Report - pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php

Report Overview

Visited public
2025-02-14 16:50:35
Tags
URL
pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Finishing URL
pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
IP / ASN
104.21.112.1
#13335 CLOUDFLARENET
Title
pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-02-12	1.0 kB	72 kB	142.250.74.10
cdnjs.cloudflare.com	235	2009-02-17	2012-05-23	2025-02-12	451 B	28 kB	104.17.24.14
pl.logowaniie-alegrropll.com	unknown	2025-02-07	2025-02-10	2025-02-10	33 kB	1.7 MB	104.21.16.1
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2025-02-12	1.4 kB	79 kB	151.101.193.229

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed
2025-02-14	medium	logowaniie-alegrropll.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (14)

	URL	From	Size	First Seen	Last Seen
	pl.logowaniie-alegrropll.com/assets/lang.js	ScriptElement	23 kB	2025-02-10	2025-02-18
Pretty URL pl.logowaniie-alegrropll.com/assets/lang.js IP 104.21.16.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-10 16:54 Last Seen2025-02-18 07:33 Times Seen580 Hash 990a928060de3e0fd46d653f5f07008c c49b96a434cb5a3482e923be4460ef594f2e6211 7ac9e3df52956a29e90d4d650e6a04c522bb390fdf89202fce42c4c999f30fae Loading...

	pl.logowaniie-alegrropll.com/assets/post.js	ScriptElement	11 kB	2025-02-10	2025-02-18
Pretty URL pl.logowaniie-alegrropll.com/assets/post.js IP 104.21.16.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-10 16:54 Last Seen2025-02-18 07:33 Times Seen580 Hash e95e41761a176187f9c755376a1b83dd 6872d86659fd675c9b4a18e205e5fd3329ddda0b f47c0df4ab620a3153e40ea5c0da187f921cd8bedc9cbd57ef99e1e2850b5116 Loading...

	cdn.jsdelivr.net/npm/intl-tel-input@18.1.1/build/js/utils.js	ScriptElement	253 kB	2023-06-05	2025-03-27
Pretty URL cdn.jsdelivr.net/npm/intl-tel-input@18.1.1/build/js/utils.js IP 151.101.193.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-05 08:33 Last Seen2025-03-27 03:05 Times Seen707 Hash 958ffe72993523881b77e140ce759bce 574e439ae457ca23f79d1a7cc0906457abb15c40 0399719be23112b963e66643f253e231063844e560f6e5f27cdf1be25c68cc5a Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js	ScriptElement	88 kB	2023-08-31	2025-03-28
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-31 16:03 Last Seen2025-03-28 05:53 Times Seen24968 Hash 2c872dbe60f4ba70fb85356113d8b35e ee48592d1fff952fcf06ce0b666ed4785493afdc fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a Loading...

	pl.logowaniie-alegrropll.com/assets/polyfill.min.js	ScriptElement	104 B	2023-12-16	2025-03-28
Pretty URL pl.logowaniie-alegrropll.com/assets/polyfill.min.js IP 104.21.16.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-16 06:03 Last Seen2025-03-28 03:21 Times Seen6000 Hash 435a451090061be4c0254761f2f94e1f 1a873f8c9a0dfb421e3213dfbbfa8aafa9960d4c 6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2 Loading...

	pl.logowaniie-alegrropll.com/assets/inputmask.min.js	ScriptElement	102 kB	2023-03-26	2025-03-04
Pretty URL pl.logowaniie-alegrropll.com/assets/inputmask.min.js IP 104.21.16.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 14:05 Last Seen2025-03-04 20:28 Times Seen598 Hash b89f54c50010cfec39c5cf6292b8f87a 11865641875699ad1e5d8bc1b1d4270ec86d5f8f 2104a74c194968212a6b332626b10108f02e476acbe1e705c7f52a441742c96d Loading...

	cdn.jsdelivr.net/npm/intl-tel-input@18.1.1/build/js/intlTelInput.min.js	ScriptElement	31 kB	2023-05-25	2025-03-23
Pretty URL cdn.jsdelivr.net/npm/intl-tel-input@18.1.1/build/js/intlTelInput.min.js IP 151.101.193.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-25 07:33 Last Seen2025-03-23 07:32 Times Seen713 Hash 56ac609bb900dc42d7df6667c5c3ce31 7d9df7aa529524c88873d0af057d0d92e17da8e8 116f7fd41bf96c3881805a25dc8bf19d731807de97a90316544fcf311ba5123b Loading...

	pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php	ScriptElement	28 B	2025-02-10	2025-02-18
Pretty URL pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php IP 104.21.16.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-02-10 16:54 Last Seen2025-02-18 07:33 Times Seen580 Hash 9369223fc1ad6ff35c1de2dcaf2456f9 a0121e5a7c31cdd814244f80409ea789e8b564d2 e33598efc5f92227f3049879e5527a77e6bf37c2d55636358f7db77dcc9d961a Loading...

	pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php	ScriptElement	228 B	2025-02-14	2025-02-14
Pretty URL pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php IP 104.21.16.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-02-14 16:50 Last Seen2025-02-14 16:50 Times Seen1 Hash e8750572dd661e1f59f6ceb3bfe0e3c3 4ccda503ea53e42bc49e5c1013fabfbf9b3ff48b f85cc7f9400f55553fe7d627f061b91626e430ca901f8e1ec64f185f2fe7c060 Loading...

	pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php	ScriptElement	3.6 kB	2025-02-10	2025-02-18
Pretty URL pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php IP 104.21.16.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-02-10 16:54 Last Seen2025-02-18 07:33 Times Seen580 Hash 3dc50dd47c5d16d74fe005d2f38ffdc5 8a4164239cbc0b853f3b9e661d9df656cf4138c8 9056f3af27cbccb9bd72fe004e370b37fba99e10f46ea75f7f22bb180b66b7c9 Loading...

	pl.logowaniie-alegrropll.com/assets/router.js	ScriptElement	7.4 kB	2025-02-10	2025-02-18
Pretty URL pl.logowaniie-alegrropll.com/assets/router.js IP 104.21.16.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-10 16:54 Last Seen2025-02-18 07:33 Times Seen580 Hash 0cf02e455838c90eb216631cab3fddba c301856896622b5244a5b25e63674469f0dbbda8 5e18deff80a4b2a4f826d3b01e02770745ad0ffa069018e535ea37fb661c750d Loading...

	unknown	ScriptElement	1.6 kB	2025-02-10	2025-02-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-10 16:54 Last Seen2025-02-18 07:33 Times Seen580 Hash a1fda3486c53c9cd92bd181b162fffbc b943318039a67e89c60ef42f6115392b2b6cfec6 6734d6b7cc932de0f3d25385897e7cdf3c1938afecf0db99cbbb330fda1ae724 Loading...

	pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php	ScriptElement	517 B	2025-02-10	2025-02-18
Pretty URL pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php IP 104.21.16.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-02-10 16:54 Last Seen2025-02-18 07:33 Times Seen580 Hash c91c27d77cc8b233205213ce2c705ea7 ab3e79a10c3ae2ff739d5b3d4fedaa816c3491b7 fce5628679b89d2cdf0566d9565f429da3b4b6ca2bdc9ea4db5860ac8a1a62d4 Loading...

	pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php	ScriptElement	477 B	2025-02-10	2025-02-18
Pretty URL pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php IP 104.21.16.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-02-10 16:54 Last Seen2025-02-18 07:33 Times Seen579 Hash a05c5d42d5a79a8c405ceecc5ec502de 6314ffca59a6aa553b037d482cf590c535aaea16 5562a7fc3492ecb4e56abd3eadba8bffd1ca5e4b441acdd263342fced88bb0f6 Loading...

