| |  193.164.157.241 | 200 OK | 177 B |
URL User Request GET HTTP/1.1IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typeHTML document, Unicode text, UTF-8 text Hash2e6fb3b2a13f09cb6d3ffab54e6ea893 947a484e1cf93fd8e5de48bed4a23434dee13488 f0454506121d0c044f5c74826174fce740b4fc960dd21cb88ab1acabd15c8518
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
content-type: text/html; charset=UTF-8
location: https://193.164.157.241/
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:13 GMT
content-length: 177
x-server: plap2
|
|
| | 193.164.157.241 | 200 OK | 478 kB |
URL User Request GET HTTP/1.1IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (54946), with CRLF line terminators Size478 kB (477651 bytes) Hash9d547898c161efc3546aae9124c45150 6a31aa2c74ac12392beb969e39bf87825e099b49 b7f40b3ae7322213f67c5a34c8e9a159a45cc43db2eb5aad785d4af156acf598
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: private
content-type: text/html; charset=utf-8
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
set-cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; HttpOnly; SameSite=Lax; SameSite=none; Secure=true
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:15 GMT
content-length: 477651
x-server: plap2
|
|
| 193.164.157.241/assets/libraries/jquery-ui.min.css | 193.164.157.241 | 200 OK | 7.9 kB |
URL GET HTTP/1.1193.164.157.241/assets/libraries/jquery-ui.min.css IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typeASCII text, with very long lines (29137), with CRLF line terminators Hash215077014154308be415e1181a14646f 8366128e32a0fd429eb64d6aeaa0dca535a8be27 ca4df2bf400a42d8752e115f03366a90b2b4ed06b2da9ef429d41fda5f15705e
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/libraries/jquery-ui.min.css HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 08:42:07 GMT
accept-ranges: bytes
etag: "80197cf26494d91:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:15 GMT
content-length: 7878
x-server: plap3
|
|
| 193.164.157.241/assets/libraries/owl.theme.default.css | 193.164.157.241 | 200 OK | 1.4 kB |
URL GET HTTP/1.1193.164.157.241/assets/libraries/owl.theme.default.css IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typeASCII text, with CRLF line terminators Hashbebc9cc2cbdd546d76bbe2b79346f5ba 1379fff4f4d25182bbe7e17e6340a1beb06f45cb 8db15cfabcab9b7b19231ea65a96a8fd0ae110498111a518d5046b24610f5ad2
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/libraries/owl.theme.default.css HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
content-type: text/css
last-modified: Thu, 01 Jun 2023 08:42:07 GMT
accept-ranges: bytes
etag: "abd3caf26494d91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:15 GMT
content-length: 1430
x-server: plap3
|
|
| 193.164.157.241/assets/libraries/jquery-ui.min.js | 193.164.157.241 | 200 OK | 254 kB |
URL GET HTTP/1.1193.164.157.241/assets/libraries/jquery-ui.min.js IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (32074), with CRLF line terminators Size254 kB (253681 bytes) Hashbcad1d60cf9cb3bb180a1a8339ed5529 e045cf3abc14f3d1489828d51a47dd8fb10db197 21cacca8e9eb98f1f32702b4176685f2f941af51ab5bc7cf88ccb5435a1bb080
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/libraries/jquery-ui.min.js HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
content-type: application/javascript
last-modified: Thu, 01 Jun 2023 08:42:07 GMT
accept-ranges: bytes
etag: "bbaccaf26494d91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:15 GMT
content-length: 253681
x-server: plap2
|
|
| 193.164.157.241/assets/libraries/owl.carousel.min.css | 193.164.157.241 | 200 OK | 3.4 kB |
URL GET HTTP/1.1193.164.157.241/assets/libraries/owl.carousel.min.css IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typeASCII text, with very long lines (3184), with CRLF line terminators Hashb9755c9c2613c455154caf065bd1a94d aa3c316b4e2ab55bcb3d8e3d186677739b0cfd64 062368677bcefd9495e8b320e0cf22c4faca9f1bc04666efeb9cd5307cd591a4
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/libraries/owl.carousel.min.css HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
content-type: text/css
last-modified: Thu, 01 Jun 2023 08:42:07 GMT
accept-ranges: bytes
etag: "bbaccaf26494d91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:15 GMT
content-length: 3356
x-server: plap2
|
|
| 193.164.157.241/assets/libraries/select2.min.css | 193.164.157.241 | 200 OK | 2.2 kB |
URL GET HTTP/1.1193.164.157.241/assets/libraries/select2.min.css IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typeASCII text, with very long lines (16263), with CRLF line terminators Hashbb4f601b18b642bda193fb02d8845d94 dd955de114f23a39b7ce95f62c56b77aed15f7ed 4a7641c6c583062a068c15438922a6ab5087da847d51d18b36929b013f106671
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/libraries/select2.min.css HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
content-type: text/css
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 08:42:07 GMT
accept-ranges: bytes
etag: "80197cf26494d91:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:15 GMT
content-length: 2152
x-server: plap3
|
|
| 193.164.157.241/assets/css/_styles.css?v=35622667 | 193.164.157.241 | 200 OK | 7.5 kB |
URL GET HTTP/1.1193.164.157.241/assets/css/_styles.css?v=35622667 IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typeUnicode text, UTF-8 (with BOM) text, with CRLF line terminators Hash7f32b123859ca716436fc0ebc99344e4 e2354861d6e90817d8c2717deb09fea6cc2ef4ff 70ef80f436504cc2108753eb9b511ec601e690659590c7495b0a3e760f934826
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/css/_styles.css?v=35622667 HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
content-type: text/css
last-modified: Thu, 01 Jun 2023 08:42:07 GMT
accept-ranges: bytes
etag: "629b0f26494d91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:15 GMT
content-length: 7514
x-server: plap3
|
|
| code.jquery.com/jquery-3.6.0.min.js |  151.101.194.137 | 200 OK | 31 kB |
URL GET HTTP/2code.jquery.com/jquery-3.6.0.min.js IP151.101.194.137:443
CertificateIssuerSectigo Limited Subject*.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://193.164.157.241
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 24 Apr 2024 03:18:17 GMT
age: 6386317
x-served-by: cache-lga21931-LGA, cache-hel1410026-HEL
x-cache: HIT, HIT
x-cache-hits: 22, 430243
x-timer: S1713928697.082113,VS0,VE0
vary: Accept-Encoding
content-length: 30875
X-Firefox-Spdy: h2
|
|
| 193.164.157.241/assets/libraries/owl.carousel.min.js | 193.164.157.241 | 200 OK | 11 kB |
URL GET HTTP/1.1193.164.157.241/assets/libraries/owl.carousel.min.js IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (31997), with CRLF line terminators Hash47c357c05cb99cedbac2874840319818 d8b05365de4b760618328fdeef7672e8374978e4 4e0781bdd2cbb5db04da3b5e059eeca34e325fabb893bee7457b5babf5b7c029
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/libraries/owl.carousel.min.js HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 08:42:07 GMT
accept-ranges: bytes
etag: "80197cf26494d91:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:15 GMT
content-length: 11412
x-server: plap2
|
|
| 193.164.157.241/assets/js/scripts.js?v=35622667 | 193.164.157.241 | 200 OK | 2.7 kB |
URL GET HTTP/1.1193.164.157.241/assets/js/scripts.js?v=35622667 IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Hash09c803a14386feb947f1fd40c9b6fef8 36cc237522ae38eae0f79d36f33401f74dce4d12 6e06637b310f8f1668fdf8a29e71d54a1d4f4c2d3fe4ec2e257d4cedeb12c7ed
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/js/scripts.js?v=35622667 HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 08:42:07 GMT
accept-ranges: bytes
etag: "80197cf26494d91:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:15 GMT
content-length: 2666
x-server: plap2
|
|
| use.typekit.net/hfh4jbg.css |  23.36.76.186 | 200 OK | 1.2 kB |
URL GET HTTP/2use.typekit.net/hfh4jbg.css IP23.36.76.186:443 ASN#20940 Akamai International B.V.
CertificateIssuerDigiCert Inc Subjectuse.typekit.net Fingerprint15:AD:3F:8A:55:B7:BC:20:D8:70:5B:06:E0:D2:92:7C:BE:C6:E0:56 ValidityThu, 01 Feb 2024 00:00:00 GMT - Mon, 03 Mar 2025 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (516) Hash4407664415d56f2a3e1e09125fe1c4a7 5f03107f1b8c18ef45f8a6d860994cfa7192e6a8 f1ff6a5a35f3a8ff1d84df98dcfddd05cc62ee399b5f032c3d01aa5b45418864
GET /hfh4jbg.css HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: text/css;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 1214
date: Wed, 24 Apr 2024 03:18:17 GMT
X-Firefox-Spdy: h2
|
|
| 193.164.157.241/assets/libraries/bootstrap.min.js | 193.164.157.241 | 200 OK | 62 kB |
URL GET HTTP/1.1193.164.157.241/assets/libraries/bootstrap.min.js IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (61608), with CRLF line terminators Hashd73d4a941842a646b03d20ee901dba14 52ff0e3e0f74ca165ebb660f0c3572005f45a184 b30cc6ee2a66f42c17376794f97d36c534436e2680531ae3e6a534db065cdfc2
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/libraries/bootstrap.min.js HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
content-type: application/javascript
last-modified: Mon, 09 Oct 2023 10:29:09 GMT
accept-ranges: bytes
etag: "1eb11709bfad91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:15 GMT
content-length: 61899
x-server: plap3
|
|
| 193.164.157.241/assets/js/tools.js?v=35622667 | 193.164.157.241 | 200 OK | 3.3 kB |
URL GET HTTP/1.1193.164.157.241/assets/js/tools.js?v=35622667 IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 (with BOM) text, with very long lines (1645), with CRLF line terminators Hashed24f6c800a2e960bf0af293a051ada5 aaaec3f130a6b8960fea282fec0856ec6276ee8d d1405492a532d38983bbff27f788b0b4920a79b83558fe2a27c5d8629b088c84
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/js/tools.js?v=35622667 HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 08:42:07 GMT
accept-ranges: bytes
etag: "80197cf26494d91:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:15 GMT
content-length: 3264
x-server: plap3
|
|
| 193.164.157.241/assets/js/googleAnaliticsTools.js?v=35622667 | 193.164.157.241 | 200 OK | 2.2 kB |
URL GET HTTP/1.1193.164.157.241/assets/js/googleAnaliticsTools.js?v=35622667 IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Hash80d7a465686b7666a5dd7ace961450e6 080a8a58585c02db50e50f6913fbeac9770b99a2 6d5b93034ab9be357e1ae630eb86a627ff25008d5370cd92f6b8d5f32cf85cc9
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/js/googleAnaliticsTools.js?v=35622667 HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 08:42:07 GMT
accept-ranges: bytes
etag: "80197cf26494d91:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:15 GMT
content-length: 2212
x-server: plap3
|
|
| 193.164.157.241/assets/libraries/select2.min.js | 193.164.157.241 | 200 OK | 20 kB |
URL GET HTTP/1.1193.164.157.241/assets/libraries/select2.min.js IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (64126), with CRLF line terminators Hash948a74659f0ac7ccfff9360f6e9a9248 67b741acda95af16c25c396c92fff3d22f8d38b9 5ff3e96b7a2eb6372d289b05f72145b98cb95050fb02c762c20513f5527f61df
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/libraries/select2.min.js HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 08:42:07 GMT
accept-ranges: bytes
etag: "80197cf26494d91:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:15 GMT
content-length: 20014
x-server: plap3
|
|
| 193.164.157.241/assets/js/validation.js?v=35622667 | 193.164.157.241 | 200 OK | 6.9 kB |
URL GET HTTP/1.1193.164.157.241/assets/js/validation.js?v=35622667 IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 (with BOM) text, with very long lines (946), with CRLF line terminators Hash8edbf03318c130a0a6c3a385c20c0c1d 59b72849e1de7198531ef106af90b9fe976fd61c 4132dae2398fd0eed71cfbcf1305458577b7acf5ac12efc9d3afffaae32f0cc7
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/js/validation.js?v=35622667 HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 01 Jun 2023 08:42:07 GMT
accept-ranges: bytes
etag: "80197cf26494d91:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:15 GMT
content-length: 6909
x-server: plap2
|
|
| 193.164.157.241/assets/libraries/bootstrap.min.css | 193.164.157.241 | 200 OK | 155 kB |
URL GET HTTP/1.1193.164.157.241/assets/libraries/bootstrap.min.css IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (65295), with CRLF line terminators Size155 kB (154881 bytes) Hash58ed0a30a2dfd8eec2938fe2308445c0 840da010a1a848112ca78572578a8a0a6271ef47 1d6fbda01ea7b660b50ee5dc34f0a0497208354649453a07a95f1bb0cf59c74c
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/libraries/bootstrap.min.css HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
content-type: text/css
last-modified: Mon, 09 Oct 2023 10:29:09 GMT
accept-ranges: bytes
etag: "27e410709bfad91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:15 GMT
content-length: 154881
x-server: plap3
|
|
| 193.164.157.241/assets/js/elasticQuickSearch.js?v=35622667 | 193.164.157.241 | 200 OK | 5.9 kB |
URL GET HTTP/1.1193.164.157.241/assets/js/elasticQuickSearch.js?v=35622667 IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Hash83349edc8e68491e0a70e58dcf373458 8ba5fd3aa37e0f282f253b949fa1ab714ef8fafd 0f3addf967c9bbcbcf1fcdba8e77b5a9b5de813574510832ea127f13367edffc
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/js/elasticQuickSearch.js?v=35622667 HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
content-type: application/javascript
last-modified: Thu, 01 Jun 2023 08:42:07 GMT
accept-ranges: bytes
etag: "8556b2f26494d91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:15 GMT
content-length: 5880
x-server: plap2
|
|
| 193.164.157.241/assets/js/elasticBase.js?v=35622667 | 193.164.157.241 | 200 OK | 3.6 kB |
URL GET HTTP/1.1193.164.157.241/assets/js/elasticBase.js?v=35622667 IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators Hashab4bf84a5d01e751428f85d703bcc412 aa6670a4611c359462d3163b25cbdc8490ccfd67 ce933dfb7fdfad09382d0a5cf8e6050ffa56be2421278d46e600a81cfb72aa7e
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/js/elasticBase.js?v=35622667 HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
content-type: application/javascript
last-modified: Thu, 01 Jun 2023 08:42:07 GMT
accept-ranges: bytes
etag: "872fb2f26494d91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:15 GMT
content-length: 3590
x-server: plap3
|
|
| 193.164.157.241/WebResource.axd?d=Q7XwGc992-C9cqgep-WjaAjh7QqrEKI2z5w44ju2x4RHJnhN7RQYBNk28otSxqkfsJeWcww7kRT6kBWEb69dYMJWZ5U1&t=638393462639266807 | 193.164.157.241 | 200 OK | 23 kB |
URL GET HTTP/1.1193.164.157.241/WebResource.axd?d=Q7XwGc992-C9cqgep-WjaAjh7QqrEKI2z5w44ju2x4RHJnhN7RQYBNk28otSxqkfsJeWcww7kRT6kBWEb69dYMJWZ5U1&t=638393462639266807 IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Hash90ea7274f19755002360945d54c2a0d7 647b5d8bf7d119a2c97895363a07a0c6eb8cd284 40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /WebResource.axd?d=Q7XwGc992-C9cqgep-WjaAjh7QqrEKI2z5w44ju2x4RHJnhN7RQYBNk28otSxqkfsJeWcww7kRT6kBWEb69dYMJWZ5U1&t=638393462639266807 HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: public
content-type: application/x-javascript
expires: Wed, 23 Apr 2025 10:45:03 GMT
last-modified: Thu, 28 Dec 2023 06:44:23 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:15 GMT
content-length: 23063
x-server: plap3
|
|
| 193.164.157.241/assets/css/styles.css?v=35622667 | 193.164.157.241 | 200 OK | 255 kB |
URL GET HTTP/1.1193.164.157.241/assets/css/styles.css?v=35622667 IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typeASCII text, with CRLF line terminators Size255 kB (255371 bytes) Hash12f77145f9db07b265573d46adb6ae1f 5c10568b42ef461f598d582a35b05f4da4d0592b 71cca9326419e8d46382f9180ef6c7ff2b05b748a7d808748477c17ecb7a3f59
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/css/styles.css?v=35622667 HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
content-type: text/css
last-modified: Mon, 08 Jan 2024 15:19:29 GMT
accept-ranges: bytes
etag: "a7ce6134642da1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:15 GMT
content-length: 255371
x-server: plap2
|
|
