DomainHighVerifiedSignal 64/100

`waf.intelix.pl`

Location

Poland

First Seen

Mar 4, 2025

Last Seen

May 6, 2025

Mar 4

First Seen

463d ago

May 6

Last Seen

400d ago

Reports

source reports

64%

Confidence

high

Found in 4 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.

Domain Name

Malicious domain used for C2, phishing, or malware distribution.

MISP Category

Network Activity

Confidence

64%

Signal Score

64 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

40 techniques

Feed Intelligence Summary

4 reports64% confidence

Source reports

64%

Confidence score

Category tags

abuseaccessadresadresy urlamerykiasciibakers hallbardzo dugabotnetbrakca dataclick-based attackcnamecode injectioncom dlacommand and controlcsc corporateczech republicczytajczytaj wicejdatadata exfiltrationdata utworzeniadata wyganiciadigitaldigital certificate analysisdistributed attacksdnssecdocument exploitationdokument pdfdostpuzezwl naerrorfirst stage payloadfoxpro fpthead bodyhtmlhttps danehttps odciskiii dbtindicatorinformacje oinfrastructure acquisitionreconnaissanceixchatlauncherjavascript obfuscationjednostkajednostkijelenia grajeleniej grzejsonkod odpowiedzikodowanie trecikomornik sdowykonkurskontaktowe sdkontrola pamicilinks typmalicious linksmalicious softwaremalwaremalware deliverymapamicrosoft officemuinazwa metanazwa plikunetworkodcisk palcaoffice exploitationokrgowyoperating systempalca jarmaphishing campaign indicatorspolandpossible data exfiltrationpossible malware distributionpotential exploitation attemptspragmaprocess injectionprzejdresearchedrobotwrozmiar plikurudnicka danesan josescriptsd okrgowysd rejonowysdzia grzegorzsdzia jarosawsdzie rejonowymserwer nazwskalasocial engineeringsqlitesqlite wssdeept1005t1021t1021.001t1027t1036t1036 maskaradat1046t1055t1055 pewnot1059t1059.001t1059.007t1069.001t1071t1071.001t1078t1082t1082 pewnot1095t1105t1110t1133t1189t1190t1192t1195t1199t1204t1204.001t1204.002t1486t1496t1499.002t1499.003t1547.001t1565t1566t1566.001t1573t1587.001t1590.001t1595t1598telefontestingtomasz rodackitumacz czynnytumacza migamtworzytworzy katalogtworzy plikityp plikutypeua zgodnaunikanie obronyuser executionv3 numervhashweb exploitationwydziauwygasazasbzawarto

Activity Timeline

1 total obs

May 6May 6

Threat Activity Heatmap

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

30d

Dormant

3mo

Dormant

Intelligence SummaryAI Generated

The domain **waf.intelix.pl**, originating from Poland, has been identified as a significant indicator of compromise (IOC) associated with botnet and malware activities. First observed on March

Threat ScoreMedium Risk

SIGNAL

Signal Score

64%

Confidence

Reports

First seenMar 4, 2025

Last seenMay 6, 2025

Verified IOC

VirusTotal

Not checked

WHOIS

description: A look back at some of the key words and phrases used to describe the situation in Italy, as "probacja" (or "democrata), as they were translated into English.
raw: DOMAIN NAME: intelix.pl created: 2001.08.10 13:00:00 dnssec: Unsigned last modified: 2024.07.19 10:17:02 nameservers: ns1.kei.pl. [94.152.254.100] ns2.kei.pl. [94.152.255.100] registrant type: b7ee89ee02f3f621 renewal date: 2025.08.09 14:00:00

`waf.intelix.pl`

MITRE ATT&CK TTPs

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey

We value your privacy