HTTP Transactions (52)

URL IP Response Size

cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js

104.17.24.14

200 OK

27 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint00:0E:39:59:53:CF:68:07:90:75:EB:68:26:B9:04:22:44:7D:9A:32
ValidityFri, 24 Jan 2025 09:16:22 GMT - Thu, 24 Apr 2025 10:16:21 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
27 kB (27446 bytes)
Hash
2c872dbe60f4ba70fb85356113d8b35e
ee48592d1fff952fcf06ce0b666ed4785493afdc
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

HTTP Headers

GET /ajax/libs/jquery/3.7.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pl.logowaniie-alegrropll.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 14 Feb 2025 16:50:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 27446
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "64ed75bb-6b36"
last-modified: Tue, 29 Aug 2023 04:36:11 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 177302
expires: Wed, 04 Feb 2026 16:50:03 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kYyL%2BlDd7nbw8sFqVvvYn%2FlL3991l8ZxCZVI4XrboErCHZ25%2BsdFyM40R2YD%2FNApJLKikKsF4PA61uqf5w%2F0FW4A5cX%2Fzw9tDlR6aOmGth5SRhYGS8AwKUAJ8ScHXurILA5bUhMf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 911e8e168c1bb529-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

pl.logowaniie-alegrropll.com/assets/ikea.png

104.21.16.1

200 OK

14 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/ikea.png
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
PNG image data, 640 x 256, 8-bit/color RGB, non-interlaced
Size
14 kB (13924 bytes)
Hash
9c79def7332dd362215740662b344341
637ca0d0707bf225daa269df5b19981d8d9f4a28
bb54d7aa1c960b0095d5b9060424ec3e1f15c98154e94a468f8e8c1d68d314dd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/ikea.png HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:50:03 GMT
content-type: image/png
content-length: 13924
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ojQyj44PCHR1rzJ8k3z4XmyDeSAgL7t9F6GnXUIVmtRVMRrvYKEW%2Bwv4GO%2BB45dbCXtbtYy%2Bmo9dJm7Qa9VgM2on3XJodSBw0w4VKjB6PEAAPQYmFslB0LrB1KtDCsRatBhKJEQajWBjUz4hNGJk"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 26 Jul 2024 19:06:23 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 40
accept-ranges: bytes
cf-ray: 911e8e1678c9b50b-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

cdn.jsdelivr.net/npm/intl-tel-input@18.1.1/build/css/intlTelInput.min.css

151.101.193.229

200 OK

2.3 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/intl-tel-input@18.1.1/build/css/intlTelInput.min.css
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint6C:45:F5:9E:D3:37:60:0B:9C:A8:28:29:A4:E6:41:33:BB:2E:76:5C
ValidityTue, 30 Jul 2024 15:36:05 GMT - Sun, 31 Aug 2025 15:36:04 GMT

File type
ASCII text, with very long lines (19665), with no line terminators
Size
2.3 kB (2323 bytes)
Hash
b41fad07c500d63c076f70669ba7f9e6
4e55da95a7d18d3ecbde16440484df380bbaf0fe
a1e9f2c7a8c80a11fd8da5caddf517a5c28e7a64d01c84295014283897c762d8

HTTP Headers

GET /npm/intl-tel-input@18.1.1/build/css/intlTelInput.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pl.logowaniie-alegrropll.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 18.1.1
x-jsd-version-type: version
etag: W/"4cd1-TlXalafRjT7L3hZEBITfOAu68P4"
content-encoding: br
accept-ranges: bytes
age: 2167824
date: Fri, 14 Feb 2025 16:50:03 GMT
x-served-by: cache-fra-etou8220169-FRA, cache-hel1410020-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2323
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/intl-tel-input@18.1.1/build/js/intlTelInput.min.js

151.101.193.229

200 OK

12 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/intl-tel-input@18.1.1/build/js/intlTelInput.min.js
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint6C:45:F5:9E:D3:37:60:0B:9C:A8:28:29:A4:E6:41:33:BB:2E:76:5C
ValidityTue, 30 Jul 2024 15:36:05 GMT - Sun, 31 Aug 2025 15:36:04 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (27283)
Size
12 kB (11919 bytes)
Hash
56ac609bb900dc42d7df6667c5c3ce31
7d9df7aa529524c88873d0af057d0d92e17da8e8
116f7fd41bf96c3881805a25dc8bf19d731807de97a90316544fcf311ba5123b

HTTP Headers

GET /npm/intl-tel-input@18.1.1/build/js/intlTelInput.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pl.logowaniie-alegrropll.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 18.1.1
x-jsd-version-type: version
etag: W/"779c-fZ33qlKVJMiIc9CvBX0NkuF9qOg"
content-encoding: br
accept-ranges: bytes
date: Fri, 14 Feb 2025 16:50:03 GMT
age: 2738301
x-served-by: cache-fra-etou8220036-FRA, cache-hel1410020-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 11919
X-Firefox-Spdy: h2

pl.logowaniie-alegrropll.com/assets/finland.css

104.21.16.1

200 OK

6.9 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/finland.css
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
assembler source, Unicode text, UTF-8 text, with CRLF line terminators
Size
6.9 kB (6900 bytes)
Hash
c85c2592f343a8f7c3b1e547bcc93d95
bedc7d4866d8fd0f9ea34acf1395c6483a7490f9
1f9331d90268bd933d18280ef23904f4f31f4ca757072b6eceddaf47bcf0d1c3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/finland.css HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:50:03 GMT
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BPe8nj39gDwI1ae7yGCJnJS7i1FvqhFnskz3BsChbrwJbxRNscflfKWxCJPGUTHXgu23vifjSW7LFNQENyVY0y%2BEN9cdFCaBeWHud0LeLILm%2FbO4nMqYWmQzx0UKcQuvPZtIGOYpmMoBaVqUB8E6"}],"group":"cf-nel","max_age":604800}
last-modified: Sun, 11 Aug 2024 00:00:22 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 40
content-encoding: br
cf-ray: 911e8e1678c8b50b-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/inputmask.min.js

104.21.16.1

200 OK

32 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/inputmask.min.js
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
JavaScript source, ASCII text, with very long lines (65358)
Size
32 kB (31627 bytes)
Hash
b89f54c50010cfec39c5cf6292b8f87a
11865641875699ad1e5d8bc1b1d4270ec86d5f8f
2104a74c194968212a6b332626b10108f02e476acbe1e705c7f52a441742c96d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/inputmask.min.js HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:50:03 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oj%2BsnNqXOmjqy2pD7wGKVyKc56fBqJ9hiIsqil7baGq09o0YPLNmuvubkWpbT2lMN2rnNohUtn%2FxGQHo5vcLYQQ8RAH0vxWdSTYSmxa2O5r%2FROEAsqFQQe4r9C%2FeRp9%2FUtbafmX%2Bsx3L6Z6fyI1U"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 26 Jul 2024 18:52:59 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 40
content-encoding: br
cf-ray: 911e8e1688ccb50b-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/allegro.png

104.21.16.1

200 OK

33 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/allegro.png
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
PNG image data, 640 x 256, 8-bit/color RGB, non-interlaced
Size
33 kB (32558 bytes)
Hash
ab8aed89d092b2adc771e8b3f6475cf0
2b140d4932ab0f43c850f79ba21d25eebe5d67ee
33f97e008009926bf61a0595d10f115a1cc8f3c2c2fa3a1d855e056baaed2950