| 193.164.157.241/ScriptResource.axd?d=UfAd5c-3AToVclJjzU8HQsrwxNlp3m6DUzR5sKMPz49aVG0EVWTpz_XyG7xDz2ZDlqsfUnImD13MrD4N3hIbMLS0GlzMQxgoVpsSi4U74mYeVL-1Y5YoEEzpNKy_QmLQBjTI9S3iyDmvXNLCjOSjgPC4PXzg4oxV8H8yPVD9IGSK6qRx0&t=3cf0aaa4 | 193.164.157.241 | 200 OK | 10 kB |
URL GET HTTP/1.1193.164.157.241/ScriptResource.axd?d=UfAd5c-3AToVclJjzU8HQsrwxNlp3m6DUzR5sKMPz49aVG0EVWTpz_XyG7xDz2ZDlqsfUnImD13MrD4N3hIbMLS0GlzMQxgoVpsSi4U74mYeVL-1Y5YoEEzpNKy_QmLQBjTI9S3iyDmvXNLCjOSjgPC4PXzg4oxV8H8yPVD9IGSK6qRx0&t=3cf0aaa4 IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 (with BOM) text, with very long lines (39257), with CRLF line terminators Hash68cb7eb8830b04109ddbf2c01a407fc2 fc384af6c307385ec169a0d2165976661cfab038 55704e6570eb49c92bd57205b0472306aff6a5368f9648bdcffa2c6f9523cfa6
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /ScriptResource.axd?d=UfAd5c-3AToVclJjzU8HQsrwxNlp3m6DUzR5sKMPz49aVG0EVWTpz_XyG7xDz2ZDlqsfUnImD13MrD4N3hIbMLS0GlzMQxgoVpsSi4U74mYeVL-1Y5YoEEzpNKy_QmLQBjTI9S3iyDmvXNLCjOSjgPC4PXzg4oxV8H8yPVD9IGSK6qRx0&t=3cf0aaa4 HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: public
content-type: application/x-javascript
content-encoding: gzip
expires: Wed, 23 Apr 2025 10:48:31 GMT
last-modified: Tue, 23 Apr 2024 10:48:31 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:15 GMT
content-length: 10115
x-server: plap2
|
|
| 193.164.157.241/ScriptResource.axd?d=gDBiktgo3JEhlgkn4mJoTPJJ43k_oZq9ZVSrwqpn5W9niJ5dnqmUwp1md8SxRmKw-O81UJE6X47sRQvbYI4C9TO58RMKyC_qIUCPjTWGd-DynmYy5Ln0WrhT7U9ZZFcvsjzIMzxlJtjwtkHQ_cGLVMwlDpx38JKwg4nPJaYkbpK3rOAS0&t=3cf0aaa4 | 193.164.157.241 | 200 OK | 26 kB |
URL GET HTTP/1.1193.164.157.241/ScriptResource.axd?d=gDBiktgo3JEhlgkn4mJoTPJJ43k_oZq9ZVSrwqpn5W9niJ5dnqmUwp1md8SxRmKw-O81UJE6X47sRQvbYI4C9TO58RMKyC_qIUCPjTWGd-DynmYy5Ln0WrhT7U9ZZFcvsjzIMzxlJtjwtkHQ_cGLVMwlDpx38JKwg4nPJaYkbpK3rOAS0&t=3cf0aaa4 IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 (with BOM) text, with very long lines (65326), with CRLF line terminators Hash775450ce5bb2c67c3a62bd41353b39d4 68834472076890ef6363bd2ee897724ccf0759d3 019ce966da5314dc25cbf5817ea5056176663d51e572a595d6372e93209943f5
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /ScriptResource.axd?d=gDBiktgo3JEhlgkn4mJoTPJJ43k_oZq9ZVSrwqpn5W9niJ5dnqmUwp1md8SxRmKw-O81UJE6X47sRQvbYI4C9TO58RMKyC_qIUCPjTWGd-DynmYy5Ln0WrhT7U9ZZFcvsjzIMzxlJtjwtkHQ_cGLVMwlDpx38JKwg4nPJaYkbpK3rOAS0&t=3cf0aaa4 HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: public
content-type: application/x-javascript
content-encoding: gzip
expires: Wed, 23 Apr 2025 10:49:16 GMT
last-modified: Tue, 23 Apr 2024 10:49:16 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:15 GMT
content-length: 26017
x-server: plap2
|
|
| 193.164.157.241/assets/images/closePopup.png | 193.164.157.241 | 200 OK | 220 B |
URL GET HTTP/1.1193.164.157.241/assets/images/closePopup.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 36 x 36, 8-bit/color RGBA, non-interlaced Hash5fe2be0b238fd8d06032cab30f0bb201 7768dd8b1261dffed4b0889b2110e260c5d6f4f2 a63139b6cf036f04d158d51e98cf260496e43c503ff2046e0251c12df73fbc58
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/images/closePopup.png HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
content-type: image/png
last-modified: Thu, 01 Jun 2023 08:42:07 GMT
accept-ranges: bytes
etag: "b73ab1f26494d91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:15 GMT
content-length: 220
x-server: plap2
|
|
| 193.164.157.241/assets/images/main_logo.png | 193.164.157.241 | 200 OK | 4.0 kB |
URL GET HTTP/1.1193.164.157.241/assets/images/main_logo.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 125 x 49, 8-bit/color RGBA, non-interlaced Hashb7be2d673dd6c1cc8c13030052e4851f 0dd438ffbc832f4cec168cf53a37185ea89557ac 72c6a8981eba22b9c2c77d769e671813fcd4664233f096b1180ce639d8d03f1a
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/images/main_logo.png HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
content-type: image/png
last-modified: Thu, 01 Jun 2023 08:42:07 GMT
accept-ranges: bytes
etag: "8ae1b1f26494d91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:15 GMT
content-length: 3981
x-server: plap3
|
|
| 193.164.157.241/pliki/SPRSZCZ1.png | 193.164.157.241 | 200 OK | 5.0 kB |
URL GET HTTP/1.1193.164.157.241/pliki/SPRSZCZ1.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 329 x 61, 8-bit/color RGB, non-interlaced Hash03a853bbe1f8193bf50a961b98b02855 b6ac64c1b8a906ba303fa94e3e7c6da89ebcf4fb 4f1408c461c2378bd3bbd30a8a3d0ef766e156c534c06d411c9b371a0e2d82ae
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pliki/SPRSZCZ1.png HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=86400, must-revalidate
content-type: image/png
last-modified: Tue, 23 May 2023 08:09:44 GMT
accept-ranges: bytes
etag: "89aaeaee4d8dd91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:15 GMT
content-length: 4971
x-server: plap3
|
|
| 193.164.157.241/pliki/inforleVAT_2024_400x400.png | 193.164.157.241 | 200 OK | 76 kB |
URL GET HTTP/1.1193.164.157.241/pliki/inforleVAT_2024_400x400.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced Hash77245dc1fa8f2e4e776cb2935838e142 b302f6b81b885dee9e8d335c15d59ed0e68be788 6e605f4c29f100ce6c24bcb2360bc710e42c6f05f6c8fcb5a3a2d0654c636895
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pliki/inforleVAT_2024_400x400.png HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=86400, must-revalidate
content-type: image/png
last-modified: Thu, 04 Apr 2024 05:38:55 GMT
accept-ranges: bytes
etag: "128c27625286da1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:15 GMT
content-length: 76188
x-server: plap3
|
|
| 193.164.157.241/pliki/400x400_eDGP-PiZ.PNG | 193.164.157.241 | 200 OK | 127 kB |
URL GET HTTP/1.1193.164.157.241/pliki/400x400_eDGP-PiZ.PNG IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced Size127 kB (127046 bytes) Hash591ea5faaf7304ef7a41f1e79367c486 89dbe065ca4ee095454d9ff1b460024164f6b940 25a5b7f219e9c7c9f97b60ea3353714142f5a4bce9e09554621488711261cf12
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pliki/400x400_eDGP-PiZ.PNG HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=86400, must-revalidate
content-type: image/png
last-modified: Mon, 11 Mar 2024 07:28:00 GMT
accept-ranges: bytes
etag: "0c02ea58573da1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 127046
x-server: plap2
|
|
| 193.164.157.241/okladki/37/95/00/379500mega.png | 193.164.157.241 | 200 OK | 201 kB |
URL GET HTTP/1.1193.164.157.241/okladki/37/95/00/379500mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Size201 kB (201208 bytes) Hash9780dedded91f2c95a282f0ce595b8f1 4794e91db6d79a1d0928970848b941eba7e7455f fddfa116b15f593eb20156986c952d80bbb3f2cab5519ba247db0e693e224a87
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /okladki/37/95/00/379500mega.png HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Wed, 03 Jan 2024 07:11:01 GMT
accept-ranges: bytes
etag: "c26bf21143eda1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:15 GMT
content-length: 201208
x-server: plap3
|
|
| 193.164.157.241/pliki/arkusze_2024_400x400.png | 193.164.157.241 | 200 OK | 108 kB |
URL GET HTTP/1.1193.164.157.241/pliki/arkusze_2024_400x400.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced Size108 kB (108216 bytes) Hash326a270f1d1f13048ab71cfd65640a4b 6e2922e657af682a0acb77239e55c40a2ebf3317 5fcacb5a7e032dbf0dd923984aca851dd429d0bee42eccf9aab1bd2eb0364ca2
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pliki/arkusze_2024_400x400.png HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=86400, must-revalidate
content-type: image/png
last-modified: Mon, 11 Dec 2023 07:27:00 GMT
accept-ranges: bytes
etag: "03ad46d32cda1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:15 GMT
content-length: 108216
x-server: plap3
|
|
| 193.164.157.241/okladki/37/96/10/379610mega.png | 193.164.157.241 | 200 OK | 101 kB |
URL GET HTTP/1.1193.164.157.241/okladki/37/96/10/379610mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Size101 kB (100551 bytes) Hash36459b3b5d832e42bb989e508aa0def3 cffcef1bf7630d6d047334df1c87475b8c71ed00 e97299694146891f21a70b215a2836434f85c5760de3ff5a8aa383cb1cc7e2a3
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /okladki/37/96/10/379610mega.png HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Wed, 17 Jan 2024 11:19:10 GMT
accept-ranges: bytes
etag: "469f47fe3649da1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:15 GMT
content-length: 100551
x-server: plap3
|
|
| sklep.infor.pl/okladki/12/09/97/120997mega.png | 193.164.157.241 | 200 OK | 116 kB |
URL GET HTTP/1.1sklep.infor.pl/okladki/12/09/97/120997mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Size116 kB (115839 bytes) Hash6c7eabbc4f4c814f41a30d8f3692d26a 839bc1b6de8bb6f3940ebd08047a19a510472ea8 43429833152a59fd83e55adbc77b9c2cfdc058273342fa1c4c3c627a3a3dbde3
GET /okladki/12/09/97/120997mega.png HTTP/1.1
Host: sklep.infor.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Tue, 23 Apr 2024 09:56:04 GMT
accept-ranges: bytes
etag: "7ab0b2746495da1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:15 GMT
content-length: 115839
x-server: plap2
|
|
| sklep.infor.pl/pliki/majowka_2024_1250x320.jpg | 193.164.157.241 | 200 OK | 84 kB |
URL GET HTTP/1.1sklep.infor.pl/pliki/majowka_2024_1250x320.jpg IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1250x320, components 3 Hash5747d1b9d54bd6e1f64dbf558d68797f ff85db0dfc02bdb42c23923ba87f27ef66586b6b b1231939a398f2d47d2ca102ed128e847a4b792af4bb8abc3e33055fe8d36422
GET /pliki/majowka_2024_1250x320.jpg HTTP/1.1
Host: sklep.infor.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=86400, must-revalidate
content-type: image/jpeg
last-modified: Fri, 19 Apr 2024 09:51:00 GMT
accept-ranges: bytes
etag: "01a5f153f92da1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:15 GMT
content-length: 83720
x-server: plap2
|
|
| sklep.infor.pl/okladki/37/93/95/379395mega.png | 193.164.157.241 | 200 OK | 166 kB |
URL GET HTTP/1.1sklep.infor.pl/okladki/37/93/95/379395mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Size166 kB (165925 bytes) Hash54f657f749b7c494c186046778b08521 307fed12c8adba977c38aa01be2b9c622d484cbf c65cb3249c99abfc7b66c58b2f7daf79911db18af5664aa6cfe1a1c600adba89
GET /okladki/37/93/95/379395mega.png HTTP/1.1
Host: sklep.infor.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Mon, 16 Oct 2023 09:02:10 GMT
accept-ranges: bytes
etag: "12f9072f0da1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:15 GMT
content-length: 165925
x-server: plap3
|
|
| sklep.infor.pl/okladki/37/94/93/379493mega.png | 193.164.157.241 | 200 OK | 96 kB |
URL GET HTTP/1.1sklep.infor.pl/okladki/37/94/93/379493mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Hash464579974efe1add071cfe5e1fa292ca e585c31f561ba530eb54ff066a9b969060f4ae4e 7b30e19148f0d12f83dbd3120f89948bf19b85fec94e8de79f2d5406e1e1c08b
GET /okladki/37/94/93/379493mega.png HTTP/1.1
Host: sklep.infor.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Fri, 01 Dec 2023 08:49:50 GMT
accept-ranges: bytes
etag: "ea397d583324da1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:15 GMT
content-length: 96260
x-server: plap2
|
|
| sklep.infor.pl/okladki/37/94/26/379426mega.png | 193.164.157.241 | 200 OK | 104 kB |
URL GET HTTP/1.1sklep.infor.pl/okladki/37/94/26/379426mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Size104 kB (103538 bytes) Hashcb9871ddece6a0fe176de3ef47444441 35bf5e8084dcca124a39247ce69c1d7fcb58761d 6bcfb29ccc76a07157c47d06dd19eefa46c3579b2e27a8678fe8a8d1c5c78dc8
GET /okladki/37/94/26/379426mega.png HTTP/1.1
Host: sklep.infor.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Mon, 13 Nov 2023 11:28:17 GMT
accept-ranges: bytes
etag: "f221a17f2416da1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:15 GMT
content-length: 103538
x-server: plap3
|
|
| 193.164.157.241/okladki/37/95/16/379516mega.png | 193.164.157.241 | 200 OK | 184 kB |
URL GET HTTP/1.1193.164.157.241/okladki/37/95/16/379516mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Size184 kB (183826 bytes) Hash83c6f1eea6ec3ac1b2858863b83ed4aa 64cb8e5ae7cb2dc09938406e0b89f5bf5ed6f7b5 2dc874706446026de6a6aced3768080a20b3f304f89465507c836ffe19993331
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /okladki/37/95/16/379516mega.png HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Fri, 08 Dec 2023 07:41:06 GMT
accept-ranges: bytes
etag: "224e35e7a929da1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 183826
x-server: plap2
|
|
| 193.164.157.241/pliki/kodeks_pracy-terminarz_400x400.png | 193.164.157.241 | 200 OK | 176 kB |
URL GET HTTP/1.1193.164.157.241/pliki/kodeks_pracy-terminarz_400x400.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced Size176 kB (175977 bytes) Hash133e462e58404f3737dae6c8e12f393e 5e4e79bc1f281ac89b0e40ddd9d19834f07d82b6 97fd06680695b8d23273ce650079118d6095088146fef4e6f495c12fda9cc033
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pliki/kodeks_pracy-terminarz_400x400.png HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=86400, must-revalidate
content-type: image/png
last-modified: Tue, 19 Dec 2023 07:46:00 GMT
accept-ranges: bytes
etag: "06ca0684f32da1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 175977
x-server: plap2
|
|
| sklep.infor.pl/okladki/37/93/53/379353mega.png | 193.164.157.241 | 200 OK | 83 kB |
URL GET HTTP/1.1sklep.infor.pl/okladki/37/93/53/379353mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Hash38532d055f1040d2623b3bb21fe8a9e1 b356290c3eea0b3d933b7a98fc9d04b3b3bef05e 96a7574c344f0c4d6f7efa092c1d213ad4e527bdb239408379a753f039a08449
GET /okladki/37/93/53/379353mega.png HTTP/1.1
Host: sklep.infor.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Tue, 02 Apr 2024 05:59:46 GMT
accept-ranges: bytes
etag: "927618f7c284da1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 82919
x-server: plap2
|
|
| 193.164.157.241/okladki/37/96/69/379669mega.png | 193.164.157.241 | 200 OK | 96 kB |
URL GET HTTP/1.1193.164.157.241/okladki/37/96/69/379669mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Hasha21188efd5f8e35c7eea0f22f0382af6 05b7dafe0878c72dab8223e234b2bf03b5f461da 0b4245a0fe3447a8eaa4c232cf24a08825b86063ec7b4d4d323dfa317ed833ee
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /okladki/37/96/69/379669mega.png HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Fri, 16 Feb 2024 11:29:24 GMT
accept-ranges: bytes
etag: "3ccb6d64cb60da1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:15 GMT
content-length: 96196
x-server: plap3
|
|
| 193.164.157.241/okladki/37/96/53/379653mega.png | 193.164.157.241 | 200 OK | 175 kB |
URL GET HTTP/1.1193.164.157.241/okladki/37/96/53/379653mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Size175 kB (175416 bytes) Hash8f113a54dd3b6b50d903eb87027ed299 2eb1e4bf352481368bde9856bd6517781fb078ba cffd748e60e3c2dae90d1affb1f98406cf492cedece00ecd2a76a81e30e515c3
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /okladki/37/96/53/379653mega.png HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Thu, 08 Feb 2024 15:00:06 GMT
accept-ranges: bytes
etag: "d6fcb7809f5ada1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 175416
x-server: plap2
|
|
| 193.164.157.241/okladki/37/96/81/379681mega.png | 193.164.157.241 | 200 OK | 157 kB |
URL GET HTTP/1.1193.164.157.241/okladki/37/96/81/379681mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Size157 kB (157206 bytes) Hash840968aa5f12d1f101380eb54db77470 c1573754a11bbc30d7ea1f7888c9922b3fbf0f35 9050c72e115e874e2242cfb7a200228270d8160f601822e542a8473f56d572f4
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /okladki/37/96/81/379681mega.png HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Thu, 29 Feb 2024 12:07:07 GMT
accept-ranges: bytes
etag: "7efcbad076bda1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:15 GMT
content-length: 157206
x-server: plap3
|
|
| p.typekit.net/p.css?s=1&k=hfh4jbg&ht=tk&f=137.138.139.140.169.170.171.172.173.174.175.176.5474.5475.25136.25137&a=87668214&app=typekit&e=css | 23.36.76.184 | 200 OK | 5 B |
URL GET HTTP/2p.typekit.net/p.css?s=1&k=hfh4jbg&ht=tk&f=137.138.139.140.169.170.171.172.173.174.175.176.5474.5475.25136.25137&a=87668214&app=typekit&e=css IP23.36.76.184:443 ASN#20940 Akamai International B.V.
