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Size
29 kB (29322 bytes)
Hash
a1c2aaa0d3c9021ec3d8785212a872a7
6f465cf39041b1d51c120989785b9520f1e861ce
2adf245f6fe35807e30162acd7c54bd523badc80bfddc3c6db2c87c82661f6c0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/dbnbank.png HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:49:47 GMT
content-type: image/png
content-length: 29322
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QQVa5d4v8nelUgyGOMvVA1ucmHON3%2FYifZVtRO8Rb7ciMtjdiK8PzCYTd%2BIRnBUJgdvl5CGnOhXk9QKdNHo12wROgOgpO0evQOODCNxwnhzoObeDpwoaB80kA0p78fZ3TFBEpZAxSVQxj5Eszem8"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 26 Jul 2024 18:52:27 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 22
accept-ranges: bytes
cf-ray: 911e8dadda915696-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/password.svg

104.21.48.1

200 OK

6.6 kB

URL
pl.logowaniie-alegrropll.com/assets/password.svg
IP
104.21.48.1:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image
Size
6.6 kB (6573 bytes)
Hash
933086472fc80750799d6d61cffe45f7
59fbcbc05046c103188311b0a4854cc9fb36762e
1ac55634ba64f3400c4621473c1a525bee42b2e31ae0934cd4dfb05836b66313

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/password.svg HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:49:46 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KD1Js2bozHkhZmkyN0Kc0%2BxHuiAZ38xkuAFfIld8yzIlPPtga%2Bl26gU2Bm24xxG66vRdlbaGKLrf%2FsdnierkYELJcEExN3QkFObYd2spZTl8Ms0OilKRMuohvDkOH1wdupb7ASpFc3uPB5vTRpld"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 26 Jul 2024 18:52:59 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 23
content-encoding: br
cf-ray: 911e8da74a735696-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/ing.png

104.21.48.1

200 OK

57 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/ing.png
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced
Size
57 kB (57430 bytes)
Hash
b544fa33ff239e07c7bf485e37ea838c
777004cfeb5a57fdcf131f6ea288400a27271598
1f353fe95340bac4eab116b41b523fe14e8954c3f8b9b6e5583580f544c16e82

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/ing.png HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:49:47 GMT
content-type: image/png
content-length: 57430
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gNaruLGh%2BUvx%2F1Fw54z%2FNfoSIZloGHkqIF9Oj32rCjYxxVH%2BmOJLVXQclGAdNeLpnfGdTk3X5AMO9Z2peGcOeocza6sZIKHBOogGOfbYzpXCDpDofXnwMWu0zst1OQoyNLsp%2FcVn%2FNnuq9voTYCt"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 26 Jul 2024 18:52:27 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 22
accept-ranges: bytes
cf-ray: 911e8dadda945696-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/paribas.png

104.21.48.1

200 OK

126 kB

URL
pl.logowaniie-alegrropll.com/assets/paribas.png
IP
104.21.48.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 500 x 500, 8-bit/color RGB, non-interlaced
Size
126 kB (125541 bytes)
Hash
75c6d5c81604504872f331843ca342a0
872a3e7f31dce51fe49e2365323056de903d98ab
6622d4cef0634af3d4e239148ee21265ca5ba671caa17582b7e3ac967339204f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/paribas.png HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:49:47 GMT
content-type: image/png
content-length: 125541
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kp738h9e6p4yRYWwWJ034MwteewHe%2FTlG1cnKb07cGa7ls%2FI1Ysfd3cgaNRluldFneUvzabpFqQufTyLEUrx7ynA2Dr56DP12CYQd16a9OmA0N%2Fn6EDFhwL%2BNNa11Y%2BTvPLiiuVZj%2BG6LpajPs8n"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 26 Jul 2024 18:52:27 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 22
accept-ranges: bytes
cf-ray: 911e8dadca8e5696-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/bostokenbank.png