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/allegro.png HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:50:04 GMT
content-type: image/png
content-length: 32558
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f60oemc3fF87MC7eBU0kWQnz2ce5FFkA%2Bhq6BadaTiFSIzcv6Zt8dUsc9xk1pkPJ%2BmaHPksGCpR%2FcW8I7nVKbVHLl7PS7kJ1koz9eiUjK58uaRCo%2F3H11Pt%2BYZqAOHj3dYd3CpyGbrejkeBrBEaE"}],"group":"cf-nel","max_age":604800}
last-modified: Sat, 10 Aug 2024 21:57:36 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 39
accept-ranges: bytes
cf-ray: 911e8e1b78dab50b-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

cdn.jsdelivr.net/npm/intl-tel-input@18.1.1/build/js/utils.js

151.101.193.229

200 OK

62 kB

URL GET HTTP/3
cdn.jsdelivr.net/npm/intl-tel-input@18.1.1/build/js/utils.js
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint6C:45:F5:9E:D3:37:60:0B:9C:A8:28:29:A4:E6:41:33:BB:2E:76:5C
ValidityTue, 30 Jul 2024 15:36:05 GMT - Sun, 31 Aug 2025 15:36:04 GMT

File type
JavaScript source, ASCII text, with very long lines (1454)
Size
62 kB (62446 bytes)
Hash
958ffe72993523881b77e140ce759bce
574e439ae457ca23f79d1a7cc0906457abb15c40
0399719be23112b963e66643f253e231063844e560f6e5f27cdf1be25c68cc5a

HTTP Headers

GET /npm/intl-tel-input@18.1.1/build/js/utils.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pl.logowaniie-alegrropll.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 62446
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 18.1.1
x-jsd-version-type: version
etag: W/"3dc5d-V05DmuRXyiP3nRp8wJBkV6uxXEA"
content-encoding: br
accept-ranges: bytes
date: Fri, 14 Feb 2025 16:50:04 GMT
age: 2714758
x-served-by: cache-fra-eddf8230068-FRA, cache-hel1410024-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

pl.logowaniie-alegrropll.com/assets/agricole.png

104.21.16.1

200 OK

7.6 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/agricole.png
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
PNG image data, 720 x 720, 8-bit colormap, non-interlaced
Size
7.6 kB (7571 bytes)
Hash
c138bc3a1318831e637e8d57e968f5fe
c4e1a6f009c1ae1f462d68f27788c0e0841c33c8
22ce53106e91f1155f04ea4b6c3122bd93eeded176b23f1d33cfefaefb7cce7e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/agricole.png HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:50:04 GMT
content-type: image/png
content-length: 7571
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B6PUYce9QcWdXoQLlZBPaJHOc0beA90sr74wcQq3d90qDvLIsKbz7h3jr3gjfwvw2k4BQiQ3hb20a8FNmEdsKtLv4VaGo%2Bx%2ByPhSzPNYyZBo6Spi3Moxq6aoozVZmJaMEtT89zMmuZWrKtdewONJ"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 26 Jul 2024 18:52:27 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 39
accept-ranges: bytes
cf-ray: 911e8e1ce8ddb50b-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/millenium.png

104.21.16.1

200 OK

51 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/millenium.png
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
PNG image data, 512 x 512, 8-bit/color RGB, non-interlaced
Size
51 kB (50799 bytes)
Hash
3354120600f986aad73c2b18c5273343
e78be0ad5e617ed7221c3af78ea474d1a07f26ce
649ee08fbc7f0fd8bd2ec9fe8758e30c76c55ffde0ad14b41db5f3918dc4045c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/millenium.png HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:50:04 GMT
content-type: image/png
content-length: 50799
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XvqWFuscWB4X6NVRP9tYmh9RvTck6gHkCmokqcZatNrt2zCAUmlprtpEaV74KiNjNpXolLUlswkRExiaYcntSfXCeP8dMFpvrP%2FK7rS1DD%2FsPRIP1igm9XPF59Gci%2FO3srd46ajH%2FJV07WrHASWy"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 26 Jul 2024 18:52:27 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 39
accept-ranges: bytes
cf-ray: 911e8e1cf8deb50b-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/bostokenbank.png

104.21.16.1

200 OK

16 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/bostokenbank.png
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
PNG image data, 512 x 512, 8-bit/color RGB, non-interlaced
Size
16 kB (15562 bytes)
Hash
6116de5cc25cf34b690b5268c01a2f82
712fb73483be453ad8c1010ce9fcb3494d8b8395
a872e7d9cc3b41166b77d39ab942036c57ded6c4dd6f495e2a37fe3a12971e84

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/bostokenbank.png HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:50:04 GMT
content-type: image/png
content-length: 15562
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YPbWYdN%2B26nOW%2BEKa9yTSwHa85fxJE%2BjaTp%2FkjQibFQwdarHgYxI7dsHjWhHthR23f6gJYV9z3mwotGdNpfe0CA6mr4S0WZjIxZEiATvQhuK%2Bbl8JhJvfC86ARav5UmTRfTabhhGqbzQFqyyNuKy"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 26 Jul 2024 18:52:27 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 39
accept-ranges: bytes
cf-ray: 911e8e1cf8dfb50b-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/pekao.png

104.21.16.1

200 OK

21 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/pekao.png
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
PNG image data, 512 x 512, 8-bit colormap, non-interlaced
Size
21 kB (21058 bytes)
Hash
358279bd95d5c82c4335f4d888723845
1138a9817484678815684b0c52c07f49ef262b45
6e7281b17ceb0a429c851524a6e1ed3e0547c02a6e5a81ee9baad7660dffe257

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/pekao.png HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:50:04 GMT
content-type: image/png
content-length: 21058
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mOcU99p1CcRwRDm9R%2F2%2Fvy1KMOaa7kNs%2BfipeLyPQmQR1wOfWbiFrtpPNcD4hgMMZASmGMtKL5jCAW0AaoFKBeHnsGEqICbv7lLdLH2uMdXyP%2BwdifiFHECGjpkA0OltfNfSPEwqk0Lig8meDfAp"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 26 Jul 2024 18:52:27 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 39
accept-ranges: bytes
cf-ray: 911e8e1d08e0b50b-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/username.svg

104.21.16.1

200 OK

287 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/username.svg
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
SVG Scalable Vector Graphics image
Size
287 kB (287240 bytes)
Hash
b07deecc023ec6a13c4d0ad84011a1da
658bbf60b0c41037cae2ce92d39cfdece614366e
f209bcf576e8df9fa747796038d0c6ada4309ec6317eba88109af16a2d174c7b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/username.svg HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:50:03 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E6azjQPTOizljRSuIXDBlfil9BL6DeVfsMNuHaSfa2aMAywMzBsrUZo11SeD3c%2Bpc40Sim7hXp961O1uUvONe559mQW4eFp0MP52vv8wglrTaalGrFKACo1nyg6ltRlUEGEdQdvijScL6p6veEic"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 26 Jul 2024 18:52:59 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 40
content-encoding: br
cf-ray: 911e8e1688cab50b-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/dbnbank.png