CertificateIssuerDigiCert Inc Subjectuse.typekit.net Fingerprint15:AD:3F:8A:55:B7:BC:20:D8:70:5B:06:E0:D2:92:7C:BE:C6:E0:56 ValidityThu, 01 Feb 2024 00:00:00 GMT - Mon, 03 Mar 2025 23:59:59 GMT
Hash83d24d4b43cc7eef2b61e66c95f3d158 f0cafc285ee23bb6c28c5166f305493c4331c84d 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
GET /p.css?s=1&k=hfh4jbg&ht=tk&f=137.138.139.140.169.170.171.172.173.174.175.176.5474.5475.25136.25137&a=87668214&app=typekit&e=css HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: text/css
content-length: 5
last-modified: Tue, 07 Mar 2023 19:56:00 GMT
etag: "640796d0-5"
cache-control: public, max-age=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
date: Wed, 24 Apr 2024 03:18:17 GMT
X-Firefox-Spdy: h2
|
|
| 193.164.157.241/okladki/37/96/52/379652mega.png | 193.164.157.241 | 200 OK | 126 kB |
URL GET HTTP/1.1193.164.157.241/okladki/37/96/52/379652mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Size126 kB (125933 bytes) Hash796fe6025cdd462ad10666c4cb25b97c a99acfb53a0667cc62173ff1cd51e061eb787ae9 e927415fc1d1a31e38f2357732dc3a793252ef52f011728dfd8004ea13ae8d0c
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /okladki/37/96/52/379652mega.png HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Thu, 08 Feb 2024 14:45:01 GMT
accept-ranges: bytes
etag: "a63d4c659d5ada1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 125933
x-server: plap3
|
|
| 193.164.157.241/okladki/37/97/22/379722mega.png | 193.164.157.241 | 200 OK | 99 kB |
URL GET HTTP/1.1193.164.157.241/okladki/37/97/22/379722mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Hash7668f9be20d953a2362b56d804c6d92d 7122813e2113fb18f86ef200777ed186583246fe d9338359ac528895b1f99d65b2bfddb0e7f0055be0466669e25069189fd2a5c2
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /okladki/37/97/22/379722mega.png HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Mon, 25 Mar 2024 11:15:19 GMT
accept-ranges: bytes
etag: "e25f78b8a57eda1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 99144
x-server: plap3
|
|
| 193.164.157.241/okladki/37/95/90/379590mega.png | 193.164.157.241 | 200 OK | 95 kB |
URL GET HTTP/1.1193.164.157.241/okladki/37/95/90/379590mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Hashc1669b6acd954d073c81fae2e025b931 d529c8d7dcc557f6f3ec4e76da4d91a5837ba58e 9c1150c7fb6a52854d5cc846e2b8135af111f748b9850e69a3fbdd2d2ecb57ae
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /okladki/37/95/90/379590mega.png HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Fri, 12 Jan 2024 09:05:14 GMT
accept-ranges: bytes
etag: "de936c743645da1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 95190
x-server: plap2
|
|
| 193.164.157.241/okladki/37/96/58/379658mega.png | 193.164.157.241 | 200 OK | 180 kB |
URL GET HTTP/1.1193.164.157.241/okladki/37/96/58/379658mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Size180 kB (179984 bytes) Hash174cfaa0e7d49d713b63e52ff6ff1fe7 8b650b07194d1f1531440d3a05cf2e496c676300 d9bef4e9b71a6e91bf611f72b819f8bdc46f4d759e72615a179002739de30afa
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /okladki/37/96/58/379658mega.png HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Fri, 09 Feb 2024 13:15:14 GMT
accept-ranges: bytes
etag: "96fe7545a5bda1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 179984
x-server: plap3
|
|
| 193.164.157.241/okladki/37/94/20/379420mega.png | 193.164.157.241 | 200 OK | 104 kB |
URL GET HTTP/1.1193.164.157.241/okladki/37/94/20/379420mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Size104 kB (103506 bytes) Hashbc73b95bc7180599c1d4a2bb336f77cc 9f88fe6a9fa779c73ef5fe1f602c8d8c5fd3460a 7b77883b6a33a772a2ff7571bd15f14cdcc07144b9143f046018e2414afd9c81
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /okladki/37/94/20/379420mega.png HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Mon, 11 Dec 2023 08:10:10 GMT
accept-ranges: bytes
etag: "38eaba7592cda1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 103506
x-server: plap2
|
|
| sklep.infor.pl/okladki/37/93/72/379372mega.png | 193.164.157.241 | 200 OK | 89 kB |
URL GET HTTP/1.1sklep.infor.pl/okladki/37/93/72/379372mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Hash54c7bcef276d99653a2dbf8f245d38a9 f4ea0b24b10ca6112808beec08e254889c172ab5 223342e0baa20e38bca9a3bc736afbbd807f7d097df179bd9dd895211a6151b0
GET /okladki/37/93/72/379372mega.png HTTP/1.1
Host: sklep.infor.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Wed, 04 Oct 2023 06:42:10 GMT
accept-ranges: bytes
etag: "746b7e68df6d91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 89090
x-server: plap2
|
|
| 193.164.157.241/okladki/37/93/95/379395mega.png | 193.164.157.241 | 200 OK | 166 kB |
URL GET HTTP/1.1193.164.157.241/okladki/37/93/95/379395mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Size166 kB (165925 bytes) Hash54f657f749b7c494c186046778b08521 307fed12c8adba977c38aa01be2b9c622d484cbf c65cb3249c99abfc7b66c58b2f7daf79911db18af5664aa6cfe1a1c600adba89
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /okladki/37/93/95/379395mega.png HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Mon, 16 Oct 2023 09:02:10 GMT
accept-ranges: bytes
etag: "12f9072f0da1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 165925
x-server: plap3
|
|
| 193.164.157.241/okladki/37/93/93/379393mega.png | 193.164.157.241 | 200 OK | 171 kB |
URL GET HTTP/1.1193.164.157.241/okladki/37/93/93/379393mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Size171 kB (171204 bytes) Hasha3416a6f0a94c149feae6a1b76e8b9a6 c5091d94eeda2c8e8d043711db51296d6aef1ef1 24f801cf8fe576c4c073acc40971339698c72cc28aa2448d1e6f044eabdb21e4
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /okladki/37/93/93/379393mega.png HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Mon, 16 Oct 2023 08:22:00 GMT
accept-ranges: bytes
etag: "b6fa24d690da1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 171204
x-server: plap2
|
|
| sklep.infor.pl/okladki/37/96/09/379609mega.png | 193.164.157.241 | 200 OK | 85 kB |
URL GET HTTP/1.1sklep.infor.pl/okladki/37/96/09/379609mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Hash234d89b8c3cc85d1cc8ff5b4fa819ffe 73cc67831c8aaf8f9832b3129b7f0390db97f407 7943f0a7ee8386a6710cea4e3052bdd2c6f7e9e013460f7baba407e61e81dd1c
GET /okladki/37/96/09/379609mega.png HTTP/1.1
Host: sklep.infor.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Thu, 28 Mar 2024 11:21:39 GMT
accept-ranges: bytes
etag: "e292431a281da1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 84845
x-server: plap2
|
|
| sklep.infor.pl/okladki/37/94/40/379440mega.png | 193.164.157.241 | 200 OK | 86 kB |
URL GET HTTP/1.1sklep.infor.pl/okladki/37/94/40/379440mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Hash5a3cac41a3bf7a872566d298bb9081c8 f3839b5166ad8c892de8eec0fe7fca1e5cebdbcf 20c03f03818345ff5c0b8a507c0baafa9f4ac4b67cb6cb46884a4f8341e63373
GET /okladki/37/94/40/379440mega.png HTTP/1.1
Host: sklep.infor.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Tue, 12 Dec 2023 07:14:09 GMT
accept-ranges: bytes
etag: "3e36d2ccca2cda1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 85738
x-server: plap3
|
|
| sklep.infor.pl/okladki/37/55/01/375501mega.png | 193.164.157.241 | 200 OK | 171 kB |
URL GET HTTP/1.1sklep.infor.pl/okladki/37/55/01/375501mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Size171 kB (170917 bytes) Hashf9cb02ba19f66a8c0355e203b63ddff2 b6960abf48a36ed8c6da02d47ebfb8112323f53c f371b6607939d6bc13f5ccf826b3e58af2d52a69b93db421c56a5a2f9b86014b
GET /okladki/37/55/01/375501mega.png HTTP/1.1
Host: sklep.infor.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Tue, 10 Jan 2023 08:15:32 GMT
accept-ranges: bytes
etag: "5aef3fb5cb24d91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 170917
x-server: plap2
|
|
| sklep.infor.pl/okladki/37/96/10/379610mega.png | 193.164.157.241 | 200 OK | 101 kB |
URL GET HTTP/1.1sklep.infor.pl/okladki/37/96/10/379610mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Size101 kB (100551 bytes) Hash36459b3b5d832e42bb989e508aa0def3 cffcef1bf7630d6d047334df1c87475b8c71ed00 e97299694146891f21a70b215a2836434f85c5760de3ff5a8aa383cb1cc7e2a3
GET /okladki/37/96/10/379610mega.png HTTP/1.1
Host: sklep.infor.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Wed, 17 Jan 2024 11:19:10 GMT
accept-ranges: bytes
etag: "469f47fe3649da1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 100551
x-server: plap3
|
|
| sklep.infor.pl/okladki/33/65/63/336563mega.png | 193.164.157.241 | 200 OK | 140 kB |
URL GET HTTP/1.1sklep.infor.pl/okladki/33/65/63/336563mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Size140 kB (140150 bytes) Hasha66ec4311681f2b98b192733a772c7e6 4691164d7a5d83b19eb2c7d0ea96c9dfede1cb6c 2bedf059185a475cd9f4033cf0e00207a61de721ce83be7760ad5638ce9c1069
GET /okladki/33/65/63/336563mega.png HTTP/1.1
Host: sklep.infor.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Thu, 01 Feb 2024 09:54:08 GMT
accept-ranges: bytes
etag: "54ec5599f454da1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 140150
x-server: plap2
|
|
| 193.164.157.241/okladki/37/96/49/379649mega.png | 193.164.157.241 | 200 OK | 117 kB |
URL GET HTTP/1.1193.164.157.241/okladki/37/96/49/379649mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Size117 kB (116607 bytes) Hash34897036e134a23320e63c68500f5c03 b5ac01e4c2024a3149a040033512a1e884ead501 f91f8c671a8fb3c5f9cba2565f526e888d8fe5df7263e4aa9275cf072778258e
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /okladki/37/96/49/379649mega.png HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Tue, 06 Feb 2024 14:15:07 GMT
accept-ranges: bytes
etag: "ccfef2e2659da1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 116607
x-server: plap3
|
|
| 193.164.157.241/okladki/12/09/97/120997mega.png | 193.164.157.241 | 200 OK | 116 kB |
URL GET HTTP/1.1193.164.157.241/okladki/12/09/97/120997mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Size116 kB (115839 bytes) Hash6c7eabbc4f4c814f41a30d8f3692d26a 839bc1b6de8bb6f3940ebd08047a19a510472ea8 43429833152a59fd83e55adbc77b9c2cfdc058273342fa1c4c3c627a3a3dbde3
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /okladki/12/09/97/120997mega.png HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Tue, 23 Apr 2024 09:56:04 GMT
accept-ranges: bytes
etag: "7ab0b2746495da1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 115839
x-server: plap2
|
|
| 193.164.157.241/okladki/37/96/65/379665mega.png | 193.164.157.241 | 200 OK | 175 kB |
URL GET HTTP/1.1193.164.157.241/okladki/37/96/65/379665mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Size175 kB (175365 bytes) Hash8d5137fdf766a5c41d9fa6a0ffc0f0db 6dbed4baf8fa8e742dbec2ebbc2842038b004568 e7c1c871bd5a05e40cc476439a1f2982b520568bbfebc1c213d4d60423ff0b34
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /okladki/37/96/65/379665mega.png HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Thu, 15 Feb 2024 13:42:49 GMT
accept-ranges: bytes
etag: "187ba2dd1460da1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 175365
x-server: plap2
|
|
| sklep.infor.pl/okladki/37/97/04/379704mega.png | 193.164.157.241 | 200 OK | 128 kB |
URL GET HTTP/1.1sklep.infor.pl/okladki/37/97/04/379704mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Size128 kB (128539 bytes) Hash85db9b3f27e85a91094e95035a378482 04f98da660d08392c9e7de9f020828522cc8a938 8c9e232959932d00e26185e5f2ff127d90ca12ef4402e930a1284388415eefdc
GET /okladki/37/97/04/379704mega.png HTTP/1.1
Host: sklep.infor.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Tue, 12 Mar 2024 13:50:56 GMT
accept-ranges: bytes
etag: "b2c9794e8474da1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 128539
x-server: plap3
|
|
| 193.164.157.241/okladki/37/93/94/379394mega.png | 193.164.157.241 | 200 OK | 156 kB |
URL GET HTTP/1.1193.164.157.241/okladki/37/93/94/379394mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Size156 kB (156483 bytes) Hash691065d10c7313234b44054e41b2ee72 b41e497bf284fd6d6d660048ce700b1d0de92008 e1e3a93a718ef458fc1639ebbc5a98fbb00b17b5ed592821539db5a4713967ec
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /okladki/37/93/94/379394mega.png HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Mon, 16 Oct 2023 08:27:26 GMT
accept-ranges: bytes
etag: "6822198a0da1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 156483
x-server: plap3
|
|
| 193.164.157.241/okladki/37/96/99/379699mega.png | 193.164.157.241 | 200 OK | 114 kB |
URL GET HTTP/1.1193.164.157.241/okladki/37/96/99/379699mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Size114 kB (113795 bytes) Hashb81a6ef8cb43d73a842282777c60a766 6ed8ee76c3d2edf050f3a134eebab9c8516524c4 b9a4b536af8bf2b7c1c10e3b3117d6253305be9b054e3bbb384b1e66e080b646
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /okladki/37/96/99/379699mega.png HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Fri, 08 Mar 2024 08:37:51 GMT
accept-ranges: bytes
etag: "2e588de83371da1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 113795
x-server: plap2
|
|
| sklep.infor.pl/okladki/30/78/40/307840mega.png | 193.164.157.241 | 200 OK | 100 kB |
URL GET HTTP/1.1sklep.infor.pl/okladki/30/78/40/307840mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Size100 kB (100088 bytes) Hash97d337b18d9bdff5626cf71164c7aea0 21e9c4abb7856f3480b8bbcf0f41387a2796cb31 7c15c5696b7d1407116e9d5a7c15414a19bd93206e157530182d75c5c7690a28
GET /okladki/30/78/40/307840mega.png HTTP/1.1
Host: sklep.infor.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Mon, 08 Apr 2024 07:28:36 GMT
accept-ranges: bytes
etag: "e6b3755e8689da1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 100088
x-server: plap3
|
|
| 193.164.157.241/assets/images/footerFb.png | 193.164.157.241 | 200 OK | 325 B |
URL GET HTTP/1.1193.164.157.241/assets/images/footerFb.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced Hash734446783db3ac6615c909316e798d87 e4261cd5e755bb2d80ffd1395c38915b495573c7 d65c1ca93aba6ffa7af1c0b2e3cd91f90cdc79f6000b95c2e6e0653bf0a5fc22
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/images/footerFb.png HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
content-type: image/png
last-modified: Thu, 01 Jun 2023 08:42:07 GMT
accept-ranges: bytes
etag: "ecb3b1f26494d91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 325
x-server: plap3
|
|
| 193.164.157.241/assets/images/instagram_icon.png | 193.164.157.241 | 200 OK | 1.6 kB |
URL GET HTTP/1.1193.164.157.241/assets/images/instagram_icon.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced Hash77464a1bb3cfa2708cfbb462bd4ba79d 325c35863a9d38fdc5f41fe468f714da1d95b072 c2e429394bb8db5b40ed67a7a358956285ee30b805d42ed0a60707e845811e58
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/images/instagram_icon.png HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
content-type: image/png
last-modified: Wed, 19 Jul 2023 09:07:05 GMT
accept-ranges: bytes
etag: "a3a8bc6320bad91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 1588
x-server: plap2
|
|
| 193.164.157.241/assets/images/footerIn.png | 193.164.157.241 | 200 OK | 413 B |
URL GET HTTP/1.1193.164.157.241/assets/images/footerIn.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced Hash684277d56a224bb6aa957d9ec63e82e3 bf11ebd57ee474c91e24dab172ef12bf1fe80e0c bccc9ada3aec5dc2b856a394439847d6ff53cdf5ee8c3d46e8f07a937c34dd54
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/images/footerIn.png HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
content-type: image/png
last-modified: Thu, 01 Jun 2023 08:42:07 GMT
accept-ranges: bytes
etag: "ecb3b1f26494d91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 413
x-server: plap3
|
|
| 193.164.157.241/assets/images/footerTw.png | 193.164.157.241 | 200 OK | 538 B |
URL GET HTTP/1.1193.164.157.241/assets/images/footerTw.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced Hash212d4d27aa327c3abcc00c045819f9f1 aafe70b88c94c44277dd30d505bb110903ff00cf f1398cdf44ffe82b7b699e91c0d3379defa5de7a81570c2df6070a5191a8b50f
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/images/footerTw.png HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
content-type: image/png
last-modified: Mon, 09 Oct 2023 10:29:09 GMT
accept-ranges: bytes
etag: "35bd10709bfad91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 538
x-server: plap2
|
|
| sklep.infor.pl/okladki/37/95/90/379590mega.png | 193.164.157.241 | 200 OK | 95 kB |
URL GET HTTP/1.1sklep.infor.pl/okladki/37/95/90/379590mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Hashc1669b6acd954d073c81fae2e025b931 d529c8d7dcc557f6f3ec4e76da4d91a5837ba58e 9c1150c7fb6a52854d5cc846e2b8135af111f748b9850e69a3fbdd2d2ecb57ae
GET /okladki/37/95/90/379590mega.png HTTP/1.1
Host: sklep.infor.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Fri, 12 Jan 2024 09:05:14 GMT
accept-ranges: bytes
etag: "de936c743645da1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 95190
x-server: plap3
|
|
| sklep.infor.pl/okladki/37/96/38/379638mega.png | 193.164.157.241 | 200 OK | 266 kB |
URL GET HTTP/1.1sklep.infor.pl/okladki/37/96/38/379638mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Size266 kB (265473 bytes) Hashfff9b83a4215b87e7c040f3edbfeb329 4582401a8d96ed2fcf3aaebe620085de7a49c1ce f249ba46d83e30e09d4431df80fc4b32bae8495ac65d9e1256254672bb15c460
GET /okladki/37/96/38/379638mega.png HTTP/1.1
Host: sklep.infor.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Wed, 31 Jan 2024 23:12:01 GMT
accept-ranges: bytes
etag: "821274e59a54da1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 265473
x-server: plap2
|
|
| 193.164.157.241/assets/images/footerYt.png | 193.164.157.241 | 200 OK | 407 B |
URL GET HTTP/1.1193.164.157.241/assets/images/footerYt.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced Hashe77261785f2dd424a9a8f72e62f448ce 561bffabbe35deeed6db4a70a5df718186d738cc 40aaacc850f1ed435a7acd62d23b3befa0e05ebd7ed66e8fd573ba7680bb33f9
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /assets/images/footerYt.png HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
content-type: image/png
last-modified: Thu, 01 Jun 2023 08:42:07 GMT
accept-ranges: bytes
etag: "8ae1b1f26494d91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 407
x-server: plap3
|
|
| 193.164.157.241/okladki/37/96/92/379692mega.png | 193.164.157.241 | 200 OK | 97 kB |
URL GET HTTP/1.1193.164.157.241/okladki/37/96/92/379692mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Hash605f9ebc03c35d470f051b6dbba30afb 275d533ccd9f16850c0189ab3b9afcc21ff6f9cb c7535f960c36ba060132acc9ec191da4c8a8b83bfdd74a3bf1fd374db44a22e8
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /okladki/37/96/92/379692mega.png HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Thu, 07 Mar 2024 09:12:29 GMT
accept-ranges: bytes
etag: "c2a727946f70da1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 97122
x-server: plap2
|
|
| sklep.infor.pl/okladki/37/95/00/379500mega.png | 193.164.157.241 | 200 OK | 201 kB |
URL GET HTTP/1.1sklep.infor.pl/okladki/37/95/00/379500mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Size201 kB (201208 bytes) Hash9780dedded91f2c95a282f0ce595b8f1 4794e91db6d79a1d0928970848b941eba7e7455f fddfa116b15f593eb20156986c952d80bbb3f2cab5519ba247db0e693e224a87
GET /okladki/37/95/00/379500mega.png HTTP/1.1
Host: sklep.infor.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Wed, 03 Jan 2024 07:11:01 GMT
accept-ranges: bytes
etag: "c26bf21143eda1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 201208
x-server: plap2
|
|
| 193.164.157.241/okladki/37/96/11/379611mega.png | 193.164.157.241 | 200 OK | 94 kB |
URL GET HTTP/1.1193.164.157.241/okladki/37/96/11/379611mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Hashcfda701b49e3a6121019df0cb5941e6d c04f2a79fe1d81c3ff41cde61e4e514ef8ab83ce 783db83b6ccfd23e666d33513aa1e268675e8493acdca74f9bc5ddb7e1835786
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /okladki/37/96/11/379611mega.png HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Wed, 17 Jan 2024 11:33:56 GMT
accept-ranges: bytes
etag: "58d54ce3949da1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 93732
x-server: plap3
|
|
| 193.164.157.241/okladki/37/55/01/375501mega.png | 193.164.157.241 | 200 OK | 171 kB |
URL GET HTTP/1.1193.164.157.241/okladki/37/55/01/375501mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Size171 kB (170917 bytes) Hashf9cb02ba19f66a8c0355e203b63ddff2 b6960abf48a36ed8c6da02d47ebfb8112323f53c f371b6607939d6bc13f5ccf826b3e58af2d52a69b93db421c56a5a2f9b86014b
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /okladki/37/55/01/375501mega.png HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Tue, 10 Jan 2023 08:15:32 GMT
accept-ranges: bytes
etag: "5aef3fb5cb24d91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 170917
x-server: plap2
|
|
| 193.164.157.241/okladki/37/93/98/379398mega.png | 193.164.157.241 | 200 OK | 135 kB |
URL GET HTTP/1.1193.164.157.241/okladki/37/93/98/379398mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Size135 kB (134791 bytes) Hash49e09909e35d8206171b20c46b8c24c8 32ddff709a9981305f75f89623e20e77a89739fa 9b156d2f2454eb4c3854069e72095ce92e1dd92ab6717429d47c42e415c2c08f
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /okladki/37/93/98/379398mega.png HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Thu, 19 Oct 2023 13:35:41 GMT
accept-ranges: bytes
etag: "56db2827912da1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 134791
