gruporioled.com.br Open in urlscan Pro
162.241.60.120  Malicious Activity! Public Scan

URL: http://gruporioled.com.br/bankaustria/
Submission: On March 13 via api from US — Scanned from US

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 25 HTTP transactions. The main IP is 162.241.60.120, located in United States and belongs to NETWORK-SOLUTIONS-HOSTING, US. The main domain is gruporioled.com.br.
This is the only time gruporioled.com.br was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Unicredit (Banking)

Domain & IP information

IP Address AS Autonomous System
1 12 162.241.60.120 19871 (NETWORK-S...)
13 23.65.203.143 16625 (AKAMAI-AS)
1 107.21.253.71 14618 (AMAZON-AES)
25 3
Apex Domain
Subdomains
Transfer
12 gruporioled.com.br
gruporioled.com.br
208 KB
8 bankaustria.at
login.bankaustria.at
72 KB
5 ucgstatic.eu
at-assets.ucgstatic.eu
875 KB
1 abstractapi.com
ipgeolocation.abstractapi.com — Cisco Umbrella Rank: 79864
1 KB
25 4
Domain Requested by
12 gruporioled.com.br 1 redirects gruporioled.com.br
8 login.bankaustria.at gruporioled.com.br
login.bankaustria.at
5 at-assets.ucgstatic.eu login.bankaustria.at
gruporioled.com.br
1 ipgeolocation.abstractapi.com gruporioled.com.br
25 4

This site contains links to these domains. Also see Links.

Domain
banking.bankaustria.at
Subject Issuer Validity Valid
www.bankaustria.at
Actalis Organization Validated Server CA G3
2023-08-17 -
2024-08-17
a year crt.sh
ipgeolocation.abstractapi.com
Amazon RSA 2048 M02
2023-04-23 -
2024-05-21
a year crt.sh

This page contains 1 frames:

Primary Page: http://gruporioled.com.br/bankaustria/
Frame ID: 2423C284116D402C87D5B92BFF7BAC1C
Requests: 25 HTTP requests in this frame

Screenshot

Page Title

Bank Austria

Page URL History Show full URLs

  1. http://gruporioled.com.br/bankaustria HTTP 301
    http://gruporioled.com.br/bankaustria/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /etc/designs/

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

56 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

1156 kB
Transfer

1827 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://gruporioled.com.br/bankaustria HTTP 301
    http://gruporioled.com.br/bankaustria/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
gruporioled.com.br/bankaustria/
Redirect Chain
  • http://gruporioled.com.br/bankaustria
  • http://gruporioled.com.br/bankaustria/
42 KB
9 KB
Document
General
Full URL
http://gruporioled.com.br/bankaustria/
Protocol
HTTP/1.1
Server
162.241.60.120 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-60-120.unifiedlayer.com
Software
Apache /
Resource Hash
3d012f15a3bcc342db4e1d02525a9c25c9f0ee11858343136c6e5548460221db

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
8555
Content-Type
text/html
Date
Wed, 13 Mar 2024 21:57:31 GMT
Keep-Alive
timeout=5, max=74
Last-Modified
Thu, 01 Jun 2023 14:17:51 GMT
Server
Apache
Vary
Accept-Encoding

Redirect headers

Connection
Keep-Alive
Content-Length
246
Content-Type
text/html; charset=iso-8859-1
Date
Wed, 13 Mar 2024 21:57:31 GMT
Keep-Alive
timeout=5, max=75
Location
http://gruporioled.com.br/bankaustria/
Server
Apache
ruxitagentjs_ICA27NVdfghijoqrux_10261230220152234.js
gruporioled.com.br/
0
0
Script
General
Full URL
http://gruporioled.com.br/ruxitagentjs_ICA27NVdfghijoqrux_10261230220152234.js
Requested by
Host: gruporioled.com.br
URL: http://gruporioled.com.br/bankaustria/
Protocol
HTTP/1.1
Server
162.241.60.120 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-60-120.unifiedlayer.com
Software
Apache /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://gruporioled.com.br/bankaustria/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Wed, 13 Mar 2024 21:57:31 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
Keep-Alive
Link
<https://gruporioled.com.br/wp-json/>; rel="https://api.w.org/"
Content-Length
17395
Keep-Alive
timeout=5, max=73
Expires
Wed, 11 Jan 1984 05:00:00 GMT
styles.784a1ee08c2d3dba8753.css
login.bankaustria.at/
194 KB
27 KB
Stylesheet
General
Full URL
https://login.bankaustria.at/styles.784a1ee08c2d3dba8753.css
Requested by
Host: gruporioled.com.br
URL: http://gruporioled.com.br/bankaustria/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.65.203.143 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-65-203-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
138eda952719e15e5343f2fdf4ad5890b0588839ce5a7c5c2258e6e14a5d27b3
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://gruporioled.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
x-content-type-options
nosniff
date
Wed, 13 Mar 2024 21:57:31 GMT
content-encoding
gzip
content-security-policy-report-only
style-src 'self' 'unsafe-inline' https://login.bankaustria.at ; style-src-elem 'self' 'unsafe-inline' https://login.bankaustria.at ; img-src 'self' https://login.bankaustria.at https://at-assets.ucgstatic.eu blob: https://www.gstatic.com https://fonts.gstatic.com ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
server-timing
dtSInfo;desc="0", dtRpid;desc="-253990312"
x-cell-n
1
content-length
26917
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 12 Feb 2024 23:02:01 GMT
x-cell
ON
etag
"306b3-6113743f7be5b"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
121-icon01.png
login.bankaustria.at/assets/icons/
924 B
2 KB
Image
General
Full URL
https://login.bankaustria.at/assets/icons/121-icon01.png?121L=Ready&1685628541267
Requested by
Host: gruporioled.com.br
URL: http://gruporioled.com.br/bankaustria/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.65.203.143 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-65-203-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
705a4996f7b4dbd5bc22eec596d9b6480563938c73dec3f7f57ad31403b9e790
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://gruporioled.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Mon, 12 Feb 2024 23:02:01 GMT
x-cell
ON
date
Wed, 13 Mar 2024 21:57:31 GMT
etag
"39c-6113743faac5e"
content-security-policy-report-only
style-src 'self' 'unsafe-inline' https://login.bankaustria.at ; style-src-elem 'self' 'unsafe-inline' https://login.bankaustria.at ; img-src 'self' https://login.bankaustria.at https://at-assets.ucgstatic.eu blob: https://www.gstatic.com https://fonts.gstatic.com ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
content-type
image/png
server-timing
dtSInfo;desc="0", dtRpid;desc="-2062575604"
accept-ranges
bytes
x-cell-n
1
content-length
924
x-xss-protection
1; mode=block
BAMofUC-logo-flat.svg
gruporioled.com.br/content/dam/gimb/at/Common%20area/
38 KB
38 KB
Image
General
Full URL
http://gruporioled.com.br/content/dam/gimb/at/Common%20area/BAMofUC-logo-flat.svg
Requested by
Host: gruporioled.com.br
URL: http://gruporioled.com.br/bankaustria/
Protocol
HTTP/1.1
Server
162.241.60.120 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-60-120.unifiedlayer.com
Software
Apache /
Resource Hash
8d0f1d6ac47b48b9d5e10b81fd8c81c1d254d839ee690604b845d1bb68c85733

Request headers

accept-language
en-US,en;q=0.9
Referer
http://gruporioled.com.br/bankaustria/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Wed, 13 Mar 2024 21:57:31 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Upgrade
h2,h2c
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
Upgrade, Keep-Alive
Link
<https://gruporioled.com.br/wp-json/>; rel="https://api.w.org/"
Content-Length
17395
Keep-Alive
timeout=5, max=75
Expires
Wed, 11 Jan 1984 05:00:00 GMT
jquery-1.11.3.min.js
gruporioled.com.br/bankaustria/static/js/
94 KB
42 KB
Script
General
Full URL
http://gruporioled.com.br/bankaustria/static/js/jquery-1.11.3.min.js
Requested by
Host: gruporioled.com.br
URL: http://gruporioled.com.br/bankaustria/
Protocol
HTTP/1.1
Server
162.241.60.120 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-60-120.unifiedlayer.com
Software
Apache /
Resource Hash
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

accept-language
en-US,en;q=0.9
Referer
http://gruporioled.com.br/bankaustria/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Wed, 13 Mar 2024 21:57:31 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 Jun 2023 14:17:51 GMT
Server
Apache
Vary
Accept-Encoding
Transfer-Encoding
chunked
Upgrade
h2,h2c
Content-Type
application/javascript
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=75
firebase-app.js
gruporioled.com.br/bankaustria/static/js/
20 KB
8 KB
Script
General
Full URL
http://gruporioled.com.br/bankaustria/static/js/firebase-app.js
Requested by
Host: gruporioled.com.br
URL: http://gruporioled.com.br/bankaustria/
Protocol
HTTP/1.1
Server
162.241.60.120 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-60-120.unifiedlayer.com
Software
Apache /
Resource Hash
6704c8c217305558f1238332118ecb9184dfc060541bf9bf09b8b35bed5d7789

Request headers

accept-language
en-US,en;q=0.9
Referer
http://gruporioled.com.br/bankaustria/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Wed, 13 Mar 2024 21:57:31 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 Jun 2023 14:17:51 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=74
Content-Length
7942
firebase-database.js
gruporioled.com.br/bankaustria/static/js/
188 KB
66 KB
Script
General
Full URL
http://gruporioled.com.br/bankaustria/static/js/firebase-database.js
Requested by
Host: gruporioled.com.br
URL: http://gruporioled.com.br/bankaustria/
Protocol
HTTP/1.1
Server
162.241.60.120 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-60-120.unifiedlayer.com
Software
Apache /
Resource Hash
d7d2640fe6a4d1fffff63feaedc932df97522a06845016952e173b753fd47640

Request headers

accept-language
en-US,en;q=0.9
Referer
http://gruporioled.com.br/bankaustria/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Wed, 13 Mar 2024 21:57:31 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 Jun 2023 14:17:51 GMT
Server
Apache
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=73
jquery.mask.min.js
gruporioled.com.br/bankaustria/static/js/
7 KB
4 KB
Script
General
Full URL
http://gruporioled.com.br/bankaustria/static/js/jquery.mask.min.js
Requested by
Host: gruporioled.com.br
URL: http://gruporioled.com.br/bankaustria/
Protocol
HTTP/1.1
Server
162.241.60.120 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-60-120.unifiedlayer.com
Software
Apache /
Resource Hash
5f8e21f061de1874e4af063f095a389187c40583c9033946e406a8bb825ca358

Request headers

accept-language
en-US,en;q=0.9
Referer
http://gruporioled.com.br/bankaustria/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Wed, 13 Mar 2024 21:57:31 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 Jun 2023 14:17:51 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=72
Content-Length
3442
jquery.payment.min.js
gruporioled.com.br/bankaustria/static/js/
8 KB
3 KB
Script
General
Full URL
http://gruporioled.com.br/bankaustria/static/js/jquery.payment.min.js
Requested by
Host: gruporioled.com.br
URL: http://gruporioled.com.br/bankaustria/
Protocol
HTTP/1.1
Server
162.241.60.120 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-60-120.unifiedlayer.com
Software
Apache /
Resource Hash
6c4ba1c662b440b3aefe5e5147ea2df72f80e510e4979c65485a7b0fff894e37

Request headers

accept-language
en-US,en;q=0.9
Referer
http://gruporioled.com.br/bankaustria/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Wed, 13 Mar 2024 21:57:31 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 Jun 2023 14:17:51 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=71
Content-Length
3121
script.js
gruporioled.com.br/bankaustria/static/js/
9 KB
4 KB
Script
General
Full URL
http://gruporioled.com.br/bankaustria/static/js/script.js
Requested by
Host: gruporioled.com.br
URL: http://gruporioled.com.br/bankaustria/
Protocol
HTTP/1.1
Server
162.241.60.120 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-60-120.unifiedlayer.com
Software
Apache /
Resource Hash
8bdc9d15752e1eeab7b682b952c2b839f02a942236fb5373fd854a9e52361dd9