104.21.16.1

200 OK

29 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/dbnbank.png
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Size
29 kB (29322 bytes)
Hash
a1c2aaa0d3c9021ec3d8785212a872a7
6f465cf39041b1d51c120989785b9520f1e861ce
2adf245f6fe35807e30162acd7c54bd523badc80bfddc3c6db2c87c82661f6c0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/dbnbank.png HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:50:04 GMT
content-type: image/png
content-length: 29322
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1aK3T0v9zbS7XuZ%2Bat%2BEjaq9bRyqkuB6cRrEYCdoYwJ%2Fs4v5glMWT1gk3Kch9LkQaP21FN6LiZ798fkw7SR9ISaRKDScAjl3cElAurYpoPCxPJnk9VenGxswGViA1J%2Bqg9ZE2wLh2X6ara8EWrrI"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 26 Jul 2024 18:52:27 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 39
accept-ranges: bytes
cf-ray: 911e8e1d18e4b50b-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/ing.png

104.21.16.1

200 OK

57 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/ing.png
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced
Size
57 kB (57430 bytes)
Hash
b544fa33ff239e07c7bf485e37ea838c
777004cfeb5a57fdcf131f6ea288400a27271598
1f353fe95340bac4eab116b41b523fe14e8954c3f8b9b6e5583580f544c16e82

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/ing.png HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:50:04 GMT
content-type: image/png
content-length: 57430
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VAo1%2FzAB%2FzPfm8A3gy8e%2BwFoyavY7R%2B09vWEyakkMgge2QfsLLa3vXKqIPS3wzTJs%2FAjfF88X1qatdsGKtFDPVZs3TmtzOBs64uo%2FNNxxLpEjtoH6OAkwIiwtJD1jKs7D572PkMlnlUmclRQaZFR"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 26 Jul 2024 18:52:27 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 39
accept-ranges: bytes
cf-ray: 911e8e1d28e8b50b-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/bankpocztowy.png

104.21.16.1

200 OK

30 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/bankpocztowy.png
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
PNG image data, 512 x 512, 8-bit/color RGB, non-interlaced
Size
30 kB (30455 bytes)
Hash
7f4d0f1b0d45cb296657777b6c1b6112
80772fe8e93176c3e6ec7a53f5cc90284b5d5153
e99791482476b8e4cb7dd71bce4258dc6e376223b4d93cb62a17cd5e4b1423dc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/bankpocztowy.png HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:50:04 GMT
content-type: image/png
content-length: 30455
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oxvXknYgTvQOSloIAua32r9ZyjFSVmazYjBM54SlhRmW%2BRpE3VFLGsi09ukzq7%2BHaFnwnoIs0nmxL7JB2Kf9Etbvs4ON072xG2Hay66UOm3%2F89txMpFVgBhysw8sl0VtU4uNFkXzRIg3q0l5Ljgi"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 26 Jul 2024 18:52:27 GMT
accept-ranges: bytes
age: 39
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 911e8e1d18e2b50b-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/bpsbank.png

104.21.16.1

200 OK

13 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/bpsbank.png
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Size
13 kB (12782 bytes)
Hash
daac32c9131cd662edcd898647c433f5
21ea2e8dc872344a33a7f479a9c276131e7a9e36
c28f5d8f407c01ae7e38c737a1326ab7299418d539dc8061c278fbd6452e5499

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/bpsbank.png HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:50:05 GMT
content-type: image/png
content-length: 12782
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=68EMnwomJ%2FHUIBh7LESFGmoLBclVuEd4WTFpjvhlt1wo03H22mnvfhXc4f4DROqDwnYQS2wn8Bjp%2FslSXoJYAEAwP%2FWAwa0O0f1iK%2BKR0dzry3QtzVpU95qpkSldrPKbKnnWyavxZsRJ5pIV2uKM"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 26 Jul 2024 18:52:27 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 39
accept-ranges: bytes
cf-ray: 911e8e1d18e5b50b-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/polyfill.min.js

104.21.16.1

200 OK

6.0 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/polyfill.min.js
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
ASCII text
Size
6.0 kB (5954 bytes)
Hash
435a451090061be4c0254761f2f94e1f
1a873f8c9a0dfb421e3213dfbbfa8aafa9960d4c
6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/polyfill.min.js HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:50:03 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s8hvjwMry6BmvNK9q9pJ5SF74krp1GiVwYzzXEDmHY9K6SDx405VTcfL1BuFo5WBchmH4wYwmr3olFnXhl%2BWEfCTAk%2F4OBzxYASotSJzXFI9tZ2lHr%2FekE7ivDbSGlaAlYgg0RkWaSdnNI9M8iei"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 26 Jul 2024 18:52:59 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 40
content-encoding: br
cf-ray: 911e8e1678c6b50b-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/plusbank.png

104.21.16.1

200 OK

29 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/plusbank.png
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Size
29 kB (28598 bytes)
Hash
b9d96f70996a4973156388872cfd476a
7f8c748373d4035651b90cdb4fd212b5af00fa34
91c1058cf7577fd881908ee7fb619e701a9a755cd92d8a005aa42c10e6b25795

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/plusbank.png HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:50:05 GMT
content-type: image/png
content-length: 28598
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0TOc6bd8UfMyTKi1MJEFF8vDTL47Qw0eaCQkV%2FoSyX3X25ABBYEoYfOdfobdjoWKUKg%2BIqDl%2Fjif4GNwi9thDsG4%2FmHZVtRmmKOc1LtMei1vn4maGVdqp7kRWYZSwBMZKz0drQnV1NFJDPkw94kX"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 26 Jul 2024 18:52:27 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 39
accept-ranges: bytes
cf-ray: 911e8e1d28edb50b-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/deutschebank.png

104.21.16.1

200 OK

15 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/deutschebank.png
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Size
15 kB (15081 bytes)
Hash
34c4552d9809a68d05f7c7e1261f211c
b66110923a4d043dfd814ed2c83a7c4b68c7d37b
a2b1d8f9daa1b9d52be940c19692939f29d60f8eb834a1d7e3dd54ee08c0ce2b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/deutschebank.png HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:50:05 GMT
content-type: image/png
content-length: 15081
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OW%2BCaIuepAPMzfxRrR4g2eVNJhVUAvZgYkvGHgN8Q%2BoYGPeTULQ9ksXgj8TNsI5X%2BQeP6eWu%2FLeHs6LIMnL%2BZlUdUzfZ1PkMFG5j%2FhPCRHxo9qBxEX1%2B2O59Bbw0IJmyeYobwsTX%2Fn%2FReeQsZzDn"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 26 Jul 2024 18:52:27 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 39
accept-ranges: bytes
cf-ray: 911e8e1d18e7b50b-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/santander.png

104.21.16.1

200 OK

21 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/santander.png
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Size
21 kB (21075 bytes)
Hash
7ba79fb8a105e83dfd27848914a3e0aa
43d1cfaf8b5937a8da539276c87866c38e750235
ce1adf8c6a9de49a7cd2c0d09d7c31c607e851affc8e8f3ef5608ddaae3d88f3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/santander.png HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:50:05 GMT
content-type: image/png
content-length: 21075
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F5Xt6ISwjSID7vwGK%2Br%2FC5PPxxB%2FHQrWWmhi0PRg3bENm5WOIaK%2F0xtgWYnU%2FkWqO%2FC%2F1SYGpTgFkHq3wmMLgeKN29Cook6%2Fv1MQ6QffkOOWTdSbayFDQhbzEnlNsKajEddX7pMTBZA0jGBDVUP6"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 26 Jul 2024 18:52:27 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 40
accept-ranges: bytes
cf-ray: 911e8e1d28efb50b-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/paribas.png

