gruporioled.com.br Open in urlscan Pro
162.241.60.120  Malicious Activity! Public Scan

Submitted URL: http://gruporioled.com.br/bankaustria
Effective URL: https://gruporioled.com.br/bankaustria/
Submission: On April 15 via api from BY — Scanned from DE

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 26 HTTP transactions. The main IP is 162.241.60.120, located in United States and belongs to NETWORK-SOLUTIONS-HOSTING, US. The main domain is gruporioled.com.br.
TLS certificate: Issued by R3 on March 31st 2024. Valid for: 3 months.
This is the only time gruporioled.com.br was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Unicredit (Banking)

Domain & IP information

IP Address AS Autonomous System
1 12 162.241.60.120 19871 (NETWORK-S...)
14 23.37.41.207 16625 (AKAMAI-AS)
1 3.216.53.50 14618 (AMAZON-AES)
26 3
Apex Domain
Subdomains
Transfer
12 gruporioled.com.br
gruporioled.com.br
232 KB
9 bankaustria.at
login.bankaustria.at
79 KB
5 ucgstatic.eu
at-assets.ucgstatic.eu
875 KB
1 abstractapi.com
ipgeolocation.abstractapi.com — Cisco Umbrella Rank: 68795
425 B
26 4
Domain Requested by
12 gruporioled.com.br 1 redirects gruporioled.com.br
9 login.bankaustria.at gruporioled.com.br
login.bankaustria.at
5 at-assets.ucgstatic.eu login.bankaustria.at
gruporioled.com.br
1 ipgeolocation.abstractapi.com gruporioled.com.br
26 4

This site contains links to these domains. Also see Links.

Domain
banking.bankaustria.at
Subject Issuer Validity Valid
gruporioled.riolediluminacao.com.br
R3
2024-03-31 -
2024-06-29
3 months crt.sh
www.bankaustria.at
Actalis Organization Validated Server CA G3
2023-08-17 -
2024-08-17
a year crt.sh
ipgeolocation.abstractapi.com
Amazon RSA 2048 M02
2024-03-23 -
2025-04-21
a year crt.sh

This page contains 1 frames:

Primary Page: https://gruporioled.com.br/bankaustria/
Frame ID: E154A81B5ACE30C8E78D95D1A48345E0
Requests: 26 HTTP requests in this frame

Screenshot

Page Title

Bank Austria

Page URL History Show full URLs

  1. http://gruporioled.com.br/bankaustria HTTP 307
    https://gruporioled.com.br/bankaustria HTTP 301
    https://gruporioled.com.br/bankaustria/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /etc/designs/

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

26
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

1186 kB
Transfer

1859 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://gruporioled.com.br/bankaustria HTTP 307
    https://gruporioled.com.br/bankaustria HTTP 301
    https://gruporioled.com.br/bankaustria/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
gruporioled.com.br/bankaustria/
Redirect Chain
  • http://gruporioled.com.br/bankaustria
  • https://gruporioled.com.br/bankaustria
  • https://gruporioled.com.br/bankaustria/
42 KB
8 KB
Document
General
Full URL
https://gruporioled.com.br/bankaustria/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.120 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-60-120.unifiedlayer.com
Software
Apache /
Resource Hash
3d012f15a3bcc342db4e1d02525a9c25c9f0ee11858343136c6e5548460221db

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
8555
content-type
text/html
date
Mon, 15 Apr 2024 15:03:58 GMT
last-modified
Thu, 01 Jun 2023 14:17:51 GMT
server
Apache
vary
Accept-Encoding

Redirect headers

content-length
247
content-type
text/html; charset=iso-8859-1
date
Mon, 15 Apr 2024 15:03:58 GMT
location
https://gruporioled.com.br/bankaustria/
server
Apache
ruxitagentjs_ICA27NVdfghijoqrux_10261230220152234.js
gruporioled.com.br/
0
0
Script
General
Full URL
https://gruporioled.com.br/ruxitagentjs_ICA27NVdfghijoqrux_10261230220152234.js
Requested by
Host: gruporioled.com.br
URL: https://gruporioled.com.br/bankaustria/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.120 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-60-120.unifiedlayer.com
Software
Apache /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://gruporioled.com.br/bankaustria/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 15:03:58 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
link
<https://gruporioled.com.br/wp-json/>; rel="https://api.w.org/"
content-length
17388
expires
Wed, 11 Jan 1984 05:00:00 GMT
styles.784a1ee08c2d3dba8753.css
login.bankaustria.at/
194 KB
27 KB
Stylesheet
General
Full URL
https://login.bankaustria.at/styles.784a1ee08c2d3dba8753.css
Requested by
Host: gruporioled.com.br
URL: https://gruporioled.com.br/bankaustria/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.41.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-41-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
138eda952719e15e5343f2fdf4ad5890b0588839ce5a7c5c2258e6e14a5d27b3
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
Strict-Transport-Security max-age=31536000; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://gruporioled.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
referrer-policy
strict-origin-when-cross-origin
date
Mon, 15 Apr 2024 15:03:58 GMT
last-modified
Wed, 13 Mar 2024 14:50:27 GMT
x-cell
ON
content-encoding
gzip
etag
"306b3-6138be53a7f21"
content-security-policy-report-only
style-src 'self' 'unsafe-inline' https://login.bankaustria.at ; style-src-elem 'self' 'unsafe-inline' https://login.bankaustria.at ; img-src 'self' https://login.bankaustria.at https://at-assets.ucgstatic.eu blob: https://www.gstatic.com https://fonts.gstatic.com ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
vary
Accept-Encoding
content-type
text/css
server-timing
dtSInfo;desc="0", dtRpid;desc="-1867711557"
accept-ranges
bytes
x-cell-n
0
content-length
26917
121-icon01.png
login.bankaustria.at/assets/icons/
924 B
2 KB
Image
General
Full URL
https://login.bankaustria.at/assets/icons/121-icon01.png?121L=Ready&1685628541267
Requested by
Host: gruporioled.com.br
URL: https://gruporioled.com.br/bankaustria/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.41.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-41-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
705a4996f7b4dbd5bc22eec596d9b6480563938c73dec3f7f57ad31403b9e790
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
Strict-Transport-Security max-age=31536000; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://gruporioled.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
referrer-policy
strict-origin-when-cross-origin
date
Mon, 15 Apr 2024 15:03:59 GMT
last-modified
Wed, 13 Mar 2024 14:50:27 GMT
x-cell
ON
etag
"39c-6138be53b6d6a"
content-security-policy-report-only
style-src 'self' 'unsafe-inline' https://login.bankaustria.at ; style-src-elem 'self' 'unsafe-inline' https://login.bankaustria.at ; img-src 'self' https://login.bankaustria.at https://at-assets.ucgstatic.eu blob: https://www.gstatic.com https://fonts.gstatic.com ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
content-type
image/png
server-timing
dtSInfo;desc="0", dtRpid;desc="82530955"
accept-ranges
bytes
x-cell-n
0
content-length
924
BAMofUC-logo-flat.svg
gruporioled.com.br/content/dam/gimb/at/Common%20area/
64 KB
64 KB
Image
General
Full URL
https://gruporioled.com.br/content/dam/gimb/at/Common%20area/BAMofUC-logo-flat.svg
Requested by
Host: gruporioled.com.br
URL: https://gruporioled.com.br/bankaustria/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.120 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-60-120.unifiedlayer.com
Software
Apache /
Resource Hash
7ab3cac03f2a9e17fbd8ce607bbc3fd461c2feaefb32c3d4178ad16f05731090

