allegro-oplata.icu Open in urlscan Pro
104.244.73.170 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://allegro-oplata.icu/bramkaplatnosci/inteligo?Id=Z2RAZmQ=/TWFyaXVzeg==/S29zaW5pYWs=/
Submission Tags: 6326727
Submission: On December 19 via api (December 19th 2019, 2:25:39 pm UTC) from US

Summary HTTP 17 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 17 HTTP transactions. The main IP is 104.244.73.170, located in Phoenix, United States and belongs to PONYNET - FranTech Solutions, US. The main domain is allegro-oplata.icu.

This is the only time allegro-oplata.icu was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: PKO Bank Polski (Banking)

Domain & IP information

	IP Address	AS Autonomous System
8	104.244.73.170 104.244.73.170	53667 (PONYNET) (PONYNET - FranTech Solutions)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:2a	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
17	3

8 104.244.73.170 (Phoenix, United States)

ASN53667 (PONYNET - FranTech Solutions, US)

allegro-oplata.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	allegro-oplata.icu allegro-oplata.icu	2 MB
1	jquery.com code.jquery.com	30 KB
17	2

	Domain	Requested by
8	allegro-oplata.icu	allegro-oplata.icu
1	code.jquery.com	allegro-oplata.icu
17	2

This site contains links to these domains. Also see Links.

Domain
inteligo.pl

Subject Issuer	Validity	Valid
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh

This page contains 1 frames:

Primary Page: http://allegro-oplata.icu/bramkaplatnosci/inteligo?Id=Z2RAZmQ=/TWFyaXVzeg==/S29zaW5pYWs=/
Frame ID: 2D56BB329ECE0D22F5A93F6CB7828A8B
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Node.js (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

script /socket\.io.*\.js/i

Socket.io (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /socket\.io.*\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

17
Requests

6 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

1637 kB
Transfer

2335 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://inteligo.pl/e-urzad/wniosek-dobry-start/
Title: .

Search URL Search Domain Scan URL

URL: http://inteligo.pl/infosite/_images/_files/zasady_gwarantowania_depozytow.pdf
Title: Gwarantowanie depozytów