x-server: plap2
|
|
| consensu.infor.pl/icmp-main-2.0.bundle.js | 194.242.11.186 | 200 OK | 151 kB |
URL GET HTTP/2consensu.infor.pl/icmp-main-2.0.bundle.js IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
CertificateIssuerUnizeto Technologies S.A. Subject*.infor.pl FingerprintAE:0C:B8:6A:AE:56:9E:20:4E:1F:72:E9:3A:3F:30:61:F2:A3:82:65 ValidityMon, 06 Nov 2023 09:15:39 GMT - Tue, 05 Nov 2024 09:15:38 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (53711), with NEL line terminators Size151 kB (150800 bytes) Hash1d6de6d1ab5abc9b8b6f588b3f20d64b da296b1702403fd61d799836c7ef9cb79d0abd84 82df43c70dac10628faefb1ca25d52a2ba5693489d8c9cd40639ac4e1413f8dd
GET /icmp-main-2.0.bundle.js HTTP/1.1
Host: consensu.infor.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 03:18:17 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 2112200
cdn-uid: ec64d759-7b8b-45ca-9e27-9aee2410fd8b
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=3600
etag: W/"662771f5-23cc9"
expires: Tue, 23 Apr 2024 10:02:43 GMT
last-modified: Tue, 23 Apr 2024 08:31:49 GMT
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/23/2024 09:02:43
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 4a6c939698fe3ba8dfa2685de48be66b
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
|
|
| sklep.infor.pl/okladki/37/94/94/379494mega.png | 193.164.157.241 | 200 OK | 194 kB |
URL GET HTTP/1.1sklep.infor.pl/okladki/37/94/94/379494mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Size194 kB (193912 bytes) Hasha9c037a68654d49c83771ec189ada13d db1755546560e50f2445847f1416f2c1153d0c8c c41bfbfe73236bc977a686b31c835433d052f263a078c5cd7453158a1d650652
GET /okladki/37/94/94/379494mega.png HTTP/1.1
Host: sklep.infor.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Wed, 29 Nov 2023 15:53:50 GMT
accept-ranges: bytes
etag: "6a99a63edc22da1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 193912
x-server: plap2
|
|
| sklep.infor.pl/okladki/37/96/58/379658mega.png | 193.164.157.241 | 200 OK | 180 kB |
URL GET HTTP/1.1sklep.infor.pl/okladki/37/96/58/379658mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Size180 kB (179984 bytes) Hash174cfaa0e7d49d713b63e52ff6ff1fe7 8b650b07194d1f1531440d3a05cf2e496c676300 d9bef4e9b71a6e91bf611f72b819f8bdc46f4d759e72615a179002739de30afa
GET /okladki/37/96/58/379658mega.png HTTP/1.1
Host: sklep.infor.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Fri, 09 Feb 2024 13:15:14 GMT
accept-ranges: bytes
etag: "96fe7545a5bda1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 179984
x-server: plap3
|
|
| sklep.infor.pl/okladki/37/96/70/379670mega.png | 193.164.157.241 | 200 OK | 146 kB |
URL GET HTTP/1.1sklep.infor.pl/okladki/37/96/70/379670mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGB, non-interlaced Size146 kB (146510 bytes) Hash7d556841cb9d757533955c5832ac7054 8e99273e3fe299a23464d06da63490a1122d3b2f a4475e1ad81e9deaef3c9ec6ebe09f546c2effbdad8a4311bc49dc662a142ec6
GET /okladki/37/96/70/379670mega.png HTTP/1.1
Host: sklep.infor.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Fri, 16 Feb 2024 14:18:42 GMT
accept-ranges: bytes
etag: "66b36abe360da1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 146510
x-server: plap3
|
|
| 193.164.157.241/okladki/37/93/92/379392mega.png | 193.164.157.241 | 200 OK | 150 kB |
URL GET HTTP/1.1193.164.157.241/okladki/37/93/92/379392mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Size150 kB (149663 bytes) Hashbb240e058c3444d84c68263c914cd60a ace2fbd25676055a1c5e67f1c20bf3dc97206163 9d1a6748e1234af801ef60894e2b37470c64fc859f5389ac85639a652eeb79fd
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /okladki/37/93/92/379392mega.png HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Mon, 16 Oct 2023 08:17:00 GMT
accept-ranges: bytes
etag: "664602390da1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 149663
x-server: plap3
|
|
| 193.164.157.241/okladki/37/97/52/379752mega.png | 193.164.157.241 | 200 OK | 121 kB |
URL GET HTTP/1.1193.164.157.241/okladki/37/97/52/379752mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGB, non-interlaced Size121 kB (121262 bytes) Hash67b8789c0203d775e5a59c14fca2527b a0ee7b2793ea1a63009d42812a6446f7ae0d2e25 4d5f8633590c2e50e50ded7c17b9e8f42fa4f9f3e1a13bcdc9b691d2646526d4
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /okladki/37/97/52/379752mega.png HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Tue, 09 Apr 2024 14:31:11 GMT
accept-ranges: bytes
etag: "9a958e918a8ada1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 121262
x-server: plap2
|
|
| sklep.infor.pl/okladki/37/95/19/379519mega.png | 193.164.157.241 | 200 OK | 116 kB |
URL GET HTTP/1.1sklep.infor.pl/okladki/37/95/19/379519mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Size116 kB (116176 bytes) Hash7f4f75c603f6afe13b571b55272a1b17 d8f94ea929379cb25e8085f324a43afee8b74fe9 3888a0f9640bfd299510b88103c37bac4db06958951cac15c37756ccdf11f6e0
GET /okladki/37/95/19/379519mega.png HTTP/1.1
Host: sklep.infor.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Tue, 12 Dec 2023 13:52:56 GMT
accept-ranges: bytes
etag: "1ea7c08222dda1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 116176
x-server: plap2
|
|
| sklep.infor.pl/okladki/06/72/06/67206mega.png | 193.164.157.241 | 200 OK | 44 kB |
URL GET HTTP/1.1sklep.infor.pl/okladki/06/72/06/67206mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Hash151611a9033ee1ab0f6f179de9672cd9 c8dfe9bc3b88ee414543e753a9dd6af792756372 29cb034e7f1963351a220b017b039b740f9cd1446564ff53376900dc2742ccc5
GET /okladki/06/72/06/67206mega.png HTTP/1.1
Host: sklep.infor.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Mon, 08 Apr 2024 06:28:16 GMT
accept-ranges: bytes
etag: "305b87f07d89da1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 43614
x-server: plap3
|
|
| sklep.infor.pl/okladki/37/96/17/379617mega.png | 193.164.157.241 | 200 OK | 122 kB |
URL GET HTTP/1.1sklep.infor.pl/okladki/37/96/17/379617mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Size122 kB (121658 bytes) Hash5247389b3fd9ab1e4a34d87f92d9ce7e 783d35997faf085006227b82363f945ecc93b11d 8d787c4bbcd5d8a27f1b5ae325a55912ca60bfdd16c37bc46fe933e1677dbe51
GET /okladki/37/96/17/379617mega.png HTTP/1.1
Host: sklep.infor.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Thu, 18 Jan 2024 13:04:42 GMT
accept-ranges: bytes
etag: "4cb1bee6e4ada1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 121658
x-server: plap3
|
|
| 193.164.157.241/okladki/37/97/02/379702mega.png | 193.164.157.241 | 200 OK | 191 kB |
URL GET HTTP/1.1193.164.157.241/okladki/37/97/02/379702mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Size191 kB (191286 bytes) Hashdb7577cca95cb070c4c821678bd47a90 4caedbddf88070b84d5339053644e020b01a6f68 63f51ace504593662b2c172f8485677d6fe98c94f40f78af510e5dd710e2ecc4
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /okladki/37/97/02/379702mega.png HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Tue, 12 Mar 2024 09:49:46 GMT
accept-ranges: bytes
etag: "7620969d6274da1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:17 GMT
content-length: 191286
x-server: plap2
|
|
| 193.164.157.241/okladki/37/97/53/379753mega.png | 193.164.157.241 | 200 OK | 148 kB |
URL GET HTTP/1.1193.164.157.241/okladki/37/97/53/379753mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGB, non-interlaced Size148 kB (147636 bytes) Hash2c2a92da75851624c56bfeb14c44020e ec0d75267893b7c1f248c94332417dc78d5e058c 24d22d4bebd5521e25fd224d2a4854bdc2e477015b5e66297dc646e2bd39076e
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /okladki/37/97/53/379753mega.png HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Thu, 11 Apr 2024 10:47:43 GMT
accept-ranges: bytes
etag: "ca68dbaefd8bda1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:17 GMT
content-length: 147636
x-server: plap2
|
|
| 193.164.157.241/okladki/33/64/03/336403mega.png | 193.164.157.241 | 200 OK | 140 kB |
URL GET HTTP/1.1193.164.157.241/okladki/33/64/03/336403mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Size140 kB (139996 bytes) Hash5452758951c1b925a3b8c14979bbf964 72d53240ebfe8beba87e5292a58ad03809230546 f145e490d9509316eed16c40db288a5f1585310463e85ab52e6594c34c871f37
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /okladki/33/64/03/336403mega.png HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Fri, 27 Oct 2023 06:16:25 GMT
accept-ranges: bytes
etag: "d4983f1d9d8da1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 139996
x-server: plap3
|
|
| 193.164.157.241/okladki/37/16/30/371630mega.png | 193.164.157.241 | 200 OK | 119 kB |
URL GET HTTP/1.1193.164.157.241/okladki/37/16/30/371630mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Size119 kB (118850 bytes) Hashf6fc10acc9db93c75a0d0c3c19902b6a 1b77668a187412ac1af288f5e938b3a698147b6a 6eeb7e5f841e332f64f278a107f477e9cf0bbc2af4eb75eaeac3e1b8cd691dde
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /okladki/37/16/30/371630mega.png HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Tue, 09 Apr 2024 06:15:25 GMT
accept-ranges: bytes
etag: "742ef84f458ada1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:17 GMT
content-length: 118850
x-server: plap2
|
|
| sklep.infor.pl/okladki/37/92/63/379263mega.png | 193.164.157.241 | 200 OK | 90 kB |
URL GET HTTP/1.1sklep.infor.pl/okladki/37/92/63/379263mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Hashff31e2df18851710f7b2620eb70408c8 e933b0b69348377d2c039846a096467a8e2d494a c5d2ac59a40e98c3b75fe0dea6fc72d0d4986161db9c33467bd7de01d0ad2a0b
GET /okladki/37/92/63/379263mega.png HTTP/1.1
Host: sklep.infor.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Fri, 11 Aug 2023 08:37:56 GMT
accept-ranges: bytes
etag: "ae4371202fccd91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 90481
x-server: plap3
|
|
| sklep.infor.pl/okladki/37/95/83/379583mega.png | 193.164.157.241 | 200 OK | 77 kB |
URL GET HTTP/1.1sklep.infor.pl/okladki/37/95/83/379583mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Hash9ea35604f365ceb1d7df865995d16627 5d793eb4525f6e22daba05d3603354311ce852f4 1539fae149ae84402a31d279669a9d7face167d4647185121bfccc1efe88a88d
GET /okladki/37/95/83/379583mega.png HTTP/1.1
Host: sklep.infor.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Thu, 11 Jan 2024 07:39:21 GMT
accept-ranges: bytes
etag: "f4ec74a6144da1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 77125
x-server: plap3
|
|
| sklep.infor.pl/okladki/37/95/84/379584mega.png | 193.164.157.241 | 200 OK | 84 kB |
URL GET HTTP/1.1sklep.infor.pl/okladki/37/95/84/379584mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Hash59f3b7ba1c930d42bd083edae8a5032b 7491487ac4f6fd70cd41f11861e3cf4abdaf4061 fb844853e63e3a783f9960a1432a9c45ddd7e6d869e2e7c1a18c850463d9fa03
GET /okladki/37/95/84/379584mega.png HTTP/1.1
Host: sklep.infor.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Thu, 11 Jan 2024 07:46:41 GMT
accept-ranges: bytes
etag: "2430dd506244da1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:17 GMT
content-length: 83650
x-server: plap2
|
|
| 193.164.157.241/okladki/37/97/09/379709mega.png | 193.164.157.241 | 200 OK | 142 kB |
URL GET HTTP/1.1193.164.157.241/okladki/37/97/09/379709mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGB, non-interlaced Size142 kB (141549 bytes) Hash0c34a7bc237657907956d8c357cd18b3 e952bfbec2048a36ea1daaaca35e9f7543fbad09 9db24b9a3afd2c2705f36df098eee26f7c778ebc3560cb369212796e2eb7ad34
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /okladki/37/97/09/379709mega.png HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Thu, 14 Mar 2024 11:44:13 GMT
accept-ranges: bytes
etag: "e99f8ef476da1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 141549
x-server: plap3
|
|
| 193.164.157.241/okladki/37/96/88/379688mega.png | 193.164.157.241 | 200 OK | 174 kB |
URL GET HTTP/1.1193.164.157.241/okladki/37/96/88/379688mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Size174 kB (173677 bytes) Hash99e5c9432707c2e56cd0e0a5cee85a26 fff032c9b3fa0784922ae2515b280b99907b4d2e c973442b12fde399bd818aae3b7b3c01a9502ee195b901851297814a6c2f69ac
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /okladki/37/96/88/379688mega.png HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Wed, 06 Mar 2024 13:18:18 GMT
accept-ranges: bytes
etag: "905f9c0c86fda1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 173677
x-server: plap3
|
|
| sklep.infor.pl/okladki/37/95/82/379582mega.png | 193.164.157.241 | 200 OK | 102 kB |
URL GET HTTP/1.1sklep.infor.pl/okladki/37/95/82/379582mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Size102 kB (101755 bytes) Hash5d2ecb40fcb1e84c1e89bea5135629da bb2ebbb1ee4e0328ec879e7ef0018e335d7ce690 a515b59470c2852748b61c741105cf2b9e43336c7a96af61b58092a73b4f50ab
GET /okladki/37/95/82/379582mega.png HTTP/1.1
Host: sklep.infor.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Thu, 11 Jan 2024 07:27:42 GMT
accept-ranges: bytes
etag: "24cc17aa5f44da1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:17 GMT
content-length: 101755
x-server: plap2
|
|
| sklep.infor.pl/okladki/37/94/42/379442mega.png | 193.164.157.241 | 200 OK | 156 kB |
URL GET HTTP/1.1sklep.infor.pl/okladki/37/94/42/379442mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Size156 kB (156027 bytes) Hash25ba42708350f27a507b9c865ecd1358 b43139c691d63c05f2e0c5d4ba08b69f6a792781 4ad06641d53aba8defad2815eafe1119a3864c91707d009a5b3d0b481b740fec
GET /okladki/37/94/42/379442mega.png HTTP/1.1
Host: sklep.infor.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Mon, 20 Nov 2023 07:55:37 GMT
accept-ranges: bytes
etag: "9421c5f2861bda1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:17 GMT
content-length: 156027
x-server: plap2
|
|
| sklep.infor.pl/okladki/33/74/18/337418mega.png | 193.164.157.241 | 200 OK | 140 kB |
URL GET HTTP/1.1sklep.infor.pl/okladki/33/74/18/337418mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Size140 kB (139996 bytes) Hash5452758951c1b925a3b8c14979bbf964 72d53240ebfe8beba87e5292a58ad03809230546 f145e490d9509316eed16c40db288a5f1585310463e85ab52e6594c34c871f37
GET /okladki/33/74/18/337418mega.png HTTP/1.1
Host: sklep.infor.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Fri, 27 Oct 2023 06:15:04 GMT
accept-ranges: bytes
etag: "48ccdcec9c8da1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 139996
x-server: plap3
|
|
| 193.164.157.241/okladki/37/96/37/379637mega.png | 193.164.157.241 | 200 OK | 166 kB |
URL GET HTTP/1.1193.164.157.241/okladki/37/96/37/379637mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Size166 kB (166416 bytes) Hash68e1eb9c669568ebccd200751cc27b0c 634fb9e9852f42f22339b4baa08ab4ad8bc598ab cfb3b28888869c55e47dfc86fa9b1173e4d8fc42964b74ce26bd3f8facf9db91
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /okladki/37/96/37/379637mega.png HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Wed, 31 Jan 2024 22:57:15 GMT
accept-ranges: bytes
etag: "144c79d59854da1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:17 GMT
content-length: 166416
x-server: plap2
|
|
| 193.164.157.241/okladki/37/95/20/379520mega.png | 193.164.157.241 | 200 OK | 128 kB |
URL GET HTTP/1.1193.164.157.241/okladki/37/95/20/379520mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Size128 kB (128006 bytes) Hash3ef49577eda2190574d57155660eb6b1 becf43558777a07f30d9286d3b4529e16b915f82 bde1d2607debf7f529e0af04cd9cea182ffc5aa83ad8179790ce78259cb11e57
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /okladki/37/95/20/379520mega.png HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Mon, 11 Dec 2023 07:39:01 GMT
accept-ranges: bytes
etag: "fcbd211c52cda1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 128006
x-server: plap3
|
|
| 193.164.157.241/okladki/37/95/19/379519mega.png | 193.164.157.241 | 200 OK | 116 kB |
URL GET HTTP/1.1193.164.157.241/okladki/37/95/19/379519mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Size116 kB (116176 bytes) Hash7f4f75c603f6afe13b571b55272a1b17 d8f94ea929379cb25e8085f324a43afee8b74fe9 3888a0f9640bfd299510b88103c37bac4db06958951cac15c37756ccdf11f6e0
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /okladki/37/95/19/379519mega.png HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Tue, 12 Dec 2023 13:52:56 GMT
accept-ranges: bytes
etag: "1ea7c08222dda1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 116176
x-server: plap3
|
|
| 193.164.157.241/okladki/37/93/53/379353mega.png | 193.164.157.241 | 200 OK | 83 kB |
URL GET HTTP/1.1193.164.157.241/okladki/37/93/53/379353mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Hash38532d055f1040d2623b3bb21fe8a9e1 b356290c3eea0b3d933b7a98fc9d04b3b3bef05e 96a7574c344f0c4d6f7efa092c1d213ad4e527bdb239408379a753f039a08449
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /okladki/37/93/53/379353mega.png HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Tue, 02 Apr 2024 05:59:46 GMT
accept-ranges: bytes
etag: "927618f7c284da1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:17 GMT
content-length: 82919
x-server: plap2
|
|
| sklep.infor.pl/okladki/33/56/97/335697mega.png | 193.164.157.241 | 200 OK | 219 kB |
URL GET HTTP/1.1sklep.infor.pl/okladki/33/56/97/335697mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Size219 kB (218609 bytes) Hash2414111e326d1917b54e592e393cf15b 32a1bba45f028fe9e5afc0bf3217f6c1e2cf94e6 4b256671e4a33e98963c9515df4fefd7e97b60765b66a85b3cc21918ce2cd882
GET /okladki/33/56/97/335697mega.png HTTP/1.1
Host: sklep.infor.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Fri, 01 Mar 2024 09:22:50 GMT
accept-ranges: bytes
etag: "eac8ed7ba6bda1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:17 GMT
content-length: 218609
x-server: plap2
|
|
| sklep.infor.pl/pliki/majowka_2024_450x200.jpg | 193.164.157.241 | 200 OK | 44 kB |
URL GET HTTP/1.1sklep.infor.pl/pliki/majowka_2024_450x200.jpg IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 450x200, components 3 Hash6a8b8153309f70ef01d6d542b1004742 d62418dad22b98f48e7f431bba718844af8f254a dc4683bda6a1dfa14149b5f0e30813fde8e0b4cff08937b0ce255a165b625465
GET /pliki/majowka_2024_450x200.jpg HTTP/1.1
Host: sklep.infor.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=86400, must-revalidate
content-type: image/jpeg
last-modified: Fri, 19 Apr 2024 09:51:00 GMT
accept-ranges: bytes
etag: "01a5f153f92da1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 44260
x-server: plap3
|
|
| 193.164.157.241/okladki/37/97/28/379728mega.png | 193.164.157.241 | 200 OK | 203 kB |
URL GET HTTP/1.1193.164.157.241/okladki/37/97/28/379728mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Size203 kB (202622 bytes) Hashbe31f66dd04f250e9e7efd6ddb49efd0 e8e6fb3471e3d3bd40ba6efbc53ff0c330dfe5d0 849d58509f538409ea971098e30f97f9316fcab4268540a7afda46a62538cf06
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /okladki/37/97/28/379728mega.png HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Wed, 27 Mar 2024 12:03:36 GMT
accept-ranges: bytes
etag: "9c3661cc3e80da1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:17 GMT
content-length: 202622
x-server: plap3
|
|
| 193.164.157.241/okladki/33/64/08/336408mega.png | 193.164.157.241 | 200 OK | 127 kB |
URL GET HTTP/1.1193.164.157.241/okladki/33/64/08/336408mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Size127 kB (127032 bytes) Hash2aa2de9794c0eef4eae7af8a8882ca3d c8cca9cefe8f99fe1b2d1bdec4b722d6c4352dbd b2a26b68e7cbbc4533af1b5175ec19cfb0afc983244e2903c9bf7074434998cc
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /okladki/33/64/08/336408mega.png HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Fri, 27 Oct 2023 06:18:33 GMT
accept-ranges: bytes
etag: "e888b7699d8da1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:17 GMT
content-length: 127032
x-server: plap2
|
|
| 193.164.157.241/esauth.ashx | 193.164.157.241 | 200 OK | 0 B |
URL GET HTTP/1.1193.164.157.241/esauth.ashx IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /esauth.ashx HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: private
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
set-cookie: ESAuth=3IndnVMp1qX3iAknMWQwNOJPtobyfkAldIsKIN7FUEkfDQkqitDJJzVsAgT0/6VQzvrGC8CqpkRQHx8YF22uGt0bYhTcdH6B0gucNiLs0dQ=; expires=Wed, 24-Apr-2024 04:13:18 GMT; path=/; SameSite=none; Secure=true
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:17 GMT
content-length: 0
x-server: plap3
|
|
| 193.164.157.241/okladki/33/64/06/336406mega.png | 193.164.157.241 | 200 OK | 120 kB |
URL GET HTTP/1.1193.164.157.241/okladki/33/64/06/336406mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Size120 kB (119653 bytes) Hash71affdbc261666c0d816001c6aa73225 977a920a6382e86a4c228f1bf64b41157bbbba7d cf1b5812289ce6e033f9dd5dde75842dbb7a6f3d620007e9bb742a9498c1449b
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /okladki/33/64/06/336406mega.png HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Fri, 27 Oct 2023 06:22:06 GMT
accept-ranges: bytes
etag: "eb658e89d8da1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:17 GMT
content-length: 119653
x-server: plap2
|
|
| use.typekit.net/af/56b0cd/00000000000000007735957d/30/l?primer=e6066692ab328d1a92bb155659ed6609b693e1e352f0e8982e4224719b13bdfb&fvd=n3&v=3 | 23.36.76.186 | 200 OK | 30 kB |
URL GET HTTP/2use.typekit.net/af/56b0cd/00000000000000007735957d/30/l?primer=e6066692ab328d1a92bb155659ed6609b693e1e352f0e8982e4224719b13bdfb&fvd=n3&v=3 IP23.36.76.186:443 ASN#20940 Akamai International B.V.