104.21.16.1

200 OK

126 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/paribas.png
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
PNG image data, 500 x 500, 8-bit/color RGB, non-interlaced
Size
126 kB (125541 bytes)
Hash
75c6d5c81604504872f331843ca342a0
872a3e7f31dce51fe49e2365323056de903d98ab
6622d4cef0634af3d4e239148ee21265ca5ba671caa17582b7e3ac967339204f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/paribas.png HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:50:04 GMT
content-type: image/png
content-length: 125541
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1aLOAWyuQYpEJfQXQkNKcjonAXEIJ5r0d%2Ft2pTjkbS%2F5mzPY4ZJE9HeO8qG9xg%2BQ5qCBH1I71QUqFMGT8sxPT%2BrQPjk%2B6yv6GS6BXnsibEw6BuY8lZBd0FvELPn4ftxkaSjf0tQyQ4ss%2FtySqHV0"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 26 Jul 2024 18:52:27 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 39
accept-ranges: bytes
cf-ray: 911e8e1d18e3b50b-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/velobank.png

104.21.16.1

200 OK

16 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/velobank.png
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Size
16 kB (15596 bytes)
Hash
21745895fa61bfab0ec44c322a5a91e9
b1e01f896c25ec245856e9c336976722c624e6be
abeb1bb28b8da6fc7209f224fba4c41b2ca45660429d827628ebc92a335e39ae

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/velobank.png HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:50:05 GMT
content-type: image/png
content-length: 15596
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JDYu9pf4M01lP%2Bft8BoUc9mlkR2eQaeG6ZmPiymRZRqD%2BAToYePm6gnAcf9yNpM6yrOKgP%2BIePwXDYN8%2BzRTXK%2FZEkEauEWudjBL2PmSaDV8asb6TxKlCQMeptNDy3CU9Z1%2Bmqfkjo4UJHGezAK2"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 26 Jul 2024 18:52:27 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 40
accept-ranges: bytes
cf-ray: 911e8e1d38f0b50b-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/citihandlowy.png

104.21.16.1

200 OK

12 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/citihandlowy.png
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced
Size
12 kB (11581 bytes)
Hash
761b2a6138eacad1a2f18deff6a0d5d4
e6e9cfe12790d1df729433e19c3634f59cfbbe6e
555d912520b071a5829b657d5a0baafe8eb42ae77165232d1ba0c38ed9b13ccb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/citihandlowy.png HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:50:05 GMT
content-type: image/png
content-length: 11581
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZPxnGK7R3PmqLVHhp49M8vYQxucnPTjel71r1ZNnK5tXg3NQwOzZulTqdPku39G2Jd%2Fa0XFq%2FHrcYIQD81EWQctGS4wrssiR2YaXqgWEB6nXPV%2F2lV7YP%2BgkVE8pOGCeD%2F4whX4nChqTF3hGk7X1"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 26 Jul 2024 18:52:27 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 39
accept-ranges: bytes
cf-ray: 911e8e1d18e6b50b-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/sgbbank.png

104.21.16.1

200 OK

35 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/sgbbank.png
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Size
35 kB (34835 bytes)
Hash
f7761decc7bd3b2d42d688583c3d7f5d
ef7d9287ba5e3d52a18a980ee9ad0abc78ec7295
848a099263c8ac5b35daa30b024cdea1f914d1ba0f818db7c579c4b883ecfcbf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/sgbbank.png HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:50:05 GMT
content-type: image/png
content-length: 34835
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JXwxWW2Ado39cH3sYAuiElH48OaY%2FmrdnP2iUUBqaJNKPrKaGJPTbidIFDrH%2FRtWGgyIaxBEQotWstyYtDM%2FfqNcvQujICht8mZdP2Z5vs%2Fr%2Fy9PhQYfQPiS4CDdCqk1o8ch5Efqy2PTv%2F4kvI88"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 26 Jul 2024 18:52:27 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 40
accept-ranges: bytes
cf-ray: 911e8e1d28eeb50b-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/router.js

104.21.16.1

200 OK

126 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/router.js
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
JavaScript source, Unicode text, UTF-8 text
Size
126 kB (126089 bytes)
Hash
0cf02e455838c90eb216631cab3fddba
c301856896622b5244a5b25e63674469f0dbbda8
5e18deff80a4b2a4f826d3b01e02770745ad0ffa069018e535ea37fb661c750d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/router.js HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:50:03 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=otkV75w7S9lz7nWQi725goYsr8fKljMP%2BfeK3o1i%2FUYDxw8LRGBbvziXOV21jpgb4U3bQNmyxOIpnuLiSfADylfq9q4OfK32eL1kGLA2%2BgfuwjpQdPWwQCi6S1EssNW2T9hGamwIPUeRgOfAlTJw"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 27 Aug 2024 10:55:11 GMT
vary: Accept-Encoding
age: 40
cache-control: max-age=14400
cf-cache-status: HIT
content-encoding: br
cf-ray: 911e8e1688cdb50b-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/nestbank.png

104.21.16.1

200 OK

35 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/nestbank.png
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Size
35 kB (35319 bytes)
Hash
110ff8bb5901d87a85595ae24f7c8aae
4d8796e99af91ebe8f2626f3c80f4cbc1aff0f82
2889bd96a1914cd07d5767e6a78e023e097dfea0e6f4f3981d2cc5c02bbc298e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/nestbank.png HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:50:05 GMT
content-type: image/png
content-length: 35319
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n4TeLGU3rl0MTbRGoXjc2k76RfTrXCkm%2B0cN%2FEEvyv3p579TTyF5FbBDBpG0zYTUbZTpw6kAvUfSlYzAIobuLqWC%2FbWEqUUElh1K1xmqmrZwHXI05CxwWGIrLV0ikVUNMZ3Qo2mrJkWgmcS4I3jc"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 26 Jul 2024 18:52:27 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 40
accept-ranges: bytes
cf-ray: 911e8e1d28ecb50b-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/lang.js

104.21.16.1

200 OK

23 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/lang.js
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type

Size
23 kB (23376 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/lang.js HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:50:03 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o4ftcq%2BfFxyL6f4GXy6YjUlNqSii87Nc%2BUSe4hieZLNcl73Eaz7TTIStFJV4pIzeJMssWvdFW1Y75JAHe9RY1prcqNKWXs%2BlqWg4lUuAl1mqDK5xf4EQpspaDP9F1ASboSx9dDw3R4Tq1YglsIo6"}],"group":"cf-nel","max_age":604800}
last-modified: Wed, 28 Aug 2024 13:34:02 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 40
content-encoding: br
cf-ray: 911e8e1668c5b50b-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/data.php

104.21.16.1

200 OK

82 B

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/data.php
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
ASCII text, with no line terminators
Size
82 B (82 bytes)
Hash
b9115064f5c8f56eae364edf1541c2e3
2e7a70e79a2bfa59d98941e5ba2e7dadee767cdd
6dd3bd129dc906e831c8bde184492ff6757653ca8fc2c34e91bc0d849740e54e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/data.php HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:50:04 GMT
content-type: text/html; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lA0OxLH022ZqTVe3cy3NT4FtvboU3T6AYQlaW0RSdc9FS9qgqUViSSQVo5xUUSm%2B%2FoaPehU90fY9nvGKmVyYFE8NHLZrktdTc%2B2V%2F%2BckfB6LB5P7ZCpFuR3CcDHgFFK1BFVNPQfvk3MtN8RVpOF%2B"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 911e8e1a08d8b50b-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/inc/router.php

