urlscan.io logo urlscan.io
SecurityTrails logo

gruporioled.com.br Open in urlscan Pro
162.241.60.120  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://gruporioled.com.br/bankaustria/#2odbsx6gh0bpc7us9rld
Effective URL: https://gruporioled.com.br/bankaustria/
Submission: On February 21 via automatic, source phishtank — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 25 HTTP transactions. The main IP is 162.241.60.120, located in United States and belongs to NETWORK-SOLUTIONS-HOSTING, US. The main domain is gruporioled.com.br.
TLS certificate: Issued by R3 on January 30th 2024. Valid for: 3 months.
This is the only time gruporioled.com.br was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Unicredit (Banking)

Domain & IP information

IP Address AS Autonomous System
11 162.241.60.120 19871 (NETWORK-S...)
13 23.37.63.13 16625 (AKAMAI-AS)
1 34.195.203.205 14618 (AMAZON-AES)
25 3
Apex Domain
Subdomains		 Transfer
11 gruporioled.com.br
gruporioled.com.br
231 KB
8 bankaustria.at
login.bankaustria.at
72 KB
5 ucgstatic.eu
at-assets.ucgstatic.eu
875 KB
1 abstractapi.com
ipgeolocation.abstractapi.com — Cisco Umbrella Rank: 86113
1 KB
25 4
Domain Requested by
11 gruporioled.com.br gruporioled.com.br
8 login.bankaustria.at gruporioled.com.br
login.bankaustria.at
5 at-assets.ucgstatic.eu login.bankaustria.at
gruporioled.com.br
1 ipgeolocation.abstractapi.com gruporioled.com.br
25 4

This site contains links to these domains. Also see Links.

Domain
banking.bankaustria.at
Subject Issuer Validity Valid
gruporioled.com.br
R3		 2024-01-30 -
2024-04-29		 3 months crt.sh
www.bankaustria.at
Actalis Organization Validated Server CA G3		 2023-08-17 -
2024-08-17		 a year crt.sh
ipgeolocation.abstractapi.com
Amazon RSA 2048 M02		 2023-04-23 -
2024-05-21		 a year crt.sh

This page contains 1 frames:

Primary Page: https://gruporioled.com.br/bankaustria/
Frame ID: FCB64E41047E623D18C50D21E1790D31
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bank Austria

Detected technologies

Overall confidence: 100%
Detected patterns
  • /etc/designs/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

1179 kB
Transfer

1854 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
gruporioled.com.br/bankaustria/ 		42 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gruporioled.com.br/bankaustria/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.120 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-60-120.unifiedlayer.com
Software
Apache /
Resource Hash
3d012f15a3bcc342db4e1d02525a9c25c9f0ee11858343136c6e5548460221db