104.21.48.1

200 OK

16 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/bostokenbank.png
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
PNG image data, 512 x 512, 8-bit/color RGB, non-interlaced
Size
16 kB (15562 bytes)
Hash
6116de5cc25cf34b690b5268c01a2f82
712fb73483be453ad8c1010ce9fcb3494d8b8395
a872e7d9cc3b41166b77d39ab942036c57ded6c4dd6f495e2a37fe3a12971e84

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/bostokenbank.png HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:49:47 GMT
content-type: image/png
content-length: 15562
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AigVtC9gb%2B1WJH0%2Fi208ZjiecxtCbMGI9qnSmq8jWGmuFEbBykq7FPe4iIMf5908al8r9mRh7YtKhhMaxscQt1VXIzxpWnMq4eHOzIr70JnJmeI%2Bh6cePUVEqJNVNdMl%2FyuxTRWD9SXQzFMvnkG%2F"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 26 Jul 2024 18:52:27 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 22
accept-ranges: bytes
cf-ray: 911e8dadca8b5696-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/deutschebank.png

104.21.48.1

200 OK

15 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/deutschebank.png
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Size
15 kB (15081 bytes)
Hash
34c4552d9809a68d05f7c7e1261f211c
b66110923a4d043dfd814ed2c83a7c4b68c7d37b
a2b1d8f9daa1b9d52be940c19692939f29d60f8eb834a1d7e3dd54ee08c0ce2b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/deutschebank.png HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:49:47 GMT
content-type: image/png
content-length: 15081
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6mwh5ult9J9JVb9tCFWHsINPVH1fIH6ptl8vu5vDVl6MKHNyJOEbgfqLOJDCSeHo0NjTV54LI5UIvsomsBp8ssSmmC7bAlCeW%2BOpLXAcAeutr%2BP8tM0FbgcRi0nhshDANYsszB0w57TBreyib%2BnK"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 26 Jul 2024 18:52:27 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 22
accept-ranges: bytes
cf-ray: 911e8dadda925696-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/nestbank.png

104.21.48.1

200 OK

35 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/nestbank.png
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Size
35 kB (35319 bytes)
Hash
110ff8bb5901d87a85595ae24f7c8aae
4d8796e99af91ebe8f2626f3c80f4cbc1aff0f82
2889bd96a1914cd07d5767e6a78e023e097dfea0e6f4f3981d2cc5c02bbc298e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/nestbank.png HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:49:47 GMT
content-type: image/png
content-length: 35319
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KB8MpUCe1EmtibK29jOArEpekXLoeEJqPLBViHO4RkiavpwxHVU1ZFakOapFle4l9F4v8cfHSdBzpFnQkHU3mYaL02foPeqoAfvP90a67%2FF22vE6Nzzz44dEARDl5PviAJqeTAj9sXoN6fgfWFHW"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 26 Jul 2024 18:52:27 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 22
accept-ranges: bytes
cf-ray: 911e8dae7a985696-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/sgbbank.png

104.21.48.1

200 OK

35 kB

URL
pl.logowaniie-alegrropll.com/assets/sgbbank.png
IP
104.21.48.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Size
35 kB (34835 bytes)
Hash
f7761decc7bd3b2d42d688583c3d7f5d
ef7d9287ba5e3d52a18a980ee9ad0abc78ec7295
848a099263c8ac5b35daa30b024cdea1f914d1ba0f818db7c579c4b883ecfcbf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/sgbbank.png HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:49:47 GMT
content-type: image/png
content-length: 34835
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CqutBDAVuSkf4%2BU8o6QIGYc6xcGxOvmKgkMcAbYJaMqvJKZ0n%2FB3tyeib4QsLfN5nB2qb4aBrh0yjHbexifqcL4NwHTMVnzbH4kazuJg%2FPkqe97VXE4bLnHVz2jG%2F7t4qYQFvgVOlwc%2FM4JwJMz%2F"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 26 Jul 2024 18:52:27 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 22
accept-ranges: bytes
cf-ray: 911e8dae7a995696-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/plusbank.png

104.21.48.1

200 OK

29 kB

URL
pl.logowaniie-alegrropll.com/assets/plusbank.png
IP
104.21.48.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Size
29 kB (28598 bytes)
Hash
b9d96f70996a4973156388872cfd476a
7f8c748373d4035651b90cdb4fd212b5af00fa34
91c1058cf7577fd881908ee7fb619e701a9a755cd92d8a005aa42c10e6b25795

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/plusbank.png HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:49:47 GMT
content-type: image/png
content-length: 28598
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VFfgkrsR5bPPP74o80HiQ5Sp65sgh%2Fg5%2FtMOanuwWuB4pom8rNYh%2BUiK9t3%2Bysv2LM7YQvEvnuLESOwD7nyHRj%2BVWoG5Kv%2BYAHUWmFjjWQbyOIReF20mP7%2FaMJXHKO1H3SImYGc9aLgujV3CtDGQ"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 26 Jul 2024 18:52:27 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 22
accept-ranges: bytes
cf-ray: 911e8dae7a975696-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/velobank.png

104.21.48.1

200 OK

16 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/velobank.png
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Size
16 kB (15596 bytes)
Hash
21745895fa61bfab0ec44c322a5a91e9
b1e01f896c25ec245856e9c336976722c624e6be
abeb1bb28b8da6fc7209f224fba4c41b2ca45660429d827628ebc92a335e39ae

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/velobank.png HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:49:47 GMT
content-type: image/png
content-length: 15596
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gmc0AUjfbqaGlkN%2BdyqELLpbTOaUR1JOcN1s4tNxHKAcmS8ir6rvaNUydvUn9ulb6KqKg1l4vkF22LGbKhURjNIAknZF4w%2F4VZovUpE2cD%2FvDN7uI7cSRh2RM7sRfbpfgMWdsVY01VXIgZxYoSFh"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 26 Jul 2024 18:52:27 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 22
accept-ranges: bytes
cf-ray: 911e8dae7a9a5696-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/santander.png

104.21.48.1

200 OK

21 kB

URL
pl.logowaniie-alegrropll.com/assets/santander.png
IP
104.21.48.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Size
21 kB (21075 bytes)
Hash
7ba79fb8a105e83dfd27848914a3e0aa
43d1cfaf8b5937a8da539276c87866c38e750235
ce1adf8c6a9de49a7cd2c0d09d7c31c607e851affc8e8f3ef5608ddaae3d88f3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/santander.png HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:49:47 GMT
content-type: image/png
content-length: 21075
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hPiDqKLosM4i68JdUE3xD%2FMgXCHZ7rVW3rCZAdURGtOnfNVC5xBSqYWhRCug3M0sY1xSUcYFHjIDbgvKHazXcci4qJx%2Bmfzj41hR91dLK%2BqFXVbyHyislQsFnsARbI9A4J5TJgTa6m52OSYBZ4G9"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 26 Jul 2024 18:52:27 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 22
accept-ranges: bytes
cf-ray: 911e8dae7a9b5696-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/kasastef.png

104.21.48.1

200 OK

124 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/kasastef.png
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Size
124 kB (124431 bytes)
Hash
3c32fddc9bff18290841c1c43b9c8e9d
d9ad81724483c8f73bc41c110b97ee3a07866cf0
60d5feed499d95a1925e7f653114e1ab0e1e53363f5e7abba15b50e46acba01a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/kasastef.png HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:49:47 GMT
content-type: image/png
content-length: 124431
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V2QmO%2B%2B7fuuPk7I8SAbOttmeeWSn9H36AiEOY32KlEs63BK8y2RMtWSR0%2BzYnZoAEYtgeuYELmccUUkeFpsBDQj0cQaesVrgxf6U1ikv9TAkK9HjF2FtSp9kKnxHBijOlBXd6X8zAKRhJlnhRN2h"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 26 Jul 2024 18:52:27 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 22
accept-ranges: bytes
cf-ray: 911e8dadda955696-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/fonts/TrustlyIcons.otf

104.21.48.1

200 OK

3.0 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/fonts/TrustlyIcons.otf
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
OpenType font data
Size
3.0 kB (2960 bytes)
Hash
64a75d8661147354cf01c4e6f827fd94
39446ec4c32962c94deeb685335c859ed82b0be5
2770ea9ca2d00806d0c02f8c716edce88f2eaa36e83d1728a9b0361a2cdc3ca7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/fonts/TrustlyIcons.otf HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pl.logowaniie-alegrropll.com/assets/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:49:46 GMT
content-type: font/otf
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3VSHFQxf%2FH2H3peuuK1gYV2Wh60lgWWbi23tJx2lPH0CgcjmryA%2Fu1sAgLxIae0f1nnj7FwIhm1C7Q3qN5Z5UvSgJpmb81bV1aiBgZXGrXPkYUJT%2FfCEVChG2NC%2Bo7cd4Nek3BXkW3Oyatp%2Faryt"}],"group":"cf-nel","max_age":604800}
last-modified: Sat, 27 Jul 2024 00:01:06 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 22
content-encoding: br
cf-ray: 911e8daa7a7c5696-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/polyfill.min.js

104.21.48.1

200 OK

104 B

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/polyfill.min.js
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
ASCII text, with no line terminators
Size
104 B (104 bytes)
Hash
d8a2ac5c54438177d5f1f3205dae24ff
39ac9cca3d867ea64fffd15d26db70f2e81fd7ea
5f47b6f270d4d76b4980978510001d15f8802bf01c9a4c2fd1bb68b3d45e64b1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/polyfill.min.js HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:49:46 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5GvrwRgXym6ZYD5Ev8Kje60wBzKWISL4mPnGGZ%2FPFbUtEgcJbtzCtlA064goyDJYJMS%2BVQjK2d3F%2F9vl4Ona%2BG%2BV5lFQWvq9RfJ%2BT8eUTL0VoyGwxCxLl0DsUarLNY402wFqhuNYI7NLQX6%2FY6vS"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 26 Jul 2024 18:52:59 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 23
content-encoding: br
cf-ray: 911e8da73a6e5696-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/inputmask.min.js

104.21.48.1

200 OK

102 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/inputmask.min.js
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
JavaScript source, ASCII text, with very long lines (65358)
Size
102 kB (101942 bytes)
Hash
b89f54c50010cfec39c5cf6292b8f87a
11865641875699ad1e5d8bc1b1d4270ec86d5f8f
2104a74c194968212a6b332626b10108f02e476acbe1e705c7f52a441742c96d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/inputmask.min.js HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:49:46 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pxSJug3DDdPVkHBwp5307Pcn%2BKsdcQ8nxaJ%2FHTu8iZRdJXr2HSMtXx8SKuPqKQtJnHY1zG%2BLXiLS01tUtQy3FjCWxM8GFi%2FHgoq7elt%2FKw4nHaQsMOnsPGSMY5rVmpflip7Z8p%2BrZMsREq0%2FtxVP"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 26 Jul 2024 18:52:59 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 23
content-encoding: br
cf-ray: 911e8da74a745696-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/ipko.svg

104.21.48.1

200 OK

3.2 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/ipko.svg
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
SVG Scalable Vector Graphics image
Size
3.2 kB (3196 bytes)
Hash
b9fbe33eb11f4ad923dd09bda7448677
c49969649a75545291017d917a8f9f61d79886f7
8db6a54b546aaf45888443ddccdf57e2d31941670aaae81272c4aa4e3fa2ceee

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/ipko.svg HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:49:47 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=er2zoTld06abnwJFQAuozIDZ6mj53FUyOi5ZCMEERgbFw%2BC86HdWS7UJxJo9ur2odLGwFq2NSp8N5qXwwEz5y2vrIIdkEpgZu5UshYRz4nRhHKDgl7mPAVVpLyXkYOlt%2FzzZ9%2BRGFsHFxQx8gVLS"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 26 Jul 2024 18:52:27 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 22
content-encoding: br
cf-ray: 911e8dadda935696-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/millenium.png

