www.floranostra.hu Open in urlscan Pro
193.169.16.60 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.csigikes.hu/next/c/go/
Effective URL:
https://www.floranostra.hu/start/alg/alleg/logowanie.php
Submission: On April 11 via manual (April 11th 2022, 7:05:50 am UTC) from PL — Scanned from DE

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 11 HTTP transactions. The main IP is 193.169.16.60, located in Hungary and belongs to GTSCE GTS Central Europe Antel Germany, CZ. The main domain is www.floranostra.hu.
TLS certificate: Issued by R3 on March 15th 2022. Valid for: 3 months.

This is the only time www.floranostra.hu was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Allegro (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1	193.91.64.2 193.91.64.2	12301 (INVITECH) (INVITECH)
1	193.169.16.60 193.169.16.60	5588 (GTSCE GTS...) (GTSCE GTS Central Europe Antel Germany)
8	2a02:dcc:31::a0 2a02:dcc:31::a0	31621 (QXL-NET-P...) (QXL-NET-POLAND-AS)
1	2a02:dcc:31:: 2a02:dcc:31::	31621 (QXL-NET-P...) (QXL-NET-POLAND-AS)
11	4

1 193.91.64.2 (Budapest, Hungary)

ASN12301 (INVITECH, HU)
PTR: web3.vhost.hu

www.csigikes.hu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.169.16.60 (Hungary)

ASN5588 (GTSCE GTS Central Europe Antel Germany, CZ)
PTR: www-f02-c01.iwd.hu

www.floranostra.hu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:dcc:31::a0 (Poland)

ASN31621 (QXL-NET-POLAND-AS, PL)

assets.allegrostatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:dcc:31:: (Poland)

ASN31621 (QXL-NET-POLAND-AS, PL)

a.allegroimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	allegrostatic.com assets.allegrostatic.com — Cisco Umbrella Rank: 43528	103 KB
1	allegroimg.com a.allegroimg.com — Cisco Umbrella Rank: 40665	5 KB
1	floranostra.hu www.floranostra.hu	6 KB
1	csigikes.hu www.csigikes.hu	346 B
11	4

	Domain	Requested by
8	assets.allegrostatic.com	www.floranostra.hu
1	a.allegroimg.com	www.floranostra.hu
1	www.floranostra.hu
1	www.csigikes.hu
11	4

This site contains no links.

Subject Issuer	Validity	Valid
www.floranostra.hu R3	`2022-03-15` - `2022-06-13`	3 months	crt.sh
*.allegrostatic.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-06`	a year	crt.sh
*.allegroimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-06`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.floranostra.hu/start/alg/alleg/logowanie.php
Frame ID: 77866C5A58E656F15AAEA96138C0FC4F
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Allegro logowanie - Moje Allegro

Page URL History Show full URLs

http://www.csigikes.hu/next/c/go/ Page URL
https://www.floranostra.hu/start/alg/alleg/logowanie.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

11
Requests

91 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

114 kB
Transfer

241 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.csigikes.hu/next/c/go/ Page URL
https://www.floranostra.hu/start/alg/alleg/logowanie.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
www.csigikes.hu/next/c/go/ 107 B
346 B 218ms
159ms Document
text/html 193.91.64.2
INVITECH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.csigikes.hu/next/c/go/
Protocol: HTTP/1.1
Server: 193.91.64.2 Budapest, Hungary, ASN12301 (INVITECH, HU),
Reverse DNS: web3.vhost.hu
Software: nginx / PHP/5.6.30
Resource Hash: ec42631b1737448d436f555119af64e846922aaa225ae46b1684ab787e0a45a0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 117
Content-Type: text/html; charset=UTF-8
Date: Mon, 11 Apr 2022 07:05:45 GMT
Server: nginx
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.30

GET
H/1.1 200
OK Primary Request logowanie.php Show response
www.floranostra.hu/start/alg/alleg/ 31 KB
6 KB 2334ms
1301ms Document
text/html 193.169.16.60
GTSCE GTS Central...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.floranostra.hu/start/alg/alleg/logowanie.php
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 193.169.16.60 , Hungary, ASN5588 (GTSCE GTS Central Europe Antel Germany, CZ),
Reverse DNS: www-f02-c01.iwd.hu
Software: Apache /
Resource Hash: 2d942c991100ade6323f57882de6b08b3ecf9dd4f23a481a52813d7bafaa958e

Request headers

Referer: http://www.csigikes.hu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 5580
Content-Type: text/html
Date: Mon, 11 Apr 2022 07:05:47 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=30, max=100
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H2 200 v3-c17ed142e00e8c80fb51ebe24b3e0692931232ae67be88a8835b439ddeff663f.css
assets.allegrostatic.com/bundle/ 46 KB
8 KB 94ms
29ms Stylesheet
text/css 2a02:dcc:31::a0
QXL-NET-POLAND-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.allegrostatic.com/bundle/v3-c17ed142e00e8c80fb51ebe24b3e0692931232ae67be88a8835b439ddeff663f.css

Requested by

Host: www.floranostra.hu
URL: https://www.floranostra.hu/start/alg/alleg/logowanie.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:dcc:31::a0 , Poland, ASN31621 (QXL-NET-POLAND-AS, PL),

Reverse DNS

Software

Resource Hash

cea9c9ffa18562cda2eebb608c63c2b81d6b5f2a4609f6c6a0684d28d9dad6be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.floranostra.hu/start/alg/alleg/logowanie.php
Origin: https://www.floranostra.hu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 16:59:43 GMT
content-encoding: br
vary: Accept-Encoding
x-via-lb: hap-log-1a.dc5.alledc.net, hap-www-5b.dc5.alledc.net
age: 1605964
strict-transport-security: max-age=15552000
content-length: 7865
x-amz-expiration: expiry-date="Tue, 26 Apr 2022 00:00:00 GMT", rule-id="ExpireOldBundles"
last-modified: Tue, 25 Jan 2022 13:25:02 GMT
etag: W/"a266fbbc6e23a0ed86568426de15a9c9"
access-control-max-age: 60
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: PUBLIC, max-age=31536000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://allegro.pl, http://allegro.pl
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-CSRFToken,Expires,Pragma

GET
H2 200 main-3f3821d4a7.m.css
assets.allegrostatic.com/metrum/metrum-core/ 37 KB
6 KB 98ms
33ms Stylesheet
text/css 2a02:dcc:31::a0
QXL-NET-POLAND-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.allegrostatic.com/metrum/metrum-core/main-3f3821d4a7.m.css?v=0.6.1

Requested by

Host: www.floranostra.hu
URL: https://www.floranostra.hu/start/alg/alleg/logowanie.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:dcc:31::a0 , Poland, ASN31621 (QXL-NET-POLAND-AS, PL),

Reverse DNS

Software

Resource Hash

f40f363f9977cce4fa7317b7436ed21549f957e19df48e52901494a7914d3a7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.floranostra.hu/start/alg/alleg/logowanie.php
Origin: https://www.floranostra.hu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 07:36:06 GMT
content-encoding: br
vary: Accept-Encoding
x-via-lb: hap-log-1b.dc4.local, hap-www-5a.dc4.local
age: 1639782
content-length: 5710
last-modified: Mon, 15 Nov 2021 14:20:50 GMT
etag: W/"66720f269026cf5051dc7f0faec24895"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: PUBLIC, max-age=31536000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://allegro.pl, http://allegro.pl
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-CSRFToken,Expires,Pragma

GET
H2 200 v3-bac1a2ef2a36bf26647bf97113340a8da2757e143f70d3e9406cc28105939658.css
assets.allegrostatic.com/bundle/ 46 KB
10 KB 120ms
55ms Stylesheet
text/css 2a02:dcc:31::a0
QXL-NET-POLAND-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.allegrostatic.com/bundle/v3-bac1a2ef2a36bf26647bf97113340a8da2757e143f70d3e9406cc28105939658.css

Requested by

Host: www.floranostra.hu
URL: https://www.floranostra.hu/start/alg/alleg/logowanie.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:dcc:31::a0 , Poland, ASN31621 (QXL-NET-POLAND-AS, PL),

Reverse DNS

Software

Resource Hash

83b99d826b31fe43a1773fa5041d65e56311577532c0f0700ec2cb0a0f49e371

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.floranostra.hu/start/alg/alleg/logowanie.php
Origin: https://www.floranostra.hu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 15:13:59 GMT
content-encoding: br
vary: Accept-Encoding
x-via-lb: hap-log-1a.dc4.local, hap-www-5b.dc5.alledc.net
age: 1612309
strict-transport-security: max-age=15552000
content-length: 10003
x-amz-expiration: expiry-date="Tue, 10 May 2022 00:00:00 GMT", rule-id="ExpireOldBundles"
last-modified: Tue, 08 Feb 2022 13:14:45 GMT
etag: W/"6e5bb6b9cd8908abfcf5ee98deaaca83"
access-control-max-age: 60
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: PUBLIC, max-age=31536000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://allegro.pl, http://allegro.pl
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-CSRFToken,Expires,Pragma

GET
H2 200 b8806483460d99ec3739941289ab
a.allegroimg.com/original/1201da/ 4 KB
5 KB 109ms
34ms Image
image/svg+xml 2a02:dcc:31::
QXL-NET-POLAND-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.allegroimg.com/original/1201da/b8806483460d99ec3739941289ab

Requested by

Host: www.floranostra.hu
URL: https://www.floranostra.hu/start/alg/alleg/logowanie.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:dcc:31:: , Poland, ASN31621 (QXL-NET-POLAND-AS, PL),

Reverse DNS

Software

Resource Hash

34974dd18de8335323dadc9973669bb94d475ae70453633ffb347b52a503ce98

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.floranostra.hu/start/alg/alleg/logowanie.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 07:05:48 GMT
x-content-type-options: nosniff
accept-ch: Width
etag: "6f359de826fb07ce60a746d413d04b24"
vary: Accept
accept-ch-lifetime: 86400
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=15552000
content-length: 4317
timing-allow-origin: https://allegro.pl, http://allegro.pl
x-source-image-type: vector

GET
H2 200 arrowhead-9148b8f39c.svg
assets.allegrostatic.com/metrum/icon/ 203 B
802 B 99ms
31ms Image
image/svg+xml 2a02:dcc:31::a0
QXL-NET-POLAND-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.allegrostatic.com/metrum/icon/arrowhead-9148b8f39c.svg

Requested by

Host: www.floranostra.hu
URL: https://www.floranostra.hu/start/alg/alleg/logowanie.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:dcc:31::a0 , Poland, ASN31621 (QXL-NET-POLAND-AS, PL),

Reverse DNS

Software

Resource Hash

0f71432615da814ac3b38f945744dc798c90436a2f61fda1adf88e964296edde

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.floranostra.hu/start/alg/alleg/logowanie.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 02:32:27 GMT
vary: Accept-Encoding
x-via-lb: hap-log-1b.dc4.local, hap-www-5a.dc4.local
age: 1658001
content-length: 203
last-modified: Thu, 03 Mar 2022 17:56:35 GMT
etag: "9148b8f39cdbd338718a9a6b0ce4b249"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: PUBLIC, max-age=31536000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://allegro.pl, http://allegro.pl
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-CSRFToken,Expires,Pragma

GET
H2 200 facebook-a2b92f9dcb.svg
assets.allegrostatic.com/metrum/icon/ 335 B
933 B 34ms
32ms Image
image/svg+xml 2a02:dcc:31::a0
QXL-NET-POLAND-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.allegrostatic.com/metrum/icon/facebook-a2b92f9dcb.svg

Requested by

Host: www.floranostra.hu
URL: https://www.floranostra.hu/start/alg/alleg/logowanie.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:dcc:31::a0 , Poland, ASN31621 (QXL-NET-POLAND-AS, PL),

Reverse DNS

Software

Resource Hash

71363981721d7b375e3796efa56a15dfae4d3b4f58f5bfe0e9a1af33cc93a04a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.floranostra.hu/start/alg/alleg/logowanie.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 02:32:47 GMT
vary: Accept-Encoding
x-via-lb: hap-log-1b.dc4.local, hap-www-5a.dc4.local
age: 1657980
content-length: 335
last-modified: Thu, 03 Mar 2022 17:56:35 GMT
etag: "a2b92f9dcb8fbf37c65c9f7e3abf35fd"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: PUBLIC, max-age=31536000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://allegro.pl, http://allegro.pl
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-CSRFToken,Expires,Pragma

GET
H2 200 google-e101bd3c2c.svg
assets.allegrostatic.com/metrum/icon/ 691 B
1 KB 34ms
33ms Image
image/svg+xml 2a02:dcc:31::a0
QXL-NET-POLAND-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.allegrostatic.com/metrum/icon/google-e101bd3c2c.svg

Requested by

Host: www.floranostra.hu
URL: https://www.floranostra.hu/start/alg/alleg/logowanie.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:dcc:31::a0 , Poland, ASN31621 (QXL-NET-POLAND-AS, PL),

Reverse DNS

Software

Resource Hash

4e967112bf698f405d25c2043c9214ef42a8981f08e01d9cefa4c8323b75f000

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.floranostra.hu/start/alg/alleg/logowanie.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 07:36:06 GMT
vary: Accept-Encoding
x-via-lb: hap-log-1b.dc4.local, hap-www-5a.dc4.local
age: 1639782
content-length: 691
last-modified: Thu, 03 Mar 2022 17:56:35 GMT
etag: "e101bd3c2c7cb29407476ea25960c730"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: PUBLIC, max-age=31536000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://allegro.pl, http://allegro.pl
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-CSRFToken,Expires,Pragma