104.21.16.1

200 OK

12 B

URL POST HTTP/3
pl.logowaniie-alegrropll.com/inc/router.php
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
cd9fcbf466dc139ba6cf727738aec917
6745c295d498eb19e7f0b17eae73175f91c2076e
3313c25bc7916c5103c37736d01f2b7ba0b4b3483c6f2ac45deb6d30ae0ea58e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /inc/router.php HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 218
Origin: https://pl.logowaniie-alegrropll.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:50:25 GMT
content-type: application/json
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DWqyi7HuyQ5Hg36htnkmCi4V7U6PJoySw0WUBhFl7wLObG7hE34HnfUD7AnEHD7HDbR6BOz4gi1NCOQtjcJ6ALe9LRE6XPXwiYx09i5jdpGipiEimOyFQgnkcFyaAiaRZ01LRvIybZm6C2asedAE"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 911e8e9d5a14b50b-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css2?family=Poppins:wght@600;700;800;900&display=swap

142.250.74.10

200 OK

3.4 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Poppins:wght@600;700;800;900&display=swap
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint91:3E:F9:90:4B:40:4C:8E:D9:11:EA:64:14:86:3D:AD:DB:41:93:5C
ValidityMon, 20 Jan 2025 08:37:08 GMT - Mon, 14 Apr 2025 08:37:07 GMT

File type
ASCII text, with very long lines (3456), with no line terminators
Size
3.4 kB (3384 bytes)
Hash
4fdc479dc9e516e1930f276d8ee70965
70ee1d008bbdfc669ee1fa25d246bb22d4fc64e5
c349c6b1014b5c52ffde9bf4d988f2ab64eb467cb1c2a78771a4eed5a2b12294

HTTP Headers

GET /css2?family=Poppins:wght@600;700;800;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pl.logowaniie-alegrropll.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 14 Feb 2025 16:50:04 GMT
date: Fri, 14 Feb 2025 16:50:04 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

pl.logowaniie-alegrropll.com/assets/alior.png

104.21.16.1

200 OK

285 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/alior.png
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Size
285 kB (284917 bytes)
Hash
ce15e1156a9a4c3ad6f3502b747fff4f
36d08ab14d97fa1426c745bfddd2c7f8707f9e1a
5dfbeb5ad5d3eda9e99d19c0d4d803296bda9444c09a5003c4d1822154de524d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/alior.png HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:50:04 GMT
content-type: image/png
content-length: 284917
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=645zV0oWKdIBNdXSQp5z8D%2FwPTlZ9l7Yk02wbUD5r0EXGwXNk38EggxJWVNhG%2BKqe%2B%2BZTExft%2BJrrKS0rWHtayw%2FaBGT0n9yYZw%2B2YHLR6nkvIYJT%2FYEEGLxe5fhi9njkkGhgVk8cUOSlVLpm%2B4u"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 26 Jul 2024 18:52:27 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 39
accept-ranges: bytes
cf-ray: 911e8e1cd8dcb50b-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/inc/router.php

104.21.16.1

200 OK

12 B

URL POST HTTP/3
pl.logowaniie-alegrropll.com/inc/router.php
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
cd9fcbf466dc139ba6cf727738aec917
6745c295d498eb19e7f0b17eae73175f91c2076e
3313c25bc7916c5103c37736d01f2b7ba0b4b3483c6f2ac45deb6d30ae0ea58e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /inc/router.php HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 218
Origin: https://pl.logowaniie-alegrropll.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:50:16 GMT
content-type: application/json
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=06tib%2Bm3s%2BLmBlfhHxqkVeNCSayF57UnT0kQmLV6CRHYq5AARNlPRfumRZ%2F1kBxKjzmYuWznDNRuyJsil3TZMpKnYc9N94pVNmhfBgQSLrQQPlgfywXd%2Ff7gX0MhkYOVDIm4cmrNR0WMMpPaf4VA"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 911e8e651983b50b-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/inc/router.php

104.21.16.1

200 OK

12 B

URL POST HTTP/3
pl.logowaniie-alegrropll.com/inc/router.php
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
cd9fcbf466dc139ba6cf727738aec917
6745c295d498eb19e7f0b17eae73175f91c2076e
3313c25bc7916c5103c37736d01f2b7ba0b4b3483c6f2ac45deb6d30ae0ea58e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /inc/router.php HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 218
Origin: https://pl.logowaniie-alegrropll.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:50:22 GMT
content-type: application/json
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hn8apnszboqnCmguhRBCYwj1Za0J9%2FGOpsGj1SEAOd38UAHQc3cHtYTknSZlKJl08H0Qe2d6xWigmYyImHushYbTOtOCp7Mi466kkIWybDOy7wDLUkismUX8T%2Fs9sGms899U3QY%2FMWrh%2FXJQcDBJ"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 911e8e8a89d5b50b-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/inc/router.php

104.21.16.1

200 OK

12 B

URL POST HTTP/3
pl.logowaniie-alegrropll.com/inc/router.php
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
cd9fcbf466dc139ba6cf727738aec917
6745c295d498eb19e7f0b17eae73175f91c2076e
3313c25bc7916c5103c37736d01f2b7ba0b4b3483c6f2ac45deb6d30ae0ea58e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /inc/router.php HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 218
Origin: https://pl.logowaniie-alegrropll.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:50:28 GMT
content-type: application/json
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tnmFKLHDWNmJHhTOGgEnQgBLz76vles4R%2FAXNM79lIMeoCC%2FIOt%2BEKr5o3SAWoW39X%2B8CCiPQzbwrTQzKn0iEO3KyA6lO6JBYl30WsAj3AhuPBBja8Dr4FGiHbmEYZRcPubQq8g08OSBlqDvAj5G"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 911e8eb01a41b50b-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php

104.21.16.1

200 OK

43 kB

URL User Request GET HTTP/2
pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type

Size
43 kB (43110 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 14 Feb 2025 16:50:03 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xKyju28M%2Brz0D3kyYvWs1o3f0YGC3q9l%2F3U9iFYR7oPdpe8fW3auVHoeDFfuo1Iah2Ggfxt1FXu9mxlonMWaxfPZ7SsqlUAbxVpMFO7mRVP8XkUzNOqKR1t%2Fxhh51w5aoCakW79Wsf%2BL7hAd0zOF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 911e8e12fc345684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6022&min_rtt=500&rtt_var=10987&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3313&recv_bytes=1443&delivery_rate=6851735&cwnd=254&unsent_bytes=0&cid=1c2055358ae2f960&ts=236&x=0"
X-Firefox-Spdy: h2

pl.logowaniie-alegrropll.com/assets/password.svg

104.21.16.1

200 OK

1.3 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/password.svg
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
SVG Scalable Vector Graphics image
Size
1.3 kB (1331 bytes)
Hash
983379295fed9e91c749f71900f30524
d4440781fd0e3871e98379c0cf687a2cd76abb22
b579a2cd2ffe308e2b14fb2c554743df856330c246b33de51d7d2839c53419bb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/password.svg HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:50:03 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4c4FQahWmiuUwYPD25FuHnGGbwoGEJ1aXwQwYfp6GIbLSxFXf6WHHBCbCMaec38%2FC35yRUWbauATU3baRxa3j3NIuu%2B2WX0IFCLAXWw4TrwRkqbfuUG7K7xA1Y6uqabGjaRUYWJ71nAayYmyJFzb"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 26 Jul 2024 18:52:59 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 40
content-encoding: br
cf-ray: 911e8e1688cbb50b-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/kasastef.png