Request headers

accept-language
en-US,en;q=0.9
Referer
http://gruporioled.com.br/bankaustria/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Wed, 13 Mar 2024 21:57:31 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 Jun 2023 14:17:51 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=70
Content-Length
3334
sprite-common.3e5b2c121f315bbb93fb.png
login.bankaustria.at/
22 KB
23 KB
Image
General
Full URL
https://login.bankaustria.at/sprite-common.3e5b2c121f315bbb93fb.png
Requested by
Host: login.bankaustria.at
URL: https://login.bankaustria.at/styles.784a1ee08c2d3dba8753.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.65.203.143 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-65-203-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9ba28c18fb75f3a6fcee96df6421c475570a4161b0c59637b878d7b4520169c3
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.bankaustria.at/styles.784a1ee08c2d3dba8753.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Mon, 12 Feb 2024 23:02:01 GMT
x-cell
ON
date
Wed, 13 Mar 2024 21:57:32 GMT
etag
"58ad-6113743f754e2"
content-security-policy-report-only
style-src 'self' 'unsafe-inline' https://login.bankaustria.at ; style-src-elem 'self' 'unsafe-inline' https://login.bankaustria.at ; img-src 'self' https://login.bankaustria.at https://at-assets.ucgstatic.eu blob: https://www.gstatic.com https://fonts.gstatic.com ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
content-type
image/png
server-timing
dtSInfo;desc="0", dtRpid;desc="-1868798475"
accept-ranges
bytes
x-cell-n
1
content-length
22701
x-xss-protection
1; mode=block
logo-bank-austria.7e424a2ba17a0f3748e9.svg
login.bankaustria.at/
9 KB
4 KB
Image
General
Full URL
https://login.bankaustria.at/logo-bank-austria.7e424a2ba17a0f3748e9.svg
Requested by
Host: login.bankaustria.at
URL: https://login.bankaustria.at/styles.784a1ee08c2d3dba8753.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.65.203.143 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-65-203-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
208b4feaf8e35d6c6cc15eb83133d392297a0723562bc07d584d17bbea505514
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.bankaustria.at/styles.784a1ee08c2d3dba8753.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
x-content-type-options
nosniff
date
Wed, 13 Mar 2024 21:57:32 GMT
content-encoding
gzip
content-security-policy-report-only
style-src 'self' 'unsafe-inline' https://login.bankaustria.at ; style-src-elem 'self' 'unsafe-inline' https://login.bankaustria.at ; img-src 'self' https://login.bankaustria.at https://at-assets.ucgstatic.eu blob: https://www.gstatic.com https://fonts.gstatic.com ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
server-timing
dtSInfo;desc="0", dtRpid;desc="658883779"
x-cell-n
1
content-length
3309
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 12 Feb 2024 23:02:01 GMT
x-cell
ON
etag
"243b-6113743f5d611"
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
bytes
unicredit-light.otf
at-assets.ucgstatic.eu/etc/designs/gimb/fonts/
102 KB
43 KB
Font
General
Full URL
https://at-assets.ucgstatic.eu/etc/designs/gimb/fonts/unicredit-light.otf
Requested by
Host: login.bankaustria.at
URL: https://login.bankaustria.at/styles.784a1ee08c2d3dba8753.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.65.203.143 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-65-203-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d2a581a44777e10ff328ea0bd91f0da802af4d9d8b5f5a7f3d5473560e338fb6
Security Headers
Name Value
Content-Security-Policy frame-src 'self' ; frame-ancestors 'self' ;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://login.bankaustria.at/
Origin
http://gruporioled.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
frame-src 'self' ; frame-ancestors 'self' ;
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-encoding
gzip
vts-h4
GN LM
etag
"19930"
date
Wed, 13 Mar 2024 21:57:32 GMT
content-security-policy-report-only
script-src 'self' 'unsafe-inline' ; script-src-elem 'self' 'unsafe-inline' ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
vary
Accept-Encoding
access-control-allow-origin
*
accept-ranges
bytes
content-length
43445
x-xss-protection
1; mode=block
ico-infologin.053916b87369ee8dcb7c.png
login.bankaustria.at/
2 KB
3 KB
Image
General
Full URL
https://login.bankaustria.at/ico-infologin.053916b87369ee8dcb7c.png
Requested by
Host: gruporioled.com.br
URL: http://gruporioled.com.br/bankaustria/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.65.203.143 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-65-203-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e41c557c2dcc8f98c3bb29c83a23b4cf79b4606e9fe6e692331e128ccecc51f6
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://gruporioled.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Mon, 12 Feb 2024 23:02:01 GMT
x-cell
ON
date
Wed, 13 Mar 2024 21:57:32 GMT
etag
"647-6113743f55910"
content-security-policy-report-only
style-src 'self' 'unsafe-inline' https://login.bankaustria.at ; style-src-elem 'self' 'unsafe-inline' https://login.bankaustria.at ; img-src 'self' https://login.bankaustria.at https://at-assets.ucgstatic.eu blob: https://www.gstatic.com https://fonts.gstatic.com ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
content-type
image/png
server-timing
dtSInfo;desc="0", dtRpid;desc="151632303"
accept-ranges
bytes
x-cell-n
1
content-length
1607
x-xss-protection
1; mode=block
sprite-lang-at.0b5293ce47991ab4293d.png
login.bankaustria.at/
2 KB
3 KB
Image
General
Full URL
https://login.bankaustria.at/sprite-lang-at.0b5293ce47991ab4293d.png
Requested by
Host: gruporioled.com.br
URL: http://gruporioled.com.br/bankaustria/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.65.203.143 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-65-203-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
14fcf0f22a5e48daed3bf981ac816103c8c68bfbd16ab8bbd5c38352d702c4d9
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://gruporioled.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Mon, 12 Feb 2024 23:02:01 GMT
x-cell
ON
date
Wed, 13 Mar 2024 21:57:32 GMT
etag
"834-6113743f77423"
content-security-policy-report-only
style-src 'self' 'unsafe-inline' https://login.bankaustria.at ; style-src-elem 'self' 'unsafe-inline' https://login.bankaustria.at ; img-src 'self' https://login.bankaustria.at https://at-assets.ucgstatic.eu blob: https://www.gstatic.com https://fonts.gstatic.com ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
content-type
image/png
server-timing
dtSInfo;desc="0", dtRpid;desc="-1107771586"
accept-ranges
bytes
x-cell-n
1
content-length
2100
x-xss-protection
1; mode=block
sprite-lang-en.710420b130f6d415cd2d.png
login.bankaustria.at/
5 KB
6 KB
Image
General
Full URL
https://login.bankaustria.at/sprite-lang-en.710420b130f6d415cd2d.png
Requested by
Host: gruporioled.com.br
URL: http://gruporioled.com.br/bankaustria/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.65.203.143 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-65-203-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e556970daffaaa792d747bc5a7ed2d7d256913abddc89c37ab259e786873e4af
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://gruporioled.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Mon, 12 Feb 2024 23:02:01 GMT
x-cell
ON
date
Wed, 13 Mar 2024 21:57:32 GMT
etag
"145a-6113743f78b93"
content-security-policy-report-only
style-src 'self' 'unsafe-inline' https://login.bankaustria.at ; style-src-elem 'self' 'unsafe-inline' https://login.bankaustria.at ; img-src 'self' https://login.bankaustria.at https://at-assets.ucgstatic.eu blob: https://www.gstatic.com https://fonts.gstatic.com ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
content-type
image/png
server-timing
dtSInfo;desc="0", dtRpid;desc="-92775470"
accept-ranges
bytes
x-cell-n
1
content-length
5210
x-xss-protection
1; mode=block
1683702467764.png
at-assets.ucgstatic.eu/content/gimb2_at/de/login/login/jcr:content/content_parsys/bordercontainer/wcm/wcmparsys/WCMparsys_cont/verticalbanner/img.img.png/
727 KB
728 KB
Image
General
Full URL
https://at-assets.ucgstatic.eu/content/gimb2_at/de/login/login/jcr:content/content_parsys/bordercontainer/wcm/wcmparsys/WCMparsys_cont/verticalbanner/img.img.png/1683702467764.png
Requested by
Host: gruporioled.com.br
URL: http://gruporioled.com.br/bankaustria/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.65.203.143 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-65-203-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
77bc6befe77932a63a82927a6b6b07e0e4e4971ce275532fde5f7ebe964d4929
Security Headers
Name Value
Content-Security-Policy frame-src 'self' ; frame-ancestors 'self' ;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
http://gruporioled.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
frame-src 'self' ; frame-ancestors 'self' ;
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
date
Wed, 13 Mar 2024 21:57:32 GMT
etag
"b5a5a"
content-security-policy-report-only
script-src 'self' 'unsafe-inline' ; script-src-elem 'self' 'unsafe-inline' ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
744026
x-xss-protection
1; mode=block
vts-h2
FP FD FR
expires
Fri, 12 Apr 2024 21:57:32 GMT
footer_spriteAT.a2190986effe21e90449.png
login.bankaustria.at/
3 KB
4 KB
Image
General
Full URL
https://login.bankaustria.at/footer_spriteAT.a2190986effe21e90449.png
Requested by
Host: login.bankaustria.at
URL: https://login.bankaustria.at/styles.784a1ee08c2d3dba8753.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.65.203.143 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-65-203-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
03f64a4e3a0b274988a9573bff90344401b3c58bfff26eec0090f57a397a97ea
