www.csigikes.hu Open in urlscan Pro
193.91.64.2 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.floranostra.hu/main/form/
Effective URL:
http://www.csigikes.hu/slider/alle/js/alleg/logowanie.php
Submission: On April 06 via automatic, source phishtank (April 6th 2022, 5:08:09 pm UTC) — Scanned from DE

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 11 HTTP transactions. The main IP is 193.91.64.2, located in Budapest, Hungary and belongs to INVITECH, HU. The main domain is www.csigikes.hu.

This is the only time www.csigikes.hu was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Allegro (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1	193.169.16.60 193.169.16.60	5588 (GTSCE GTS...) (GTSCE GTS Central Europe Antel Germany)
1	193.91.64.2 193.91.64.2	12301 (INVITECH) (INVITECH)
8	2a02:dc8:31::a0 2a02:dc8:31::a0	42656 (QXL-POLAND) (QXL-POLAND)
1	2a02:dcc:31:: 2a02:dcc:31::	31621 (QXL-NET-P...) (QXL-NET-POLAND-AS)
11	4

1 193.169.16.60 (Hungary)

ASN5588 (GTSCE GTS Central Europe Antel Germany, CZ)
PTR: www-f02-c01.iwd.hu

www.floranostra.hu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.91.64.2 (Budapest, Hungary)

ASN12301 (INVITECH, HU)
PTR: web3.vhost.hu

www.csigikes.hu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:dc8:31::a0 (Poland)

ASN42656 (QXL-POLAND, PL)

assets.allegrostatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:dcc:31:: (Poland)

ASN31621 (QXL-NET-POLAND-AS, PL)

a.allegroimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	allegrostatic.com assets.allegrostatic.com — Cisco Umbrella Rank: 45086	103 KB
1	allegroimg.com a.allegroimg.com — Cisco Umbrella Rank: 42191	5 KB
1	csigikes.hu www.csigikes.hu	6 KB
1	floranostra.hu www.floranostra.hu	375 B
11	4

	Domain	Requested by
8	assets.allegrostatic.com	www.csigikes.hu
1	a.allegroimg.com	www.csigikes.hu
1	www.csigikes.hu
1	www.floranostra.hu
11	4

This site contains no links.

Subject Issuer	Validity	Valid
*.allegrostatic.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-06`	a year	crt.sh
*.allegroimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-06`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://www.csigikes.hu/slider/alle/js/alleg/logowanie.php
Frame ID: E099C661D4F36A326201F30C579C002D
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Allegro logowanie - Moje Allegro

Page URL History Show full URLs

http://www.floranostra.hu/main/form/ Page URL
http://www.csigikes.hu/slider/alle/js/alleg/logowanie.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

11
Requests

82 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

114 kB
Transfer

241 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.floranostra.hu/main/form/ Page URL
http://www.csigikes.hu/slider/alle/js/alleg/logowanie.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK /
www.floranostra.hu/main/form/ 177 B
375 B 467ms
314ms Document
text/html 193.169.16.60
GTSCE GTS Central...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.floranostra.hu/main/form/
Protocol: HTTP/1.1
Server: 193.169.16.60 , Hungary, ASN5588 (GTSCE GTS Central Europe Antel Germany, CZ),
Reverse DNS: www-f02-c01.iwd.hu
Software: Apache /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 153
Content-Type: text/html
Date: Wed, 06 Apr 2022 17:08:03 GMT
Keep-Alive: timeout=30, max=100
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK Primary Request logowanie.php Show response
www.csigikes.hu/slider/alle/js/alleg/ 31 KB
6 KB 166ms
40ms Document
text/html 193.91.64.2
INVITECH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.csigikes.hu/slider/alle/js/alleg/logowanie.php
Protocol: HTTP/1.1
Server: 193.91.64.2 Budapest, Hungary, ASN12301 (INVITECH, HU),
Reverse DNS: web3.vhost.hu
Software: nginx / PHP/5.6.30
Resource Hash: 2d942c991100ade6323f57882de6b08b3ecf9dd4f23a481a52813d7bafaa958e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.floranostra.hu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 5580
Content-Type: text/html; charset=UTF-8
Date: Wed, 06 Apr 2022 17:08:03 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.30

GET
H2 200 v3-c17ed142e00e8c80fb51ebe24b3e0692931232ae67be88a8835b439ddeff663f.css
assets.allegrostatic.com/bundle/ 46 KB
8 KB 131ms
32ms Stylesheet
text/css 2a02:dc8:31::a0
QXL-POLAND