CertificateIssuerDigiCert Inc Subjectuse.typekit.net Fingerprint15:AD:3F:8A:55:B7:BC:20:D8:70:5B:06:E0:D2:92:7C:BE:C6:E0:56 ValidityThu, 01 Feb 2024 00:00:00 GMT - Mon, 03 Mar 2025 23:59:59 GMT
File typeWeb Open Font Format (Version 2), CFF, length 29844, version 1.0 Hash3a507cee30809e87bd7989fc7a4d5995 4de9dab6a198de8c9d25529fdabf8261458b2917 3f4db50f35f6403ac56646ec257407000d782c93d5ec89990d68a65a11487cf5
GET /af/56b0cd/00000000000000007735957d/30/l?primer=e6066692ab328d1a92bb155659ed6609b693e1e352f0e8982e4224719b13bdfb&fvd=n3&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://193.164.157.241
DNT: 1
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 29844
etag: "b15b4da55007c1b2a9618fc06dbfcb68c372064b"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Wed, 24 Apr 2024 03:18:18 GMT
X-Firefox-Spdy: h2
|
|
| use.typekit.net/af/0758f3/000000000000000077359583/30/l?primer=e6066692ab328d1a92bb155659ed6609b693e1e352f0e8982e4224719b13bdfb&fvd=n5&v=3 | 23.36.76.186 | 200 OK | 29 kB |
URL GET HTTP/2use.typekit.net/af/0758f3/000000000000000077359583/30/l?primer=e6066692ab328d1a92bb155659ed6609b693e1e352f0e8982e4224719b13bdfb&fvd=n5&v=3 IP23.36.76.186:443 ASN#20940 Akamai International B.V.
CertificateIssuerDigiCert Inc Subjectuse.typekit.net Fingerprint15:AD:3F:8A:55:B7:BC:20:D8:70:5B:06:E0:D2:92:7C:BE:C6:E0:56 ValidityThu, 01 Feb 2024 00:00:00 GMT - Mon, 03 Mar 2025 23:59:59 GMT
File typeWeb Open Font Format (Version 2), CFF, length 29068, version 1.0 Hashd72c7605130f0fa5577e8ee98b45f216 e3f6583b2d52024fb7773abf58b9fe17b5438c17 310410da87bcd9ce904d1085f20f94e472b4736a39e7af6884b17cc181b1aa74
GET /af/0758f3/000000000000000077359583/30/l?primer=e6066692ab328d1a92bb155659ed6609b693e1e352f0e8982e4224719b13bdfb&fvd=n5&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://193.164.157.241
DNT: 1
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 29068
etag: "95d960a78319dcd6e02f0ee6983b65a091274461"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Wed, 24 Apr 2024 03:18:18 GMT
X-Firefox-Spdy: h2
|
|
| use.typekit.net/af/d45b9a/000000000000000077359577/30/l?primer=e6066692ab328d1a92bb155659ed6609b693e1e352f0e8982e4224719b13bdfb&fvd=n4&v=3 | 23.36.76.186 | 200 OK | 29 kB |
URL GET HTTP/2use.typekit.net/af/d45b9a/000000000000000077359577/30/l?primer=e6066692ab328d1a92bb155659ed6609b693e1e352f0e8982e4224719b13bdfb&fvd=n4&v=3 IP23.36.76.186:443 ASN#20940 Akamai International B.V.
CertificateIssuerDigiCert Inc Subjectuse.typekit.net Fingerprint15:AD:3F:8A:55:B7:BC:20:D8:70:5B:06:E0:D2:92:7C:BE:C6:E0:56 ValidityThu, 01 Feb 2024 00:00:00 GMT - Mon, 03 Mar 2025 23:59:59 GMT
File typeWeb Open Font Format (Version 2), CFF, length 29296, version 1.0 Hasha7dc676ef48d8967a2ad60a0cdb08fc5 a1dafafa8bc1ef51cb81a707fde540bcabf00e7e d6811f7e85e6be0ff07ad3f6e2ae53b9231e9cd3241eae11e5d648e6711c5d30
GET /af/d45b9a/000000000000000077359577/30/l?primer=e6066692ab328d1a92bb155659ed6609b693e1e352f0e8982e4224719b13bdfb&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://193.164.157.241
DNT: 1
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 29296
etag: "5eb44e351a7c36f179fa96be26844c3bd3b1b97b"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Wed, 24 Apr 2024 03:18:18 GMT
X-Firefox-Spdy: h2
|
|
| use.typekit.net/af/98e3f6/000000000000000077359562/30/l?primer=e6066692ab328d1a92bb155659ed6609b693e1e352f0e8982e4224719b13bdfb&fvd=n7&v=3 | 23.36.76.186 | 200 OK | 30 kB |
URL GET HTTP/2use.typekit.net/af/98e3f6/000000000000000077359562/30/l?primer=e6066692ab328d1a92bb155659ed6609b693e1e352f0e8982e4224719b13bdfb&fvd=n7&v=3 IP23.36.76.186:443 ASN#20940 Akamai International B.V.
CertificateIssuerDigiCert Inc Subjectuse.typekit.net Fingerprint15:AD:3F:8A:55:B7:BC:20:D8:70:5B:06:E0:D2:92:7C:BE:C6:E0:56 ValidityThu, 01 Feb 2024 00:00:00 GMT - Mon, 03 Mar 2025 23:59:59 GMT
File typeWeb Open Font Format (Version 2), CFF, length 29656, version 1.0 Hash062af89da28ccb3bc14f0262662a62f8 04e49c03f5f525a1ac92b45c36df137909083b92 5ab1af5cd18c0693f188f022f424470e1bd061ac409f73813f3055fb5af951c4
GET /af/98e3f6/000000000000000077359562/30/l?primer=e6066692ab328d1a92bb155659ed6609b693e1e352f0e8982e4224719b13bdfb&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://193.164.157.241
DNT: 1
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 29656
etag: "ade52a9997282fdb00b95ca772349ef1ca8377ed"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Wed, 24 Apr 2024 03:18:18 GMT
X-Firefox-Spdy: h2
|
|
| cdn.livechatinc.com/tracking.js | 95.101.10.202 | 200 OK | 28 kB |
URL GET HTTP/2cdn.livechatinc.com/tracking.js IP95.101.10.202:443 ASN#20940 Akamai International B.V.
CertificateIssuerDigiCert Inc Subjectlivechat.com FingerprintAD:E9:73:3D:F9:98:EE:AF:EA:A1:C6:F0:07:27:92:13:66:F0:44:6E ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 31 Jan 2025 23:59:59 GMT
Hash460676c032a17d4170434640d19bad06 6a2c339c31fc7c32caddca54b91c201b41d40066 030057e498b9f7fdb86111cc97d330dd06fcc8715bf709db65837f8de403e913
GET /tracking.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
last-modified: Mon, 22 Apr 2024 06:47:09 GMT
etag: W/"460676c032a17d4170434640d19bad06"
x-amz-server-side-encryption: AES256
x-amz-version-id: 6lowS_DfRhUGrMy9km8Z5H4gEBK8rPJw
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-amz-cf-pop: AMS58-P4
x-amz-cf-id: ZvsPCorYY6x0Mzol_bOxBBsj_-wfS3SadINMcEaYnf1dAh-Uc6DYHg==
content-length: 28535
cache-control: max-age=28800
expires: Wed, 24 Apr 2024 11:18:18 GMT
date: Wed, 24 Apr 2024 03:18:18 GMT
content-type: application/javascript; charset=utf-8
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| use.typekit.net/af/e4b1a9/000000000000000077359571/30/l?primer=e6066692ab328d1a92bb155659ed6609b693e1e352f0e8982e4224719b13bdfb&fvd=n6&v=3 | 23.36.76.186 | 200 OK | 29 kB |
URL GET HTTP/2use.typekit.net/af/e4b1a9/000000000000000077359571/30/l?primer=e6066692ab328d1a92bb155659ed6609b693e1e352f0e8982e4224719b13bdfb&fvd=n6&v=3 IP23.36.76.186:443 ASN#20940 Akamai International B.V.
CertificateIssuerDigiCert Inc Subjectuse.typekit.net Fingerprint15:AD:3F:8A:55:B7:BC:20:D8:70:5B:06:E0:D2:92:7C:BE:C6:E0:56 ValidityThu, 01 Feb 2024 00:00:00 GMT - Mon, 03 Mar 2025 23:59:59 GMT
File typeWeb Open Font Format (Version 2), CFF, length 28928, version 1.0 Hash223b2161801f80f724d4c6967afdafd1 b3dcd8a472b74dd62258c794d922926d7ae73efb 227a0256f0b85a6693ff812295768706bbb2f6a319f99cf58874ce3278d13bf3
GET /af/e4b1a9/000000000000000077359571/30/l?primer=e6066692ab328d1a92bb155659ed6609b693e1e352f0e8982e4224719b13bdfb&fvd=n6&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://193.164.157.241
DNT: 1
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 28928
etag: "9312d1e87c6656487d550687cd70f4ede44161be"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Wed, 24 Apr 2024 03:18:18 GMT
X-Firefox-Spdy: h2
|
|
| use.typekit.net/af/7a16a7/000000000000000077359568/30/l?primer=e6066692ab328d1a92bb155659ed6609b693e1e352f0e8982e4224719b13bdfb&fvd=n1&v=3 | 23.36.76.186 | 200 OK | 28 kB |
URL GET HTTP/2use.typekit.net/af/7a16a7/000000000000000077359568/30/l?primer=e6066692ab328d1a92bb155659ed6609b693e1e352f0e8982e4224719b13bdfb&fvd=n1&v=3 IP23.36.76.186:443 ASN#20940 Akamai International B.V.
CertificateIssuerDigiCert Inc Subjectuse.typekit.net Fingerprint15:AD:3F:8A:55:B7:BC:20:D8:70:5B:06:E0:D2:92:7C:BE:C6:E0:56 ValidityThu, 01 Feb 2024 00:00:00 GMT - Mon, 03 Mar 2025 23:59:59 GMT
File typeWeb Open Font Format (Version 2), CFF, length 27712, version 1.0 Hash2d45e7e5fba7c3ad244537af23bbe60f d55be8926c2e4010c710e4d596499e0efec43b71 54fca56b49aaa38efe8dd63afe1e97e4e320c856386fce2f27cc08204b13b95b
GET /af/7a16a7/000000000000000077359568/30/l?primer=e6066692ab328d1a92bb155659ed6609b693e1e352f0e8982e4224719b13bdfb&fvd=n1&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://193.164.157.241
DNT: 1
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 27712
etag: "6a282f802c81e3ab828e4777f3c473d3f0dec546"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Wed, 24 Apr 2024 03:18:18 GMT
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtm.js?id=GTM-55V342 | 142.250.74.168 | 200 OK | 112 kB |
URL GET HTTP/2www.googletagmanager.com/gtm.js?id=GTM-55V342 IP142.250.74.168:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (34010) Size112 kB (112141 bytes) Hashb37e2816ecbe2f42beaaae17721bbd21 b8a3199c5aeb9b5992e541013f3f14fd6d5adb8f 2a4fe07505852c6c44d91cb66b7dc588059bd381d704d362b598ce1bf3ea44bd
GET /gtm.js?id=GTM-55V342 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 Apr 2024 03:18:18 GMT
expires: Wed, 24 Apr 2024 03:18:18 GMT
cache-control: private, max-age=900
last-modified: Wed, 24 Apr 2024 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 112141
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 | 216.58.207.227 | 200 OK | 128 kB |
URL GET HTTP/2fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 IP216.58.207.227:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 128352, version 1.0 Size128 kB (128352 bytes) Hash53436aca8627a49f4deaaa44dc9e3c05 0bc0c675480d94ec7e8609dda6227f88c5d08d2c 8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
GET /s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://193.164.157.241
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 Apr 2024 06:44:19 GMT
expires: Sun, 20 Apr 2025 06:44:19 GMT
cache-control: public, max-age=31536000
age: 333240
last-modified: Mon, 08 Apr 2024 19:04:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/destination?id=AW-10817014426&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 63 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/destination?id=AW-10817014426&l=dataLayer&cx=c IP142.250.74.168:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (1951) Hash642d2157917c6d1a3608c92177137cb7 eef07dc0e1fa2b7cac27707219e96d0ed4c0457a a4858bd1b76f67099db2152046e4b80207b48dd6b152afe826fac78b094171b2
GET /gtag/destination?id=AW-10817014426&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 Apr 2024 03:18:19 GMT
expires: Wed, 24 Apr 2024 03:18:19 GMT
cache-control: private, max-age=900
last-modified: Wed, 24 Apr 2024 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 63290
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.googletagmanager.com/gtag/js?id=G-H6TBBPCVDR&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 104 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-H6TBBPCVDR&l=dataLayer&cx=c IP142.250.74.168:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (24060) Size104 kB (104362 bytes) Hash1286a312245ba556c8670d18152308df 4224107feb6a9fa4e850ee43f74f396889efcc13 d64a1b9c2f4414bf87c0b39ba0987d476699f0f370e4ca0df0562e69675401ae
GET /gtag/js?id=G-H6TBBPCVDR&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 Apr 2024 03:18:19 GMT
expires: Wed, 24 Apr 2024 03:18:19 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 104362
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.googletagmanager.com/gtag/destination?id=AW-1061365034&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 86 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/destination?id=AW-1061365034&l=dataLayer&cx=c IP142.250.74.168:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hashc150dcfdcd021eef3d85fdfc2cdaa25e e620c7ff9430356ec7f4234c297f1019f293c317 970eb13eb2caa1b5baea4666a627e8faea33bfc852651cf523243bedde02e6b2
GET /gtag/destination?id=AW-1061365034&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 Apr 2024 03:18:19 GMT
expires: Wed, 24 Apr 2024 03:18:19 GMT
cache-control: private, max-age=900
last-modified: Wed, 24 Apr 2024 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 86381
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| app2.salesmanago.pl/dynamic/lhme902m8fhpeij1/popups.js | 91.227.202.129 | 200 OK | 4.6 kB |
URL GET HTTP/2app2.salesmanago.pl/dynamic/lhme902m8fhpeij1/popups.js IP91.227.202.129:443
CertificateIssuerDigiCert Inc Subject*.salesmanago.pl Fingerprint17:88:F4:9E:6C:5B:8A:CE:F4:81:DF:1B:D0:CE:9C:A1:92:96:48:32 ValidityMon, 07 Aug 2023 00:00:00 GMT - Fri, 16 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (10370) Hash2f0ce6f007f95dbaf8e5589160c35cc8 49191c1923b9469c8905ee49d1a9423f00f9a45e da8f0afcd1f122a025ca43df3a9f64d9d46def1af75f98223658545b94fb2874
GET /dynamic/lhme902m8fhpeij1/popups.js HTTP/1.1
Host: app2.salesmanago.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 03:18:19 GMT
server: Apache
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, DELETE
access-control-max-age: 3600
access-control-allow-headers: x-requested-with, content-type, accept
cache-control: max-age=3600
expires: Wed, 24 Apr 2024 04:18:19 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 4585
content-type: application/javascript;charset=UTF-8
strict-transport-security: max-age=31540000
set-cookie: SERVERID=C; path=/; HttpOnly; Secure
X-Firefox-Spdy: h2
|
|
| cdn.livesession.io/track.js |  35.156.224.161 | 200 OK | 46 kB |
URL GET HTTP/2cdn.livesession.io/track.js IP35.156.224.161:443
CertificateIssuerLet's Encrypt Subjectcdn.livesession.io Fingerprint67:CB:6B:98:E9:76:1F:D0:61:97:DE:50:77:CB:00:77:81:A8:AA:ED ValidityFri, 08 Mar 2024 13:00:08 GMT - Thu, 06 Jun 2024 13:00:07 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65471) Hash804487c60e99066cc5fa5db6df760dbf ad93e31c53e40ede61b90695f08132acc342e42b dd6cdea6d2a8698398b8b3189c86140367ceb16e30120728831fd1d375622779
GET /track.js HTTP/1.1
Host: cdn.livesession.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 70629
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
content-encoding: br
content-type: application/javascript; charset=UTF-8
date: Wed, 24 Apr 2024 03:18:19 GMT
etag: "310c41ba90e16a9168f96608a5c1d52a-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01HW71RZJV3Z60GA1Q5CGK6BNA
content-length: 46033
X-Firefox-Spdy: h2
|
|
| api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?license_id=12881502&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2F193.164.157.241%2F&group_id=1&channel_type=code&jsonp=__pp4bdtdvf4 | 23.36.79.16 | 200 OK | 125 B |
URL GET HTTP/2api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?license_id=12881502&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2F193.164.157.241%2F&group_id=1&channel_type=code&jsonp=__pp4bdtdvf4 IP23.36.79.16:443 ASN#20940 Akamai International B.V.
CertificateIssuerDigiCert Inc Subjectlivechat.com FingerprintAD:E9:73:3D:F9:98:EE:AF:EA:A1:C6:F0:07:27:92:13:66:F0:44:6E ValidityWed, 31 Jan 2024 00:00:00 GMT - Fri, 31 Jan 2025 23:59:59 GMT
File typeASCII text, with no line terminators Hash3a34ab9eaa52da6ad7225c45578fd009 34e0a425d7f2b19f2e37590330f3c41b60d92866 2e6741d4f2b205b570a3460a3acbbf4424de6f9a12823f0f088977bc9d6f3506
GET /v3.6/customer/action/get_dynamic_configuration?license_id=12881502&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2F193.164.157.241%2F&group_id=1&channel_type=code&jsonp=__pp4bdtdvf4 HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
content-length: 125
date: Wed, 24 Apr 2024 03:18:19 GMT
X-Firefox-Spdy: h2
|
|
| app2.salesmanago.pl/static/sm.js | 91.227.202.129 | 200 OK | 49 kB |
URL GET HTTP/2app2.salesmanago.pl/static/sm.js IP91.227.202.129:443
CertificateIssuerDigiCert Inc Subject*.salesmanago.pl Fingerprint17:88:F4:9E:6C:5B:8A:CE:F4:81:DF:1B:D0:CE:9C:A1:92:96:48:32 ValidityMon, 07 Aug 2023 00:00:00 GMT - Fri, 16 Aug 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65508), with no line terminators Hash1d76c6ec630cf961a6796a6c533e5195 7e537aad7da5464e3ab7bf003e086bab32731073 a6572393f35ed663c2614e2f9527a7017edc7d8477afb5bfcb2b7634861e07e6
GET /static/sm.js HTTP/1.1
Host: app2.salesmanago.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 03:18:19 GMT
server: Apache
last-modified: Fri, 19 Apr 2024 04:17:34 GMT
etag: "20b08-6166b5e032b46-gzip"
accept-ranges: bytes
cache-control: max-age=3600
expires: Wed, 24 Apr 2024 04:18:19 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 48825
content-type: application/javascript
strict-transport-security: max-age=31540000
set-cookie: SERVERID=A; path=/; HttpOnly; Secure
X-Firefox-Spdy: h2
|
|
| widgets.infor.pl/widgets/eventBus.js?version=40 | 194.242.11.186 | 200 OK | 83 kB |
URL GET HTTP/2widgets.infor.pl/widgets/eventBus.js?version=40 IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
CertificateIssuerUnizeto Technologies S.A. Subject*.infor.pl FingerprintAE:0C:B8:6A:AE:56:9E:20:4E:1F:72:E9:3A:3F:30:61:F2:A3:82:65 ValidityMon, 06 Nov 2023 09:15:39 GMT - Tue, 05 Nov 2024 09:15:38 GMT
File typeJavaScript source, ASCII text, with very long lines (51908) Hasha373a517589ce985a1772cb8aecb9017 9ae41cc83b4854e04ee9bd67546b22d5006c4d52 4e4d70eed987587b3dc0066a760e02f8035c119a8592758a5b4b0d8cbe4fb023
GET /widgets/eventBus.js?version=40 HTTP/1.1
Host: widgets.infor.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 03:18:19 GMT
content-type: text/javascript; charset=utf-8
server: BunnyCDN-NO1-830
cdn-pullzone: 2112198
cdn-uid: ec64d759-7b8b-45ca-9e27-9aee2410fd8b
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-credentials: true
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"13a5d-18f097fedd0"
last-modified: Tue, 23 Apr 2024 05:48:50 GMT
x-powered-by: Express
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/23/2024 05:53:17
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 328895d16616e67125181fdeaaa0aa00
cdn-cache: HIT
X-Firefox-Spdy: h2
|
|
| app2.salesmanago.pl/dynamic/lhme902m8fhpeij1/custom.js?uri=%2F&location=193.164.157.241&uuid=18f0e1c7f03-c0f11af72d45-e8a76076-b9ace9ca-8f8082c1-ad430c6654c0&referrer=&time=2024-04-24T03%3A18%3A19Z&title=Ksi%C4%99garnia%20internetowa%20INFOR.pl%20-%20Sklep.infor.pl&banners=true | 91.227.202.129 | 200 OK | 795 B |
URL GET HTTP/2app2.salesmanago.pl/dynamic/lhme902m8fhpeij1/custom.js?uri=%2F&location=193.164.157.241&uuid=18f0e1c7f03-c0f11af72d45-e8a76076-b9ace9ca-8f8082c1-ad430c6654c0&referrer=&time=2024-04-24T03%3A18%3A19Z&title=Ksi%C4%99garnia%20internetowa%20INFOR.pl%20-%20Sklep.infor.pl&banners=true IP91.227.202.129:443
CertificateIssuerDigiCert Inc Subject*.salesmanago.pl Fingerprint17:88:F4:9E:6C:5B:8A:CE:F4:81:DF:1B:D0:CE:9C:A1:92:96:48:32 ValidityMon, 07 Aug 2023 00:00:00 GMT - Fri, 16 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text Hashad070ede2999bfbfd3c4ba963b165302 2cf6a6e830d680c368babf75ef8a8c6b67e142ba 244f981796f134330ceac39d084821f4874a9abbd8872f7107956ddedf8c46e8
GET /dynamic/lhme902m8fhpeij1/custom.js?uri=%2F&location=193.164.157.241&uuid=18f0e1c7f03-c0f11af72d45-e8a76076-b9ace9ca-8f8082c1-ad430c6654c0&referrer=&time=2024-04-24T03%3A18%3A19Z&title=Ksi%C4%99garnia%20internetowa%20INFOR.pl%20-%20Sklep.infor.pl&banners=true HTTP/1.1
Host: app2.salesmanago.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 03:18:19 GMT
server: Apache
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, DELETE
access-control-max-age: 3600
access-control-allow-headers: x-requested-with, content-type, accept
cache-control: max-age=3600
expires: Wed, 24 Apr 2024 04:18:19 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 795
content-type: application/javascript;charset=UTF-8
strict-transport-security: max-age=31540000
set-cookie: SERVERID=C; path=/; HttpOnly; Secure
X-Firefox-Spdy: h2
|
|
| consensu.infor.pl/purposes-pl.json | 194.242.11.186 | 200 OK | 11 kB |
URL GET HTTP/2consensu.infor.pl/purposes-pl.json IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
CertificateIssuerUnizeto Technologies S.A. Subject*.infor.pl FingerprintAE:0C:B8:6A:AE:56:9E:20:4E:1F:72:E9:3A:3F:30:61:F2:A3:82:65 ValidityMon, 06 Nov 2023 09:15:39 GMT - Tue, 05 Nov 2024 09:15:38 GMT
Hasha7d9ed736bb7544aa9b9601192723043 1e7af6419e80d70fb114a10a03862cad26f69820 08574aa2ffe5da909bde891fa3f4404be5707b38ee80f74962bb1df5fc072052
GET /purposes-pl.json HTTP/1.1
Host: consensu.infor.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://193.164.157.241
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 03:18:19 GMT
content-type: application/json
vary: Accept-Encoding
server: BunnyCDN-NO1-830
cdn-pullzone: 2112200
cdn-uid: ec64d759-7b8b-45ca-9e27-9aee2410fd8b
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=28800
etag: W/"662771f5-c6e6"
expires: Tue, 23 Apr 2024 18:02:54 GMT
last-modified: Tue, 23 Apr 2024 08:31:49 GMT
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/23/2024 10:02:54
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 810934c2482a84de6db454c6b7f8a9e1
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
|
|
| vc-service.saleago.com/api/vc.json?s=lhme902m8fhpeij1&i=2 | 34.110.154.184 | 200 OK | 4.6 kB |
URL GET HTTP/2vc-service.saleago.com/api/vc.json?s=lhme902m8fhpeij1&i=2 IP34.110.154.184:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
CertificateIssuerGoogle Trust Services LLC Subjectvc-service.saleago.com Fingerprint72:94:B5:C0:EB:C9:51:4B:69:EE:02:0D:04:11:CA:AA:E6:B0:05:3A ValidityMon, 08 Apr 2024 12:55:00 GMT - Sun, 07 Jul 2024 13:49:14 GMT
Hash0f4f74b4b87bb9ed6183feb969d5f29a d7d69997fb1ed7d577338002e2f9f231ec807d94 172cd1c72d038d71ab16ef68a8c6a01dc2e21dde9b7b853a493f82350fa95205
GET /api/vc.json?s=lhme902m8fhpeij1&i=2 HTTP/1.1
Host: vc-service.saleago.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://193.164.157.241
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: *
content-type: application/json;charset=utf-8
content-length: 4580
date: Wed, 24 Apr 2024 03:18:19 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| widgets.infor.pl/cookie/saver?cookies=[{%22infor_fuid_v2%22:%221f17da1f-6459-439a-89cf-bd0110baeeea%22},{%22deepbi_user_deepcookie%22:%22null%22}]&allowOriginDomain=https://193.164.157.241 | 194.242.11.186 | 200 OK | 88 B |
URL GET HTTP/2widgets.infor.pl/cookie/saver?cookies=[{%22infor_fuid_v2%22:%221f17da1f-6459-439a-89cf-bd0110baeeea%22},{%22deepbi_user_deepcookie%22:%22null%22}]&allowOriginDomain=https://193.164.157.241 IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
CertificateIssuerUnizeto Technologies S.A. Subject*.infor.pl FingerprintAE:0C:B8:6A:AE:56:9E:20:4E:1F:72:E9:3A:3F:30:61:F2:A3:82:65 ValidityMon, 06 Nov 2023 09:15:39 GMT - Tue, 05 Nov 2024 09:15:38 GMT
Hash907dec1b0e79b0ef7989c743437786f4 e5f8a13cd48e2e12184149a9681e90c9b1b71c55 00908ba2b75c3c62cf73de8334ebb8a68f23f89f589b2138d762ec6ad0cf4573
GET /cookie/saver?cookies=[{%22infor_fuid_v2%22:%221f17da1f-6459-439a-89cf-bd0110baeeea%22},{%22deepbi_user_deepcookie%22:%22null%22}]&allowOriginDomain=https://193.164.157.241 HTTP/1.1
Host: widgets.infor.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://193.164.157.241
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 03:18:19 GMT
content-type: text/html; charset=utf-8
content-length: 88
server: BunnyCDN-NO1-830
cdn-pullzone: 2112198
cdn-uid: ec64d759-7b8b-45ca-9e27-9aee2410fd8b
cdn-requestcountrycode: NO
access-control-allow-credentials: true
access-control-allow-origin: https://193.164.157.241
cache-control: public, max-age=0
etag: W/"58-5fihPNSOLhIYQUmpaB6QybG3HFU"
set-cookie: infor_fuid_v2=1f17da1f-6459-439a-89cf-bd0110baeeea; Path=/; Expires=Mon, 23 Apr 2029 03:18:19 GMT; Secure; SameSite=None
deepbi_user_deepcookie=null; Path=/; Expires=Mon, 23 Apr 2029 03:18:19 GMT; Secure; SameSite=None
x-powered-by: Express
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/24/2024 03:18:19
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 4ddf3afb76af4b4387998649324ea437
cdn-cache: BYPASS
X-Firefox-Spdy: h2
|
|
| widgets.infor.pl/cookie/loader?allowOriginDomain=https://193.164.157.241 | 194.242.11.186 | 200 OK | 88 B |
URL GET HTTP/2widgets.infor.pl/cookie/loader?allowOriginDomain=https://193.164.157.241 IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
CertificateIssuerUnizeto Technologies S.A. Subject*.infor.pl FingerprintAE:0C:B8:6A:AE:56:9E:20:4E:1F:72:E9:3A:3F:30:61:F2:A3:82:65 ValidityMon, 06 Nov 2023 09:15:39 GMT - Tue, 05 Nov 2024 09:15:38 GMT
Hash907dec1b0e79b0ef7989c743437786f4 e5f8a13cd48e2e12184149a9681e90c9b1b71c55 00908ba2b75c3c62cf73de8334ebb8a68f23f89f589b2138d762ec6ad0cf4573
GET /cookie/loader?allowOriginDomain=https://193.164.157.241 HTTP/1.1
Host: widgets.infor.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://193.164.157.241
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: infor_fuid_v2=1f17da1f-6459-439a-89cf-bd0110baeeea; deepbi_user_deepcookie=null
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 03:18:19 GMT
content-type: text/html; charset=utf-8
content-length: 88
server: BunnyCDN-NO1-830
cdn-pullzone: 2112198
cdn-uid: ec64d759-7b8b-45ca-9e27-9aee2410fd8b
cdn-requestcountrycode: NO
access-control-allow-credentials: true
access-control-allow-origin: https://193.164.157.241
cache-control: public, max-age=0
etag: W/"58-5fihPNSOLhIYQUmpaB6QybG3HFU"
x-powered-by: Express
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/24/2024 03:18:19
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: ff1b62794b411ea41f9c826e632f175e
cdn-cache: BYPASS
X-Firefox-Spdy: h2
|
|
| zgody.infor.pl/build/assets/img/logo_infor.png | 193.164.157.205 | 200 OK | 4.2 kB |
URL GET HTTP/2zgody.infor.pl/build/assets/img/logo_infor.png IP193.164.157.205:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 110 x 51, 8-bit/color RGBA, non-interlaced Hasha0e4dab1584cd4acfa3a89a6d5f9c723 3419de434c4e33b2f770166dcdfef074663e2f63 c3b553062b2509f6ce8ab39bbef74b67277a5e3c6500f4744db6d06583a802d7
GET /build/assets/img/logo_infor.png HTTP/1.1
Host: zgody.infor.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 03:18:19 GMT
content-type: image/png
content-length: 4205
last-modified: Fri, 18 Aug 2023 10:45:26 GMT
etag: "64df4bc6-106d"
expires: Wed, 01 May 2024 03:18:19 GMT
access-control-allow-origin: *
cache-control: max-age=604800, public
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| consensu.infor.pl/vendor-list.json | 194.242.11.186 | 200 OK | 95 kB |
URL GET HTTP/2consensu.infor.pl/vendor-list.json IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
CertificateIssuerUnizeto Technologies S.A. Subject*.infor.pl FingerprintAE:0C:B8:6A:AE:56:9E:20:4E:1F:72:E9:3A:3F:30:61:F2:A3:82:65 ValidityMon, 06 Nov 2023 09:15:39 GMT - Tue, 05 Nov 2024 09:15:38 GMT
Hashcaae9ab552ddb2d60cd364f1d333f309 7adb65e4128a24e736207b7935acefa037cc283b b418df310c1df3c37ededd519788d59de0a7225b787d5264a144db97127d3ff0
GET /vendor-list.json HTTP/1.1
Host: consensu.infor.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://193.164.157.241
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 03:18:18 GMT
content-type: application/json
vary: Accept-Encoding
server: BunnyCDN-NO1-830
cdn-pullzone: 2112200
cdn-uid: ec64d759-7b8b-45ca-9e27-9aee2410fd8b
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=28800
etag: W/"662771f5-94f50"
expires: Tue, 23 Apr 2024 18:02:54 GMT
last-modified: Tue, 23 Apr 2024 08:31:49 GMT
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/23/2024 10:02:54
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 9bacccbe8d7925f6a0c81acfbcf7f37a
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
|
|
| widgets.infor.pl/cpu_user/token | 194.242.11.186 | 200 OK | 0 B |
URL POST HTTP/2widgets.infor.pl/cpu_user/token IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
CertificateIssuerUnizeto Technologies S.A. Subject*.infor.pl FingerprintAE:0C:B8:6A:AE:56:9E:20:4E:1F:72:E9:3A:3F:30:61:F2:A3:82:65 ValidityMon, 06 Nov 2023 09:15:39 GMT - Tue, 05 Nov 2024 09:15:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /cpu_user/token HTTP/1.1
Host: widgets.infor.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://193.164.157.241/
Origin: https://193.164.157.241
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Wed, 24 Apr 2024 03:18:20 GMT
server: BunnyCDN-NO1-830
cdn-pullzone: 2112198
cdn-uid: ec64d759-7b8b-45ca-9e27-9aee2410fd8b
cdn-requestcountrycode: NO
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://193.164.157.241
cache-control: public, max-age=0
x-powered-by: Express
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 204
cdn-cachedat: 04/24/2024 03:18:20
cdn-edgestorageid: 830
cdn-status: 204
cdn-requestid: d6dcfe7dc5f9b29a4efc7084bb4ec3de
X-Firefox-Spdy: h2
|
|
| widgets.infor.pl/cpu_user/token | 194.242.11.186 | 200 OK | 13 kB |
URL POST HTTP/2widgets.infor.pl/cpu_user/token IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
CertificateIssuerUnizeto Technologies S.A. Subject*.infor.pl FingerprintAE:0C:B8:6A:AE:56:9E:20:4E:1F:72:E9:3A:3F:30:61:F2:A3:82:65 ValidityMon, 06 Nov 2023 09:15:39 GMT - Tue, 05 Nov 2024 09:15:38 GMT
Hashb2486b9ebf08085892f501a67c9b9f33 f84ce1e54bb618bd1837db5690694e5a7fcb472b 074f1c4108fd9ad58ae0c311e7b8c691989b0bbbd5891efe7aac1c63d12fcf0f
POST /cpu_user/token HTTP/1.1
Host: widgets.infor.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 325
Origin: https://193.164.157.241
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: infor_fuid_v2=1f17da1f-6459-439a-89cf-bd0110baeeea; deepbi_user_deepcookie=null
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 03:18:20 GMT
content-type: application/json
vary: Accept-Encoding
server: BunnyCDN-NO1-830
cdn-pullzone: 2112198
cdn-uid: ec64d759-7b8b-45ca-9e27-9aee2410fd8b
cdn-requestcountrycode: NO
access-control-allow-credentials: true
access-control-allow-origin: https://193.164.157.241
cache-control: public, max-age=0
x-powered-by: Express
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/24/2024 03:18:20
cdn-edgestorageid: 830
cdn-requestid: 071ba6b1bac6bde198d9d3ab52e83e86
content-encoding: br
X-Firefox-Spdy: h2
|
|
| www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-H6TBBPCVDR&cid=135561873.1713928700>m=45je44m0v887810612z86281696za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=37625467 | 172.217.21.163 | 200 OK | 42 B |
URL GET HTTP/2www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-H6TBBPCVDR&cid=135561873.1713928700>m=45je44m0v887810612z86281696za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=37625467 IP172.217.21.163:443
CertificateIssuerGoogle Trust Services LLC Subject*.google.no Fingerprint4E:BD:F9:72:97:67:A2:4B:EE:E4:B0:03:CD:C8:F3:30:53:27:53:1D ValidityMon, 18 Mar 2024 20:50:06 GMT - Mon, 10 Jun 2024 20:50:05 GMT
File typeGIF image data, version 89a, 1 x 1 Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-H6TBBPCVDR&cid=135561873.1713928700>m=45je44m0v887810612z86281696za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=37625467 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 24 Apr 2024 03:18:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.infor.pl/favicon.ico | 193.164.157.250 | 200 OK | 1.2 kB |
IP193.164.157.250:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hashff0baae47d267d0167b5ac99852029b1 d61ec5f615e996fcf6572c23b3b9d6a89e154ca0 b16cca3b6c962c8f326f3250dc8adfbed7c326a279ddd66349da1bb80a2c75d2
GET /favicon.ico HTTP/1.1
Host: www.infor.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 02:58:34 GMT
cache-control: no-cache, private
content-disposition: inline; filename="favicon.ico"
sesese: plappphp-7
content-length: 1150
content-type: image/x-icon
x-ua-device: desktop
age: 1185
vary: User-Agent
x-cache: HIT
x-cv: plvc1
grace: none
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.5c2661f67b4b71a6d9bd.js | 143.204.48.96 | 200 OK | 2.0 kB |
URL GET HTTP/2cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.5c2661f67b4b71a6d9bd.js IP143.204.48.96:443
CertificateIssuerAmazon Subject*.segment.com Fingerprint92:B4:26:19:9B:B4:C7:48:23:87:41:7A:8A:10:5E:C4:E8:77:35:A0 ValidityTue, 14 Nov 2023 00:00:00 GMT - Fri, 13 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (1490) Hash3867b2388b619ff7fddc29ef359fc9aa 511bed0c4d3d57ab4cf1b1d7596fb845ecfba6ac 31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a