GET
H2 200 open-sans-latin-variable-wghtOnly-normal_168737b8.woff2
assets.allegrostatic.com/sc-15284/statics/ 44 KB
44 KB 29ms
29ms Font
font/woff2 2a02:dcc:31::a0
QXL-NET-POLAND-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.allegrostatic.com/sc-15284/statics/open-sans-latin-variable-wghtOnly-normal_168737b8.woff2

Requested by

Host: www.floranostra.hu
URL: https://www.floranostra.hu/start/alg/alleg/logowanie.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:dcc:31::a0 , Poland, ASN31621 (QXL-NET-POLAND-AS, PL),

Reverse DNS

Software

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.floranostra.hu/
Origin: https://www.floranostra.hu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 07:44:56 GMT
vary: Accept-Encoding
x-via-lb: hap-log-1b.dc4.local, hap-www-5a.dc4.local
age: 1639251
strict-transport-security: max-age=15552000
content-length: 44656
last-modified: Wed, 16 Feb 2022 14:04:22 GMT
etag: "a698723ffb7c306e852d2a2754a41bb1"
access-control-max-age: 60
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: PUBLIC, max-age=31536000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://allegro.pl, http://allegro.pl
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-CSRFToken,Expires,Pragma

GET
H2 200 open-sans-latin-ext-variable-wghtOnly-normal_41529361.woff2
assets.allegrostatic.com/sc-15284/statics/ 31 KB
31 KB 63ms
62ms Font
font/woff2 2a02:dcc:31::a0
QXL-NET-POLAND-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.allegrostatic.com/sc-15284/statics/open-sans-latin-ext-variable-wghtOnly-normal_41529361.woff2

Requested by

Host: www.floranostra.hu
URL: https://www.floranostra.hu/start/alg/alleg/logowanie.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:dcc:31::a0 , Poland, ASN31621 (QXL-NET-POLAND-AS, PL),

Reverse DNS

Software

Resource Hash

e3bbdc376b0d9f6584950084b59e7fffc02ca3da87ea543bafe19d4a5e1b9f0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.floranostra.hu/
Origin: https://www.floranostra.hu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 07:45:21 GMT
vary: Accept-Encoding
x-via-lb: hap-log-1b.dc4.local, hap-www-5a.dc4.local
age: 1639226
strict-transport-security: max-age=15552000
content-length: 31272
last-modified: Wed, 16 Feb 2022 14:04:22 GMT
etag: "aaca0b46f96d94bbfcc25ce32128954c"
access-control-max-age: 60
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: PUBLIC, max-age=31536000, immutable
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://allegro.pl, http://allegro.pl
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-CSRFToken,Expires,Pragma

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Allegro (Banking)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.floranostra.hu/	1969-12-31 23:59:59	Name: PHPSID Value: c4fbc687bf7502a4ec58dd96cec2d06d

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.allegroimg.com
assets.allegrostatic.com
www.csigikes.hu
www.floranostra.hu
193.169.16.60
193.91.64.2
2a02:dcc:31::
2a02:dcc:31::a0
0f71432615da814ac3b38f945744dc798c90436a2f61fda1adf88e964296edde
2d942c991100ade6323f57882de6b08b3ecf9dd4f23a481a52813d7bafaa958e
34974dd18de8335323dadc9973669bb94d475ae70453633ffb347b52a503ce98
4e967112bf698f405d25c2043c9214ef42a8981f08e01d9cefa4c8323b75f000
71363981721d7b375e3796efa56a15dfae4d3b4f58f5bfe0e9a1af33cc93a04a
83b99d826b31fe43a1773fa5041d65e56311577532c0f0700ec2cb0a0f49e371
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
cea9c9ffa18562cda2eebb608c63c2b81d6b5f2a4609f6c6a0684d28d9dad6be
e3bbdc376b0d9f6584950084b59e7fffc02ca3da87ea543bafe19d4a5e1b9f0e
ec42631b1737448d436f555119af64e846922aaa225ae46b1684ab787e0a45a0
f40f363f9977cce4fa7317b7436ed21549f957e19df48e52901494a7914d3a7f

www.floranostra.hu Open in urlscan Pro 193.169.16.60 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

91 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

114 kBTransfer

241 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Global Variables

1 Cookies

Indicators

www.floranostra.hu Open in urlscan Pro
193.169.16.60 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

91 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

114 kB
Transfer

241 kB
Size

1
Cookies

11 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!