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.allegrostatic.com/bundle/v3-c17ed142e00e8c80fb51ebe24b3e0692931232ae67be88a8835b439ddeff663f.css

Requested by

Host: www.csigikes.hu
URL: http://www.csigikes.hu/slider/alle/js/alleg/logowanie.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:dc8:31::a0 , Poland, ASN42656 (QXL-POLAND, PL),

Reverse DNS

Software

Resource Hash

cea9c9ffa18562cda2eebb608c63c2b81d6b5f2a4609f6c6a0684d28d9dad6be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://www.csigikes.hu/slider/alle/js/alleg/logowanie.php
Origin: http://www.csigikes.hu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 18:13:42 GMT
content-encoding: br
vary: Accept-Encoding
x-via-lb: hap-log-1a.dc5.alledc.net, hap-www-5a.dc5.alledc.net
age: 1724061
strict-transport-security: max-age=15552000
content-length: 7865
x-amz-expiration: expiry-date="Mon, 25 Apr 2022 13:25:02 GMT", rule-id="ExpireOldBundles"
last-modified: Tue, 25 Jan 2022 13:25:02 GMT
etag: W/"a266fbbc6e23a0ed86568426de15a9c9"
access-control-max-age: 60
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: PUBLIC, max-age=31536000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://allegro.pl, http://allegro.pl
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-CSRFToken,Expires,Pragma

GET
H2 200 main-3f3821d4a7.m.css
assets.allegrostatic.com/metrum/metrum-core/ 37 KB
6 KB 133ms
34ms Stylesheet
text/css 2a02:dc8:31::a0
QXL-POLAND

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.allegrostatic.com/metrum/metrum-core/main-3f3821d4a7.m.css?v=0.6.1

Requested by

Host: www.csigikes.hu
URL: http://www.csigikes.hu/slider/alle/js/alleg/logowanie.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:dc8:31::a0 , Poland, ASN42656 (QXL-POLAND, PL),

Reverse DNS

Software

Resource Hash

f40f363f9977cce4fa7317b7436ed21549f957e19df48e52901494a7914d3a7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://www.csigikes.hu/slider/alle/js/alleg/logowanie.php
Origin: http://www.csigikes.hu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 12:54:38 GMT
content-encoding: br
vary: Accept-Encoding
x-via-lb: hap-log-1a.dc4.local, hap-www-5b.dc5.alledc.net
age: 2002405
content-length: 5710
last-modified: Mon, 15 Nov 2021 14:20:50 GMT
etag: W/"66720f269026cf5051dc7f0faec24895"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: PUBLIC, max-age=31536000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://allegro.pl, http://allegro.pl
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-CSRFToken,Expires,Pragma

GET
H2 200 v3-bac1a2ef2a36bf26647bf97113340a8da2757e143f70d3e9406cc28105939658.css
assets.allegrostatic.com/bundle/ 46 KB
10 KB 166ms
68ms Stylesheet
text/css 2a02:dc8:31::a0
QXL-POLAND

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.allegrostatic.com/bundle/v3-bac1a2ef2a36bf26647bf97113340a8da2757e143f70d3e9406cc28105939658.css

Requested by

Host: www.csigikes.hu
URL: http://www.csigikes.hu/slider/alle/js/alleg/logowanie.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:dc8:31::a0 , Poland, ASN42656 (QXL-POLAND, PL),

Reverse DNS

Software

Resource Hash

83b99d826b31fe43a1773fa5041d65e56311577532c0f0700ec2cb0a0f49e371

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://www.csigikes.hu/slider/alle/js/alleg/logowanie.php
Origin: http://www.csigikes.hu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 14:28:43 GMT
content-encoding: br
vary: Accept-Encoding
x-via-lb: hap-log-1b.dc4.local, hap-www-5b.dc4.local
age: 1219160
strict-transport-security: max-age=15552000
content-length: 10003
x-amz-expiration: expiry-date="Tue, 10 May 2022 00:00:00 GMT", rule-id="ExpireOldBundles"
last-modified: Tue, 08 Feb 2022 13:14:45 GMT
etag: W/"6e5bb6b9cd8908abfcf5ee98deaaca83"
access-control-max-age: 60
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: PUBLIC, max-age=31536000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://allegro.pl, http://allegro.pl
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-CSRFToken,Expires,Pragma

GET
H2 200 b8806483460d99ec3739941289ab
a.allegroimg.com/original/1201da/ 4 KB
5 KB 119ms
29ms Image
image/svg+xml 2a02:dcc:31::
QXL-NET-POLAND-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.allegroimg.com/original/1201da/b8806483460d99ec3739941289ab

Requested by

Host: www.csigikes.hu
URL: http://www.csigikes.hu/slider/alle/js/alleg/logowanie.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:dcc:31:: , Poland, ASN31621 (QXL-NET-POLAND-AS, PL),

Reverse DNS

Software

Resource Hash

34974dd18de8335323dadc9973669bb94d475ae70453633ffb347b52a503ce98

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.csigikes.hu/slider/alle/js/alleg/logowanie.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 17:08:03 GMT
x-content-type-options: nosniff
accept-ch: Width
etag: "6f359de826fb07ce60a746d413d04b24"
vary: Accept
accept-ch-lifetime: 86400
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=15552000
content-length: 4317
timing-allow-origin: https://allegro.pl, http://allegro.pl
x-source-image-type: vector

GET
H2 200 arrowhead-9148b8f39c.svg
assets.allegrostatic.com/metrum/icon/ 203 B
802 B 145ms
37ms Image
image/svg+xml 2a02:dc8:31::a0
QXL-POLAND

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.allegrostatic.com/metrum/icon/arrowhead-9148b8f39c.svg

Requested by

Host: www.csigikes.hu
URL: http://www.csigikes.hu/slider/alle/js/alleg/logowanie.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:dc8:31::a0 , Poland, ASN42656 (QXL-POLAND, PL),

Reverse DNS

Software

Resource Hash

0f71432615da814ac3b38f945744dc798c90436a2f61fda1adf88e964296edde

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.csigikes.hu/slider/alle/js/alleg/logowanie.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 12:54:39 GMT
vary: Accept-Encoding
x-via-lb: hap-log-1b.dc4.local, hap-www-5b.dc4.local
age: 2002404
content-length: 203
last-modified: Thu, 03 Mar 2022 17:56:35 GMT
etag: "9148b8f39cdbd338718a9a6b0ce4b249"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: PUBLIC, max-age=31536000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://allegro.pl, http://allegro.pl
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-CSRFToken,Expires,Pragma

GET
H2 200 facebook-a2b92f9dcb.svg
assets.allegrostatic.com/metrum/icon/ 335 B
938 B 59ms
59ms Image
image/svg+xml 2a02:dc8:31::a0
QXL-POLAND

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.allegrostatic.com/metrum/icon/facebook-a2b92f9dcb.svg

Requested by

Host: www.csigikes.hu
URL: http://www.csigikes.hu/slider/alle/js/alleg/logowanie.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:dc8:31::a0 , Poland, ASN42656 (QXL-POLAND, PL),

Reverse DNS

Software

Resource Hash

71363981721d7b375e3796efa56a15dfae4d3b4f58f5bfe0e9a1af33cc93a04a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.csigikes.hu/slider/alle/js/alleg/logowanie.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 12:54:39 GMT
vary: Accept-Encoding
x-via-lb: hap-log-1a.dc4.local, hap-www-5b.dc5.alledc.net
age: 2002404
content-length: 335
last-modified: Thu, 03 Mar 2022 17:56:35 GMT
etag: "a2b92f9dcb8fbf37c65c9f7e3abf35fd"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: PUBLIC, max-age=31536000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://allegro.pl, http://allegro.pl
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-CSRFToken,Expires,Pragma

GET
H2 200 google-e101bd3c2c.svg
assets.allegrostatic.com/metrum/icon/ 691 B
1 KB 60ms
60ms Image
image/svg+xml 2a02:dc8:31::a0
QXL-POLAND

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.allegrostatic.com/metrum/icon/google-e101bd3c2c.svg

Requested by

Host: www.csigikes.hu
URL: http://www.csigikes.hu/slider/alle/js/alleg/logowanie.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:dc8:31::a0 , Poland, ASN42656 (QXL-POLAND, PL),

Reverse DNS

Software

Resource Hash

4e967112bf698f405d25c2043c9214ef42a8981f08e01d9cefa4c8323b75f000

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.csigikes.hu/slider/alle/js/alleg/logowanie.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 12:54:40 GMT
vary: Accept-Encoding
x-via-lb: hap-log-1b.dc4.local, hap-www-5b.dc4.local
age: 2002403
content-length: 691
last-modified: Thu, 03 Mar 2022 17:56:35 GMT
etag: "e101bd3c2c7cb29407476ea25960c730"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: PUBLIC, max-age=31536000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://allegro.pl, http://allegro.pl
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-CSRFToken,Expires,Pragma

GET
H2 200 open-sans-latin-variable-wghtOnly-normal_168737b8.woff2
assets.allegrostatic.com/sc-15284/statics/ 44 KB
44 KB 54ms
54ms Font
font/woff2 2a02:dc8:31::a0
QXL-POLAND

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.allegrostatic.com/sc-15284/statics/open-sans-latin-variable-wghtOnly-normal_168737b8.woff2

Requested by

Host: www.csigikes.hu
URL: http://www.csigikes.hu/slider/alle/js/alleg/logowanie.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:dc8:31::a0 , Poland, ASN42656 (QXL-POLAND, PL),

Reverse DNS

Software

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://www.csigikes.hu/
Origin: http://www.csigikes.hu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 12:55:17 GMT
vary: Accept-Encoding
x-via-lb: hap-log-1a.dc5.alledc.net, hap-www-5a.dc5.alledc.net
age: 2002366
strict-transport-security: max-age=15552000
content-length: 44656
last-modified: Wed, 16 Feb 2022 14:04:22 GMT
etag: "a698723ffb7c306e852d2a2754a41bb1"
access-control-max-age: 60
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: PUBLIC, max-age=31536000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://allegro.pl, http://allegro.pl
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-CSRFToken,Expires,Pragma

GET
H2 200 open-sans-latin-ext-variable-wghtOnly-normal_41529361.woff2
assets.allegrostatic.com/sc-15284/statics/ 31 KB
31 KB 74ms
74ms Font
font/woff2 2a02:dc8:31::a0
QXL-POLAND

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.allegrostatic.com/sc-15284/statics/open-sans-latin-ext-variable-wghtOnly-normal_41529361.woff2

Requested by

Host: www.csigikes.hu
URL: http://www.csigikes.hu/slider/alle/js/alleg/logowanie.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:dc8:31::a0 , Poland, ASN42656 (QXL-POLAND, PL),

Reverse DNS

Software

Resource Hash

e3bbdc376b0d9f6584950084b59e7fffc02ca3da87ea543bafe19d4a5e1b9f0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://www.csigikes.hu/
Origin: http://www.csigikes.hu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 12:55:17 GMT
vary: Accept-Encoding
x-via-lb: hap-log-1a.dc4.local, hap-www-5b.dc5.alledc.net
age: 2002366
strict-transport-security: max-age=15552000
content-length: 31272
last-modified: Wed, 16 Feb 2022 14:04:22 GMT
etag: "aaca0b46f96d94bbfcc25ce32128954c"
access-control-max-age: 60
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: PUBLIC, max-age=31536000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://allegro.pl, http://allegro.pl
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-CSRFToken,Expires,Pragma

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Allegro (Banking)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.csigikes.hu/	1969-12-31 23:59:59	Name: PHPSESSID Value: dsut0ooa82fpac3k5lou5dg8b1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.allegroimg.com
assets.allegrostatic.com
www.csigikes.hu
www.floranostra.hu
193.169.16.60
193.91.64.2
2a02:dc8:31::a0
2a02:dcc:31::
0f71432615da814ac3b38f945744dc798c90436a2f61fda1adf88e964296edde
2d942c991100ade6323f57882de6b08b3ecf9dd4f23a481a52813d7bafaa958e
34974dd18de8335323dadc9973669bb94d475ae70453633ffb347b52a503ce98
4e967112bf698f405d25c2043c9214ef42a8981f08e01d9cefa4c8323b75f000
71363981721d7b375e3796efa56a15dfae4d3b4f58f5bfe0e9a1af33cc93a04a
83b99d826b31fe43a1773fa5041d65e56311577532c0f0700ec2cb0a0f49e371
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
cea9c9ffa18562cda2eebb608c63c2b81d6b5f2a4609f6c6a0684d28d9dad6be
e3bbdc376b0d9f6584950084b59e7fffc02ca3da87ea543bafe19d4a5e1b9f0e
f40f363f9977cce4fa7317b7436ed21549f957e19df48e52901494a7914d3a7f

www.csigikes.hu Open in urlscan Pro 193.91.64.2 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

82 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

114 kBTransfer

241 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

1 Cookies

Indicators

www.csigikes.hu Open in urlscan Pro
193.91.64.2 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

82 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

114 kB
Transfer

241 kB
Size

1
Cookies

11 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!