104.21.48.1

200 OK

51 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/millenium.png
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
PNG image data, 512 x 512, 8-bit/color RGB, non-interlaced
Size
51 kB (50799 bytes)
Hash
3354120600f986aad73c2b18c5273343
e78be0ad5e617ed7221c3af78ea474d1a07f26ce
649ee08fbc7f0fd8bd2ec9fe8758e30c76c55ffde0ad14b41db5f3918dc4045c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/millenium.png HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:49:47 GMT
content-type: image/png
content-length: 50799
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7%2F4q21U2QeY8DdyPmet21%2FH7Bh9gIQWdXrY2qZofHy%2F7c5a%2F5WW2rVNsrLLZqpbrIHnVUQbAMj%2B38cGxgGzWo1y%2FMW1dn6ZfxUHc9JzD3XggW3OdIt9oC1JpDZzAlyMUB6ALDiijF542LEcqyGsE"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 26 Jul 2024 18:52:27 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 22
accept-ranges: bytes
cf-ray: 911e8dadba8a5696-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/inc/router.php

104.21.48.1

200 OK

12 B

URL POST HTTP/3
pl.logowaniie-alegrropll.com/inc/router.php
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
cd9fcbf466dc139ba6cf727738aec917
6745c295d498eb19e7f0b17eae73175f91c2076e
3313c25bc7916c5103c37736d01f2b7ba0b4b3483c6f2ac45deb6d30ae0ea58e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /inc/router.php HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 236
Origin: https://pl.logowaniie-alegrropll.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:50:01 GMT
content-type: application/json
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LGY0sojqJeo%2FfRWMcs7f31PfaqIW4Rj6kWn2sWli7e%2BbsMSkssqrhGWUO6mCK8nBuG7kZg2DG0RXS%2B9wgViE3PPOjeHbQkxVGr4GucfHR2OYicdKk8WQekEY3S30VYlrZvLeLDlWYu8jbd%2BIoWG5"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 911e8e08cae75696-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php

104.21.48.1

200 OK

43 kB

URL User Request GET HTTP/2
pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type

Size
43 kB (43272 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 14 Feb 2025 16:49:45 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WiW5ZSevJszOaaZ4uHAmXUAso1EPdaW42Fp0F9wpRVb2NGdKXQ5vsGITGN3j7zpInMbslZas2Kei2yo4HNldIBS0TgSoC%2F0VPSUR76fUfxcAxg6%2B33xbev7KxUHA9ZHK8QR%2F4M1YfV2vI1T5xigX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 911e8da45f5a7128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6150&min_rtt=469&rtt_var=11346&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3315&recv_bytes=1456&delivery_rate=6724458&cwnd=250&unsent_bytes=0&cid=3fb57b9798321977&ts=259&x=0"
X-Firefox-Spdy: h2

pl.logowaniie-alegrropll.com/inc/router.php

104.21.48.1

200 OK

12 B

URL POST HTTP/3
pl.logowaniie-alegrropll.com/inc/router.php
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
cd9fcbf466dc139ba6cf727738aec917
6745c295d498eb19e7f0b17eae73175f91c2076e
3313c25bc7916c5103c37736d01f2b7ba0b4b3483c6f2ac45deb6d30ae0ea58e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /inc/router.php HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 236
Origin: https://pl.logowaniie-alegrropll.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:49:49 GMT
content-type: application/json
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9pIsL7ZjL236vYtCxdQQzc%2FD6lfhWwvkh7CWX5QhmfBLRNV1moShfuw0xN1yx6u4Dlesz08wrWx%2F0SfuSa3S71Goi%2Frk0Zogb3XnI7W%2FDx9lJJ0Zrg6UFwSnDHnQs5IplvlYK6CK9um1zWd0ZcZY"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 911e8dbdbaa55696-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/ikea_favicon.png

104.21.48.1

404 Not Found

315 B

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/ikea_favicon.png
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
HTML document, ASCII text, with very long lines (326), with no line terminators
Size
315 B (315 bytes)
Hash
97ef40509b73c101d6815511c3adf98d
a4242322497ea630ea72e26ba297a95a2bbe5ccd
322c1f60d9d454c801f7cff3173ef16b61cf9963a64e09a4d9e21d36218b56be

