{ "type": "URL", "indicator": "https://hosting.biurokoala.pl", "general": { "sections": [ "general", "url_list", "http_scans", "screenshot" ], "indicator": "https://hosting.biurokoala.pl", "type": "url", "type_title": "URL", "validation": [], "base_indicator": { "id": 3911836418, "indicator": "https://hosting.biurokoala.pl", "type": "URL", "title": "", "description": "", "content": "", "access_type": "public", "access_reason": "" }, "pulse_info": { "count": 2, "pulses": [ { "id": "66246ff49ed29ea9bb2bf122", "name": "S\u0105d Rejonowy w Jeleniej Gorze POLAND", "description": "Przechowywania lub dost\u0119pu do plik\u00f3w cookies w Twojej przegl\u0105darce\nhttps://www.virustotal.com/gui/domain/jelenia-gora.sr.gov.pl/relations", "modified": "2025-05-14T21:18:36.989000", "created": "2024-04-21T01:46:28.554000", "tags": [ "jeleniej grze", "aktualnoci", "informacje", "jednostka", "rejonowy", "konkurs", "najczciej", "sd rejonowy", "przejd", "czytaj", "click", "sdzia jarosaw", "wydziau", "sdzia grzegorz", "katarzyna", "rudnicka dane", "kontaktowe sd", "jelenia gra", "mickiewicza", "zawarto", "html", "nazwa meta", "robotw", "telefon", "brak", "skala", "ua zgodna", "head body", "zasb", "cname", "kod odpowiedzi", "kodowanie treci", "wygasa", "gmt serwer", "pragma", "kontrola pamici", "podrcznej", "data", "gmt kontrola", "dostpuzezwl na", "czytaj wicej", "sd okrgowy", "jednostki", "okrgowy", "ogoszenia", "sha256", "vhash", "ssdeep", "https odcisk", "palca jarma", "https dane", "v3 numer", "odcisk palca", "tworzy katalog", "tworzy pliki", "typ pliku", "json", "ascii", "windows", "sqlite", "foxpro fpt", "links typ", "mapa", "152 x", "sqlite w", "sha1", "sha512", "file size", "b file", "testing", "komornik sdowy", "sdzie rejonowym", "tomasz rodacki", "obwieszczenie", "komornicze", "tumacza migam", "tumacz czynny", "zamknite", "wiadczenia", "schedule", "error", "javascript", "bakers hall", "ixaction", "script", "ixchatlauncher", "compatibility", "com dla", "t1055 pewno", "unikanie obrony", "t1036 maskarada", "t1082 pewno", "informacje o", "nazwa pliku", "dokument pdf", "rozmiar pliku", "zapowied", "type", "iii dbt", "utf8", "dziennik" ], "references": [ "S?d Rejonowy w Jeleniej G\u00f3rze.htm", "II Wydzia? Karny - S?d Rejonowy w Jeleniej G\u00f3rze 1.htm", "http://www.jelenia-gora.so.gov.pl/", "https://www.jelenia-gora.so.gov.pl/", "http://www.jelenia-gora.sr.gov.pl/ogloszenia-komornicze", "https://tlumacz.migam.org/sad_rejonowy_jelenia_gora", "https://www.jelenia-gora.sr.gov.pl/spacer", "https://waf.intelix.pl/957476/Chat/Script/Compatibility" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [ { "id": "", "display_name": "", "target": null }, { "id": "serwer", "display_name": "serwer", "target": null } ], "attack_ids": [ { "id": "T1036", "name": "Masquerading", "display_name": "T1036 - Masquerading" }, { "id": "T1055", "name": "Process Injection", "display_name": "T1055 - Process Injection" }, { "id": "T1082", "name": "System Information Discovery", "display_name": "T1082 - System Information Discovery" }, { "id": "T1566", "name": "Phishing", "display_name": "T1566 - Phishing" }, { "id": "T1553", "name": "Subvert Trust Controls", "display_name": "T1553 - Subvert Trust Controls" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 24, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "Arek-BTC", "id": "212764", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_212764/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "email": 71, "domain": 7651, "hostname": 7680, "IPv4": 331, "FileHash-SHA256": 16168, "URL": 10399, "FileHash-MD5": 3639, "FileHash-SHA1": 3468, "CIDR": 4, "CVE": 89, "YARA": 521, "SSLCertFingerprint": 25, "JA3": 1, "IPv6": 5813 }, "indicator_count": 55860, "is_author": false, "is_subscribing": null, "subscriber_count": 141, "modified_text": "339 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "66ae21418ee5c4ef2c847a09", "name": "server.wojcieszyce.pl Email: info@wojcieszyce.pl", "description": "aaf8324ca0b6fb26f66dcf30f3d95491 SHA-1 f88f78f2b158c1e9df115b477509f140a1fb67d6 SHA-256 eb050903bbc118520a8889bd2fb0176262af63b6b34b9762cbfdec11bcf48f80 Vhash 1fb0238141c442bee60860692e8228f8 SSDEEP 393216:SXUROas78y5sf0Xin76QKRu8vxoX0PllhjKNeNOZYASi6:KiMhjiOka TLSH T127B76A56F211ACB0CFA2453940AB5505A23C76434FC2F9E4B72D808E6FAD58F66326FD File type Google Chrome Extension crx chrome extension browser Magic Zip archive data, at least v1.0 to extract", "modified": "2025-05-01T08:50:16.800000", "created": "2024-08-03T12:23:29.055000", "tags": [ "sha256", "office open", "xml document", "ms word", "document", "google chrome", "extension", "strong", "korzystania z", "ciasteczka", "godziny", "jeleniogrska", "wojcieszyce", "naszej strony", "korzystanie z", "en de", "menu imprezy", "flash", "vhash", "ssdeep", "file type", "ini text", "magic generic", "magika txt", "file size", "text c", "javascript c", "peexe c", "doscom c", "tekst c", "javascript", "rgba", "unicode", "z bom", "dane obrazu", "tekst utf8", "crlf", "skrt", "v2 dokument", "dane", "jpeg", "kimhjioka tlsh", "magic zip", "magic elf", "sysv", "adres url", "strona", "zaloguj", "date thu", "connection", "server nginx", "gmt etag", "expires sat", "expires fri", "contentlength", "server", "gmt contenttype", "cachecontrol", "png image", "crlf line", "document file", "v2 document", "type md5", "process name", "cr line", "ikona rt", "neutralny", "entropia chi2", "typ pliku", "typ jzyk", "png ikona", "rt neutralny", "rticon neutral", "ico rtgroupicon", "neutral", "whasz", "oszczdno", "logowanie", "zagroenia", "dane publiczne", "zoliwy dane", "historia wpisu", "reagowania", "sha1", "virustotal", "html internet", "magic html", "unicode text", "please", "pehash" ], "references": [ "http://www.wojcieszyce.pl/", "https://www.wojcieszyce.pl/", "https://wojcieszyce.pl/", "http://wojcieszyce.pl/", "https://www.virustotal.com/gui/search/entity%253Afile%2520tag%253Apdf" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [ { "id": "Wojcieszyce", "display_name": "Wojcieszyce", "target": null } ], "attack_ids": [ { "id": "T1176", "name": "Browser Extensions", "display_name": "T1176 - Browser Extensions" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 11, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "Arek-BTC", "id": "212764", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_212764/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-SHA1": 908, "FileHash-SHA256": 2450, "FileHash-MD5": 968, "URL": 373, "hostname": 144, "IPv4": 8, "domain": 15, "email": 7, "CVE": 16 }, "indicator_count": 4889, "is_author": false, "is_subscribing": null, "subscriber_count": 124, "modified_text": "353 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 } ], "references": [ "https://tlumacz.migam.org/sad_rejonowy_jelenia_gora", "http://wojcieszyce.pl/", "https://www.virustotal.com/gui/search/entity%253Afile%2520tag%253Apdf", "https://www.wojcieszyce.pl/", "https://www.jelenia-gora.so.gov.pl/", "http://www.jelenia-gora.sr.gov.pl/ogloszenia-komornicze", "https://waf.intelix.pl/957476/Chat/Script/Compatibility", "https://wojcieszyce.pl/", "II Wydzia? Karny - S?d Rejonowy w Jeleniej G\u00f3rze 1.htm", "S?d Rejonowy w Jeleniej G\u00f3rze.htm", "http://www.wojcieszyce.pl/", "https://www.jelenia-gora.sr.gov.pl/spacer", "http://www.jelenia-gora.so.gov.pl/" ], "related": { "alienvault": { "adversary": [], "malware_families": [], "industries": [], "unique_indicators": 0 }, "other": { "adversary": [], "malware_families": [ "", "Wojcieszyce", "Serwer" ], "industries": [], "unique_indicators": 52231 } } }, "false_positive": [], "alexa": "http://www.alexa.com/siteinfo/biurokoala.pl", "whois": "http://whois.domaintools.com/biurokoala.pl", "domain": "biurokoala.pl", "hostname": "hosting.biurokoala.pl" }, "geo": {}, "geo_ipapicom": {}, "pulse_count": 2, "pulses": [ { "id": "66246ff49ed29ea9bb2bf122", "name": "S\u0105d Rejonowy w Jeleniej Gorze POLAND", "description": "Przechowywania lub dost\u0119pu do plik\u00f3w cookies w Twojej przegl\u0105darce\nhttps://www.virustotal.com/gui/domain/jelenia-gora.sr.gov.pl/relations", "modified": "2025-05-14T21:18:36.989000", "created": "2024-04-21T01:46:28.554000", "tags": [ "jeleniej grze", "aktualnoci", "informacje", "jednostka", "rejonowy", "konkurs", "najczciej", "sd rejonowy", "przejd", "czytaj", "click", "sdzia jarosaw", "wydziau", "sdzia grzegorz", "katarzyna", "rudnicka dane", "kontaktowe sd", "jelenia gra", "mickiewicza", "zawarto", "html", "nazwa meta", "robotw", "telefon", "brak", "skala", "ua zgodna", "head body", "zasb", "cname", "kod odpowiedzi", "kodowanie treci", "wygasa", "gmt serwer", "pragma", "kontrola pamici", "podrcznej", "data", "gmt kontrola", "dostpuzezwl na", "czytaj wicej", "sd okrgowy", "jednostki", "okrgowy", "ogoszenia", "sha256", "vhash", "ssdeep", "https odcisk", "palca jarma", "https dane", "v3 numer", "odcisk palca", "tworzy katalog", "tworzy pliki", "typ pliku", "json", "ascii", "windows", "sqlite", "foxpro fpt", "links typ", "mapa", "152 x", "sqlite w", "sha1", "sha512", "file size", "b file", "testing", "komornik sdowy", "sdzie rejonowym", "tomasz rodacki", "obwieszczenie", "komornicze", "tumacza migam", "tumacz czynny", "zamknite", "wiadczenia", "schedule", "error", "javascript", "bakers hall", "ixaction", "script", "ixchatlauncher", "compatibility", "com dla", "t1055 pewno", "unikanie obrony", "t1036 maskarada", "t1082 pewno", "informacje o", "nazwa pliku", "dokument pdf", "rozmiar pliku", "zapowied", "type", "iii dbt", "utf8", "dziennik" ], "references": [ "S?d Rejonowy w Jeleniej G\u00f3rze.htm", "II Wydzia? Karny - S?d Rejonowy w Jeleniej G\u00f3rze 1.htm", "http://www.jelenia-gora.so.gov.pl/", "https://www.jelenia-gora.so.gov.pl/", "http://www.jelenia-gora.sr.gov.pl/ogloszenia-komornicze", "https://tlumacz.migam.org/sad_rejonowy_jelenia_gora", "https://www.jelenia-gora.sr.gov.pl/spacer", "https://waf.intelix.pl/957476/Chat/Script/Compatibility" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [ { "id": "", "display_name": "", "target": null }, { "id": "serwer", "display_name": "serwer", "target": null } ], "attack_ids": [ { "id": "T1036", "name": "Masquerading", "display_name": "T1036 - Masquerading" }, { "id": "T1055", "name": "Process Injection", "display_name": "T1055 - Process Injection" }, { "id": "T1082", "name": "System Information Discovery", "display_name": "T1082 - System Information Discovery" }, { "id": "T1566", "name": "Phishing", "display_name": "T1566 - Phishing" }, { "id": "T1553", "name": "Subvert Trust Controls", "display_name": "T1553 - Subvert Trust Controls" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 24, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "Arek-BTC", "id": "212764", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_212764/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "email": 71, "domain": 7651, "hostname": 7680, "IPv4": 331, "FileHash-SHA256": 16168, "URL": 10399, "FileHash-MD5": 3639, "FileHash-SHA1": 3468, "CIDR": 4, "CVE": 89, "YARA": 521, "SSLCertFingerprint": 25, "JA3": 1, "IPv6": 5813 }, "indicator_count": 55860, "is_author": false, "is_subscribing": null, "subscriber_count": 141, "modified_text": "339 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 }, { "id": "66ae21418ee5c4ef2c847a09", "name": "server.wojcieszyce.pl Email: info@wojcieszyce.pl", "description": "aaf8324ca0b6fb26f66dcf30f3d95491 SHA-1 f88f78f2b158c1e9df115b477509f140a1fb67d6 SHA-256 eb050903bbc118520a8889bd2fb0176262af63b6b34b9762cbfdec11bcf48f80 Vhash 1fb0238141c442bee60860692e8228f8 SSDEEP 393216:SXUROas78y5sf0Xin76QKRu8vxoX0PllhjKNeNOZYASi6:KiMhjiOka TLSH T127B76A56F211ACB0CFA2453940AB5505A23C76434FC2F9E4B72D808E6FAD58F66326FD File type Google Chrome Extension crx chrome extension browser Magic Zip archive data, at least v1.0 to extract", "modified": "2025-05-01T08:50:16.800000", "created": "2024-08-03T12:23:29.055000", "tags": [ "sha256", "office open", "xml document", "ms word", "document", "google chrome", "extension", "strong", "korzystania z", "ciasteczka", "godziny", "jeleniogrska", "wojcieszyce", "naszej strony", "korzystanie z", "en de", "menu imprezy", "flash", "vhash", "ssdeep", "file type", "ini text", "magic generic", "magika txt", "file size", "text c", "javascript c", "peexe c", "doscom c", "tekst c", "javascript", "rgba", "unicode", "z bom", "dane obrazu", "tekst utf8", "crlf", "skrt", "v2 dokument", "dane", "jpeg", "kimhjioka tlsh", "magic zip", "magic elf", "sysv", "adres url", "strona", "zaloguj", "date thu", "connection", "server nginx", "gmt etag", "expires sat", "expires fri", "contentlength", "server", "gmt contenttype", "cachecontrol", "png image", "crlf line", "document file", "v2 document", "type md5", "process name", "cr line", "ikona rt", "neutralny", "entropia chi2", "typ pliku", "typ jzyk", "png ikona", "rt neutralny", "rticon neutral", "ico rtgroupicon", "neutral", "whasz", "oszczdno", "logowanie", "zagroenia", "dane publiczne", "zoliwy dane", "historia wpisu", "reagowania", "sha1", "virustotal", "html internet", "magic html", "unicode text", "please", "pehash" ], "references": [ "http://www.wojcieszyce.pl/", "https://www.wojcieszyce.pl/", "https://wojcieszyce.pl/", "http://wojcieszyce.pl/", "https://www.virustotal.com/gui/search/entity%253Afile%2520tag%253Apdf" ], "public": 1, "adversary": "", "targeted_countries": [], "malware_families": [ { "id": "Wojcieszyce", "display_name": "Wojcieszyce", "target": null } ], "attack_ids": [ { "id": "T1176", "name": "Browser Extensions", "display_name": "T1176 - Browser Extensions" } ], "industries": [], "TLP": "white", "cloned_from": null, "export_count": 11, "upvotes_count": 0, "downvotes_count": 0, "votes_count": 0, "locked": false, "pulse_source": "web", "validator_count": 0, "comment_count": 0, "follower_count": 0, "vote": 0, "author": { "username": "Arek-BTC", "id": "212764", "avatar_url": "/otxapi/users/avatar_image/media/avatars/user_212764/resized/80/avatar_3b9c358f36.png", "is_subscribed": false, "is_following": false }, "indicator_type_counts": { "FileHash-SHA1": 908, "FileHash-SHA256": 2450, "FileHash-MD5": 968, "URL": 373, "hostname": 144, "IPv4": 8, "domain": 15, "email": 7, "CVE": 16 }, "indicator_count": 4889, "is_author": false, "is_subscribing": null, "subscriber_count": 124, "modified_text": "353 days ago ", "is_modified": true, "groups": [], "in_group": false, "threat_hunter_scannable": true, "threat_hunter_has_agents": 1, "related_indicator_type": "URL", "related_indicator_is_active": 1 } ], "error": null, "vt": { "error": "VirusTotal rate limit reached. Try again shortly.", "indicator": "https://hosting.biurokoala.pl", "type": "URL" }, "abuseipdb": null, "urlhaus": { "indicator": "https://hosting.biurokoala.pl", "type": "URL", "found": false, "verdict": "clean", "error": null }, "from_cache": true, "_cached_at": 1776618925.7196078 }