104.21.16.1

200 OK

124 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/kasastef.png
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Size
124 kB (124431 bytes)
Hash
3c32fddc9bff18290841c1c43b9c8e9d
d9ad81724483c8f73bc41c110b97ee3a07866cf0
60d5feed499d95a1925e7f653114e1ab0e1e53363f5e7abba15b50e46acba01a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/kasastef.png HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:50:05 GMT
content-type: image/png
content-length: 124431
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1%2BEleuMFBtqRWGP3KBrlsPuitdykryBvsKnZIw7%2Bz624s5CJJ95DHW04ifZuEKo8SznRhRqsksN5JlF8tTRULAZl%2Flnn8UWq%2BvDrq1nygTAE4OVoHdnt4FSKxzxw%2BsqtD6XsRBbXTX8aBBpJI%2FDw"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 26 Jul 2024 18:52:27 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 39
accept-ranges: bytes
cf-ray: 911e8e1d28ebb50b-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/inc/router.php

104.21.16.1

200 OK

12 B

URL POST HTTP/3
pl.logowaniie-alegrropll.com/inc/router.php
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
cd9fcbf466dc139ba6cf727738aec917
6745c295d498eb19e7f0b17eae73175f91c2076e
3313c25bc7916c5103c37736d01f2b7ba0b4b3483c6f2ac45deb6d30ae0ea58e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /inc/router.php HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 218
Origin: https://pl.logowaniie-alegrropll.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:50:13 GMT
content-type: application/json
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WTDGJmG8EJdjUqC47ZS5MFD6Cf3ay1t83P6JDiJSjZsICJcD6niUVvPZS%2B7I2AZG2pzFvb3NmRR1rTlfo8oKdXPclxqGgGqjyREOwqlPyjrpJ3MRGKO4BpZ3JUEyyicJqRk4UMeAkmrq79aYoxXw"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 911e8e525936b50b-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

142.250.74.10

200 OK

67 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint91:3E:F9:90:4B:40:4C:8E:D9:11:EA:64:14:86:3D:AD:DB:41:93:5C
ValidityMon, 20 Jan 2025 08:37:08 GMT - Mon, 14 Apr 2025 08:37:07 GMT

File type
ASCII text, with very long lines (1572)
Size
67 kB (67176 bytes)
Hash
034d5adc1cbedc8d7e0e7edd3b85b3bf
5296f6d4a3757879ff503163d2f08a293b15fe55
4e10df21374bf29431a4189a853d94cfa2ddaba4e89e8dff3b823f94b10e5d95

HTTP Headers

GET /css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pl.logowaniie-alegrropll.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 14 Feb 2025 16:50:04 GMT
date: Fri, 14 Feb 2025 16:50:04 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

pl.logowaniie-alegrropll.com/assets/fonts/TrustlySans-Bold.woff

104.21.16.1

200 OK

30 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/fonts/TrustlySans-Bold.woff
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
Web Open Font Format, TrueType, length 29888, version 0.0
Size
30 kB (29888 bytes)
Hash
c93f9458ff7a5204656b3df3375d0683
5b3a06422d6754fd7fc95e65073448ee9149607a
c48bb0bfacc648604edee50b7b8cef6e10fd0fc6910a68931fcca25672356c0f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/fonts/TrustlySans-Bold.woff HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://pl.logowaniie-alegrropll.com/assets/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:50:05 GMT
content-type: font/woff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QVclrFfbbC296q2Fp6tqFKrGNvvDyAAcQ55ac2XcLOHwn5Z2VOQlYBOsjWlOMg3rTPukAAihVzfXGhUIS3DP22vfnxFMvo8mCn%2Bf9RswFvwygSQ0H8ItWmz7pnqPjrWdheimMdVl9ZZxaC2q6oJH"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 26 Jul 2024 23:26:35 GMT
vary: Accept-Encoding
age: 39
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 911e8e1df8f3b50b-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/inc/router.php

104.21.16.1

200 OK

12 B

URL POST HTTP/3
pl.logowaniie-alegrropll.com/inc/router.php
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
cd9fcbf466dc139ba6cf727738aec917
6745c295d498eb19e7f0b17eae73175f91c2076e
3313c25bc7916c5103c37736d01f2b7ba0b4b3483c6f2ac45deb6d30ae0ea58e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /inc/router.php HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 218
Origin: https://pl.logowaniie-alegrropll.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:50:10 GMT
content-type: application/json
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=53kBMnNuCxkCjjvi0ORzTuSoAGLVhMpwDZX8ZtZ5lmVp5p2TEZBradejzZo0e7YtJsanM%2BDbU8Xn%2BGrMyLG%2BlbedAHFJOet3wsgplbppVv1HaRSZuYnMmfz1sUhLGpIOU%2BZc6guJ8gN2olaoViJh"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 911e8e3f8917b50b-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/ipko.svg

104.21.16.1

200 OK

3.2 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/ipko.svg
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
SVG Scalable Vector Graphics image
Size
3.2 kB (3196 bytes)
Hash
b9fbe33eb11f4ad923dd09bda7448677
c49969649a75545291017d917a8f9f61d79886f7
8db6a54b546aaf45888443ddccdf57e2d31941670aaae81272c4aa4e3fa2ceee

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/ipko.svg HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:50:05 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nMrrSqDpvtIgg81DQfu%2Bj3iMNgho6Th41uZUCdacIGYWNRaq%2Ffarirt9efhrQKEQtp9N43q2Af50DS6u0F4OS94WoskA9vloPxBBmoa9hBu28bBkZSsfSfRYym%2FMobClyvA7KPIiHTAtrazXX%2BOO"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 26 Jul 2024 18:52:27 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 39
content-encoding: br
cf-ray: 911e8e1d28e9b50b-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/inc/router.php

104.21.16.1

200 OK

12 B

URL POST HTTP/3
pl.logowaniie-alegrropll.com/inc/router.php
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
cd9fcbf466dc139ba6cf727738aec917
6745c295d498eb19e7f0b17eae73175f91c2076e
3313c25bc7916c5103c37736d01f2b7ba0b4b3483c6f2ac45deb6d30ae0ea58e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /inc/router.php HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 218
Origin: https://pl.logowaniie-alegrropll.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:50:07 GMT
content-type: application/json
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FKjXLjrJ%2Flm790BpR6a%2BFMlJEEFQaXgLyPBIwlF6932QfPjdVGq2u5cjdTTzSsu8Gh8blshPo4bWMWgmLk9Dp%2FRPJCfXs315BMJJD%2F%2F7yD2qEv6Np2%2Fz3XYhRAC0tXOWq%2BLbMFs7kgbQnr9RlTrP"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 911e8e2cc901b50b-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/inc/router.php

104.21.16.1

200 OK

12 B

URL POST HTTP/3
pl.logowaniie-alegrropll.com/inc/router.php
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
cd9fcbf466dc139ba6cf727738aec917
6745c295d498eb19e7f0b17eae73175f91c2076e
3313c25bc7916c5103c37736d01f2b7ba0b4b3483c6f2ac45deb6d30ae0ea58e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /inc/router.php HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 218
Origin: https://pl.logowaniie-alegrropll.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:50:19 GMT
content-type: application/json
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8i5uPbkYjvDMf4JAokP%2B2cfyjGjxKvjj6bgT%2FQ0SwZjgobao3kHlwrtHsL4K1aW0QZ7yCTRVqzpm3MlhunPuelc2%2BJae9665SWMI4VcrmUS%2F4IvnjbOpebzbM4DvrbxPasIHsxc9l0ZJRwrf7OKJ"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 911e8e77c9b6b50b-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/style.css

104.21.16.1

200 OK

48 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/style.css
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type

Size
48 kB (47888 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/style.css HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:50:03 GMT
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dAs8eR4yvJFkJ7KYLy2z4tetJPR8O8yC%2FNx89NtripFVfcZjICIGtfjZymKWPI1%2FW7oACnDYfkFGIuHZ5IXocIuRzeQEHj%2B9YyCAfaScOnv1U8c671QtrvoRvRRkhLwjieOvUFpeAccx8SFo8AwK"}],"group":"cf-nel","max_age":604800}
last-modified: Sun, 11 Aug 2024 00:31:13 GMT
vary: Accept-Encoding
age: 40
cache-control: max-age=14400
cf-cache-status: HIT
content-encoding: br
cf-ray: 911e8e1678c7b50b-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/fonts/TrustlySans-Regular.woff

104.21.16.1

200 OK

29 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/fonts/TrustlySans-Regular.woff
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
Web Open Font Format, TrueType, length 29156, version 0.0
Size
29 kB (29156 bytes)
Hash
5b0b13f2177c99898d7fe559cce0f68b
76be03fe3e549a9ea75228a0c89e26e07f442af2
4e0b179ce370efd16dfcf1f7cb793751384f1f6d85d99368db89d6696efe8737

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/fonts/TrustlySans-Regular.woff HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://pl.logowaniie-alegrropll.com/assets/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:50:04 GMT
content-type: font/woff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W2Zzg87gAV7er8u7tJzMp9UoAyXRHj%2BJaqbytYU6ooocckBqJWUAAIx%2BRlOrWzmZW4ZQ81u4WE8gq3FKXOugrASfpM0ZxOdm%2Fa5XFfAs4MH40KoRB%2FEB1ZC2599DR6gHFyLgUtXq%2F%2BcwKJaUp2cs"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 26 Jul 2024 23:26:28 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 40
cf-ray: 911e8e19b8d6b50b-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/mbank.png

104.21.16.1

200 OK

5.9 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/mbank.png
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Size
5.9 kB (5860 bytes)
Hash
f587618442db507828d06b58b9821d9e
1590718814b32c5a770b14dcac2bd969cc7f54b4
7c2792830c13ab3d723502328040d43cec5a864e97f6a1e3a72097b5db6ac4f5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/mbank.png HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:50:05 GMT
content-type: image/png
content-length: 5860
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DZieTipX%2FJHo58lqJChvxZextYhWwFwSlr%2FmpQKx2QXjV4xGnYhUqhFxH1A2w8RoEdosBlq%2FFDewKMYOAVErZcbW8yxqjn3im5XV8GPeRpz%2F8kNLkyHE5w%2FsxyUlh7YVi3PWtsLjx4y4zug5tY89"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 26 Jul 2024 18:52:27 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 39
accept-ranges: bytes
cf-ray: 911e8e1d28eab50b-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/ikea_favicon.png

104.21.16.1

404 Not Found

315 B

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/ikea_favicon.png
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
HTML document, ASCII text, with very long lines (326), with no line terminators
Size
315 B (315 bytes)
Hash
97ef40509b73c101d6815511c3adf98d
a4242322497ea630ea72e26ba297a95a2bbe5ccd
322c1f60d9d454c801f7cff3173ef16b61cf9963a64e09a4d9e21d36218b56be

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/ikea_favicon.png HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Fri, 14 Feb 2025 16:50:04 GMT
content-type: text/html; charset=iso-8859-1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6LNIgBqFn8aoyuLOZQKpDNyBimg%2Ft%2BIKmY5we0JJP8sOblep%2BMASX93UyDbDAHwDnL6P2otLCLQTAgrRjPWQpwMC7KQhkFrjjhK1rJbAk8g%2BUM2h0FJZWpBQjdeuGLTGIgF%2Fqu8zy0awFVH9AP1u"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-cache-status: HIT
age: 40
content-encoding: br
cf-ray: 911e8e19f8d7b50b-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/bank.php

104.21.16.1

200 OK

19 kB

URL POST HTTP/3
pl.logowaniie-alegrropll.com/assets/bank.php
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type

Size
19 kB (18748 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /assets/bank.php HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Content-Length: 26
Origin: https://pl.logowaniie-alegrropll.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:50:04 GMT
content-type: text/html; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wwRt4wfgZcy%2FElOhAj2veLq58SkysyzmdlY7FQ4Agx2YppH3UrxCUjWzmAHl1MpBlGgXwRpTk0Cn%2FCMyhrvsAMFULeRaUHdZWywez%2BTlWqzyoS46UCNmpvEjjGbZf1710VO8x429jnMIA9uQq5pN"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 911e8e1b78dbb50b-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/post.js

104.21.16.1

200 OK

11 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/post.js
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type

Size
11 kB (11390 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/post.js HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:50:03 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dWOArIaf%2BtFi50X1PwJBdOqb50votXpMTUJ1NSufZid5o2u5mmxG9tCX5LF7YgPTV7s%2BGrUUzBFLwlxQoiGI2F7%2Fj%2FpbfODs5iym3HyfsA9b1OJwzOn7b%2FWqojc0SkL0u2jHMicpNPB2rtXODWjf"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 27 Aug 2024 10:45:57 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 40
content-encoding: br
cf-ray: 911e8e1688ceb50b-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

pl.logowaniie-alegrropll.com/assets/fonts/TrustlyIcons.otf

104.21.16.1

200 OK

3.0 kB

URL GET HTTP/3
pl.logowaniie-alegrropll.com/assets/fonts/TrustlyIcons.otf
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pl.logowaniie-alegrropll.com/login.php?login=67aedc8b42901index.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.phpindex.php
Certificate
IssuerGoogle Trust Services
Subjectlogowaniie-alegrropll.com
FingerprintA9:B9:57:2C:47:1B:11:2C:CA:C0:58:33:D9:13:75:BF:20:2F:2E:1A
ValidityFri, 07 Feb 2025 12:31:12 GMT - Thu, 08 May 2025 13:28:16 GMT

File type
OpenType font data
Size
3.0 kB (2960 bytes)
Hash
64a75d8661147354cf01c4e6f827fd94
39446ec4c32962c94deeb685335c859ed82b0be5
2770ea9ca2d00806d0c02f8c716edce88f2eaa36e83d1728a9b0361a2cdc3ca7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/fonts/TrustlyIcons.otf HTTP/1.1
Host: pl.logowaniie-alegrropll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pl.logowaniie-alegrropll.com/assets/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 14 Feb 2025 16:50:04 GMT
content-type: font/otf
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A%2F%2FKHM14gRLLPJtIBuUkBWSByq3SmtLaSOb%2BivCK89uYaMvyWqPup1SatCkpCM3eJ%2FZB9Z9f2gkAs90aFeOmjKxCZedofW17meFaHVufEfM6dpoCV3Xp0aXjT1zA3DarZ91CNtJGgNHM%2BcFO0hMO"}],"group":"cf-nel","max_age":604800}
last-modified: Sat, 27 Jul 2024 00:01:06 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 40
content-encoding: br
cf-ray: 911e8e1988d5b50b-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (14)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML