unitronmedx.eu Open in urlscan Pro
45.82.191.17 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://unitronmedx.eu/
Submission Tags: phishingrod
Submission: On October 05 via api (October 5th 2023, 2:46:13 am UTC) from DE — Scanned from NL

Summary HTTP 8 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 8 HTTP transactions. The main IP is 45.82.191.17, located in Netherlands and belongs to DUOCAST-AS, NL. The main domain is unitronmedx.eu.
TLS certificate: Issued by R3 on October 4th 2023. Valid for: 3 months.

This is the only time unitronmedx.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
7	45.82.191.17 45.82.191.17		31477 (DUOCAST-AS) (DUOCAST-AS)
8	2

7 45.82.191.17 (Netherlands)

ASN31477 (DUOCAST-AS, NL)
PTR: shared65.cloud86-host.nl

unitronmedx.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	unitronmedx.eu unitronmedx.eu	72 KB
8	1

	Domain	Requested by
7	unitronmedx.eu	unitronmedx.eu
8	1

This site contains links to these domains. Also see Links.

Domain
www.unitron.nl

Subject Issuer	Validity	Valid
unitronmedx.eu R3	`2023-10-04` - `2024-01-02`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://unitronmedx.eu/
Frame ID: CC0A7553E5101845C77A2CC144B3A6BD
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

UnitronMedx

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

8
Requests

88 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

72 kB
Transfer

207 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.unitron.nl/
Title: Neem contact op

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response unitronmedx.eu/	46 KB 10 KB	92ms 18ms	Document text/html	45.82.191.17 DUOCAST-AS
General Check archive.org Show headers Download Go to Full URL https://unitronmedx.eu/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 45.82.191.17 , Netherlands, ASN31477 (DUOCAST-AS, NL), Reverse DNS shared65.cloud86-host.nl Software LiteSpeed / PHP/8.1.24 PleskLin Resource Hash `b49c4ddbd811c67019a91c8d21658baf4a2078c67223358a5800f5b526e19312` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-encoding br content-length 10104 content-type text/html; charset=UTF-8 date Thu, 05 Oct 2023 02:46:09 GMT etag "201-1696432669;br" link <https://unitronmedx.eu/index.php?rest_route=/>; rel="https://api.w.org/" server LiteSpeed vary Accept-Encoding x-litespeed-cache hit x-powered-by PHP/8.1.24 PleskLin
GET H2	200	flipdown.min.css unitronmedx.eu/wp-content/plugins/simple-countdown/assets/libs/	7 KB 1 KB	30ms 29ms	Stylesheet text/css	45.82.191.17 DUOCAST-AS
General Check archive.org Show headers Download Go to Full URL https://unitronmedx.eu/wp-content/plugins/simple-countdown/assets/libs/flipdown.min.css?ver=1.0.1 Requested by Host: unitronmedx.eu URL: https://unitronmedx.eu/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 45.82.191.17 , Netherlands, ASN31477 (DUOCAST-AS, NL), Reverse DNS shared65.cloud86-host.nl Software LiteSpeed / PleskLin Resource Hash `daca0f6c0960ed0ecc07374ef980ba0eee450a2394f70a18310f548e6af3aba3` Request headers accept-language nl-NL,nl;q=0.9 Referer https://unitronmedx.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Thu, 05 Oct 2023 02:46:09 GMT content-encoding br last-modified Wed, 04 Oct 2023 15:02:45 GMT server LiteSpeed etag "1b08-651d7e95-7ef165c3303de476;br" x-powered-by PleskLin vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes content-length 1013 expires Thu, 12 Oct 2023 02:46:09 GMT
GET H2	200	jquery.min.js Show response unitronmedx.eu/wp-includes/js/jquery/	85 KB 29 KB	30ms 30ms	Script application/javascript	45.82.191.17 DUOCAST-AS
General Check archive.org Show headers Download Go to Full URL https://unitronmedx.eu/wp-includes/js/jquery/jquery.min.js?ver=3.7.0 Requested by Host: unitronmedx.eu URL: https://unitronmedx.eu/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 45.82.191.17 , Netherlands, ASN31477 (DUOCAST-AS, NL), Reverse DNS shared65.cloud86-host.nl Software LiteSpeed / PleskLin Resource Hash `5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164` Request headers accept-language nl-NL,nl;q=0.9 Referer https://unitronmedx.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Thu, 05 Oct 2023 02:46:09 GMT content-encoding br last-modified Fri, 26 May 2023 11:33:35 GMT server LiteSpeed etag "155ba-6470990f-d13035eef7ea69b2;br" x-powered-by PleskLin vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 accept-ranges bytes content-length 29712 expires Thu, 12 Oct 2023 02:46:09 GMT
GET H2	200	jquery-migrate.min.js Show response unitronmedx.eu/wp-includes/js/jquery/	13 KB 5 KB	30ms 30ms	Script application/javascript	45.82.191.17 DUOCAST-AS
General Check archive.org Show headers Download Go to Full URL https://unitronmedx.eu/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 Requested by Host: unitronmedx.eu URL: https://unitronmedx.eu/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 45.82.191.17 , Netherlands, ASN31477 (DUOCAST-AS, NL), Reverse DNS shared65.cloud86-host.nl Software LiteSpeed / PleskLin Resource Hash `5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89` Request headers accept-language nl-NL,nl;q=0.9 Referer https://unitronmedx.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Thu, 05 Oct 2023 02:46:09 GMT content-encoding br last-modified Fri, 09 Jun 2023 05:49:24 GMT server LiteSpeed etag "3509-6482bd64-aec0c55e88c4de3d;br" x-powered-by PleskLin vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 accept-ranges bytes content-length 4678 expires Thu, 12 Oct 2023 02:46:09 GMT
GET H3	200	UNITRON_MEDX_KLEUR-1024x228.png unitronmedx.eu/wp-content/uploads/2023/10/	16 KB 16 KB	37ms 25ms	Image image/png	45.82.191.17 DUOCAST-AS
General Check archive.org Show headers Download Go to Show image Full URL https://unitronmedx.eu/wp-content/uploads/2023/10/UNITRON_MEDX_KLEUR-1024x228.png Requested by Host: unitronmedx.eu URL: https://unitronmedx.eu/ Protocol H3 Security QUIC, , AES_128_GCM Server 45.82.191.17 , Netherlands, ASN31477 (DUOCAST-AS, NL), Reverse DNS shared65.cloud86-host.nl Software LiteSpeed / PleskLin Resource Hash `ec95d4f81b45a8bd2fd8c8bfd14e228bcec313852ac21f9e2d2d6db68b9f8be5` Request headers accept-language nl-NL,nl;q=0.9 Referer https://unitronmedx.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Thu, 05 Oct 2023 02:46:09 GMT last-modified Wed, 04 Oct 2023 14:48:14 GMT server LiteSpeed etag "3f69-651d7b2e-b006701232c2ef31;;;" x-powered-by PleskLin content-type image/png cache-control public, max-age=604800 accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 16233 expires Thu, 12 Oct 2023 02:46:09 GMT
GET H2	200	front-countdown-timer.min.js Show response unitronmedx.eu/wp-content/plugins/simple-countdown/assets/dist/js/front/	21 KB 6 KB	32ms 15ms	Script application/javascript	45.82.191.17 DUOCAST-AS
General Check archive.org Show headers Download Go to Full URL https://unitronmedx.eu/wp-content/plugins/simple-countdown/assets/dist/js/front/front-countdown-timer.min.js?ver=1.0.1 Requested by Host: unitronmedx.eu URL: https://unitronmedx.eu/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 45.82.191.17 , Netherlands, ASN31477 (DUOCAST-AS, NL), Reverse DNS shared65.cloud86-host.nl Software LiteSpeed / PleskLin Resource Hash `33b503c370d11148b979259eb002a9e14327fb4f459a6fcd881a332d8ae44aa7` Request headers accept-language nl-NL,nl;q=0.9 Referer https://unitronmedx.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Thu, 05 Oct 2023 02:46:09 GMT content-encoding br last-modified Wed, 04 Oct 2023 15:02:45 GMT server LiteSpeed etag "528c-651d7e95-43deb95c9bdff338;br" x-powered-by PleskLin vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 accept-ranges bytes content-length 6375 expires Thu, 12 Oct 2023 02:46:09 GMT
GET BLOB	200 OK	11bab43b-5644-460d-9fab-6c01a74e8953 https://unitronmedx.eu/	1 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://unitronmedx.eu/11bab43b-5644-460d-9fab-6c01a74e8953 Requested by Host: unitronmedx.eu URL: https://unitronmedx.eu/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash `453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22` Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers Content-Length 1245 Content-Type text/javascript
GET H3	200	wp-emoji-release.min.js Show response unitronmedx.eu/wp-includes/js/	18 KB 5 KB	34ms 33ms	Script application/javascript	45.82.191.17 DUOCAST-AS
General Check archive.org Show headers Download Go to Full URL https://unitronmedx.eu/wp-includes/js/wp-emoji-release.min.js?ver=6.3.1 Requested by Host: unitronmedx.eu URL: https://unitronmedx.eu/ Protocol H3 Security QUIC, , AES_128_GCM Server 45.82.191.17 , Netherlands, ASN31477 (DUOCAST-AS, NL), Reverse DNS shared65.cloud86-host.nl Software LiteSpeed / PleskLin Resource Hash `4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230` Request headers accept-language nl-NL,nl;q=0.9 Referer https://unitronmedx.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 Response headers date Thu, 05 Oct 2023 02:46:09 GMT content-encoding br last-modified Thu, 02 Feb 2023 00:53:25 GMT server LiteSpeed etag "4904-63db0985-19c9c38fffd89b99;br" x-powered-by PleskLin vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 accept-ranges bytes content-length 4651 expires Thu, 12 Oct 2023 02:46:09 GMT

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

unitronmedx.eu
45.82.191.17
33b503c370d11148b979259eb002a9e14327fb4f459a6fcd881a332d8ae44aa7
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
b49c4ddbd811c67019a91c8d21658baf4a2078c67223358a5800f5b526e19312
daca0f6c0960ed0ecc07374ef980ba0eee450a2394f70a18310f548e6af3aba3
ec95d4f81b45a8bd2fd8c8bfd14e228bcec313852ac21f9e2d2d6db68b9f8be5

unitronmedx.eu Open in urlscan Pro 45.82.191.17 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

8 Requests

88 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

72 kBTransfer

207 kBSize

0 Cookies

1 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

0 Cookies

Indicators

unitronmedx.eu Open in urlscan Pro
45.82.191.17 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

88 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

72 kB
Transfer

207 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions