urlscan.io logo urlscan.io
SecurityTrails logo

csigikes.hu Open in urlscan Pro
193.91.64.2  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://csigikes.hu/c/alg/start/alleg/logowanie.php
Submission: On May 19 via automatic, source openphish — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 10 HTTP transactions. The main IP is 193.91.64.2, located in Budapest, Hungary and belongs to INVITECH, HU. The main domain is csigikes.hu.
This is the only time csigikes.hu was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Allegro (Banking)

Domain & IP information

IP Address AS Autonomous System
1 193.91.64.2 12301 (INVITECH)
8 2a02:dcc:31::a0 31621 (QXL-NET-P...)
1 2a02:dc8:31:: 42656 (QXL-POLAND)
10 3
Apex Domain
Subdomains		 Transfer
8 allegrostatic.com
assets.allegrostatic.com — Cisco Umbrella Rank: 45663
103 KB
1 allegroimg.com
a.allegroimg.com — Cisco Umbrella Rank: 41260
5 KB
1 csigikes.hu
csigikes.hu
6 KB
10 3
Domain Requested by
8 assets.allegrostatic.com csigikes.hu
1 a.allegroimg.com csigikes.hu
1 csigikes.hu
10 3

This site contains no links.

Subject Issuer Validity Valid
*.allegrostatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-06		 a year crt.sh
*.allegroimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-06		 a year crt.sh

This page contains 1 frames:

Primary Page: http://csigikes.hu/c/alg/start/alleg/logowanie.php
Frame ID: 1DFEDBD8FEE4D03E0A98EC2BB269FA34
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Allegro logowanie - Moje Allegro

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

10
Requests

90 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

114 kB
Transfer

241 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request logowanie.php
csigikes.hu/c/alg/start/alleg/ 		31 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://csigikes.hu/c/alg/start/alleg/logowanie.php
Protocol
HTTP/1.1
Server
193.91.64.2 Budapest, Hungary, ASN12301 (INVITECH, HU),
Reverse DNS
web3.vhost.hu
Software
nginx / PHP/5.6.30
Resource Hash
2d942c991100ade6323f57882de6b08b3ecf9dd4f23a481a52813d7bafaa958e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
5580
Content-Type
text/html; charset=UTF-8
Date
Thu, 19 May 2022 13:03:34 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx
Vary
Accept-Encoding
X-Powered-By
PHP/5.6.30
v3-c17ed142e00e8c80fb51ebe24b3e0692931232ae67be88a8835b439ddeff663f.css
assets.allegrostatic.com/bundle/ 		46 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.allegrostatic.com/bundle/v3-c17ed142e00e8c80fb51ebe24b3e0692931232ae67be88a8835b439ddeff663f.css
Requested by
Host: csigikes.hu
URL: http://csigikes.hu/c/alg/start/alleg/logowanie.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:dcc:31::a0 , Poland, ASN31621 (QXL-NET-POLAND-AS, PL),
Reverse DNS
Software
/
Resource Hash
cea9c9ffa18562cda2eebb608c63c2b81d6b5f2a4609f6c6a0684d28d9dad6be
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
http://csigikes.hu/c/alg/start/alleg/logowanie.php
Origin
http://csigikes.hu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 16:13:48 GMT
content-encoding
br
vary
Accept-Encoding
x-via-lb
hap-log-1a.dc5.alledc.net, hap-www-5a.dc4.local
age
3012586
strict-transport-security
max-age=15552000
content-length
7865
x-amz-expiration
expiry-date="Tue, 26 Apr 2022 00:00:00 GMT", rule-id="ExpireOldBundles"
last-modified
Tue, 25 Jan 2022 13:25:02 GMT
etag
W/"a266fbbc6e23a0ed86568426de15a9c9"
access-control-max-age
60
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
PUBLIC, max-age=31536000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://allegro.pl, http://allegro.pl
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-CSRFToken,Expires,Pragma
main-3f3821d4a7.m.css
assets.allegrostatic.com/metrum/metrum-core/ 		37 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.allegrostatic.com/metrum/metrum-core/main-3f3821d4a7.m.css?v=0.6.1
Requested by
Host: csigikes.hu
URL: http://csigikes.hu/c/alg/start/alleg/logowanie.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:dcc:31::a0 , Poland, ASN31621 (QXL-NET-POLAND-AS, PL),
Reverse DNS
Software
/
Resource Hash
f40f363f9977cce4fa7317b7436ed21549f957e19df48e52901494a7914d3a7f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
http://csigikes.hu/c/alg/start/alleg/logowanie.php
Origin
http://csigikes.hu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 07:32:36 GMT
content-encoding
br
vary
Accept-Encoding
x-via-lb
hap-log-1b.dc5.alledc.net, hap-www-5b.dc5.alledc.net
age
3043858
content-length
5710
last-modified
Mon, 15 Nov 2021 14:20:50 GMT
etag
W/"66720f269026cf5051dc7f0faec24895"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
PUBLIC, max-age=31536000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://allegro.pl, http://allegro.pl
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-CSRFToken,Expires,Pragma
v3-bac1a2ef2a36bf26647bf97113340a8da2757e143f70d3e9406cc28105939658.css
assets.allegrostatic.com/bundle/ 		46 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.allegrostatic.com/bundle/v3-bac1a2ef2a36bf26647bf97113340a8da2757e143f70d3e9406cc28105939658.css
Requested by
Host: csigikes.hu
URL: http://csigikes.hu/c/alg/start/alleg/logowanie.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:dcc:31::a0 , Poland, ASN31621 (QXL-NET-POLAND-AS, PL),
Reverse DNS
Software
/
Resource Hash
83b99d826b31fe43a1773fa5041d65e56311577532c0f0700ec2cb0a0f49e371
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
http://csigikes.hu/c/alg/start/alleg/logowanie.php
Origin
http://csigikes.hu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 09:06:50 GMT
content-encoding
br
vary
Accept-Encoding
x-via-lb
hap-log-1a.dc4.local, hap-www-5b.dc5.alledc.net
age
3038204
strict-transport-security
max-age=15552000
content-length
10003
x-amz-expiration
expiry-date="Tue, 10 May 2022 00:00:00 GMT", rule-id="ExpireOldBundles"
last-modified
Tue, 08 Feb 2022 13:14:45 GMT
etag
W/"6e5bb6b9cd8908abfcf5ee98deaaca83"
access-control-max-age
60
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
PUBLIC, max-age=31536000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://allegro.pl, http://allegro.pl
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-CSRFToken,Expires,Pragma
b8806483460d99ec3739941289ab
a.allegroimg.com/original/1201da/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.allegroimg.com/original/1201da/b8806483460d99ec3739941289ab
Requested by
Host: csigikes.hu
URL: http://csigikes.hu/c/alg/start/alleg/logowanie.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:dc8:31:: , Poland, ASN42656 (QXL-POLAND, PL),
Reverse DNS
Software
/
Resource Hash
34974dd18de8335323dadc9973669bb94d475ae70453633ffb347b52a503ce98
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://csigikes.hu/c/alg/start/alleg/logowanie.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 19 May 2022 13:03:34 GMT
x-content-type-options
nosniff
accept-ch
Width
etag
"6f359de826fb07ce60a746d413d04b24"
vary
Accept
accept-ch-lifetime
86400
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
strict-transport-security
max-age=15552000
content-length
4317
timing-allow-origin
https://allegro.pl, http://allegro.pl
x-source-image-type
vector
arrowhead-9148b8f39c.svg
assets.allegrostatic.com/metrum/icon/ 		203 B
802 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.allegrostatic.com/metrum/icon/arrowhead-9148b8f39c.svg
Requested by
Host: csigikes.hu
URL: http://csigikes.hu/c/alg/start/alleg/logowanie.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:dcc:31::a0 , Poland, ASN31621 (QXL-NET-POLAND-AS, PL),
Reverse DNS
Software
/
Resource Hash
0f71432615da814ac3b38f945744dc798c90436a2f61fda1adf88e964296edde
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://csigikes.hu/c/alg/start/alleg/logowanie.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 07:30:49 GMT
vary
Accept-Encoding
x-via-lb
hap-log-1b.dc4.local, hap-www-5a.dc4.local
age
3043965
content-length
203
last-modified
Thu, 07 Apr 2022 07:56:34 GMT
etag
"9148b8f39cdbd338718a9a6b0ce4b249"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
PUBLIC, max-age=31536000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://allegro.pl, http://allegro.pl
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-CSRFToken,Expires,Pragma
facebook-a2b92f9dcb.svg
assets.allegrostatic.com/metrum/icon/ 		335 B
938 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.allegrostatic.com/metrum/icon/facebook-a2b92f9dcb.svg
Requested by
Host: csigikes.hu
URL: http://csigikes.hu/c/alg/start/alleg/logowanie.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:dcc:31::a0 , Poland, ASN31621 (QXL-NET-POLAND-AS, PL),
Reverse DNS
Software
/
Resource Hash
71363981721d7b375e3796efa56a15dfae4d3b4f58f5bfe0e9a1af33cc93a04a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://csigikes.hu/c/alg/start/alleg/logowanie.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 07:30:49 GMT
vary
Accept-Encoding
x-via-lb
hap-log-1a.dc4.local, hap-www-5b.dc5.alledc.net
age
3043965
content-length
335
last-modified
Thu, 07 Apr 2022 07:56:34 GMT
etag
"a2b92f9dcb8fbf37c65c9f7e3abf35fd"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
PUBLIC, max-age=31536000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://allegro.pl, http://allegro.pl
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-CSRFToken,Expires,Pragma
google-e101bd3c2c.svg
assets.allegrostatic.com/metrum/icon/ 		691 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.allegrostatic.com/metrum/icon/google-e101bd3c2c.svg
Requested by
Host: csigikes.hu
URL: http://csigikes.hu/c/alg/start/alleg/logowanie.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:dcc:31::a0 , Poland, ASN31621 (QXL-NET-POLAND-AS, PL),
Reverse DNS
Software
/
Resource Hash
4e967112bf698f405d25c2043c9214ef42a8981f08e01d9cefa4c8323b75f000
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://csigikes.hu/c/alg/start/alleg/logowanie.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 07:30:50 GMT
vary
Accept-Encoding
x-via-lb
hap-log-1b.dc4.local, hap-www-5a.dc4.local
age
3043964
content-length
691
last-modified
Thu, 07 Apr 2022 07:56:34 GMT
etag
"e101bd3c2c7cb29407476ea25960c730"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
PUBLIC, max-age=31536000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://allegro.pl, http://allegro.pl
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-CSRFToken,Expires,Pragma
open-sans-latin-variable-wghtOnly-normal_168737b8.woff2
assets.allegrostatic.com/sc-15284/statics/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.allegrostatic.com/sc-15284/statics/open-sans-latin-variable-wghtOnly-normal_168737b8.woff2
Requested by
Host: csigikes.hu
URL: http://csigikes.hu/c/alg/start/alleg/logowanie.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:dcc:31::a0 , Poland, ASN31621 (QXL-NET-POLAND-AS, PL),
Reverse DNS
Software
/
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
http://csigikes.hu/
Origin
http://csigikes.hu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 07:51:27 GMT
vary
Accept-Encoding
x-via-lb
hap-log-1b.dc5.alledc.net, hap-www-5b.dc5.alledc.net
age
3042727
strict-transport-security
max-age=15552000
content-length
44656
last-modified
Wed, 16 Feb 2022 14:04:22 GMT
etag
"a698723ffb7c306e852d2a2754a41bb1"
access-control-max-age
60
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
PUBLIC, max-age=31536000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://allegro.pl, http://allegro.pl
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-CSRFToken,Expires,Pragma
open-sans-latin-ext-variable-wghtOnly-normal_41529361.woff2
assets.allegrostatic.com/sc-15284/statics/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.allegrostatic.com/sc-15284/statics/open-sans-latin-ext-variable-wghtOnly-normal_41529361.woff2
Requested by
Host: csigikes.hu
URL: http://csigikes.hu/c/alg/start/alleg/logowanie.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:dcc:31::a0 , Poland, ASN31621 (QXL-NET-POLAND-AS, PL),
Reverse DNS
Software
/
Resource Hash
e3bbdc376b0d9f6584950084b59e7fffc02ca3da87ea543bafe19d4a5e1b9f0e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
http://csigikes.hu/
Origin
http://csigikes.hu
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Thu, 14 Apr 2022 07:51:27 GMT
vary
Accept-Encoding
x-via-lb
hap-log-1b.dc5.alledc.net, hap-www-5b.dc5.alledc.net
age
3042727
strict-transport-security
max-age=15552000
content-length
31272
last-modified
Wed, 16 Feb 2022 14:04:22 GMT
etag
"aaca0b46f96d94bbfcc25ce32128954c"
access-control-max-age
60
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
PUBLIC, max-age=31536000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://allegro.pl, http://allegro.pl
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-CSRFToken,Expires,Pragma

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Allegro (Banking)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone

1 Cookies

Domain/Path Name / Value
csigikes.hu/ Name: PHPSESSID
Value: 2mjjoceit3enhr5md3lk89o0k5