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
8 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request inteligo Show response allegro-oplata.icu/bramkaplatnosci/	1 MB 1 MB	227ms 127ms	Document text/html	104.244.73.170 FranTech Solutions
General Check archive.org Show headers Download Go to Full URL http://allegro-oplata.icu/bramkaplatnosci/inteligo?Id=Z2RAZmQ=/TWFyaXVzeg==/S29zaW5pYWs=/ Protocol HTTP/1.1 Server 104.244.73.170 Phoenix, United States, ASN53667 (PONYNET - FranTech Solutions, US), Reverse DNS Software / Express Resource Hash `d7243eac5e9aade58a1612e14c667c0f0faeb7375fe1c116d5fcfa09e8d1be81` Request headers Host allegro-oplata.icu Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers X-Powered-By Express Content-Type text/html; charset=utf-8 Content-Length 1441936 ETag W/"160090-iS6ME0VYNm77Ghi7i5JXm9y0X4o" Date Thu, 19 Dec 2019 14:25:18 GMT Connection keep-alive
GET H/1.1	200 OK	jquery.js Show response allegro-oplata.icu/js/	85 KB 85 KB	131ms 35ms	Script application/javascript	104.244.73.170 FranTech Solutions
General Check archive.org Show headers Download Go to Full URL http://allegro-oplata.icu/js/jquery.js Requested by Host: allegro-oplata.icu URL: http://allegro-oplata.icu/bramkaplatnosci/inteligo?Id=Z2RAZmQ=/TWFyaXVzeg==/S29zaW5pYWs=/ Protocol HTTP/1.1 Server 104.244.73.170 Phoenix, United States, ASN53667 (PONYNET - FranTech Solutions, US), Reverse DNS Software / Express Resource Hash `4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de` Request headers Referer http://allegro-oplata.icu/bramkaplatnosci/inteligo?Id=Z2RAZmQ=/TWFyaXVzeg==/S29zaW5pYWs=/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 19 Dec 2019 14:25:18 GMT Last-Modified Tue, 09 Oct 2018 17:55:14 GMT X-Powered-By Express ETag W/"15391-16659f7f3d0" Content-Type application/javascript; charset=UTF-8 Cache-Control public, max-age=0 Connection keep-alive Accept-Ranges bytes Content-Length 86929
GET H/1.1	200 OK	socket.io.js Show response allegro-oplata.icu/socket.io/	61 KB 61 KB	167ms 27ms	Script application/javascript	104.244.73.170 FranTech Solutions
General Check archive.org Show headers Download Go to Full URL http://allegro-oplata.icu/socket.io/socket.io.js Requested by Host: allegro-oplata.icu URL: http://allegro-oplata.icu/bramkaplatnosci/inteligo?Id=Z2RAZmQ=/TWFyaXVzeg==/S29zaW5pYWs=/ Protocol HTTP/1.1 Server 104.244.73.170 Phoenix, United States, ASN53667 (PONYNET - FranTech Solutions, US), Reverse DNS Software / Resource Hash `cabe1f464fc65357a16093c0b3c3f82654e0bb41ddb29e192abc7c6c31030b72` Request headers Referer http://allegro-oplata.icu/bramkaplatnosci/inteligo?Id=Z2RAZmQ=/TWFyaXVzeg==/S29zaW5pYWs=/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 19 Dec 2019 14:25:18 GMT Cache-Control public, max-age=0 Connection keep-alive ETag "2.2.0" Transfer-Encoding chunked Content-Type application/javascript
GET H/1.1	200 OK	jquery-3.3.1.min.js Show response code.jquery.com/	85 KB 30 KB	30ms 14ms	Script application/javascript	2001:4de0:ac19::1:b:2a Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.3.1.min.js Requested by Host: allegro-oplata.icu URL: http://allegro-oplata.icu/bramkaplatnosci/inteligo?Id=Z2RAZmQ=/TWFyaXVzeg==/S29zaW5pYWs=/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US), Reverse DNS Software nginx / Resource Hash `160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef` Request headers Referer http://allegro-oplata.icu/bramkaplatnosci/inteligo?Id=Z2RAZmQ=/TWFyaXVzeg==/S29zaW5pYWs=/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 19 Dec 2019 14:25:18 GMT Content-Encoding gzip Last-Modified Sat, 20 Jan 2018 17:26:44 GMT Server nginx ETag W/"5a637bd4-1538f" Vary Accept-Encoding X-HW 1576765518.dop126.fr8.shc,1576765518.dop126.fr8.t,1576765518.cds057.fr8.c Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=315360000, public Connection Keep-Alive Accept-Ranges bytes Content-Length 30288
GET DATA	200 OK	truncated /	24 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `f9074d8dc51c52bfc8a08c53183a362a0d8e595cc2cc855808f8d4e50528f628` Request headers Referer http://allegro-oplata.icu/bramkaplatnosci/inteligo?Id=Z2RAZmQ=/TWFyaXVzeg==/S29zaW5pYWs=/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	5 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `6f4bf728b8036cbd974f278c50a05a3065740485c523a849e3f44fa888689e36` Request headers Referer http://allegro-oplata.icu/bramkaplatnosci/inteligo?Id=Z2RAZmQ=/TWFyaXVzeg==/S29zaW5pYWs=/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	7 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `037949ae52ee64febd4f04b70fde70148efa2abb8fc750acb2dfaccf73bb448b` Request headers Referer http://allegro-oplata.icu/bramkaplatnosci/inteligo?Id=Z2RAZmQ=/TWFyaXVzeg==/S29zaW5pYWs=/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/jpeg
GET BLOB	200 OK	b78c0b5e-712e-4cd8-a4b0-b9a888601bfe http://allegro-oplata.icu/	4 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL blob:http://allegro-oplata.icu/b78c0b5e-712e-4cd8-a4b0-b9a888601bfe Requested by Host: allegro-oplata.icu URL: http://allegro-oplata.icu/bramkaplatnosci/inteligo?Id=Z2RAZmQ=/TWFyaXVzeg==/S29zaW5pYWs=/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash `592777536d718bbaea7e6d40cc02456d3fad23c248b159e56bccf176727df746` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Length 3658 Content-Type image/jpeg
GET H/1.1	200 OK	inteligo allegro-oplata.icu/bramkaplatnosci/	51 KB 51 KB	102ms 101ms	Image text/html	104.244.73.170 FranTech Solutions
General Check archive.org Show headers Download Go to Show image Full URL http://allegro-oplata.icu/bramkaplatnosci/inteligo?Id=Z2RAZmQ=/TWFyaXVzeg==/S29zaW5pYWs=/ Requested by Host: allegro-oplata.icu URL: http://allegro-oplata.icu/bramkaplatnosci/inteligo?Id=Z2RAZmQ=/TWFyaXVzeg==/S29zaW5pYWs=/ Protocol HTTP/1.1 Server 104.244.73.170 Phoenix, United States, ASN53667 (PONYNET - FranTech Solutions, US), Reverse DNS Software / Express Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer http://allegro-oplata.icu/bramkaplatnosci/inteligo?Id=Z2RAZmQ=/TWFyaXVzeg==/S29zaW5pYWs=/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 19 Dec 2019 14:25:18 GMT ETag W/"160090-iS6ME0VYNm77Ghi7i5JXm9y0X4o" Connection keep-alive X-Powered-By Express Content-Length 1441936 Content-Type text/html; charset=utf-8
GET BLOB	200 OK	3bd2b05e-c8ca-49a3-b55b-bc0603672b2d http://allegro-oplata.icu/	60 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL blob:http://allegro-oplata.icu/3bd2b05e-c8ca-49a3-b55b-bc0603672b2d Requested by Host: allegro-oplata.icu URL: http://allegro-oplata.icu/bramkaplatnosci/inteligo?Id=Z2RAZmQ=/TWFyaXVzeg==/S29zaW5pYWs=/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash `12e52bd0e3fa1da51e9c1540cff0e011e86d515409f540fc2d69c8bc5a74f317` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Length 61713 Content-Type image/png
GET DATA	200 OK	truncated /	5 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `8fdb0784dfede3df4c5ca8d8ab638b4b986225a0087684dcc64e23e23a834b08` Request headers Referer http://allegro-oplata.icu/bramkaplatnosci/inteligo?Id=Z2RAZmQ=/TWFyaXVzeg==/S29zaW5pYWs=/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	4 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `5758f180a16dcf04820c006cb0952266994564810da55f61c09f14de1476d617` Request headers Referer http://allegro-oplata.icu/bramkaplatnosci/inteligo?Id=Z2RAZmQ=/TWFyaXVzeg==/S29zaW5pYWs=/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET BLOB	200 OK	4deeac14-6c43-4045-8cc2-a36b630fd71b http://allegro-oplata.icu/	35 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL blob:http://allegro-oplata.icu/4deeac14-6c43-4045-8cc2-a36b630fd71b Requested by Host: allegro-oplata.icu URL: http://allegro-oplata.icu/bramkaplatnosci/inteligo?Id=Z2RAZmQ=/TWFyaXVzeg==/S29zaW5pYWs=/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash `480295a026353571aa19090c7f4f12edf88fb0c863d26065527d22412935718d` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Length 36153 Content-Type image/png
GET DATA	200 OK	truncated /	4 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `c9abff9229debcd72aad4e26fe0741acb1b7ad0e208ba659f40c0b65c72040a5` Request headers Referer http://allegro-oplata.icu/bramkaplatnosci/inteligo?Id=Z2RAZmQ=/TWFyaXVzeg==/S29zaW5pYWs=/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	5 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `3a3ee331cc984748ee72216cbff6cc3aa0531a3ae06bdfa4e5ad161fa1d0db5a` Request headers Referer http://allegro-oplata.icu/bramkaplatnosci/inteligo?Id=Z2RAZmQ=/TWFyaXVzeg==/S29zaW5pYWs=/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/png
GET BLOB	200 OK	6ebdd619-a1f3-4cdd-a30f-5e1bad2979a4 http://allegro-oplata.icu/	225 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL blob:http://allegro-oplata.icu/6ebdd619-a1f3-4cdd-a30f-5e1bad2979a4 Requested by Host: allegro-oplata.icu URL: http://allegro-oplata.icu/bramkaplatnosci/inteligo?Id=Z2RAZmQ=/TWFyaXVzeg==/S29zaW5pYWs=/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash `2d6c0b2e62a60b88136bc0977ef733af78f3cd7809f166ac5874fb14f6d5215f` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Length 225 Content-Type image/png
GET BLOB	200 OK	126f29ff-f822-490d-85db-2a9551ffebb9 http://allegro-oplata.icu/	313 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL blob:http://allegro-oplata.icu/126f29ff-f822-490d-85db-2a9551ffebb9 Requested by Host: allegro-oplata.icu URL: http://allegro-oplata.icu/bramkaplatnosci/inteligo?Id=Z2RAZmQ=/TWFyaXVzeg==/S29zaW5pYWs=/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash `076c395f3cfa3ecc21a5ea63cae98fc3a56d8df7d0bf1d8b07b0ef2a2febaa17` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Length 313 Content-Type image/png
GET BLOB	200 OK	d25023fa-a42d-4351-a100-d75a3b687094 http://allegro-oplata.icu/	10 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL blob:http://allegro-oplata.icu/d25023fa-a42d-4351-a100-d75a3b687094 Requested by Host: allegro-oplata.icu URL: http://allegro-oplata.icu/bramkaplatnosci/inteligo?Id=Z2RAZmQ=/TWFyaXVzeg==/S29zaW5pYWs=/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash `32a318cc7425c80a66792cdcbcf305493f5eb4d5242b3bdb147a71689477b823` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Length 10506 Content-Type image/png
GET BLOB	200 OK	c6932a53-ea8e-43b7-805f-2d218f82ef46 http://allegro-oplata.icu/	481 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL blob:http://allegro-oplata.icu/c6932a53-ea8e-43b7-805f-2d218f82ef46 Requested by Host: allegro-oplata.icu URL: http://allegro-oplata.icu/bramkaplatnosci/inteligo?Id=Z2RAZmQ=/TWFyaXVzeg==/S29zaW5pYWs=/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash `97b25699ca3e67fca969b74e79d9ff3ed908f48312521cfa8e1dc0d7baa8ee9a` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Length 492534 Content-Type image/png
GET BLOB	200 OK	9fddf50d-a7fd-41b5-bbf1-5aacafaefc6e http://allegro-oplata.icu/	708 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL blob:http://allegro-oplata.icu/9fddf50d-a7fd-41b5-bbf1-5aacafaefc6e Requested by Host: allegro-oplata.icu URL: http://allegro-oplata.icu/bramkaplatnosci/inteligo?Id=Z2RAZmQ=/TWFyaXVzeg==/S29zaW5pYWs=/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash `35065e40ba0d078f1ed4f4c4820685f58550d06167ce7707136bb2ddee73140d` Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Length 708 Content-Type image/png
GET DATA	200 OK	truncated /	49 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `f1b84f81f5157cffa38a595c8a6130b66f7eba2d62570e4acc642732b8badf8c` Request headers Referer http://allegro-oplata.icu/bramkaplatnosci/inteligo?Id=Z2RAZmQ=/TWFyaXVzeg==/S29zaW5pYWs=/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Content-Type image/gif