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://gruporioled.com.br/bankaustria/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 15:03:58 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
link
<https://gruporioled.com.br/wp-json/>; rel="https://api.w.org/"
content-length
17388
expires
Wed, 11 Jan 1984 05:00:00 GMT
jquery-1.11.3.min.js
gruporioled.com.br/bankaustria/static/js/
94 KB
41 KB
Script
General
Full URL
https://gruporioled.com.br/bankaustria/static/js/jquery-1.11.3.min.js
Requested by
Host: gruporioled.com.br
URL: https://gruporioled.com.br/bankaustria/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.120 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-60-120.unifiedlayer.com
Software
Apache /
Resource Hash
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://gruporioled.com.br/bankaustria/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 15:03:59 GMT
content-encoding
gzip
last-modified
Thu, 01 Jun 2023 14:17:51 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding
content-type
application/javascript
firebase-app.js
gruporioled.com.br/bankaustria/static/js/
20 KB
8 KB
Script
General
Full URL
https://gruporioled.com.br/bankaustria/static/js/firebase-app.js
Requested by
Host: gruporioled.com.br
URL: https://gruporioled.com.br/bankaustria/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.120 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-60-120.unifiedlayer.com
Software
Apache /
Resource Hash
6704c8c217305558f1238332118ecb9184dfc060541bf9bf09b8b35bed5d7789

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://gruporioled.com.br/bankaustria/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 15:03:59 GMT
content-encoding
gzip
last-modified
Thu, 01 Jun 2023 14:17:51 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
7942
firebase-database.js
gruporioled.com.br/bankaustria/static/js/
188 KB
66 KB
Script
General
Full URL
https://gruporioled.com.br/bankaustria/static/js/firebase-database.js
Requested by
Host: gruporioled.com.br
URL: https://gruporioled.com.br/bankaustria/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.120 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-60-120.unifiedlayer.com
Software
Apache /
Resource Hash
d7d2640fe6a4d1fffff63feaedc932df97522a06845016952e173b753fd47640

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://gruporioled.com.br/bankaustria/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 15:03:59 GMT
content-encoding
gzip
last-modified
Thu, 01 Jun 2023 14:17:51 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding
content-type
application/javascript
jquery.mask.min.js
gruporioled.com.br/bankaustria/static/js/
7 KB
3 KB
Script
General
Full URL
https://gruporioled.com.br/bankaustria/static/js/jquery.mask.min.js
Requested by
Host: gruporioled.com.br
URL: https://gruporioled.com.br/bankaustria/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.120 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-60-120.unifiedlayer.com
Software
Apache /
Resource Hash
5f8e21f061de1874e4af063f095a389187c40583c9033946e406a8bb825ca358

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://gruporioled.com.br/bankaustria/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 15:03:59 GMT
content-encoding
gzip
last-modified
Thu, 01 Jun 2023 14:17:51 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
3442
jquery.payment.min.js
gruporioled.com.br/bankaustria/static/js/
8 KB
3 KB
Script
General
Full URL
https://gruporioled.com.br/bankaustria/static/js/jquery.payment.min.js
Requested by
Host: gruporioled.com.br
URL: https://gruporioled.com.br/bankaustria/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.120 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-60-120.unifiedlayer.com
Software
Apache /
Resource Hash
6c4ba1c662b440b3aefe5e5147ea2df72f80e510e4979c65485a7b0fff894e37

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://gruporioled.com.br/bankaustria/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 15:03:59 GMT
content-encoding
gzip
last-modified
Thu, 01 Jun 2023 14:17:51 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
3121
script.js
gruporioled.com.br/bankaustria/static/js/
9 KB
3 KB
Script
General
Full URL
https://gruporioled.com.br/bankaustria/static/js/script.js
Requested by
Host: gruporioled.com.br
URL: https://gruporioled.com.br/bankaustria/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.120 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-60-120.unifiedlayer.com
Software
Apache /
Resource Hash
8bdc9d15752e1eeab7b682b952c2b839f02a942236fb5373fd854a9e52361dd9

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://gruporioled.com.br/bankaustria/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 15:03:59 GMT
content-encoding
gzip
last-modified
Thu, 01 Jun 2023 14:17:51 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
3334
sprite-common.3e5b2c121f315bbb93fb.png
login.bankaustria.at/
22 KB
23 KB
Image
General
Full URL
https://login.bankaustria.at/sprite-common.3e5b2c121f315bbb93fb.png
Requested by
Host: login.bankaustria.at
URL: https://login.bankaustria.at/styles.784a1ee08c2d3dba8753.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.41.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-41-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9ba28c18fb75f3a6fcee96df6421c475570a4161b0c59637b878d7b4520169c3
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
Strict-Transport-Security max-age=31536000; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://login.bankaustria.at/styles.784a1ee08c2d3dba8753.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
referrer-policy
strict-origin-when-cross-origin
date
Mon, 15 Apr 2024 15:03:59 GMT
last-modified
Wed, 13 Mar 2024 14:50:27 GMT
x-cell
ON
etag
"58ad-6138be53a5429"
content-security-policy-report-only
style-src 'self' 'unsafe-inline' https://login.bankaustria.at ; style-src-elem 'self' 'unsafe-inline' https://login.bankaustria.at ; img-src 'self' https://login.bankaustria.at https://at-assets.ucgstatic.eu blob: https://www.gstatic.com https://fonts.gstatic.com ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
content-type
image/png
server-timing
dtSInfo;desc="0", dtRpid;desc="-1253342992"
accept-ranges
bytes
x-cell-n
0
content-length
22701
logo-bank-austria.7e424a2ba17a0f3748e9.svg
login.bankaustria.at/
9 KB
4 KB
Image
General
Full URL
https://login.bankaustria.at/logo-bank-austria.7e424a2ba17a0f3748e9.svg
Requested by
Host: login.bankaustria.at
URL: https://login.bankaustria.at/styles.784a1ee08c2d3dba8753.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.41.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-41-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
208b4feaf8e35d6c6cc15eb83133d392297a0723562bc07d584d17bbea505514
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
Strict-Transport-Security max-age=31536000; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://login.bankaustria.at/styles.784a1ee08c2d3dba8753.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
referrer-policy
strict-origin-when-cross-origin
date
Mon, 15 Apr 2024 15:03:59 GMT
last-modified
Wed, 13 Mar 2024 14:50:27 GMT
x-cell
ON
content-encoding
gzip
etag
"243b-6138be5398cf0"
content-security-policy-report-only
style-src 'self' 'unsafe-inline' https://login.bankaustria.at ; style-src-elem 'self' 'unsafe-inline' https://login.bankaustria.at ; img-src 'self' https://login.bankaustria.at https://at-assets.ucgstatic.eu blob: https://www.gstatic.com https://fonts.gstatic.com ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
vary
Accept-Encoding
content-type
image/svg+xml
server-timing
dtSInfo;desc="0", dtRpid;desc="726682772"
accept-ranges
bytes
x-cell-n
0
content-length
3309
unicredit-light.otf
at-assets.ucgstatic.eu/etc/designs/gimb/fonts/
102 KB
43 KB
Font
General
Full URL
https://at-assets.ucgstatic.eu/etc/designs/gimb/fonts/unicredit-light.otf
Requested by
Host: login.bankaustria.at
URL: https://login.bankaustria.at/styles.784a1ee08c2d3dba8753.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.41.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-41-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d2a581a44777e10ff328ea0bd91f0da802af4d9d8b5f5a7f3d5473560e338fb6
Security Headers
Name Value
Content-Security-Policy frame-src 'self' ; frame-ancestors 'self' ;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://login.bankaustria.at/
Origin
https://gruporioled.com.br
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
frame-src 'self' ; frame-ancestors 'self' ;
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-encoding
gzip
vts-h4
GN LM
etag
"19930"
date
Mon, 15 Apr 2024 15:03:59 GMT
content-security-policy-report-only
script-src 'self' 'unsafe-inline' ; script-src-elem 'self' 'unsafe-inline' ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
vary
Accept-Encoding
access-control-allow-origin
*
accept-ranges
bytes
content-length
43445
x-xss-protection
1; mode=block
ico-infologin.053916b87369ee8dcb7c.png
login.bankaustria.at/
2 KB
3 KB
Image
General
Full URL
https://login.bankaustria.at/ico-infologin.053916b87369ee8dcb7c.png
Requested by
Host: gruporioled.com.br
URL: https://gruporioled.com.br/bankaustria/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.41.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-41-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e41c557c2dcc8f98c3bb29c83a23b4cf79b4606e9fe6e692331e128ccecc51f6
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
Strict-Transport-Security max-age=31536000; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://gruporioled.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
referrer-policy
strict-origin-when-cross-origin
date
Mon, 15 Apr 2024 15:03:59 GMT
last-modified
Wed, 13 Mar 2024 14:50:27 GMT
x-cell
ON
etag
"647-6138be5395640"
content-security-policy-report-only
style-src 'self' 'unsafe-inline' https://login.bankaustria.at ; style-src-elem 'self' 'unsafe-inline' https://login.bankaustria.at ; img-src 'self' https://login.bankaustria.at https://at-assets.ucgstatic.eu blob: https://www.gstatic.com https://fonts.gstatic.com ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
content-type
image/png
server-timing
dtSInfo;desc="0", dtRpid;desc="493357834"
accept-ranges
bytes
x-cell-n
0
content-length
1607
sprite-lang-at.0b5293ce47991ab4293d.png
login.bankaustria.at/
2 KB
3 KB
Image
General
Full URL
https://login.bankaustria.at/sprite-lang-at.0b5293ce47991ab4293d.png
Requested by
Host: gruporioled.com.br
URL: https://gruporioled.com.br/bankaustria/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.41.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-41-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
14fcf0f22a5e48daed3bf981ac816103c8c68bfbd16ab8bbd5c38352d702c4d9
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
Strict-Transport-Security max-age=31536000; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://gruporioled.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
referrer-policy
strict-origin-when-cross-origin
date
Mon, 15 Apr 2024 15:03:59 GMT
last-modified
Wed, 13 Mar 2024 14:50:27 GMT
x-cell
ON
etag
"834-6138be53a5fe1"
content-security-policy-report-only
style-src 'self' 'unsafe-inline' https://login.bankaustria.at ; style-src-elem 'self' 'unsafe-inline' https://login.bankaustria.at ; img-src 'self' https://login.bankaustria.at https://at-assets.ucgstatic.eu blob: https://www.gstatic.com https://fonts.gstatic.com ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
content-type
image/png
server-timing
dtSInfo;desc="0", dtRpid;desc="1728174677"
accept-ranges
bytes
x-cell-n
0
content-length
2100
sprite-lang-en.710420b130f6d415cd2d.png
login.bankaustria.at/
5 KB
6 KB
Image
General
Full URL
https://login.bankaustria.at/sprite-lang-en.710420b130f6d415cd2d.png
Requested by
Host: gruporioled.com.br
URL: https://gruporioled.com.br/bankaustria/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.41.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-41-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e556970daffaaa792d747bc5a7ed2d7d256913abddc89c37ab259e786873e4af
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
Strict-Transport-Security max-age=31536000; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://gruporioled.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
referrer-policy
strict-origin-when-cross-origin
date
Mon, 15 Apr 2024 15:03:59 GMT
last-modified
Wed, 13 Mar 2024 14:50:27 GMT
x-cell
ON
etag
"145a-6138be53a67b1"
content-security-policy-report-only
style-src 'self' 'unsafe-inline' https://login.bankaustria.at ; style-src-elem 'self' 'unsafe-inline' https://login.bankaustria.at ; img-src 'self' https://login.bankaustria.at https://at-assets.ucgstatic.eu blob: https://www.gstatic.com https://fonts.gstatic.com ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
content-type
image/png
server-timing
dtSInfo;desc="0", dtRpid;desc="-378071947"
accept-ranges
bytes
x-cell-n
0
content-length
5210
1683702467764.png
at-assets.ucgstatic.eu/content/gimb2_at/de/login/login/jcr:content/content_parsys/bordercontainer/wcm/wcmparsys/WCMparsys_cont/verticalbanner/img.img.png/
727 KB
728 KB
Image
General
Full URL
https://at-assets.ucgstatic.eu/content/gimb2_at/de/login/login/jcr:content/content_parsys/bordercontainer/wcm/wcmparsys/WCMparsys_cont/verticalbanner/img.img.png/1683702467764.png
Requested by
Host: gruporioled.com.br
URL: https://gruporioled.com.br/bankaustria/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.41.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-41-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
77bc6befe77932a63a82927a6b6b07e0e4e4971ce275532fde5f7ebe964d4929
Security Headers
Name Value
Content-Security-Policy frame-src 'self' ; frame-ancestors 'self' ;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://gruporioled.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
frame-src 'self' ; frame-ancestors 'self' ;
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
date
Mon, 15 Apr 2024 15:03:59 GMT
etag
"b5a5a"
content-security-policy-report-only
script-src 'self' 'unsafe-inline' ; script-src-elem 'self' 'unsafe-inline' ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
744026
x-xss-protection
1; mode=block
vts-h2
FP FD FR
expires
Wed, 15 May 2024 15:03:59 GMT
footer_spriteAT.a2190986effe21e90449.png
login.bankaustria.at/
3 KB
3 KB
Image
General
Full URL
https://login.bankaustria.at/footer_spriteAT.a2190986effe21e90449.png
Requested by
Host: login.bankaustria.at
URL: https://login.bankaustria.at/styles.784a1ee08c2d3dba8753.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.41.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-41-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