GET /analytics-next/bundles/schemaFilter.bundle.5c2661f67b4b71a6d9bd.js HTTP/1.1
Host: cdn.segment.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Fri, 12 Apr 2024 16:48:23 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Fri, 12 Apr 2024 03:48:56 GMT
etag: W/"3867b2388b619ff7fddc29ef359fc9aa"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=31536000,immutable
x-amz-version-id: 6p7m0DymtVd2iHKfdr7k4GM1yYafy1xS
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: O2shAtAy6S8viZv7avWGMW5Xm82Qfko0LSt71JA6cY-Pu2NZaHQawA==
age: 988197
X-Firefox-Spdy: h2
|
|
| cdn.segment.com/next-integrations/integrations/google-analytics/2.18.5/google-analytics.dynamic.js.gz | 143.204.48.96 | 200 OK | 4.7 kB |
URL GET HTTP/2cdn.segment.com/next-integrations/integrations/google-analytics/2.18.5/google-analytics.dynamic.js.gz IP143.204.48.96:443
CertificateIssuerAmazon Subject*.segment.com Fingerprint92:B4:26:19:9B:B4:C7:48:23:87:41:7A:8A:10:5E:C4:E8:77:35:A0 ValidityTue, 14 Nov 2023 00:00:00 GMT - Fri, 13 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (15894) Hash0e6c238c4491ba0be60ff1ba0021c299 6f676de2a7d8f5a5a4855101a256ce3fd0e29443 86685e191878d9ecfd30ed1fe63cbb783bf9151607e9996342d64977013e3cff
GET /next-integrations/integrations/google-analytics/2.18.5/google-analytics.dynamic.js.gz HTTP/1.1
Host: cdn.segment.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 4743
date: Fri, 12 Apr 2024 20:28:53 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Fri, 05 Apr 2024 16:42:47 GMT
etag: "6a3ed21f9b6777c0c37e6e248ea22387"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=31536000,immutable
content-encoding: gzip
x-amz-version-id: UrcbvrdkWvVeM88a5LbnIeGLbGs5UNca
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0A5Qcte0XKBPwK9wSL_WNWBq2jFFYiBY3P3IeRnXW4jIcefAl-XHPw==
age: 974968
X-Firefox-Spdy: h2
|
|
| cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz | 143.204.48.96 | 200 OK | 22 kB |
URL GET HTTP/2cdn.segment.com/next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz IP143.204.48.96:443
CertificateIssuerAmazon Subject*.segment.com Fingerprint92:B4:26:19:9B:B4:C7:48:23:87:41:7A:8A:10:5E:C4:E8:77:35:A0 ValidityTue, 14 Nov 2023 00:00:00 GMT - Fri, 13 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hasha6378a93e23b431232f76fc74dca8b18 51c28e605abfb910d4c836f58e96723141e28b30 265ac7549793e4b9d51f8ab19acc8518770ace94078790776b3ac34eb47e1bbd
GET /next-integrations/integrations/vendor/commons.a61d7bea37d2de5d4b69.js.gz HTTP/1.1
Host: cdn.segment.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 21911
date: Fri, 12 Apr 2024 19:17:49 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Fri, 05 Apr 2024 16:42:46 GMT
etag: "c467a63b2e7c3a99be423ace649014d8"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=31536000,immutable
content-encoding: gzip
x-amz-version-id: 1Y99HfuTczPsGIDdcPhw1L1EusEviR19
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vBGQoN6nEuuZ4gWssfIHgCfLrryZ_iOrBMJ4PIZTHHyAdAH1CaCIJA==
age: 979232
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtm.js?id=GTM-55V342&l=dataLayer | 142.250.74.168 | 200 OK | 112 kB |
URL GET HTTP/3www.googletagmanager.com/gtm.js?id=GTM-55V342&l=dataLayer IP142.250.74.168:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (34010) Size112 kB (111720 bytes) Hashe0c33b54b6257ca0b4c1cbeae420aa85 025fe16bfbcbb5487d7d98fc35454849398ec029 db40eac1d10856b8c21d0c6cb220a9849a223c0bd545678157e0d53f831f924a
GET /gtm.js?id=GTM-55V342&l=dataLayer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 Apr 2024 03:18:20 GMT
expires: Wed, 24 Apr 2024 03:18:20 GMT
cache-control: private, max-age=900
last-modified: Wed, 24 Apr 2024 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 111720
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| rs.livesession.io/visitors/init?account_id=51a7081d&website_id=64d16fd8 | 172.67.166.25 | 200 OK | 56 B |
URL GET HTTP/2rs.livesession.io/visitors/init?account_id=51a7081d&website_id=64d16fd8 IP172.67.166.25:443
CertificateIssuerGoogle Trust Services LLC Subjectlivesession.io FingerprintAB:61:B6:A2:69:F2:90:CE:22:DA:D2:57:33:26:48:20:C5:E4:B0:21 ValidityMon, 26 Feb 2024 08:51:11 GMT - Sun, 26 May 2024 08:51:10 GMT
Hashdcbc31dcaba62422e9f3dc7bc3ac63a2 0fd7c5fe6e944825a76b82b24a7f062b81f4d3ce e94cf327c78a4e25b05ef01f9150b2c924fdd7ebd51bd22f16974678e55bb41c
GET /visitors/init?account_id=51a7081d&website_id=64d16fd8 HTTP/1.1
Host: rs.livesession.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://193.164.157.241
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 03:18:20 GMT
content-type: application/json; charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: https://193.164.157.241
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wX2IrQsrZJIsL%2BPZuSE6DM6ujJ3FsNXANRMXdliL3GiZm%2BX8qS5qGcdS5Xb4QfHqFnI83RKRFKHt20%2FWNwVOL%2BOkpRT1ckNjRqx63g0UPkwLVK5c1KBTXJkFjF5TplQ9oWxcFg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8792f208999e0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-H6TBBPCVDR>m=45je44m0v887810612z86281696za200&_p=1713928697736&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tcfd=1000h&cid=135561873.1713928700&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&dl=https%3A%2F%2F193.164.157.241%2F&sid=1713928699&sct=1&seg=0&dt=Ksi%C4%99garnia%20internetowa%20INFOR.pl%20-%20Sklep.infor.pl&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4912 | 216.239.32.36 | 204 No Content | 0 B |
URL POST HTTP/2region1.analytics.google.com/g/collect?v=2&tid=G-H6TBBPCVDR>m=45je44m0v887810612z86281696za200&_p=1713928697736&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tcfd=1000h&cid=135561873.1713928700&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&dl=https%3A%2F%2F193.164.157.241%2F&sid=1713928699&sct=1&seg=0&dt=Ksi%C4%99garnia%20internetowa%20INFOR.pl%20-%20Sklep.infor.pl&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4912 IP216.239.32.36:443
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-H6TBBPCVDR>m=45je44m0v887810612z86281696za200&_p=1713928697736&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tcfd=1000h&cid=135561873.1713928700&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&dl=https%3A%2F%2F193.164.157.241%2F&sid=1713928699&sct=1&seg=0&dt=Ksi%C4%99garnia%20internetowa%20INFOR.pl%20-%20Sklep.infor.pl&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4912 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://193.164.157.241
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://193.164.157.241
date: Wed, 24 Apr 2024 03:18:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| services.addons.mozilla.org/api/v4/addons/search/?guid=default-theme%40mozilla.org%2Caddons-search-detection%40mozilla.com%2Cgoogle%40search.mozilla.org%2Cwikipedia%40search.mozilla.org%2Cbing%40search.mozilla.org%2Cddg%40search.mozilla.org%2Cfirefox-compact-light%40mozilla.org%2Cfirefox-compact-dark%40mozilla.org%2Cfirefox-alpenglow%40mozilla.org%2Camazon%40search.mozilla.org&lang=en-US | 52.85.243.124 | | 82 B |
URL services.addons.mozilla.org/api/v4/addons/search/?guid=default-theme%40mozilla.org%2Caddons-search-detection%40mozilla.com%2Cgoogle%40search.mozilla.org%2Cwikipedia%40search.mozilla.org%2Cbing%40search.mozilla.org%2Cddg%40search.mozilla.org%2Cfirefox-compact-light%40mozilla.org%2Cfirefox-compact-dark%40mozilla.org%2Cfirefox-alpenglow%40mozilla.org%2Camazon%40search.mozilla.org&lang=en-US IP52.85.243.124:0
Hash4f822d39c269d2c47e3174b6c6bad3b7 d56bd07959c766e9c18faa9cf1070548f9236b65 cda00e555c758b1c13b6cbd17049ca8471057d16c60f08f551dbc331308eecf3
GET /api/v4/addons/search/?guid=default-theme%40mozilla.org%2Caddons-search-detection%40mozilla.com%2Cgoogle%40search.mozilla.org%2Cwikipedia%40search.mozilla.org%2Cbing%40search.mozilla.org%2Cddg%40search.mozilla.org%2Cfirefox-compact-light%40mozilla.org%2Cfirefox-compact-dark%40mozilla.org%2Cfirefox-alpenglow%40mozilla.org%2Camazon%40search.mozilla.org&lang=en-US HTTP/1.1
Host: services.addons.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 82
server: openresty
date: Wed, 24 Apr 2024 03:18:43 GMT
allow: GET, HEAD, OPTIONS
x-amo-request-id: f443b0ee20ce4b63bf19a10cd2cee746
content-security-policy: style-src 'unsafe-inline' https://addons.mozilla.org/static-server/; script-src https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/js https://www.recaptcha.net/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://addons.mozilla.org/static-server/; child-src https://www.recaptcha.net/recaptcha/; object-src 'none'; form-action 'self'; media-src https://videos.cdn.mozilla.net; default-src 'none'; img-src 'self' blob: data: https://addons.mozilla.org/static-server/ https://addons.mozilla.org/user-media/; font-src 'self' https://addons.mozilla.org/static-server/; frame-src https://www.recaptcha.net/recaptcha/; connect-src 'self' https://*.google-analytics.com; report-uri /__cspreport__
x-frame-options: DENY
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: same-origin
cross-origin-opener-policy: same-origin
cache-control: max-age=3600
public-key-pins: max-age=5184000; includeSubDomains; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="
via: 1.1 google, 1.1 1132899b9bc2928e13b30713fd82f9b0.cloudfront.net (CloudFront)
etag: "4f822d39c269d2c47e3174b6c6bad3b7"
vary: origin,X-Country-Code,Accept-Language
x-cache: Miss from cloudfront
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: JfU7dp-bJfTAGl0XNF6Kssw26bwPYHALLNET7vtZpwoZZjA2cWgDoQ==
X-Firefox-Spdy: h2
|
|
| aus5.mozilla.org/update/3/SystemAddons/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml | 35.244.181.201 | | 42 B |
URL aus5.mozilla.org/update/3/SystemAddons/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml IP35.244.181.201:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typeXML 1.0 document, ASCII text Hashf8f24fa0c857d8f2ee493e131b85ab62 cb6049f830a54d14a19d4104fc0bb5ab5fdedbe6 e0dadbc9cd1f1bd8ce3118cc3383e0d0f6d147f055265d498d99deea956ba00f
GET /update/3/SystemAddons/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 03:18:43 GMT
content-type: text/xml; charset=utf-8
content-length: 42
rule-id: unknown
rule-data-version: unknown
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: MISS
via: 1.1 google
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| bat.bing.com/action/0?ti=187009280&tm=gtm002&Ver=2&mid=2822ef8a-2203-4960-a89f-3dfd3494b86b&sid=4cfc604001e911efbc4f85a3f3dada36&vid=4cfca1f001e911efbec453cee60cac24&vids=1&msclkid=N>m_tag_source=1&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=Ksi%C4%99garnia%20internetowa%20INFOR.pl%20-%20Sklep.infor.pl&kw=ksi%C4%99garnia%20internetowa,%20sklep%20internetowy,%20ebooki,%20ksi%C4%85%C5%BCki,%20podatki,%20prawo,%20ksi%C4%99gowo%C5%9B%C4%87,%20rachunkowo%C5%9B%C4%87,%20prawo%20pracy,%20szkolenia%20ksi%C4%99gowo%C5%9B%C4%87,%20rachunkowo%C5%9B%C4%87%20bud%C5%BCetowa&p=https%3A%2F%2F193.164.157.241%2F&r=<=254&evt=pageLoad&sv=1&rn=168956 | 13.107.21.237 | 204 No Content | 0 B |
URL GET HTTP/2bat.bing.com/action/0?ti=187009280&tm=gtm002&Ver=2&mid=2822ef8a-2203-4960-a89f-3dfd3494b86b&sid=4cfc604001e911efbc4f85a3f3dada36&vid=4cfca1f001e911efbec453cee60cac24&vids=1&msclkid=N>m_tag_source=1&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=Ksi%C4%99garnia%20internetowa%20INFOR.pl%20-%20Sklep.infor.pl&kw=ksi%C4%99garnia%20internetowa,%20sklep%20internetowy,%20ebooki,%20ksi%C4%85%C5%BCki,%20podatki,%20prawo,%20ksi%C4%99gowo%C5%9B%C4%87,%20rachunkowo%C5%9B%C4%87,%20prawo%20pracy,%20szkolenia%20ksi%C4%99gowo%C5%9B%C4%87,%20rachunkowo%C5%9B%C4%87%20bud%C5%BCetowa&p=https%3A%2F%2F193.164.157.241%2F&r=<=254&evt=pageLoad&sv=1&rn=168956 IP13.107.21.237:443 ASN#8068 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerMicrosoft Corporation Subjectwww.bing.com Fingerprint78:BC:5A:33:B9:90:1D:1F:9D:00:1B:39:49:51:EE:65:57:DA:33:07 ValidityTue, 23 Apr 2024 02:02:07 GMT - Thu, 27 Jun 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=187009280&tm=gtm002&Ver=2&mid=2822ef8a-2203-4960-a89f-3dfd3494b86b&sid=4cfc604001e911efbc4f85a3f3dada36&vid=4cfca1f001e911efbec453cee60cac24&vids=1&msclkid=N>m_tag_source=1&pi=918639831&lg=en-US&sw=1280&sh=1024&sc=24&tl=Ksi%C4%99garnia%20internetowa%20INFOR.pl%20-%20Sklep.infor.pl&kw=ksi%C4%99garnia%20internetowa,%20sklep%20internetowy,%20ebooki,%20ksi%C4%85%C5%BCki,%20podatki,%20prawo,%20ksi%C4%99gowo%C5%9B%C4%87,%20rachunkowo%C5%9B%C4%87,%20prawo%20pracy,%20szkolenia%20ksi%C4%99gowo%C5%9B%C4%87,%20rachunkowo%C5%9B%C4%87%20bud%C5%BCetowa&p=https%3A%2F%2F193.164.157.241%2F&r=<=254&evt=pageLoad&sv=1&rn=168956 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=3491329DA42D640716BA26F6A5D86594; domain=.bing.com; expires=Mon, 19-May-2025 03:18:20 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AB1852297F3D4DC486C444A5C48C5610 Ref B: OSL30EDGE0219 Ref C: 2024-04-24T03:18:20Z
date: Wed, 24 Apr 2024 03:18:20 GMT
X-Firefox-Spdy: h2
|
|
| zgody.infor.pl/build/assets/img/logo_inforIT.png | 193.164.157.205 | 200 OK | 5.6 kB |
URL GET HTTP/2zgody.infor.pl/build/assets/img/logo_inforIT.png IP193.164.157.205:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 191 x 53, 8-bit/color RGBA, non-interlaced Hash834a1d8bd790a6e27dab288da4502918 cf0a8b77b3a51388783f7f95b4bf7dbef5840b7c 2a14bc5ccdebe681bfc211c7a7609683e20f7bf80cc65adbdd413451664c61cc
GET /build/assets/img/logo_inforIT.png HTTP/1.1
Host: zgody.infor.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 03:18:19 GMT
content-type: image/png
content-length: 5568
last-modified: Fri, 18 Aug 2023 10:45:26 GMT
etag: "64df4bc6-15c0"
expires: Wed, 01 May 2024 03:18:19 GMT
access-control-allow-origin: *
cache-control: max-age=604800, public
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| app2.salesmanago.pl/api/vs?location=193.164.157.241&referrer= | 91.227.202.129 | 200 OK | 24 B |
URL GET HTTP/2app2.salesmanago.pl/api/vs?location=193.164.157.241&referrer= IP91.227.202.129:443
CertificateIssuerDigiCert Inc Subject*.salesmanago.pl Fingerprint17:88:F4:9E:6C:5B:8A:CE:F4:81:DF:1B:D0:CE:9C:A1:92:96:48:32 ValidityMon, 07 Aug 2023 00:00:00 GMT - Fri, 16 Aug 2024 23:59:59 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash06911115f662828b01a44de62dae8bb7 5a6192e16b9a227546b5460091a7886ebcde1eef fe677394415940c4b9d8145a849deacbc048f387915dec1a9e4fa726e4a77937
GET /api/vs?location=193.164.157.241&referrer= HTTP/1.1
Host: app2.salesmanago.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://193.164.157.241
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 03:18:19 GMT
server: Apache
access-control-allow-origin: *
cache-control: max-age=1
expires: Wed, 24 Apr 2024 03:18:20 GMT
vary: Accept-Encoding
content-encoding: gzip
content-type: application/json;charset=UTF-8
strict-transport-security: max-age=31540000
set-cookie: SERVERID=C; path=/; HttpOnly; Secure
X-Firefox-Spdy: h2
|
|
| consensu.infor.pl/goog-vendors.json | 194.242.11.186 | 200 OK | 212 kB |
URL GET HTTP/2consensu.infor.pl/goog-vendors.json IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
CertificateIssuerUnizeto Technologies S.A. Subject*.infor.pl FingerprintAE:0C:B8:6A:AE:56:9E:20:4E:1F:72:E9:3A:3F:30:61:F2:A3:82:65 ValidityMon, 06 Nov 2023 09:15:39 GMT - Tue, 05 Nov 2024 09:15:38 GMT
Size212 kB (211933 bytes) Hash78eb291f7ae9fa1985ecbd0845ebb590 05f9091f06093608d2b5ed11315a394f81fa3db4 248d732d47f66731d74aeea4e0f3d7e8a3b7105d8d905b783e1496870050bd9f
GET /goog-vendors.json HTTP/1.1
Host: consensu.infor.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://193.164.157.241
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 03:18:18 GMT
content-type: application/json
vary: Accept-Encoding
server: BunnyCDN-NO1-830
cdn-pullzone: 2112200
cdn-uid: ec64d759-7b8b-45ca-9e27-9aee2410fd8b
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=28800
etag: W/"662771f5-33bdd"
expires: Tue, 23 Apr 2024 18:02:54 GMT
last-modified: Tue, 23 Apr 2024 08:31:49 GMT
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/23/2024 10:02:54
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 3b06aac665a77adae20c618f21bee340
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
|
|
| consensu.infor.pl/pubvendor-list.json | 194.242.11.186 | 200 OK | 7.2 kB |
URL GET HTTP/2consensu.infor.pl/pubvendor-list.json IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
CertificateIssuerUnizeto Technologies S.A. Subject*.infor.pl FingerprintAE:0C:B8:6A:AE:56:9E:20:4E:1F:72:E9:3A:3F:30:61:F2:A3:82:65 ValidityMon, 06 Nov 2023 09:15:39 GMT - Tue, 05 Nov 2024 09:15:38 GMT
File typeASCII text, with very long lines (7977), with no line terminators Hash8311791f4ffbf524f2dfdb8e297c1b14 c18cf04ea754e94bf8a952b76750ce6c15f9a5c9 1143d6cebecf212f5f0fdab768874f8c54eaf99ed2890d12ac4b9d7dfe70657d
GET /pubvendor-list.json HTTP/1.1
Host: consensu.infor.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://193.164.157.241
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 03:18:18 GMT
content-type: application/json
vary: Accept-Encoding
server: BunnyCDN-NO1-830
cdn-pullzone: 2112200
cdn-uid: ec64d759-7b8b-45ca-9e27-9aee2410fd8b
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=28800
etag: W/"662771f5-1c19"
expires: Tue, 23 Apr 2024 18:02:54 GMT
last-modified: Tue, 23 Apr 2024 08:31:49 GMT