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://login.bankaustria.at/styles.784a1ee08c2d3dba8753.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Mon, 12 Feb 2024 23:02:01 GMT
x-cell
ON
date
Wed, 13 Mar 2024 21:57:32 GMT
etag
"a06-6113743f52a30"
content-security-policy-report-only
style-src 'self' 'unsafe-inline' https://login.bankaustria.at ; style-src-elem 'self' 'unsafe-inline' https://login.bankaustria.at ; img-src 'self' https://login.bankaustria.at https://at-assets.ucgstatic.eu blob: https://www.gstatic.com https://fonts.gstatic.com ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
content-type
image/png
server-timing
dtSInfo;desc="0", dtRpid;desc="-1112177227"
accept-ranges
bytes
x-cell-n
1
content-length
2566
x-xss-protection
1; mode=block
IconWerk2-mono-v05.woff
at-assets.ucgstatic.eu/etc/designs/gimb/fonts/
15 KB
16 KB
Font
General
Full URL
https://at-assets.ucgstatic.eu/etc/designs/gimb/fonts/IconWerk2-mono-v05.woff
Requested by
Host: login.bankaustria.at
URL: https://login.bankaustria.at/styles.784a1ee08c2d3dba8753.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.65.203.143 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-65-203-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ed52d1853f53680f3555bdb1df68e1fd7f9e05d0736ad4c178c1bc135c45bc3c
Security Headers
Name Value
Content-Security-Policy frame-src 'self' ; frame-ancestors 'self' ;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://login.bankaustria.at/
Origin
http://gruporioled.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
frame-src 'self' ; frame-ancestors 'self' ;
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
vts-h4
GN LM
etag
"3cb8"
date
Wed, 13 Mar 2024 21:57:32 GMT
content-security-policy-report-only
script-src 'self' 'unsafe-inline' ; script-src-elem 'self' 'unsafe-inline' ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
access-control-allow-origin
*
accept-ranges
bytes
content-length
15544
x-xss-protection
1; mode=block
unicredit-regular.otf
at-assets.ucgstatic.eu/etc/designs/gimb/fonts/
98 KB
42 KB
Font
General
Full URL
https://at-assets.ucgstatic.eu/etc/designs/gimb/fonts/unicredit-regular.otf
Requested by
Host: login.bankaustria.at
URL: https://login.bankaustria.at/styles.784a1ee08c2d3dba8753.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.65.203.143 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-65-203-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
963393f63d45aeaac62538ec34e43d160ee37b7f5de2aa13b3161ab432742d9f
Security Headers
Name Value
Content-Security-Policy frame-src 'self' ; frame-ancestors 'self' ;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://login.bankaustria.at/
Origin
http://gruporioled.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
frame-src 'self' ; frame-ancestors 'self' ;
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-encoding
gzip
vts-h4
GN LM
etag
"186c0"
date
Wed, 13 Mar 2024 21:57:32 GMT
content-security-policy-report-only
script-src 'self' 'unsafe-inline' ; script-src-elem 'self' 'unsafe-inline' ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
vary
Accept-Encoding
access-control-allow-origin
*
accept-ranges
bytes
content-length
42487
x-xss-protection
1; mode=block
unicredit-medium.otf
at-assets.ucgstatic.eu/etc/designs/gimb/fonts/
114 KB
47 KB
Font
General
Full URL
https://at-assets.ucgstatic.eu/etc/designs/gimb/fonts/unicredit-medium.otf
Requested by
Host: login.bankaustria.at
URL: https://login.bankaustria.at/styles.784a1ee08c2d3dba8753.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.65.203.143 Paris, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-65-203-143.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
04128b81d8363303ec8d2724ec3892f00ba147ed86ef90d91e121c85476a1234
Security Headers
Name Value
Content-Security-Policy frame-src 'self' ; frame-ancestors 'self' ;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://login.bankaustria.at/
Origin
http://gruporioled.com.br
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
frame-src 'self' ; frame-ancestors 'self' ;
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-encoding
gzip
vts-h4
GN LM
etag
"1c9fc"
date
Wed, 13 Mar 2024 21:57:32 GMT
content-security-policy-report-only
script-src 'self' 'unsafe-inline' ; script-src-elem 'self' 'unsafe-inline' ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
vary
Accept-Encoding
access-control-allow-origin
*
accept-ranges
bytes
content-length
47656
x-xss-protection
1; mode=block
wait
gruporioled.com.br/bankaustria/static/model/
64 KB
17 KB
XHR
General
Full URL
http://gruporioled.com.br/bankaustria/static/model/wait
Requested by
Host: gruporioled.com.br
URL: http://gruporioled.com.br/bankaustria/static/js/jquery-1.11.3.min.js
Protocol
HTTP/1.1
Server
162.241.60.120 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-60-120.unifiedlayer.com
Software
Apache /
Resource Hash
79e2f65d8a9a1ef95f837f7c4eb7e7835a13bb91c166727ca25d4a9d7dfd1426

Request headers

Accept
text/html, */*; q=0.01
Referer
http://gruporioled.com.br/bankaustria/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Wed, 13 Mar 2024 21:57:32 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
Keep-Alive
Link
<https://gruporioled.com.br/wp-json/>; rel="https://api.w.org/"
Content-Length
17395
Keep-Alive
timeout=5, max=69
Expires
Wed, 11 Jan 1984 05:00:00 GMT
/
ipgeolocation.abstractapi.com/v1/
967 B
1 KB
XHR
General
Full URL
https://ipgeolocation.abstractapi.com/v1/?api_key=75df5f8406ab47e4b5a8d7cd09088034
Requested by
Host: gruporioled.com.br
URL: http://gruporioled.com.br/bankaustria/static/js/jquery-1.11.3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.21.253.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-253-71.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8cb68b7d3a2c7575c9ba3b92a54dca5602721b8dce7aa74157b000212c2849ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
http://gruporioled.com.br/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 13 Mar 2024 21:57:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
same-origin
server
nginx/1.18.0 (Ubuntu)
vary
Cookie, Origin
allow
GET, HEAD, OPTIONS
content-type
application/json
x-frame-options
DENY
access-control-allow-origin
*
content-length
967
log
gruporioled.com.br/bankaustria/static/model/
64 KB
17 KB
XHR
General
Full URL
http://gruporioled.com.br/bankaustria/static/model/log
Requested by
Host: gruporioled.com.br
URL: http://gruporioled.com.br/bankaustria/static/js/jquery-1.11.3.min.js
Protocol
HTTP/1.1
Server
162.241.60.120 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-60-120.unifiedlayer.com
Software
Apache /
Resource Hash
79e2f65d8a9a1ef95f837f7c4eb7e7835a13bb91c166727ca25d4a9d7dfd1426

Request headers

Accept
text/html, */*; q=0.01
Referer
http://gruporioled.com.br/bankaustria/
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Wed, 13 Mar 2024 21:57:32 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
Keep-Alive
Link
<https://gruporioled.com.br/wp-json/>; rel="https://api.w.org/"
Content-Length
17395
Keep-Alive
timeout=5, max=68
Expires
Wed, 11 Jan 1984 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Unicredit (Banking)

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| firebase object| $jscomp function| callview function| submitlogin function| tel function| showerror function| hideerror function| newVisitor function| writeCookie function| readCookie function| readText function| onloadfunction function| gologin object| resultabstactapi string| varval string| mailcache string| waiting

0 Cookies

4 Console Messages

Source Level URL
Text
network error URL: http://gruporioled.com.br/content/dam/gimb/at/Common%20area/BAMofUC-logo-flat.svg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://gruporioled.com.br/ruxitagentjs_ICA27NVdfghijoqrux_10261230220152234.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://gruporioled.com.br/bankaustria/static/model/wait
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://gruporioled.com.br/bankaustria/static/model/log
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

at-assets.ucgstatic.eu
gruporioled.com.br
ipgeolocation.abstractapi.com
login.bankaustria.at
107.21.253.71
162.241.60.120
23.65.203.143
03f64a4e3a0b274988a9573bff90344401b3c58bfff26eec0090f57a397a97ea
04128b81d8363303ec8d2724ec3892f00ba147ed86ef90d91e121c85476a1234
138eda952719e15e5343f2fdf4ad5890b0588839ce5a7c5c2258e6e14a5d27b3
14fcf0f22a5e48daed3bf981ac816103c8c68bfbd16ab8bbd5c38352d702c4d9
208b4feaf8e35d6c6cc15eb83133d392297a0723562bc07d584d17bbea505514
3d012f15a3bcc342db4e1d02525a9c25c9f0ee11858343136c6e5548460221db
5f8e21f061de1874e4af063f095a389187c40583c9033946e406a8bb825ca358
6704c8c217305558f1238332118ecb9184dfc060541bf9bf09b8b35bed5d7789
6c4ba1c662b440b3aefe5e5147ea2df72f80e510e4979c65485a7b0fff894e37
705a4996f7b4dbd5bc22eec596d9b6480563938c73dec3f7f57ad31403b9e790
77bc6befe77932a63a82927a6b6b07e0e4e4971ce275532fde5f7ebe964d4929
79e2f65d8a9a1ef95f837f7c4eb7e7835a13bb91c166727ca25d4a9d7dfd1426
8bdc9d15752e1eeab7b682b952c2b839f02a942236fb5373fd854a9e52361dd9
8cb68b7d3a2c7575c9ba3b92a54dca5602721b8dce7aa74157b000212c2849ab
8d0f1d6ac47b48b9d5e10b81fd8c81c1d254d839ee690604b845d1bb68c85733
963393f63d45aeaac62538ec34e43d160ee37b7f5de2aa13b3161ab432742d9f
9ba28c18fb75f3a6fcee96df6421c475570a4161b0c59637b878d7b4520169c3
d2a581a44777e10ff328ea0bd91f0da802af4d9d8b5f5a7f3d5473560e338fb6
d7d2640fe6a4d1fffff63feaedc932df97522a06845016952e173b753fd47640
e41c557c2dcc8f98c3bb29c83a23b4cf79b4606e9fe6e692331e128ccecc51f6
e556970daffaaa792d747bc5a7ed2d7d256913abddc89c37ab259e786873e4af
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ed52d1853f53680f3555bdb1df68e1fd7f9e05d0736ad4c178c1bc135c45bc3c