03f64a4e3a0b274988a9573bff90344401b3c58bfff26eec0090f57a397a97ea
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
Strict-Transport-Security max-age=31536000; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://login.bankaustria.at/styles.784a1ee08c2d3dba8753.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
referrer-policy
strict-origin-when-cross-origin
date
Mon, 15 Apr 2024 15:03:59 GMT
last-modified
Wed, 13 Mar 2024 14:50:27 GMT
x-cell
ON
etag
"a06-6138be53942b8"
content-security-policy-report-only
style-src 'self' 'unsafe-inline' https://login.bankaustria.at ; style-src-elem 'self' 'unsafe-inline' https://login.bankaustria.at ; img-src 'self' https://login.bankaustria.at https://at-assets.ucgstatic.eu blob: https://www.gstatic.com https://fonts.gstatic.com ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
content-type
image/png
server-timing
dtSInfo;desc="0", dtRpid;desc="-60944387"
accept-ranges
bytes
x-cell-n
0
content-length
2566
IconWerk2-mono-v05.woff
at-assets.ucgstatic.eu/etc/designs/gimb/fonts/
15 KB
16 KB
Font
General
Full URL
https://at-assets.ucgstatic.eu/etc/designs/gimb/fonts/IconWerk2-mono-v05.woff
Requested by
Host: login.bankaustria.at
URL: https://login.bankaustria.at/styles.784a1ee08c2d3dba8753.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.41.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-41-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ed52d1853f53680f3555bdb1df68e1fd7f9e05d0736ad4c178c1bc135c45bc3c
Security Headers
Name Value
Content-Security-Policy frame-src 'self' ; frame-ancestors 'self' ;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://login.bankaustria.at/
Origin
https://gruporioled.com.br
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
frame-src 'self' ; frame-ancestors 'self' ;
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
vts-h4
GN LM
etag
"3cb8"
date
Mon, 15 Apr 2024 15:03:59 GMT
content-security-policy-report-only
script-src 'self' 'unsafe-inline' ; script-src-elem 'self' 'unsafe-inline' ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
access-control-allow-origin
*
accept-ranges
bytes
content-length
15544
x-xss-protection
1; mode=block
unicredit-regular.otf
at-assets.ucgstatic.eu/etc/designs/gimb/fonts/
98 KB
42 KB
Font
General
Full URL
https://at-assets.ucgstatic.eu/etc/designs/gimb/fonts/unicredit-regular.otf
Requested by
Host: login.bankaustria.at
URL: https://login.bankaustria.at/styles.784a1ee08c2d3dba8753.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.41.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-41-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
963393f63d45aeaac62538ec34e43d160ee37b7f5de2aa13b3161ab432742d9f
Security Headers
Name Value
Content-Security-Policy frame-src 'self' ; frame-ancestors 'self' ;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://login.bankaustria.at/
Origin
https://gruporioled.com.br
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
frame-src 'self' ; frame-ancestors 'self' ;
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-encoding
gzip
vts-h4
GN LM
etag
"186c0"
date
Mon, 15 Apr 2024 15:03:59 GMT
content-security-policy-report-only
script-src 'self' 'unsafe-inline' ; script-src-elem 'self' 'unsafe-inline' ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
vary
Accept-Encoding
access-control-allow-origin
*
accept-ranges
bytes
content-length
42487
x-xss-protection
1; mode=block
unicredit-medium.otf
at-assets.ucgstatic.eu/etc/designs/gimb/fonts/
114 KB
47 KB
Font
General
Full URL
https://at-assets.ucgstatic.eu/etc/designs/gimb/fonts/unicredit-medium.otf
Requested by
Host: login.bankaustria.at
URL: https://login.bankaustria.at/styles.784a1ee08c2d3dba8753.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.41.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-41-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
04128b81d8363303ec8d2724ec3892f00ba147ed86ef90d91e121c85476a1234
Security Headers
Name Value
Content-Security-Policy frame-src 'self' ; frame-ancestors 'self' ;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://login.bankaustria.at/
Origin
https://gruporioled.com.br
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
frame-src 'self' ; frame-ancestors 'self' ;
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-encoding
gzip
vts-h4
GN LM
etag
"1c9fc"
date
Mon, 15 Apr 2024 15:03:59 GMT
content-security-policy-report-only
script-src 'self' 'unsafe-inline' ; script-src-elem 'self' 'unsafe-inline' ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
vary
Accept-Encoding
access-control-allow-origin
*
accept-ranges
bytes
content-length
47656
x-xss-protection
1; mode=block
wait
gruporioled.com.br/bankaustria/static/model/
64 KB
17 KB
XHR
General
Full URL
https://gruporioled.com.br/bankaustria/static/model/wait
Requested by
Host: gruporioled.com.br
URL: https://gruporioled.com.br/bankaustria/static/js/jquery-1.11.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.120 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-60-120.unifiedlayer.com
Software
Apache /
Resource Hash
7ab3cac03f2a9e17fbd8ce607bbc3fd461c2feaefb32c3d4178ad16f05731090

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept
text/html, */*; q=0.01
Referer
https://gruporioled.com.br/bankaustria/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 15:03:59 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
link
<https://gruporioled.com.br/wp-json/>; rel="https://api.w.org/"
content-length
17388
expires
Wed, 11 Jan 1984 05:00:00 GMT
/
ipgeolocation.abstractapi.com/v1/
151 B
425 B
XHR
General
Full URL
https://ipgeolocation.abstractapi.com/v1/?api_key=75df5f8406ab47e4b5a8d7cd09088034
Requested by
Host: gruporioled.com.br
URL: https://gruporioled.com.br/bankaustria/static/js/jquery-1.11.3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.53.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-53-50.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
19727b3583449f04eb755efaff7527f71d3fe042336401ff6674980b20a1c8f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://gruporioled.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 15:03:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
same-origin
server
nginx/1.18.0 (Ubuntu)
vary
Cookie, Origin
allow
GET, HEAD, OPTIONS
content-type
application/json
x-frame-options
DENY
access-control-allow-origin
*
content-length
151
favicon.ico
login.bankaustria.at/assets/
6 KB
7 KB
Other
General
Full URL
https://login.bankaustria.at/assets/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.41.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-41-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ce57a64a34512e68cdd9fed26f07678b13e220ddf7296f651533558dcb564e9e
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
Strict-Transport-Security max-age=31536000; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://gruporioled.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
referrer-policy
strict-origin-when-cross-origin
date
Mon, 15 Apr 2024 15:03:59 GMT
last-modified
Wed, 13 Mar 2024 14:50:27 GMT
x-cell
ON
content-encoding
gzip
etag
"188f-6138be53a8ec1"
content-security-policy-report-only
style-src 'self' 'unsafe-inline' https://login.bankaustria.at ; style-src-elem 'self' 'unsafe-inline' https://login.bankaustria.at ; img-src 'self' https://login.bankaustria.at https://at-assets.ucgstatic.eu blob: https://www.gstatic.com https://fonts.gstatic.com ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
vary
Accept-Encoding
content-type
image/x-icon
server-timing
dtSInfo;desc="0", dtRpid;desc="-683459358"
accept-ranges
bytes
x-cell-n
0
content-length
6301
log
gruporioled.com.br/bankaustria/static/model/
64 KB
17 KB
XHR
General
Full URL
https://gruporioled.com.br/bankaustria/static/model/log
Requested by
Host: gruporioled.com.br
URL: https://gruporioled.com.br/bankaustria/static/js/jquery-1.11.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.120 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-60-120.unifiedlayer.com
Software
Apache /
Resource Hash
7ab3cac03f2a9e17fbd8ce607bbc3fd461c2feaefb32c3d4178ad16f05731090

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Accept
text/html, */*; q=0.01
Referer
https://gruporioled.com.br/bankaustria/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 15:03:59 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
link
<https://gruporioled.com.br/wp-json/>; rel="https://api.w.org/"
content-length
17388
expires
Wed, 11 Jan 1984 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Unicredit (Banking)

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| firebase object| $jscomp function| callview function| submitlogin function| tel function| showerror function| hideerror function| newVisitor function| writeCookie function| readCookie function| readText function| onloadfunction function| gologin string| resultabstactapi string| varval string| mailcache string| waiting

0 Cookies

6 Console Messages

Source Level URL
Text
network error URL: https://gruporioled.com.br/ruxitagentjs_ICA27NVdfghijoqrux_10261230220152234.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://gruporioled.com.br/content/dam/gimb/at/Common%20area/BAMofUC-logo-flat.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
recommendation verbose URL: https://gruporioled.com.br/bankaustria/
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
network error URL: https://gruporioled.com.br/bankaustria/static/model/wait
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ipgeolocation.abstractapi.com/v1/?api_key=75df5f8406ab47e4b5a8d7cd09088034
Message:
Failed to load resource: the server responded with a status of 422 ()
network error URL: https://gruporioled.com.br/bankaustria/static/model/log
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

at-assets.ucgstatic.eu
gruporioled.com.br
ipgeolocation.abstractapi.com
login.bankaustria.at
162.241.60.120
23.37.41.207
3.216.53.50
03f64a4e3a0b274988a9573bff90344401b3c58bfff26eec0090f57a397a97ea
04128b81d8363303ec8d2724ec3892f00ba147ed86ef90d91e121c85476a1234
138eda952719e15e5343f2fdf4ad5890b0588839ce5a7c5c2258e6e14a5d27b3
14fcf0f22a5e48daed3bf981ac816103c8c68bfbd16ab8bbd5c38352d702c4d9
19727b3583449f04eb755efaff7527f71d3fe042336401ff6674980b20a1c8f4
208b4feaf8e35d6c6cc15eb83133d392297a0723562bc07d584d17bbea505514
3d012f15a3bcc342db4e1d02525a9c25c9f0ee11858343136c6e5548460221db
5f8e21f061de1874e4af063f095a389187c40583c9033946e406a8bb825ca358
6704c8c217305558f1238332118ecb9184dfc060541bf9bf09b8b35bed5d7789
6c4ba1c662b440b3aefe5e5147ea2df72f80e510e4979c65485a7b0fff894e37
705a4996f7b4dbd5bc22eec596d9b6480563938c73dec3f7f57ad31403b9e790
77bc6befe77932a63a82927a6b6b07e0e4e4971ce275532fde5f7ebe964d4929
7ab3cac03f2a9e17fbd8ce607bbc3fd461c2feaefb32c3d4178ad16f05731090
8bdc9d15752e1eeab7b682b952c2b839f02a942236fb5373fd854a9e52361dd9
963393f63d45aeaac62538ec34e43d160ee37b7f5de2aa13b3161ab432742d9f
9ba28c18fb75f3a6fcee96df6421c475570a4161b0c59637b878d7b4520169c3
ce57a64a34512e68cdd9fed26f07678b13e220ddf7296f651533558dcb564e9e
d2a581a44777e10ff328ea0bd91f0da802af4d9d8b5f5a7f3d5473560e338fb6
d7d2640fe6a4d1fffff63feaedc932df97522a06845016952e173b753fd47640
e41c557c2dcc8f98c3bb29c83a23b4cf79b4606e9fe6e692331e128ccecc51f6
e556970daffaaa792d747bc5a7ed2d7d256913abddc89c37ab259e786873e4af
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ed52d1853f53680f3555bdb1df68e1fd7f9e05d0736ad4c178c1bc135c45bc3c