GET H/1.1	200 OK	/ Show response allegro-oplata.icu/socket.io/	103 B 332 B	68ms 54ms	XHR text/plain	104.244.73.170 FranTech Solutions
General Check archive.org Show headers Download Go to Full URL http://allegro-oplata.icu/socket.io/?EIO=3&transport=polling&t=MyUZ7If Requested by Host: allegro-oplata.icu URL: http://allegro-oplata.icu/socket.io/socket.io.js Protocol HTTP/1.1 Server 104.244.73.170 Phoenix, United States, ASN53667 (PONYNET - FranTech Solutions, US), Reverse DNS Software / Resource Hash `b1510546fb876d8e22e9ea2e975f22d4a70eaa965d2f00187045eddf1176542e` Request headers Accept / Referer http://allegro-oplata.icu/bramkaplatnosci/inteligo?Id=Z2RAZmQ=/TWFyaXVzeg==/S29zaW5pYWs=/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Thu, 19 Dec 2019 14:25:18 GMT Connection keep-alive Content-Length 103 Content-Type text/plain; charset=UTF-8
GET H/1.1	200 OK	/ Show response allegro-oplata.icu/socket.io/	20 B 248 B	28ms 27ms	XHR text/plain	104.244.73.170 FranTech Solutions
General Check archive.org Show headers Download Go to Full URL http://allegro-oplata.icu/socket.io/?EIO=3&transport=polling&t=MyUZ7Jr&sid=Y6YPVmvhlNClqQyCAAOI Requested by Host: allegro-oplata.icu URL: http://allegro-oplata.icu/socket.io/socket.io.js Protocol HTTP/1.1 Server 104.244.73.170 Phoenix, United States, ASN53667 (PONYNET - FranTech Solutions, US), Reverse DNS Software / Resource Hash `a40611cef65783cba78381ce87133f59967c78a81e78aabacb8d15e2a8292043` Request headers Accept / Referer http://allegro-oplata.icu/bramkaplatnosci/inteligo?Id=Z2RAZmQ=/TWFyaXVzeg==/S29zaW5pYWs=/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Thu, 19 Dec 2019 14:25:18 GMT Connection keep-alive Content-Length 20 Content-Type text/plain; charset=UTF-8
POST H/1.1	200 OK	/ Show response allegro-oplata.icu/socket.io/	2 B 277 B	28ms 28ms	XHR text/html	104.244.73.170 FranTech Solutions
General Check archive.org Show headers Download Go to Full URL http://allegro-oplata.icu/socket.io/?EIO=3&transport=polling&t=MyUZ7KJ&sid=Y6YPVmvhlNClqQyCAAOI Requested by Host: allegro-oplata.icu URL: http://allegro-oplata.icu/socket.io/socket.io.js Protocol HTTP/1.1 Server 104.244.73.170 Phoenix, United States, ASN53667 (PONYNET - FranTech Solutions, US), Reverse DNS Software / Resource Hash `2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df` Request headers Accept / Referer http://allegro-oplata.icu/bramkaplatnosci/inteligo?Id=Z2RAZmQ=/TWFyaXVzeg==/S29zaW5pYWs=/ Origin http://allegro-oplata.icu User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-type text/plain;charset=UTF-8 Response headers Access-Control-Allow-Origin http://allegro-oplata.icu Date Thu, 19 Dec 2019 14:25:18 GMT Access-Control-Allow-Credentials true Connection keep-alive Content-Length 2 Content-Type text/html
GET H/1.1	200 OK	/ Show response allegro-oplata.icu/socket.io/	3 B 230 B	340ms 311ms	XHR text/plain	104.244.73.170 FranTech Solutions
General Check archive.org Show headers Download Go to Full URL http://allegro-oplata.icu/socket.io/?EIO=3&transport=polling&t=MyUZ7KJ.0&sid=Y6YPVmvhlNClqQyCAAOI Requested by Host: allegro-oplata.icu URL: http://allegro-oplata.icu/socket.io/socket.io.js Protocol HTTP/1.1 Server 104.244.73.170 Phoenix, United States, ASN53667 (PONYNET - FranTech Solutions, US), Reverse DNS Software / Resource Hash `62325dfc1fc675255519674da6e2c4aad5f51cc6c3217ed3c6fbf6cabe0d86b0` Request headers Accept / Referer http://allegro-oplata.icu/bramkaplatnosci/inteligo?Id=Z2RAZmQ=/TWFyaXVzeg==/S29zaW5pYWs=/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Thu, 19 Dec 2019 14:25:19 GMT Connection keep-alive Content-Length 3 Content-Type text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PKO Bank Polski (Banking)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			allegro-oplata.icu/	1969-12-31 23:59:59	Name: io Value: Y6YPVmvhlNClqQyCAAOI

