| darmowaweryfikacja.click/cdn-cgi/images/icon-exclamation.png?1376755637 |  172.67.201.150 | 200 OK | 452 B |
URL GET darmowaweryfikacja.click/cdn-cgi/images/icon-exclamation.png?1376755637 IP172.67.201.150:80
Requested byhttp://darmowaweryfikacja.click/payu/bank/mbank/
File typePNG image data, 54 x 54, 8-bit colormap, non-interlaced Hashc33de66281e933259772399d10a6afe8 b9f9d500f8814381451011d4dcf59cd2d90ad94f f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
| NIDS | Severity | Alert |
|---|
| suricata | low | ETPRO INFO HTTP Request to a *.click domain |
GET /cdn-cgi/images/icon-exclamation.png?1376755637 HTTP/1.1
Host: darmowaweryfikacja.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://darmowaweryfikacja.click/cdn-cgi/styles/cf.errors.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 18 Apr 2025 13:07:28 GMT
Content-Type: image/png
Content-Length: 452
Connection: keep-alive
Last-Modified: Mon, 14 Apr 2025 06:48:14 GMT
ETag: "67fcafae-1c4"
Server: cloudflare
CF-RAY: 932462a9abec56ab-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Fri, 18 Apr 2025 15:07:28 GMT
Cache-Control: max-age=7200, public
Accept-Ranges: bytes
|
|
| darmowaweryfikacja.click/favicon.ico | 172.67.201.150 | 404 Not Found | 150 B |
URL GET darmowaweryfikacja.click/favicon.ico IP172.67.201.150:80
Requested byhttp://darmowaweryfikacja.click/payu/bank/mbank/
File typeHTML document, ASCII text Hash84241342d84ac29592a5d9516f8edf7f 03c53980e18e17625f439c20e7d438f066202428 6e21162bc64073fe9e3d3d6375ca24d04fed1912a5b7716aac0cb0f2d16fae7c
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
| NIDS | Severity | Alert |
|---|
| suricata | low | ETPRO INFO HTTP Request to a *.click domain |
GET /favicon.ico HTTP/1.1
Host: darmowaweryfikacja.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://darmowaweryfikacja.click/payu/bank/mbank/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Fri, 18 Apr 2025 13:07:29 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Content-Security-Policy: default-src 'none'
X-Content-Type-Options: nosniff
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HwQtEXaT3wKimcp8ZQ0oyMZLkJDx08bfrVFc9e2mD7Xdqki7Yg6k21Hf7qMWVYgpy0uo6HbbDan6uLJTEiq98MNvEaDsp9cKyChOZrvIue22C%2BnnsQF1g3L14zuq7sDOwx58wsOFlOMDbms%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 932462a9ec3e56ab-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
server-timing: cfL4;desc="?proto=TCP&rtt=571&min_rtt=465&rtt_var=66&sent=12&recv=16&lost=0&retrans=0&sent_bytes=8359&recv_bytes=1601&delivery_rate=11087289&cwnd=257&unsent_bytes=0&cid=0000000000000000&ts=0&x=0"
|
|
| darmowaweryfikacja.click/payu/bank/mbank/ | 172.67.201.150 | 403 Forbidden | 4.5 kB |
URL User Request GET darmowaweryfikacja.click/payu/bank/mbank/ IP172.67.201.150:443
CertificateIssuerGoogle Trust Services Subjectdarmowaweryfikacja.click Fingerprint2C:76:F6:EC:F8:44:EA:B9:7C:8A:CB:9E:56:85:BE:33:8B:65:38:48 ValidityTue, 08 Apr 2025 11:21:25 GMT - Mon, 07 Jul 2025 12:21:08 GMT
File typeHTML document, ASCII text, with very long lines (396) Hasha3ba9c2a013f5f728fdca9ca6a8cf338 8d957d73628b375ec81961561b757e5859b77bf0 257ef8a9f6861d8d3c196c3f6cb9be05511ad8a8ec27ed8bc253c5411019ac00
| Analyzer | Verdict | Alert |
|---|
| PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
| NIDS | Severity | Alert |
|---|
| suricata | low | ETPRO INFO HTTP Request to a *.click domain |
GET /payu/bank/mbank/ HTTP/1.1
Host: darmowaweryfikacja.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Fri, 18 Apr 2025 13:07:28 GMT
content-type: text/html; charset=utf-8
content-encoding: br
server: cloudflare
cf-ray: 932462a4ea2856a3-OSL
X-Firefox-Spdy: h2
|
|
| darmowaweryfikacja.click/payu/bank/mbank/ | 172.67.201.150 | 403 Forbidden | 4.6 kB |
URL User Request GET darmowaweryfikacja.click/payu/bank/mbank/ IP172.67.201.150:80
File typeHTML document, ASCII text, with very long lines (394) Hashc7af5653a77ee00d2c5a6dd267790cb2 357468df56d7ed815bf685c24d40124fa9f55314 9b9eb88357d019b8c4fd8d852042bebf242f7b393d11f1b0d054ae4f2949bee9
| Analyzer | Verdict | Alert |
|---|
| PhishTank | phishing | Other | | Quad9 DNS | malicious | Sinkholed |
| NIDS | Severity | Alert |
|---|
| suricata | low | ETPRO INFO HTTP Request to a *.click domain |
GET /payu/bank/mbank/ HTTP/1.1
Host: darmowaweryfikacja.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Fri, 18 Apr 2025 13:07:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n26oG%2BwxSCtiCg6oXFKah50yazt5PZeg61fKT59PbOCTQhUfOqXlQVR8%2FS7QMHnaxds%2BT%2FltiG%2B%2F1gwCb1u0XrYGxR1q%2B%2F%2B%2FETN9NNmXVn8sNo2FESxwIPVl0YMaJ3dFjLdcUzfQaMaLVho%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 932462a7789756ab-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| darmowaweryfikacja.click/cdn-cgi/styles/cf.errors.css | 172.67.201.150 | 200 OK | 24 kB |
URL GET darmowaweryfikacja.click/cdn-cgi/styles/cf.errors.css IP172.67.201.150:80
Requested byhttp://darmowaweryfikacja.click/payu/bank/mbank/
File typeASCII text, with very long lines (24050) Hash5e8c69a459a691b5d1b9be442332c87d f24dd1ad7c9080575d92a9a9a2c42620725ef836 84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
| NIDS | Severity | Alert |
|---|
| suricata | low | ETPRO INFO HTTP Request to a *.click domain |
GET /cdn-cgi/styles/cf.errors.css HTTP/1.1
Host: darmowaweryfikacja.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://darmowaweryfikacja.click/payu/bank/mbank/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 18 Apr 2025 13:07:28 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 14 Apr 2025 06:48:14 GMT
ETag: W/"67fcafae-5df3"
Server: cloudflare
CF-RAY: 932462a93b6956ab-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Fri, 18 Apr 2025 15:07:28 GMT
Cache-Control: max-age=7200, public
Content-Encoding: gzip
|
|