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/ikea_favicon.png HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Fri, 14 Feb 2025 16:49:46 GMT
content-type: text/html; charset=iso-8859-1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5EGVi5A4kOarmM3nCWIx3c3uIAsEYXT0t87kr026sMKwpqaaMkQgzadNseQEyPHhGUn6%2FKKvddmfOTFo7JVzTVZ2IXsD3QQXkQIhvkBqTlFo4JWQEFo1QKKEs3VehT%2Fc15706ndQXS0JIHcNnTEw"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-cache-status: HIT
age: 22
content-encoding: br
cf-ray: 911e8daaea7e5696-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/finland.css

104.21.48.1

200 OK

27 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/finland.css
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type

Size
27 kB (27398 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/finland.css HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:49:46 GMT
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dxeIuBpF5TwKG1OVDeFu1Mi1BgsSXCOXFFNOpQGeRIrjHHU1XqLnyxagxCM2NYNeN5xGHu67P5zJi5MBfblfHo3QOM%2BNT9KwdxNb9ECJ%2BPZP2OqqomhubjbcmzVFs1KfZAB8SxWvY8y9xh%2BNGT7l"}],"group":"cf-nel","max_age":604800}
last-modified: Sun, 11 Aug 2024 00:00:22 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 23
content-encoding: br
cf-ray: 911e8da74a715696-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/data.php

104.21.48.1

200 OK

82 B

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/data.php
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
ASCII text, with no line terminators
Size
82 B (82 bytes)
Hash
b9115064f5c8f56eae364edf1541c2e3
2e7a70e79a2bfa59d98941e5ba2e7dadee767cdd
6dd3bd129dc906e831c8bde184492ff6757653ca8fc2c34e91bc0d849740e54e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/data.php HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:49:46 GMT
content-type: text/html; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MbdEqK0%2BxppVP3ojTHVAzOXfoYISDPt0o2KfgDDsWyqaJypqEJIqtm2wgmO7BOtyjxQVtRRS7AO8xpNIivT1dMsQXTmRHZL2s4e0Sbr30Ci5Rk9OLcQrKW%2B0RpRG7te%2FukhBrrhj%2FlLs1HaSyGdK"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 911e8daafa7f5696-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/inc/router.php

104.21.48.1

200 OK

12 B

URL POST HTTP/3
pl.logowaniie-alegrropll.com/inc/router.php
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
cd9fcbf466dc139ba6cf727738aec917
6745c295d498eb19e7f0b17eae73175f91c2076e
3313c25bc7916c5103c37736d01f2b7ba0b4b3483c6f2ac45deb6d30ae0ea58e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /inc/router.php HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 236
Origin: https://pl.logowaniie-alegrropll.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:50:10 GMT
content-type: application/json
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PEl%2FlAbvV7AAZ9ou9I5PxQT2rQv50dHSBM2BVvChLPyFfvTZKflDgwJaFJvAuv8uDC6HLCmjjqX5qpPyQt8Kqbb4TL%2BOfUhPCS4eXBKVHeZWaG3xZdEPjNwZgFQ6joqbHX%2BhHoUAAgXwQ79wULcH"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 911e8e410b1d5696-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/fonts/TrustlySans-Bold.woff

104.21.48.1

200 OK

30 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/fonts/TrustlySans-Bold.woff
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
Web Open Font Format, TrueType, length 29888, version 0.0
Size
30 kB (29888 bytes)
Hash
c93f9458ff7a5204656b3df3375d0683
5b3a06422d6754fd7fc95e65073448ee9149607a
c48bb0bfacc648604edee50b7b8cef6e10fd0fc6910a68931fcca25672356c0f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/fonts/TrustlySans-Bold.woff HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://pl.logowaniie-alegrropll.com/assets/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:49:47 GMT
content-type: font/woff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xQkBOAMB3WWSQlFr7XQmHDsABOpJGzk78UKd1zPILguDW7z519ahr2N8Vp%2FnyvHOfrUX9XpjVHqHMhpVpMYDAYYdiXN2ylIiHNnXkCPn7ie2LV8WIwYOILkhbdB8kQ%2FVKvx8CNaMpuFh3rWOLDmW"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 26 Jul 2024 23:26:35 GMT
vary: Accept-Encoding
age: 21
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 911e8dae7a9c5696-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/inc/router.php

104.21.48.1

200 OK

12 B

URL POST HTTP/3
pl.logowaniie-alegrropll.com/inc/router.php
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
cd9fcbf466dc139ba6cf727738aec917
6745c295d498eb19e7f0b17eae73175f91c2076e
3313c25bc7916c5103c37736d01f2b7ba0b4b3483c6f2ac45deb6d30ae0ea58e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /inc/router.php HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 236
Origin: https://pl.logowaniie-alegrropll.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:49:55 GMT
content-type: application/json
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ahrwgYufB0AtMCAgZwPzo%2FNdYuv6LY8LVfXaWO6xNAZ3mvBFXLmYS15G6VjJiJbWErF%2FiEE5BegupnV4yiqt%2BRGF0cg09DlbGuxW2kTvvfStyeax%2FLToMcWkyS%2FD%2FIxeoda6RHM7u7R5ruLct2vM"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 911e8de34acf5696-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/router.js

104.21.48.1

200 OK

7.4 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/router.js
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (7681), with no line terminators
Size
7.4 kB (7351 bytes)
Hash
84b82d4c87e4355c8f0716be7758defb
991cc87870465d036d16e34a36e30b8c05b3dd39
634d2fdbc9f924b01eaa056e240459a79e86c5addd888e1c590343a40ad6ca92

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/router.js HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:49:46 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1JGGmThfatCnbWasA1NtfCVnkSCMwx1wtZjhi7378%2FFbVinI5NPIzfqQAcczwaoCQfKRD1Wb5W2b3ZbtWxJ%2Ffc1mtu7diqmWZFjhgheYwtc%2BDEUOPzKudlAsIDBjm6laCzzAlObmCM03EkPUyYVT"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 27 Aug 2024 10:55:11 GMT
vary: Accept-Encoding
age: 22
cache-control: max-age=14400
cf-cache-status: HIT
content-encoding: br
cf-ray: 911e8da74a755696-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/inc/router.php

104.21.48.1

200 OK

12 B

URL POST HTTP/3
pl.logowaniie-alegrropll.com/inc/router.php
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
cd9fcbf466dc139ba6cf727738aec917
6745c295d498eb19e7f0b17eae73175f91c2076e
3313c25bc7916c5103c37736d01f2b7ba0b4b3483c6f2ac45deb6d30ae0ea58e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /inc/router.php HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 236
Origin: https://pl.logowaniie-alegrropll.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:49:58 GMT
content-type: application/json
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VhcmqqTm1woxGDfP9RPki8hJ7LziylGgWTisVXzoKkjdh7kWJ5WxBM8try0szYtauBCJkcWXHeYg%2BVvDJnsrzyA1h1HTYwkOPBCK%2B7nS%2BHk9ot8Uc1X38suHVQ4CJqTaLOEEKkgy1H3d%2B4ZXxuic"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 911e8df60ade5696-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/inc/router.php

104.21.48.1

200 OK

12 B

URL POST HTTP/3
pl.logowaniie-alegrropll.com/inc/router.php
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
cd9fcbf466dc139ba6cf727738aec917
6745c295d498eb19e7f0b17eae73175f91c2076e
3313c25bc7916c5103c37736d01f2b7ba0b4b3483c6f2ac45deb6d30ae0ea58e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /inc/router.php HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 236
Origin: https://pl.logowaniie-alegrropll.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:50:07 GMT
content-type: application/json
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O%2F6%2FeCb5xaGv4BeL9MkFM98wHoQ5q0dwtMYgaHhhSIDtVPA3WSYisnvNZziSUwJ75Dyfd8hVDIWNbuQwGPIoxvv0uT0aFKJkIdIppsUYnHjOkBBqRPXfKk3awQFmJLDSJYCy9Eb%2Fv1AGuoDd2sUE"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 911e8e2e4b0e5696-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (14)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL