Submitted URL: http://www.floranostra.hu/main/form/
Effective URL: http://www.csigikes.hu/slider/alle/js/alleg/logowanie.php
Submission: On April 06 via automatic, source phishtank — Scanned from DE

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 11 HTTP transactions. The main IP is 193.91.64.2, located in Budapest, Hungary and belongs to INVITECH, HU. The main domain is www.csigikes.hu.
This is the only time www.csigikes.hu was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Allegro (Banking)

Domain & IP information

IP Address AS Autonomous System
1 193.169.16.60 5588 (GTSCE GTS...)
1 193.91.64.2 12301 (INVITECH)
8 2a02:dc8:31::a0 42656 (QXL-POLAND)
1 2a02:dcc:31:: 31621 (QXL-NET-P...)
11 4
Apex Domain
Subdomains
Transfer
8 allegrostatic.com
assets.allegrostatic.com — Cisco Umbrella Rank: 45086
103 KB
1 allegroimg.com
a.allegroimg.com — Cisco Umbrella Rank: 42191
5 KB
1 csigikes.hu
www.csigikes.hu
6 KB
1 floranostra.hu
www.floranostra.hu
375 B
11 4
Domain Requested by
8 assets.allegrostatic.com www.csigikes.hu
1 a.allegroimg.com www.csigikes.hu
1 www.csigikes.hu
1 www.floranostra.hu
11 4

This site contains no links.

Subject Issuer Validity Valid
*.allegrostatic.com
DigiCert TLS RSA SHA256 2020 CA1
2021-09-06 -
2022-10-06
a year crt.sh
*.allegroimg.com
DigiCert TLS RSA SHA256 2020 CA1
2021-09-06 -
2022-10-06
a year crt.sh

This page contains 1 frames:

Primary Page: http://www.csigikes.hu/slider/alle/js/alleg/logowanie.php
Frame ID: E099C661D4F36A326201F30C579C002D
Requests: 11 HTTP requests in this frame

Screenshot

Page Title

Allegro logowanie - Moje Allegro

Page URL History Show full URLs

  1. http://www.floranostra.hu/main/form/ Page URL
  2. http://www.csigikes.hu/slider/alle/js/alleg/logowanie.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

11
Requests

82 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

114 kB
Transfer

241 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.floranostra.hu/main/form/ Page URL
  2. http://www.csigikes.hu/slider/alle/js/alleg/logowanie.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
www.floranostra.hu/main/form/
177 B
375 B
Document
General
Full URL
http://www.floranostra.hu/main/form/
Protocol
HTTP/1.1
Server
193.169.16.60 , Hungary, ASN5588 (GTSCE GTS Central Europe Antel Germany, CZ),
Reverse DNS
www-f02-c01.iwd.hu
Software
Apache /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
153
Content-Type
text/html
Date
Wed, 06 Apr 2022 17:08:03 GMT
Keep-Alive
timeout=30, max=100
Server
Apache
Vary
Accept-Encoding
Primary Request logowanie.php
www.csigikes.hu/slider/alle/js/alleg/
31 KB
6 KB
Document
General
Full URL
http://www.csigikes.hu/slider/alle/js/alleg/logowanie.php
Protocol
HTTP/1.1
Server
193.91.64.2 Budapest, Hungary, ASN12301 (INVITECH, HU),
Reverse DNS
web3.vhost.hu
Software
nginx / PHP/5.6.30
Resource Hash
2d942c991100ade6323f57882de6b08b3ecf9dd4f23a481a52813d7bafaa958e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.floranostra.hu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
5580
Content-Type
text/html; charset=UTF-8
Date
Wed, 06 Apr 2022 17:08:03 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx
Vary
Accept-Encoding
X-Powered-By
PHP/5.6.30
v3-c17ed142e00e8c80fb51ebe24b3e0692931232ae67be88a8835b439ddeff663f.css
assets.allegrostatic.com/bundle/
46 KB
8 KB
Stylesheet
General
Full URL
https://assets.allegrostatic.com/bundle/v3-c17ed142e00e8c80fb51ebe24b3e0692931232ae67be88a8835b439ddeff663f.css
Requested by
Host: www.csigikes.hu
URL: http://www.csigikes.hu/slider/alle/js/alleg/logowanie.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:dc8:31::a0 , Poland, ASN42656 (QXL-POLAND, PL),
Reverse DNS
Software
/
Resource Hash
cea9c9ffa18562cda2eebb608c63c2b81d6b5f2a4609f6c6a0684d28d9dad6be
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
http://www.csigikes.hu/slider/alle/js/alleg/logowanie.php
Origin
http://www.csigikes.hu
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 18:13:42 GMT
content-encoding
br
vary
Accept-Encoding
x-via-lb
hap-log-1a.dc5.alledc.net, hap-www-5a.dc5.alledc.net
age
1724061
strict-transport-security
max-age=15552000
content-length
7865
x-amz-expiration
expiry-date="Mon, 25 Apr 2022 13:25:02 GMT", rule-id="ExpireOldBundles"
last-modified
Tue, 25 Jan 2022 13:25:02 GMT
etag
W/"a266fbbc6e23a0ed86568426de15a9c9"
access-control-max-age
60
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
PUBLIC, max-age=31536000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://allegro.pl, http://allegro.pl
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-CSRFToken,Expires,Pragma
main-3f3821d4a7.m.css
assets.allegrostatic.com/metrum/metrum-core/
37 KB
6 KB
Stylesheet
General
Full URL
https://assets.allegrostatic.com/metrum/metrum-core/main-3f3821d4a7.m.css?v=0.6.1
Requested by
Host: www.csigikes.hu
URL: http://www.csigikes.hu/slider/alle/js/alleg/logowanie.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:dc8:31::a0 , Poland, ASN42656 (QXL-POLAND, PL),
Reverse DNS
Software
/
Resource Hash
f40f363f9977cce4fa7317b7436ed21549f957e19df48e52901494a7914d3a7f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
http://www.csigikes.hu/slider/alle/js/alleg/logowanie.php
Origin
http://www.csigikes.hu
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 12:54:38 GMT
content-encoding
br
vary
Accept-Encoding
x-via-lb
hap-log-1a.dc4.local, hap-www-5b.dc5.alledc.net
age
2002405
content-length
5710
last-modified
Mon, 15 Nov 2021 14:20:50 GMT
etag
W/"66720f269026cf5051dc7f0faec24895"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
PUBLIC, max-age=31536000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://allegro.pl, http://allegro.pl
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-CSRFToken,Expires,Pragma
v3-bac1a2ef2a36bf26647bf97113340a8da2757e143f70d3e9406cc28105939658.css
assets.allegrostatic.com/bundle/
46 KB
10 KB
Stylesheet
General
Full URL
https://assets.allegrostatic.com/bundle/v3-bac1a2ef2a36bf26647bf97113340a8da2757e143f70d3e9406cc28105939658.css
Requested by
Host: www.csigikes.hu
URL: http://www.csigikes.hu/slider/alle/js/alleg/logowanie.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:dc8:31::a0 , Poland, ASN42656 (QXL-POLAND, PL),
Reverse DNS
Software
/
Resource Hash
83b99d826b31fe43a1773fa5041d65e56311577532c0f0700ec2cb0a0f49e371
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
http://www.csigikes.hu/slider/alle/js/alleg/logowanie.php
Origin
http://www.csigikes.hu
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 14:28:43 GMT
content-encoding
br
vary
Accept-Encoding
x-via-lb
hap-log-1b.dc4.local, hap-www-5b.dc4.local
age
1219160
strict-transport-security
max-age=15552000
content-length
10003
x-amz-expiration
expiry-date="Tue, 10 May 2022 00:00:00 GMT", rule-id="ExpireOldBundles"
last-modified
Tue, 08 Feb 2022 13:14:45 GMT
etag
W/"6e5bb6b9cd8908abfcf5ee98deaaca83"
access-control-max-age
60
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
PUBLIC, max-age=31536000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://allegro.pl, http://allegro.pl
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-CSRFToken,Expires,Pragma
b8806483460d99ec3739941289ab
a.allegroimg.com/original/1201da/
4 KB
5 KB
Image
General
Full URL
https://a.allegroimg.com/original/1201da/b8806483460d99ec3739941289ab
Requested by
Host: www.csigikes.hu
URL: http://www.csigikes.hu/slider/alle/js/alleg/logowanie.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:dcc:31:: , Poland, ASN31621 (QXL-NET-POLAND-AS, PL),
Reverse DNS
Software
/
Resource Hash
34974dd18de8335323dadc9973669bb94d475ae70453633ffb347b52a503ce98
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.csigikes.hu/slider/alle/js/alleg/logowanie.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 17:08:03 GMT
x-content-type-options
nosniff
accept-ch
Width
etag
"6f359de826fb07ce60a746d413d04b24"
vary
Accept
accept-ch-lifetime
86400
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
strict-transport-security
max-age=15552000
content-length
4317
timing-allow-origin
https://allegro.pl, http://allegro.pl
x-source-image-type
vector
arrowhead-9148b8f39c.svg
assets.allegrostatic.com/metrum/icon/
203 B
802 B
Image
General
Full URL
https://assets.allegrostatic.com/metrum/icon/arrowhead-9148b8f39c.svg
Requested by
Host: www.csigikes.hu
URL: http://www.csigikes.hu/slider/alle/js/alleg/logowanie.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:dc8:31::a0 , Poland, ASN42656 (QXL-POLAND, PL),
Reverse DNS
Software
/
Resource Hash
0f71432615da814ac3b38f945744dc798c90436a2f61fda1adf88e964296edde
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.csigikes.hu/slider/alle/js/alleg/logowanie.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 12:54:39 GMT
vary
Accept-Encoding
x-via-lb
hap-log-1b.dc4.local, hap-www-5b.dc4.local
age
2002404
content-length
203
last-modified
Thu, 03 Mar 2022 17:56:35 GMT
etag
"9148b8f39cdbd338718a9a6b0ce4b249"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
PUBLIC, max-age=31536000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://allegro.pl, http://allegro.pl
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-CSRFToken,Expires,Pragma
facebook-a2b92f9dcb.svg
assets.allegrostatic.com/metrum/icon/
335 B
938 B
Image
General
Full URL
https://assets.allegrostatic.com/metrum/icon/facebook-a2b92f9dcb.svg
Requested by
Host: www.csigikes.hu
URL: http://www.csigikes.hu/slider/alle/js/alleg/logowanie.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:dc8:31::a0 , Poland, ASN42656 (QXL-POLAND, PL),
Reverse DNS
Software
/
Resource Hash
71363981721d7b375e3796efa56a15dfae4d3b4f58f5bfe0e9a1af33cc93a04a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.csigikes.hu/slider/alle/js/alleg/logowanie.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 12:54:39 GMT
vary
Accept-Encoding
x-via-lb
hap-log-1a.dc4.local, hap-www-5b.dc5.alledc.net
age
2002404
content-length
335
last-modified
Thu, 03 Mar 2022 17:56:35 GMT
etag
"a2b92f9dcb8fbf37c65c9f7e3abf35fd"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
PUBLIC, max-age=31536000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://allegro.pl, http://allegro.pl
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-CSRFToken,Expires,Pragma
google-e101bd3c2c.svg
assets.allegrostatic.com/metrum/icon/
691 B
1 KB
Image
General
Full URL
https://assets.allegrostatic.com/metrum/icon/google-e101bd3c2c.svg
Requested by
Host: www.csigikes.hu
URL: http://www.csigikes.hu/slider/alle/js/alleg/logowanie.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:dc8:31::a0 , Poland, ASN42656 (QXL-POLAND, PL),
Reverse DNS
Software
/
Resource Hash
4e967112bf698f405d25c2043c9214ef42a8981f08e01d9cefa4c8323b75f000
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.csigikes.hu/slider/alle/js/alleg/logowanie.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 12:54:40 GMT
vary
Accept-Encoding
x-via-lb
hap-log-1b.dc4.local, hap-www-5b.dc4.local
age
2002403
content-length
691
last-modified
Thu, 03 Mar 2022 17:56:35 GMT
etag
"e101bd3c2c7cb29407476ea25960c730"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
PUBLIC, max-age=31536000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://allegro.pl, http://allegro.pl
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-CSRFToken,Expires,Pragma
open-sans-latin-variable-wghtOnly-normal_168737b8.woff2
assets.allegrostatic.com/sc-15284/statics/
44 KB
44 KB
Font
General
Full URL
https://assets.allegrostatic.com/sc-15284/statics/open-sans-latin-variable-wghtOnly-normal_168737b8.woff2
Requested by
Host: www.csigikes.hu
URL: http://www.csigikes.hu/slider/alle/js/alleg/logowanie.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:dc8:31::a0 , Poland, ASN42656 (QXL-POLAND, PL),
Reverse DNS
Software
/
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
http://www.csigikes.hu/
Origin
http://www.csigikes.hu
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 12:55:17 GMT
vary
Accept-Encoding
x-via-lb
hap-log-1a.dc5.alledc.net, hap-www-5a.dc5.alledc.net
age
2002366
strict-transport-security
max-age=15552000
content-length
44656
last-modified
Wed, 16 Feb 2022 14:04:22 GMT
etag
"a698723ffb7c306e852d2a2754a41bb1"
access-control-max-age
60
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
PUBLIC, max-age=31536000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://allegro.pl, http://allegro.pl
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-CSRFToken,Expires,Pragma
open-sans-latin-ext-variable-wghtOnly-normal_41529361.woff2
assets.allegrostatic.com/sc-15284/statics/
31 KB
31 KB
Font
General
Full URL
https://assets.allegrostatic.com/sc-15284/statics/open-sans-latin-ext-variable-wghtOnly-normal_41529361.woff2
Requested by
Host: www.csigikes.hu
URL: http://www.csigikes.hu/slider/alle/js/alleg/logowanie.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:dc8:31::a0 , Poland, ASN42656 (QXL-POLAND, PL),
Reverse DNS
Software
/
Resource Hash
e3bbdc376b0d9f6584950084b59e7fffc02ca3da87ea543bafe19d4a5e1b9f0e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
http://www.csigikes.hu/
Origin
http://www.csigikes.hu
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 12:55:17 GMT
vary
Accept-Encoding
x-via-lb
hap-log-1a.dc4.local, hap-www-5b.dc5.alledc.net
age
2002366
strict-transport-security
max-age=15552000
content-length
31272
last-modified
Wed, 16 Feb 2022 14:04:22 GMT
etag
"aaca0b46f96d94bbfcc25ce32128954c"
access-control-max-age
60
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
PUBLIC, max-age=31536000, immutable
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://allegro.pl, http://allegro.pl
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-CSRFToken,Expires,Pragma

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Allegro (Banking)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored

1 Cookies

Domain/Path Name / Value
www.csigikes.hu/ Name: PHPSESSID
Value: dsut0ooa82fpac3k5lou5dg8b1