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
8555
content-type
text/html
date
Wed, 21 Feb 2024 04:35:35 GMT
last-modified
Thu, 01 Jun 2023 14:17:51 GMT
server
Apache
vary
Accept-Encoding
ruxitagentjs_ICA27NVdfghijoqrux_10261230220152234.js
gruporioled.com.br/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://gruporioled.com.br/ruxitagentjs_ICA27NVdfghijoqrux_10261230220152234.js
Requested by
Host: gruporioled.com.br
URL: https://gruporioled.com.br/bankaustria/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.120 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-60-120.unifiedlayer.com
Software
Apache /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gruporioled.com.br/bankaustria/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 04:35:35 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
link
<https://gruporioled.com.br/wp-json/>; rel="https://api.w.org/"
content-length
17388
expires
Wed, 11 Jan 1984 05:00:00 GMT
styles.784a1ee08c2d3dba8753.css
login.bankaustria.at/ 		194 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.bankaustria.at/styles.784a1ee08c2d3dba8753.css
Requested by
Host: gruporioled.com.br
URL: https://gruporioled.com.br/bankaustria/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.63.13 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-63-13.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
138eda952719e15e5343f2fdf4ad5890b0588839ce5a7c5c2258e6e14a5d27b3
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gruporioled.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
x-content-type-options
nosniff
date
Wed, 21 Feb 2024 04:35:35 GMT
content-encoding
gzip
content-security-policy-report-only
style-src 'self' 'unsafe-inline' https://login.bankaustria.at ; style-src-elem 'self' 'unsafe-inline' https://login.bankaustria.at ; img-src 'self' https://login.bankaustria.at https://at-assets.ucgstatic.eu blob: https://www.gstatic.com https://fonts.gstatic.com ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
server-timing
dtSInfo;desc="0", dtRpid;desc="60845371"
x-cell-n
1
content-length
26917
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 12 Feb 2024 23:02:01 GMT
x-cell
ON
etag
"306b3-6113743f7be5b"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
121-icon01.png
login.bankaustria.at/assets/icons/ 		924 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.bankaustria.at/assets/icons/121-icon01.png?121L=Ready&1685628541267
Requested by
Host: gruporioled.com.br
URL: https://gruporioled.com.br/bankaustria/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.63.13 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-63-13.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
705a4996f7b4dbd5bc22eec596d9b6480563938c73dec3f7f57ad31403b9e790
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gruporioled.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Mon, 12 Feb 2024 23:01:33 GMT
x-cell
ON
date
Wed, 21 Feb 2024 04:35:35 GMT
etag
"39c-61137425458af"
content-security-policy-report-only
style-src 'self' 'unsafe-inline' https://login.bankaustria.at ; style-src-elem 'self' 'unsafe-inline' https://login.bankaustria.at ; img-src 'self' https://login.bankaustria.at https://at-assets.ucgstatic.eu blob: https://www.gstatic.com https://fonts.gstatic.com ; worker-src 'self' ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
content-type
image/png
server-timing
dtSInfo;desc="0", dtRpid;desc="1272340651"
accept-ranges
bytes
x-cell-n
1
content-length
924
x-xss-protection
1; mode=block
BAMofUC-logo-flat.svg
gruporioled.com.br/content/dam/gimb/at/Common%20area/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gruporioled.com.br/content/dam/gimb/at/Common%20area/BAMofUC-logo-flat.svg
Requested by
Host: gruporioled.com.br
URL: https://gruporioled.com.br/bankaustria/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.120 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-60-120.unifiedlayer.com
Software
Apache /
Resource Hash
7ab3cac03f2a9e17fbd8ce607bbc3fd461c2feaefb32c3d4178ad16f05731090

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gruporioled.com.br/bankaustria/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 04:35:35 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
link
<https://gruporioled.com.br/wp-json/>; rel="https://api.w.org/"
content-length
17388
expires
Wed, 11 Jan 1984 05:00:00 GMT
jquery-1.11.3.min.js
gruporioled.com.br/bankaustria/static/js/ 		94 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gruporioled.com.br/bankaustria/static/js/jquery-1.11.3.min.js
Requested by
Host: gruporioled.com.br
URL: https://gruporioled.com.br/bankaustria/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.120 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-60-120.unifiedlayer.com
Software
Apache /
Resource Hash
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gruporioled.com.br/bankaustria/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 04:35:35 GMT
content-encoding
gzip
last-modified
Thu, 01 Jun 2023 14:17:51 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding
content-type
application/javascript
firebase-app.js
gruporioled.com.br/bankaustria/static/js/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gruporioled.com.br/bankaustria/static/js/firebase-app.js
Requested by
Host: gruporioled.com.br
URL: https://gruporioled.com.br/bankaustria/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.120 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-60-120.unifiedlayer.com
Software
Apache /
Resource Hash
6704c8c217305558f1238332118ecb9184dfc060541bf9bf09b8b35bed5d7789

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gruporioled.com.br/bankaustria/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 04:35:36 GMT
content-encoding
gzip
last-modified
Thu, 01 Jun 2023 14:17:51 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
7942
firebase-database.js
gruporioled.com.br/bankaustria/static/js/ 		188 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gruporioled.com.br/bankaustria/static/js/firebase-database.js
Requested by
Host: gruporioled.com.br
URL: https://gruporioled.com.br/bankaustria/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.120 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-60-120.unifiedlayer.com
Software
Apache /
Resource Hash
d7d2640fe6a4d1fffff63feaedc932df97522a06845016952e173b753fd47640