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://allegro-oplata.icu/bramkaplatnosci/inteligo?Id=Z2RAZmQ=/TWFyaXVzeg==/S29zaW5pYWs=/(Line 21) Message: Z2RAZmQ=,TWFyaXVzeg==,S29zaW5pYWs=,

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

allegro-oplata.icu
code.jquery.com
104.244.73.170
2001:4de0:ac19::1:b:2a
037949ae52ee64febd4f04b70fde70148efa2abb8fc750acb2dfaccf73bb448b
076c395f3cfa3ecc21a5ea63cae98fc3a56d8df7d0bf1d8b07b0ef2a2febaa17
12e52bd0e3fa1da51e9c1540cff0e011e86d515409f540fc2d69c8bc5a74f317
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2d6c0b2e62a60b88136bc0977ef733af78f3cd7809f166ac5874fb14f6d5215f
32a318cc7425c80a66792cdcbcf305493f5eb4d5242b3bdb147a71689477b823
35065e40ba0d078f1ed4f4c4820685f58550d06167ce7707136bb2ddee73140d
3a3ee331cc984748ee72216cbff6cc3aa0531a3ae06bdfa4e5ad161fa1d0db5a
480295a026353571aa19090c7f4f12edf88fb0c863d26065527d22412935718d
4fe68fa216176e6d1f4580e924bafecc9f519984ecc06b1a840a08b0d88c95de
5758f180a16dcf04820c006cb0952266994564810da55f61c09f14de1476d617
592777536d718bbaea7e6d40cc02456d3fad23c248b159e56bccf176727df746
62325dfc1fc675255519674da6e2c4aad5f51cc6c3217ed3c6fbf6cabe0d86b0
6f4bf728b8036cbd974f278c50a05a3065740485c523a849e3f44fa888689e36
8fdb0784dfede3df4c5ca8d8ab638b4b986225a0087684dcc64e23e23a834b08
97b25699ca3e67fca969b74e79d9ff3ed908f48312521cfa8e1dc0d7baa8ee9a
a40611cef65783cba78381ce87133f59967c78a81e78aabacb8d15e2a8292043
b1510546fb876d8e22e9ea2e975f22d4a70eaa965d2f00187045eddf1176542e
c9abff9229debcd72aad4e26fe0741acb1b7ad0e208ba659f40c0b65c72040a5
cabe1f464fc65357a16093c0b3c3f82654e0bb41ddb29e192abc7c6c31030b72
d7243eac5e9aade58a1612e14c667c0f0faeb7375fe1c116d5fcfa09e8d1be81
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1b84f81f5157cffa38a595c8a6130b66f7eba2d62570e4acc642732b8badf8c
f9074d8dc51c52bfc8a08c53183a362a0d8e595cc2cc855808f8d4e50528f628

allegro-oplata.icu Open in urlscan Pro 104.244.73.170 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

17 Requests

6 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

1637 kBTransfer

2335 kBSize

1 Cookies

2 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

7 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

allegro-oplata.icu Open in urlscan Pro
104.244.73.170 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

6 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

1637 kB
Transfer

2335 kB
Size

1
Cookies

17 HTTP transactions
8 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!