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/23/2024 10:02:54
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: fbb23b4d48086bfd3b603c9b04243db1
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
|
|
| 193.164.157.241/okladki/37/97/63/379763mega.png | 193.164.157.241 | 200 OK | 104 kB |
URL GET HTTP/1.1193.164.157.241/okladki/37/97/63/379763mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Size104 kB (103938 bytes) Hash62b67b17c644cf65973a12c2aa99fd92 37224fe597a573772366a9365a67592a073a7be5 2174239eee9c739825fd4068a8b5d36d5cb30fa695742ef1208f574f0c76f4df
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /okladki/37/97/63/379763mega.png HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Fri, 19 Apr 2024 11:37:04 GMT
accept-ranges: bytes
etag: "b6604e74d92da1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 103938
x-server: plap3
|
|
| cdn.segment.com/v1/projects/1qU1QUwsbS2yzeIf8BRRHA7WMTLGOiUi/settings | 143.204.48.96 | 200 OK | 1.7 kB |
URL GET HTTP/2cdn.segment.com/v1/projects/1qU1QUwsbS2yzeIf8BRRHA7WMTLGOiUi/settings IP143.204.48.96:443
CertificateIssuerAmazon Subject*.segment.com Fingerprint92:B4:26:19:9B:B4:C7:48:23:87:41:7A:8A:10:5E:C4:E8:77:35:A0 ValidityTue, 14 Nov 2023 00:00:00 GMT - Fri, 13 Dec 2024 23:59:59 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (1875), with no line terminators Hashf74d8e3b43b7ed893656fa45fd6e290b 178f4259edf23a0cb1f08b87cb7b0d8743549f7e bf88d97fe4cd9586034e58fae5838cfa9a0d6585359a266ad1ca9aaee343efe4
GET /v1/projects/1qU1QUwsbS2yzeIf8BRRHA7WMTLGOiUi/settings HTTP/1.1
Host: cdn.segment.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://193.164.157.241/
Origin: https://193.164.157.241
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Sat, 26 Jun 2021 22:58:30 GMT
x-amz-version-id: 61rsXkp_LMp0Ms.JJSxO1o7PgISuc4Ct
server: AmazonS3
content-encoding: br
date: Wed, 24 Apr 2024 01:20:43 GMT
cache-control: public, max-age=10800
etag: W/"96fd8e1056dc63db26981fb66abb93ce"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0aW7uaqJduJ8JwwBwpFjmULQBK1woypjCejBmmG9n4Lkwin7I20qQw==
age: 7058
X-Firefox-Spdy: h2
|
|
| app2.salesmanago.pl/static/chunk/sm_war.20de86dae41ade6a0ba1.js | 91.227.202.129 | 200 OK | 5.4 kB |
URL GET HTTP/2app2.salesmanago.pl/static/chunk/sm_war.20de86dae41ade6a0ba1.js IP91.227.202.129:443
CertificateIssuerDigiCert Inc Subject*.salesmanago.pl Fingerprint17:88:F4:9E:6C:5B:8A:CE:F4:81:DF:1B:D0:CE:9C:A1:92:96:48:32 ValidityMon, 07 Aug 2023 00:00:00 GMT - Fri, 16 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (5501), with no line terminators Hash25aaf06d0a942d073966d1f1db224cec 95adcda850f07a7c018b7634b173c1efa8f98a69 8252e593b1e14b1bb1c706cd8ee7ec35a4057937950c9769f1ef5f0a5987bba2
GET /static/chunk/sm_war.20de86dae41ade6a0ba1.js HTTP/1.1
Host: app2.salesmanago.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 03:18:19 GMT
server: Apache
last-modified: Wed, 17 Apr 2024 04:03:43 GMT
etag: "1531-61642f0c35a35-gzip"
accept-ranges: bytes
cache-control: max-age=216000, public
expires: Wed, 24 Apr 2024 04:18:19 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 2098
content-type: application/javascript
strict-transport-security: max-age=31540000
set-cookie: SERVERID=B; path=/; HttpOnly; Secure
X-Firefox-Spdy: h2
|
|
| consensu.infor.pl/800.bundle.js | 194.242.11.186 | 200 OK | 14 kB |
URL GET HTTP/2consensu.infor.pl/800.bundle.js IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
CertificateIssuerUnizeto Technologies S.A. Subject*.infor.pl FingerprintAE:0C:B8:6A:AE:56:9E:20:4E:1F:72:E9:3A:3F:30:61:F2:A3:82:65 ValidityMon, 06 Nov 2023 09:15:39 GMT - Tue, 05 Nov 2024 09:15:38 GMT
File typeJavaScript source, ASCII text, with very long lines (14133), with no line terminators Hash3021c0740e97a026fdcdfc9058729888 64e7a6fad02a57aa6eb01fe9cb8ce1e5675317b6 9dad687930ea5d3776ed6a51504803dd6cb11d52dbea2661e5dc17b3a0a8aa7c
GET /800.bundle.js HTTP/1.1
Host: consensu.infor.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 03:18:19 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 2112200
cdn-uid: ec64d759-7b8b-45ca-9e27-9aee2410fd8b
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=3600
etag: W/"662771f5-3735"
expires: Tue, 23 Apr 2024 10:28:59 GMT
last-modified: Tue, 23 Apr 2024 08:31:49 GMT
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/23/2024 09:28:59
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 9d5a4b15cc5085aae792d92065002a3f
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
|
|
| app2.salesmanago.pl/api/r.gif?uri=%2F&location=193.164.157.241&uuid=18f0e1c7f03-c0f11af72d45-e8a76076-b9ace9ca-8f8082c1-ad430c6654c0&referrer=&smid=lhme902m8fhpeij1&time=2024-04-24T03%3A18%3A19Z×tamp=1713928699653&session=1&title=Ksi%C4%99garnia%20internetowa%20INFOR.pl%20-%20Sklep.infor.pl&cp=1713928699653&ns=true&fp=011e636c4af828a914435360eea53aea |  0.0.0.0 | | 0 B |
URL GET app2.salesmanago.pl/api/r.gif?uri=%2F&location=193.164.157.241&uuid=18f0e1c7f03-c0f11af72d45-e8a76076-b9ace9ca-8f8082c1-ad430c6654c0&referrer=&smid=lhme902m8fhpeij1&time=2024-04-24T03%3A18%3A19Z×tamp=1713928699653&session=1&title=Ksi%C4%99garnia%20internetowa%20INFOR.pl%20-%20Sklep.infor.pl&cp=1713928699653&ns=true&fp=011e636c4af828a914435360eea53aea IP0.0.0.0:0
CertificateIssuerDigiCert Inc Subject*.salesmanago.pl Fingerprint17:88:F4:9E:6C:5B:8A:CE:F4:81:DF:1B:D0:CE:9C:A1:92:96:48:32 ValidityMon, 07 Aug 2023 00:00:00 GMT - Fri, 16 Aug 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/r.gif?uri=%2F&location=193.164.157.241&uuid=18f0e1c7f03-c0f11af72d45-e8a76076-b9ace9ca-8f8082c1-ad430c6654c0&referrer=&smid=lhme902m8fhpeij1&time=2024-04-24T03%3A18%3A19Z×tamp=1713928699653&session=1&title=Ksi%C4%99garnia%20internetowa%20INFOR.pl%20-%20Sklep.infor.pl&cp=1713928699653&ns=true&fp=011e636c4af828a914435360eea53aea HTTP/1.1
Host: app2.salesmanago.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 03:18:19 GMT
server: Apache
cache-control: max-age=0
expires: Wed, 24 Apr 2024 03:18:19 GMT
content-type: image/gif;charset=UTF-8
strict-transport-security: max-age=31540000
set-cookie: smg=fa705451-ec60-4e14-9854-413ffaf07e63; Max-Age=315360000; Expires=Sat, 22 Apr 2034 03:18:19 GMT; Domain=salesmanago.pl; Path=/; Secure; HttpOnly
SERVERID=B; path=/; HttpOnly; Secure
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.1/google-tag-manager.dynamic.js.gz | 143.204.48.96 | 200 OK | 3.0 kB |
URL GET HTTP/2cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.1/google-tag-manager.dynamic.js.gz IP143.204.48.96:443
CertificateIssuerAmazon Subject*.segment.com Fingerprint92:B4:26:19:9B:B4:C7:48:23:87:41:7A:8A:10:5E:C4:E8:77:35:A0 ValidityTue, 14 Nov 2023 00:00:00 GMT - Fri, 13 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (3079), with no line terminators Hash5991b5a2f4a204f0a41f7ca8717d1057 32ebf0db835dda3ca5e1e07a3e3454a29126b66d a2c1d5fce739bb595e2c7e1c30a8ec3a10d5e16af8f916525ea656c343293bc5
GET /next-integrations/integrations/google-tag-manager/2.5.1/google-tag-manager.dynamic.js.gz HTTP/1.1
Host: cdn.segment.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
content-length: 1343
date: Fri, 12 Apr 2024 18:47:54 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Fri, 05 Apr 2024 16:42:47 GMT
etag: "a2b1aa1a0e402b1f891c929f94449d47"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=31536000,immutable
content-encoding: gzip
x-amz-version-id: BkDFsPyF582qZetDOkfjZ0OMY3VhwMYy
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TMO8bBf9V4ArvJPMvP-A2r7hOI4bHrBacTq_aJCiD9epz0xgshEdWg==
age: 981027
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/icon?family=Material+Icons | 142.250.74.106 | 200 OK | 565 B |
URL GET HTTP/2fonts.googleapis.com/icon?family=Material+Icons IP142.250.74.106:443
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typeASCII text, with very long lines (588), with no line terminators Hash959a533a3dc02649e0cc3f8f67d942af 34db49ff64aed8b51beaba5b9928ad504a4df335 24864ed3ee6fab66640980d4c24640e579e5583764a8ee8c4f09decf27977247
GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 24 Apr 2024 03:18:17 GMT
date: Wed, 24 Apr 2024 03:18:17 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.segment.com/analytics.js/v1/1qU1QUwsbS2yzeIf8BRRHA7WMTLGOiUi/analytics.min.js | 143.204.48.96 | 200 OK | 112 kB |
URL GET HTTP/2cdn.segment.com/analytics.js/v1/1qU1QUwsbS2yzeIf8BRRHA7WMTLGOiUi/analytics.min.js IP143.204.48.96:443
CertificateIssuerAmazon Subject*.segment.com Fingerprint92:B4:26:19:9B:B4:C7:48:23:87:41:7A:8A:10:5E:C4:E8:77:35:A0 ValidityTue, 14 Nov 2023 00:00:00 GMT - Fri, 13 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size112 kB (112229 bytes) Hash64b52281648ea1abe478aef7fb9c8f25 afdc17f55d27400b0bf64b7776a459eaa333b7f8 8bf01784d9dccc2b5d1d5a5033d9a6b1e734c47755bec464a1128c1daa4dd4a9
GET /analytics.js/v1/1qU1QUwsbS2yzeIf8BRRHA7WMTLGOiUi/analytics.min.js HTTP/1.1
Host: cdn.segment.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Mon, 15 Apr 2024 21:30:29 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: fZ9v8sdZUpsO_vOlJxomLOV9Db5.5D6d
server: AmazonS3
content-encoding: br
date: Wed, 24 Apr 2024 03:18:20 GMT
cache-control: public, max-age=120
etag: W/"64b52281648ea1abe478aef7fb9c8f25"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KPXcZPl4-jHmFygHAx1CYUzmHp_0kRdZmo3sC3LMoBG44UGbGxOENw==
X-Firefox-Spdy: h2
|
|
| bat.bing.com/p/action/187009280.js | 13.107.21.237 | 200 OK | 3.7 kB |
URL GET HTTP/2bat.bing.com/p/action/187009280.js IP13.107.21.237:443 ASN#8068 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerMicrosoft Corporation Subjectwww.bing.com Fingerprint78:BC:5A:33:B9:90:1D:1F:9D:00:1B:39:49:51:EE:65:57:DA:33:07 ValidityTue, 23 Apr 2024 02:02:07 GMT - Thu, 27 Jun 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (3889), with no line terminators Hash507b425bd27284e71f4ca4a5bc3d6a50 6b11dfad05fb91290fad8641690e4bade12d6258 13b214f34c46c6e86eed0c6128e83623a3a421b8464657d4f5ebee4c9e7111fe
GET /p/action/187009280.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: private,max-age=60
content-type: application/javascript; charset=utf-8
content-encoding: br
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B0A18B31B47A4193A583385E320C32A3 Ref B: OSL30EDGE0219 Ref C: 2024-04-24T03:18:20Z
date: Wed, 24 Apr 2024 03:18:20 GMT
X-Firefox-Spdy: h2
|
|
| bat.bing.com/bat.js | 13.107.21.237 | 200 OK | 46 kB |
IP13.107.21.237:443 ASN#8068 MICROSOFT-CORP-MSN-AS-BLOCK
CertificateIssuerMicrosoft Corporation Subjectwww.bing.com Fingerprint78:BC:5A:33:B9:90:1D:1F:9D:00:1B:39:49:51:EE:65:57:DA:33:07 ValidityTue, 23 Apr 2024 02:02:07 GMT - Thu, 27 Jun 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 13261
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ranges: bytes
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C3DCAC137CB941CEB495A80E1369354F Ref B: OSL30EDGE0219 Ref C: 2024-04-24T03:18:20Z
date: Wed, 24 Apr 2024 03:18:19 GMT
X-Firefox-Spdy: h2
|
|
| 193.164.157.241/okladki/30/78/40/307840mega.png | 193.164.157.241 | 200 OK | 100 kB |
URL GET HTTP/1.1193.164.157.241/okladki/30/78/40/307840mega.png IP193.164.157.241:443 ASN#41468 INFOR IT SP. z o.o.
CertificateIssuerDOMENY.PL sp. z o.o Subject*.infor.pl FingerprintF0:80:78:A2:17:69:C5:39:A8:C5:12:64:7B:DF:A2:71:67:09:65:F2 ValidityWed, 10 May 2023 00:00:00 GMT - Thu, 09 May 2024 23:59:59 GMT
File typePNG image data, 340 x 476, 8-bit/color RGBA, non-interlaced Size100 kB (100088 bytes) Hash97d337b18d9bdff5626cf71164c7aea0 21e9c4abb7856f3480b8bbcf0f41387a2796cb31 7c15c5696b7d1407116e9d5a7c15414a19bd93206e157530182d75c5c7690a28
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /okladki/30/78/40/307840mega.png HTTP/1.1
Host: 193.164.157.241
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Cookie: ASP.NET_SessionId=cqob2mw1pewxtxy2pmzkyi5a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
cache-control: max-age=0, must-revalidate
content-type: image/png
last-modified: Mon, 08 Apr 2024 07:28:36 GMT
accept-ranges: bytes
etag: "e6b3755e8689da1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 24 Apr 2024 03:18:16 GMT
content-length: 100088
x-server: plap3
|
|
| www.salesmanago.pl/war/war.json?s=2lhme902m8fhpeij1&u=18f0e1c7f03-c0f11af72d45-e8a76076-b9ace9ca-8f8082c1-ad430c6654c0&d=193.164.157.241%2F | 91.227.202.129 | 200 OK | 45 B |
URL GET HTTP/2www.salesmanago.pl/war/war.json?s=2lhme902m8fhpeij1&u=18f0e1c7f03-c0f11af72d45-e8a76076-b9ace9ca-8f8082c1-ad430c6654c0&d=193.164.157.241%2F IP91.227.202.129:443
CertificateIssuerDigiCert Inc Subject*.salesmanago.pl Fingerprint17:88:F4:9E:6C:5B:8A:CE:F4:81:DF:1B:D0:CE:9C:A1:92:96:48:32 ValidityMon, 07 Aug 2023 00:00:00 GMT - Fri, 16 Aug 2024 23:59:59 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hashee1f422c8384d4974e3c29b3243b7c6f 81a21c3c70742e53657223c4cad6b2408197a7e1 e28dd90defbcf0121b2abdfa3f406403072debf226bf6041f07ab866624a7044
GET /war/war.json?s=2lhme902m8fhpeij1&u=18f0e1c7f03-c0f11af72d45-e8a76076-b9ace9ca-8f8082c1-ad430c6654c0&d=193.164.157.241%2F HTTP/1.1
Host: www.salesmanago.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://193.164.157.241
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 03:18:20 GMT
server: Apache
vary: Origin,Accept-Encoding,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-origin: *
cache-control: max-age=1
expires: Wed, 24 Apr 2024 03:18:21 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
strict-transport-security: max-age=31540000
set-cookie: SERVERID=A; path=/; HttpOnly; Secure
X-Firefox-Spdy: h2
|
|
| consensu.infor.pl/ui-v5.bundle.js | 194.242.11.186 | 200 OK | 91 kB |
URL GET HTTP/2consensu.infor.pl/ui-v5.bundle.js IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
CertificateIssuerUnizeto Technologies S.A. Subject*.infor.pl FingerprintAE:0C:B8:6A:AE:56:9E:20:4E:1F:72:E9:3A:3F:30:61:F2:A3:82:65 ValidityMon, 06 Nov 2023 09:15:39 GMT - Tue, 05 Nov 2024 09:15:38 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ui-v5.bundle.js HTTP/1.1
Host: consensu.infor.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 03:18:19 GMT
content-type: application/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 2112200
cdn-uid: ec64d759-7b8b-45ca-9e27-9aee2410fd8b
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=3600
etag: W/"662771f5-161d7"
expires: Tue, 23 Apr 2024 10:28:59 GMT
last-modified: Tue, 23 Apr 2024 08:31:49 GMT
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/23/2024 09:28:59
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 221bc1b421f443181aa6646e464a0c4f
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
|
|
| widgets.infor.pl/events/event_bus?productName=Sklep | 194.242.11.186 | 200 OK | 797 B |
URL GET HTTP/2widgets.infor.pl/events/event_bus?productName=Sklep IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
CertificateIssuerUnizeto Technologies S.A. Subject*.infor.pl FingerprintAE:0C:B8:6A:AE:56:9E:20:4E:1F:72:E9:3A:3F:30:61:F2:A3:82:65 ValidityMon, 06 Nov 2023 09:15:39 GMT - Tue, 05 Nov 2024 09:15:38 GMT
File typeHTML document, ASCII text, with very long lines (843), with no line terminators Hash7dc93c115af6bdb7f51b58d90107d559 4635aab6e403eccfb870dbd9824fa59ab56ddc6c d06988038080418b9c69288f16eea229112345acc22016f5d6ab45bb9ed5569e
GET /events/event_bus?productName=Sklep HTTP/1.1
Host: widgets.infor.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://193.164.157.241
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 03:18:18 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
server: BunnyCDN-NO1-830
cdn-pullzone: 2112198
cdn-uid: ec64d759-7b8b-45ca-9e27-9aee2410fd8b
cdn-requestcountrycode: NO
access-control-allow-credentials: true
access-control-allow-origin: https://193.164.157.241
cache-control: public, max-age=0
etag: W/"31d-k3Ay7vn0doZ1tCPBiwb1pSto/2o"
x-powered-by: Express
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/24/2024 03:18:18
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 928acdc928895d46f0b399ae41561d16
cdn-cache: BYPASS
content-encoding: br
X-Firefox-Spdy: h2
|
|
| cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.ed53a26b6edc80c65d73.js | 143.204.48.96 | 200 OK | 9.3 kB |
URL GET HTTP/2cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.ed53a26b6edc80c65d73.js IP143.204.48.96:443
CertificateIssuerAmazon Subject*.segment.com Fingerprint92:B4:26:19:9B:B4:C7:48:23:87:41:7A:8A:10:5E:C4:E8:77:35:A0 ValidityTue, 14 Nov 2023 00:00:00 GMT - Fri, 13 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (9406), with no line terminators Hashdefb9a3767dd29149113ad936cc421cb 4413847b3ee811cc644e012be8db5f02c1964d52 545d5230918bffd3499d9275cccb6f2854cf53518606f872191abe1b4115b067
GET /analytics-next/bundles/ajs-destination.bundle.ed53a26b6edc80c65d73.js HTTP/1.1
Host: cdn.segment.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://193.164.157.241/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 15 Apr 2024 15:05:40 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Fri, 12 Apr 2024 21:39:45 GMT
etag: W/"00e9c65cbba11c07c4bf4a6e2727b8ea"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=31536000,immutable
x-amz-version-id: 1lCjHefPzcRt0EbQDFkkb.6FnzhNuKxa
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: mlq-d6ZyGRJiddVaL2FCrGzGC6UcXgo6hWDhhT8wfOWli4yhoCoXBw==
age: 735161
X-Firefox-Spdy: h2
|
|
0.0.0.0