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gruporioled.com.br/bankaustria/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 04:35:36 GMT
content-encoding
gzip
last-modified
Thu, 01 Jun 2023 14:17:51 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding
content-type
application/javascript
jquery.mask.min.js
gruporioled.com.br/bankaustria/static/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gruporioled.com.br/bankaustria/static/js/jquery.mask.min.js
Requested by
Host: gruporioled.com.br
URL: https://gruporioled.com.br/bankaustria/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.120 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-60-120.unifiedlayer.com
Software
Apache /
Resource Hash
5f8e21f061de1874e4af063f095a389187c40583c9033946e406a8bb825ca358

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gruporioled.com.br/bankaustria/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 04:35:36 GMT
content-encoding
gzip
last-modified
Thu, 01 Jun 2023 14:17:51 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
3442
jquery.payment.min.js
gruporioled.com.br/bankaustria/static/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gruporioled.com.br/bankaustria/static/js/jquery.payment.min.js
Requested by
Host: gruporioled.com.br
URL: https://gruporioled.com.br/bankaustria/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.120 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-60-120.unifiedlayer.com
Software
Apache /
Resource Hash
6c4ba1c662b440b3aefe5e5147ea2df72f80e510e4979c65485a7b0fff894e37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gruporioled.com.br/bankaustria/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 04:35:36 GMT
content-encoding
gzip
last-modified
Thu, 01 Jun 2023 14:17:51 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
3121
script.js
gruporioled.com.br/bankaustria/static/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gruporioled.com.br/bankaustria/static/js/script.js
Requested by
Host: gruporioled.com.br
URL: https://gruporioled.com.br/bankaustria/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.120 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-60-120.unifiedlayer.com
Software
Apache /
Resource Hash
8bdc9d15752e1eeab7b682b952c2b839f02a942236fb5373fd854a9e52361dd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gruporioled.com.br/bankaustria/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 04:35:36 GMT
content-encoding
gzip
last-modified
Thu, 01 Jun 2023 14:17:51 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
3334
sprite-common.3e5b2c121f315bbb93fb.png
login.bankaustria.at/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.bankaustria.at/sprite-common.3e5b2c121f315bbb93fb.png
Requested by
Host: login.bankaustria.at
URL: https://login.bankaustria.at/styles.784a1ee08c2d3dba8753.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.63.13 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-63-13.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9ba28c18fb75f3a6fcee96df6421c475570a4161b0c59637b878d7b4520169c3
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.bankaustria.at/styles.784a1ee08c2d3dba8753.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Mon, 12 Feb 2024 23:01:58 GMT
x-cell
ON
date
Wed, 21 Feb 2024 04:35:36 GMT
etag
"58ad-6113743d0c90a"
content-security-policy-report-only
style-src 'self' 'unsafe-inline' https://login.bankaustria.at ; style-src-elem 'self' 'unsafe-inline' https://login.bankaustria.at ; img-src 'self' https://login.bankaustria.at https://at-assets.ucgstatic.eu blob: https://www.gstatic.com https://fonts.gstatic.com ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
content-type
image/png
server-timing
dtSInfo;desc="0", dtRpid;desc="-1041759310"
accept-ranges
bytes
x-cell-n
1
content-length
22701
x-xss-protection
1; mode=block
logo-bank-austria.7e424a2ba17a0f3748e9.svg
login.bankaustria.at/ 		9 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.bankaustria.at/logo-bank-austria.7e424a2ba17a0f3748e9.svg
Requested by
Host: login.bankaustria.at
URL: https://login.bankaustria.at/styles.784a1ee08c2d3dba8753.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.63.13 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-63-13.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
208b4feaf8e35d6c6cc15eb83133d392297a0723562bc07d584d17bbea505514
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.bankaustria.at/styles.784a1ee08c2d3dba8753.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
x-content-type-options
nosniff
date
Wed, 21 Feb 2024 04:35:36 GMT
content-encoding
gzip
content-security-policy-report-only
style-src 'self' 'unsafe-inline' https://login.bankaustria.at ; style-src-elem 'self' 'unsafe-inline' https://login.bankaustria.at ; img-src 'self' https://login.bankaustria.at https://at-assets.ucgstatic.eu blob: https://www.gstatic.com https://fonts.gstatic.com ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
server-timing
dtSInfo;desc="0", dtRpid;desc="-1678324154"
x-cell-n
1
content-length
3309
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 12 Feb 2024 23:01:58 GMT
x-cell
ON
etag
"243b-6113743d0155a"
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
bytes
unicredit-light.otf
at-assets.ucgstatic.eu/etc/designs/gimb/fonts/ 		102 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://at-assets.ucgstatic.eu/etc/designs/gimb/fonts/unicredit-light.otf
Requested by
Host: login.bankaustria.at
URL: https://login.bankaustria.at/styles.784a1ee08c2d3dba8753.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.63.13 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-63-13.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d2a581a44777e10ff328ea0bd91f0da802af4d9d8b5f5a7f3d5473560e338fb6
Security Headers
Name Value
Content-Security-Policy frame-src 'self' ; frame-ancestors 'self' ;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://login.bankaustria.at/
Origin
https://gruporioled.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
frame-src 'self' ; frame-ancestors 'self' ;
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-encoding
gzip
vts-h4
GN LM
etag
"19930"
date
Wed, 21 Feb 2024 04:35:36 GMT
content-security-policy-report-only
script-src 'self' 'unsafe-inline' ; script-src-elem 'self' 'unsafe-inline' ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
vary
Accept-Encoding
access-control-allow-origin
*
accept-ranges
bytes
content-length
43445
x-xss-protection
1; mode=block
ico-infologin.053916b87369ee8dcb7c.png
login.bankaustria.at/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.bankaustria.at/ico-infologin.053916b87369ee8dcb7c.png
Requested by
Host: gruporioled.com.br
URL: https://gruporioled.com.br/bankaustria/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.63.13 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-63-13.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e41c557c2dcc8f98c3bb29c83a23b4cf79b4606e9fe6e692331e128ccecc51f6
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gruporioled.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Mon, 12 Feb 2024 23:02:01 GMT
x-cell
ON
date
Wed, 21 Feb 2024 04:35:36 GMT
etag
"647-6113743f55910"
content-security-policy-report-only
style-src 'self' 'unsafe-inline' https://login.bankaustria.at ; style-src-elem 'self' 'unsafe-inline' https://login.bankaustria.at ; img-src 'self' https://login.bankaustria.at https://at-assets.ucgstatic.eu blob: https://www.gstatic.com https://fonts.gstatic.com ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
content-type
image/png
server-timing
dtSInfo;desc="0", dtRpid;desc="-716361666"
accept-ranges
bytes
x-cell-n
1
content-length
1607
x-xss-protection
1; mode=block
sprite-lang-at.0b5293ce47991ab4293d.png
login.bankaustria.at/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.bankaustria.at/sprite-lang-at.0b5293ce47991ab4293d.png
Requested by
Host: gruporioled.com.br
URL: https://gruporioled.com.br/bankaustria/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.63.13 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-63-13.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
14fcf0f22a5e48daed3bf981ac816103c8c68bfbd16ab8bbd5c38352d702c4d9
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gruporioled.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Mon, 12 Feb 2024 23:01:58 GMT
x-cell
ON
date
Wed, 21 Feb 2024 04:35:36 GMT
etag
"834-6113743d0d4c2"
content-security-policy-report-only
style-src 'self' 'unsafe-inline' https://login.bankaustria.at ; style-src-elem 'self' 'unsafe-inline' https://login.bankaustria.at ; img-src 'self' https://login.bankaustria.at https://at-assets.ucgstatic.eu blob: https://www.gstatic.com https://fonts.gstatic.com ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
content-type
image/png
server-timing
dtSInfo;desc="0", dtRpid;desc="-598199830"
accept-ranges
bytes
x-cell-n
1
content-length
2100
x-xss-protection
1; mode=block
sprite-lang-en.710420b130f6d415cd2d.png
login.bankaustria.at/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.bankaustria.at/sprite-lang-en.710420b130f6d415cd2d.png
Requested by
Host: gruporioled.com.br
URL: https://gruporioled.com.br/bankaustria/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.63.13 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-63-13.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e556970daffaaa792d747bc5a7ed2d7d256913abddc89c37ab259e786873e4af
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gruporioled.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Mon, 12 Feb 2024 23:02:01 GMT
x-cell
ON
date
Wed, 21 Feb 2024 04:35:36 GMT
etag
"145a-6113743f78b93"
content-security-policy-report-only
style-src 'self' 'unsafe-inline' https://login.bankaustria.at ; style-src-elem 'self' 'unsafe-inline' https://login.bankaustria.at ; img-src 'self' https://login.bankaustria.at https://at-assets.ucgstatic.eu blob: https://www.gstatic.com https://fonts.gstatic.com ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
content-type
image/png
server-timing
dtSInfo;desc="0", dtRpid;desc="1930005628"
accept-ranges
bytes
x-cell-n
1
content-length
5210
x-xss-protection
1; mode=block
1683702467764.png
at-assets.ucgstatic.eu/content/gimb2_at/de/login/login/jcr:content/content_parsys/bordercontainer/wcm/wcmparsys/WCMparsys_cont/verticalbanner/img.img.png/ 		727 KB
728 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://at-assets.ucgstatic.eu/content/gimb2_at/de/login/login/jcr:content/content_parsys/bordercontainer/wcm/wcmparsys/WCMparsys_cont/verticalbanner/img.img.png/1683702467764.png
Requested by
Host: gruporioled.com.br
URL: https://gruporioled.com.br/bankaustria/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.63.13 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-63-13.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
77bc6befe77932a63a82927a6b6b07e0e4e4971ce275532fde5f7ebe964d4929
Security Headers
Name Value
Content-Security-Policy frame-src 'self' ; frame-ancestors 'self' ;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gruporioled.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
frame-src 'self' ; frame-ancestors 'self' ;
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
date
Wed, 21 Feb 2024 04:35:36 GMT
etag
"b5a5a"
content-security-policy-report-only
script-src 'self' 'unsafe-inline' ; script-src-elem 'self' 'unsafe-inline' ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
744026
x-xss-protection
1; mode=block
vts-h2
FP FD FR
expires
Fri, 22 Mar 2024 04:23:48 GMT
footer_spriteAT.a2190986effe21e90449.png
login.bankaustria.at/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.bankaustria.at/footer_spriteAT.a2190986effe21e90449.png
Requested by
Host: login.bankaustria.at
URL: https://login.bankaustria.at/styles.784a1ee08c2d3dba8753.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.63.13 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-63-13.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
03f64a4e3a0b274988a9573bff90344401b3c58bfff26eec0090f57a397a97ea
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://login.bankaustria.at/styles.784a1ee08c2d3dba8753.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Mon, 12 Feb 2024 23:02:01 GMT
x-cell
ON
date
Wed, 21 Feb 2024 04:35:36 GMT
etag
"a06-6113743f52a30"
content-security-policy-report-only
style-src 'self' 'unsafe-inline' https://login.bankaustria.at ; style-src-elem 'self' 'unsafe-inline' https://login.bankaustria.at ; img-src 'self' https://login.bankaustria.at https://at-assets.ucgstatic.eu blob: https://www.gstatic.com https://fonts.gstatic.com ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
content-type
image/png
server-timing
dtSInfo;desc="0", dtRpid;desc="-212851894"
accept-ranges
bytes
x-cell-n
1
content-length
2566
x-xss-protection
1; mode=block
IconWerk2-mono-v05.woff
at-assets.ucgstatic.eu/etc/designs/gimb/fonts/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://at-assets.ucgstatic.eu/etc/designs/gimb/fonts/IconWerk2-mono-v05.woff
Requested by
Host: login.bankaustria.at
URL: https://login.bankaustria.at/styles.784a1ee08c2d3dba8753.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.63.13 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-63-13.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ed52d1853f53680f3555bdb1df68e1fd7f9e05d0736ad4c178c1bc135c45bc3c
Security Headers
Name Value
Content-Security-Policy frame-src 'self' ; frame-ancestors 'self' ;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://login.bankaustria.at/
Origin
https://gruporioled.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
frame-src 'self' ; frame-ancestors 'self' ;
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
vts-h4
GN LM
etag
"3cb8"
date
Wed, 21 Feb 2024 04:35:36 GMT
content-security-policy-report-only
script-src 'self' 'unsafe-inline' ; script-src-elem 'self' 'unsafe-inline' ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
access-control-allow-origin
*
accept-ranges
bytes
content-length
15544
x-xss-protection
1; mode=block
unicredit-regular.otf
at-assets.ucgstatic.eu/etc/designs/gimb/fonts/ 		98 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://at-assets.ucgstatic.eu/etc/designs/gimb/fonts/unicredit-regular.otf
Requested by
Host: login.bankaustria.at
URL: https://login.bankaustria.at/styles.784a1ee08c2d3dba8753.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.63.13 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-63-13.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
963393f63d45aeaac62538ec34e43d160ee37b7f5de2aa13b3161ab432742d9f
Security Headers
Name Value
Content-Security-Policy frame-src 'self' ; frame-ancestors 'self' ;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://login.bankaustria.at/
Origin
https://gruporioled.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
frame-src 'self' ; frame-ancestors 'self' ;
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-encoding
gzip
vts-h4
GN LM
etag
"186c0"
date
Wed, 21 Feb 2024 04:35:36 GMT
content-security-policy-report-only
script-src 'self' 'unsafe-inline' ; script-src-elem 'self' 'unsafe-inline' ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
vary
Accept-Encoding
access-control-allow-origin
*
accept-ranges
bytes
content-length
42487
x-xss-protection
1; mode=block
unicredit-medium.otf
at-assets.ucgstatic.eu/etc/designs/gimb/fonts/ 		114 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://at-assets.ucgstatic.eu/etc/designs/gimb/fonts/unicredit-medium.otf
Requested by
Host: login.bankaustria.at
URL: https://login.bankaustria.at/styles.784a1ee08c2d3dba8753.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.63.13 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-63-13.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
04128b81d8363303ec8d2724ec3892f00ba147ed86ef90d91e121c85476a1234
Security Headers
Name Value
Content-Security-Policy frame-src 'self' ; frame-ancestors 'self' ;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://login.bankaustria.at/
Origin
https://gruporioled.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
frame-src 'self' ; frame-ancestors 'self' ;
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-encoding
gzip
vts-h4
GN LM
etag
"1c9fc"
date
Wed, 21 Feb 2024 04:35:36 GMT
content-security-policy-report-only
script-src 'self' 'unsafe-inline' ; script-src-elem 'self' 'unsafe-inline' ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
vary
Accept-Encoding
access-control-allow-origin
*
accept-ranges
bytes
content-length
47656
x-xss-protection
1; mode=block
wait
gruporioled.com.br/bankaustria/static/model/ 		64 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gruporioled.com.br/bankaustria/static/model/wait
Requested by
Host: gruporioled.com.br
URL: https://gruporioled.com.br/bankaustria/static/js/jquery-1.11.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.120 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-60-120.unifiedlayer.com
Software
Apache /
Resource Hash
7ab3cac03f2a9e17fbd8ce607bbc3fd461c2feaefb32c3d4178ad16f05731090

Request headers

Accept
text/html, */*; q=0.01
Referer
https://gruporioled.com.br/bankaustria/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 04:35:36 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
link
<https://gruporioled.com.br/wp-json/>; rel="https://api.w.org/"
content-length
17388
expires
Wed, 11 Jan 1984 05:00:00 GMT
/
ipgeolocation.abstractapi.com/v1/ 		963 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipgeolocation.abstractapi.com/v1/?api_key=75df5f8406ab47e4b5a8d7cd09088034
Requested by
Host: gruporioled.com.br
URL: https://gruporioled.com.br/bankaustria/static/js/jquery-1.11.3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.203.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-203-205.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d668f48aba84e402a7d0405ab7e29390308c914f76973b19ec8ca0e298d7d346
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://gruporioled.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 04:35:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
same-origin
server
nginx/1.18.0 (Ubuntu)
vary
Cookie, Origin
allow
GET, HEAD, OPTIONS
content-type
application/json
x-frame-options
DENY
access-control-allow-origin
*
content-length
963
log
gruporioled.com.br/bankaustria/static/model/ 		64 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gruporioled.com.br/bankaustria/static/model/log
Requested by
Host: gruporioled.com.br
URL: https://gruporioled.com.br/bankaustria/static/js/jquery-1.11.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.120 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-60-120.unifiedlayer.com
Software
Apache /
Resource Hash
7ab3cac03f2a9e17fbd8ce607bbc3fd461c2feaefb32c3d4178ad16f05731090

Request headers

Accept
text/html, */*; q=0.01
Referer
https://gruporioled.com.br/bankaustria/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 04:35:36 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
link
<https://gruporioled.com.br/wp-json/>; rel="https://api.w.org/"
content-length
17388
expires
Wed, 11 Jan 1984 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Unicredit (Banking)

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| firebase object| $jscomp function| callview function| submitlogin function| tel function| showerror function| hideerror function| newVisitor function| writeCookie function| readCookie function| readText function| onloadfunction function| gologin object| resultabstactapi string| varval string| mailcache string| waiting

0 Cookies

4 Console Messages

Source Level URL
Text
network error URL: https://gruporioled.com.br/content/dam/gimb/at/Common%20area/BAMofUC-logo-flat.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://gruporioled.com.br/ruxitagentjs_ICA27NVdfghijoqrux_10261230220152234.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://gruporioled.com.br/bankaustria/static/model/wait
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://gruporioled.com.br/bankaustria/static/model/log
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

at-assets.ucgstatic.eu
gruporioled.com.br
ipgeolocation.abstractapi.com
login.bankaustria.at
162.241.60.120
23.37.63.13
34.195.203.205
03f64a4e3a0b274988a9573bff90344401b3c58bfff26eec0090f57a397a97ea
04128b81d8363303ec8d2724ec3892f00ba147ed86ef90d91e121c85476a1234
138eda952719e15e5343f2fdf4ad5890b0588839ce5a7c5c2258e6e14a5d27b3
14fcf0f22a5e48daed3bf981ac816103c8c68bfbd16ab8bbd5c38352d702c4d9
208b4feaf8e35d6c6cc15eb83133d392297a0723562bc07d584d17bbea505514
3d012f15a3bcc342db4e1d02525a9c25c9f0ee11858343136c6e5548460221db
5f8e21f061de1874e4af063f095a389187c40583c9033946e406a8bb825ca358
6704c8c217305558f1238332118ecb9184dfc060541bf9bf09b8b35bed5d7789
6c4ba1c662b440b3aefe5e5147ea2df72f80e510e4979c65485a7b0fff894e37
705a4996f7b4dbd5bc22eec596d9b6480563938c73dec3f7f57ad31403b9e790
77bc6befe77932a63a82927a6b6b07e0e4e4971ce275532fde5f7ebe964d4929
7ab3cac03f2a9e17fbd8ce607bbc3fd461c2feaefb32c3d4178ad16f05731090
8bdc9d15752e1eeab7b682b952c2b839f02a942236fb5373fd854a9e52361dd9
963393f63d45aeaac62538ec34e43d160ee37b7f5de2aa13b3161ab432742d9f
9ba28c18fb75f3a6fcee96df6421c475570a4161b0c59637b878d7b4520169c3
d2a581a44777e10ff328ea0bd91f0da802af4d9d8b5f5a7f3d5473560e338fb6
d668f48aba84e402a7d0405ab7e29390308c914f76973b19ec8ca0e298d7d346
d7d2640fe6a4d1fffff63feaedc932df97522a06845016952e173b753fd47640
e41c557c2dcc8f98c3bb29c83a23b4cf79b4606e9fe6e692331e128ccecc51f6
e556970daffaaa792d747bc5a7ed2d7d256913abddc89c37ab259e786873e4af
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ed52d1853f53680f3555bdb1df68e1fd7f9e05d0736ad4c178c1bc135c45bc3c