unllcredllt.com Open in urlscan Pro
172.67.133.131 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://unllcredllt.com/
Submission: On April 25 via api (April 25th 2024, 12:08:00 pm UTC) from US — Scanned from DE

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 172.67.133.131, located in United States and belongs to CLOUDFLARENET, US. The main domain is unllcredllt.com.
TLS certificate: Issued by E1 on April 25th 2024. Valid for: 3 months.

This is the only time unllcredllt.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Unicredit (Banking)

Domain & IP information

	IP Address		AS Autonomous System
11	172.67.133.131 172.67.133.131		13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	1

11 172.67.133.131 (United States)

ASN13335 (CLOUDFLARENET, US)

unllcredllt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	unllcredllt.com unllcredllt.com	500 KB
11	1

	Domain	Requested by
11	unllcredllt.com	unllcredllt.com
11	1

This site contains no links.

Subject Issuer	Validity	Valid
unllcredllt.com E1	`2024-04-25` - `2024-07-24`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://unllcredllt.com/
Frame ID: 3FF26244F3718D31C9639C80B30CFC6B
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

My UniCredit Banking

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Ionicons (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+ionicons(?:\.min)?\.css

Page Statistics

11
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

500 kB
Transfer

795 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
unllcredllt.com/ 5 KB
2 KB 571ms
412ms Document
text/html 172.67.133.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unllcredllt.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.133.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3e961cdfcabb381b35f856e821d6e4214737c6984ec40801ad0faeb520fa2de

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 879e372c5c071e55-FRA
content-encoding: br
content-type: text/html
date: Thu, 25 Apr 2024 12:07:55 GMT
last-modified: Thu, 25 Apr 2024 13:42:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: same-origin same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3kZvDjPrd3j2umFhJcuEnDfQpLcmUEb098nGu74qWw7b3yNj4rbHDhirej5vRacZn8irwsUw65obGqFqb92lAqiKHUVWOLB1yfQCepbM%2FpxnTX7l7nndYyOveVS1tvPQCkM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff nosniff
x-frame-options: SAMEORIGIN SAMEORIGIN
x-permitted-cross-domain-policies: master-only master-only
x-xss-protection: 1; mode=block 1; mode=block

GET
H3 200 bootstrap.min.css
unllcredllt.com/assets/bootstrap/css/ 227 KB
33 KB 459ms
457ms Stylesheet
text/css 172.67.133.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://unllcredllt.com/assets/bootstrap/css/bootstrap.min.css
Requested by: Host: unllcredllt.com
URL: https://unllcredllt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.133.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b4b080b4438819e21e302be4b5a4c02b6316da27495604c610f25d3c165225e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://unllcredllt.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 12:07:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 25 Apr 2024 13:40:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"662a5d66-38dc7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JCQ4TcNPP5VURl6lFOoPfvt%2FYPn8rmqrd6SEU%2FhFlQMGIQ4bmd1j%2FdffsvZWXTnkkiXBfgdlRG73ePyhW242YPxZAlitO4Ef0UScA5CxzV%2B6nOEfQCzD3UrbDqxPu9DgXkc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 879e372effd21e55-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 ionicons.min.css
unllcredllt.com/assets/fonts/ 50 KB
8 KB 428ms
427ms Stylesheet
text/css 172.67.133.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://unllcredllt.com/assets/fonts/ionicons.min.css
Requested by: Host: unllcredllt.com
URL: https://unllcredllt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.133.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de2bbd8e0b32f53a53c1729bedb350cea59e9115fba4f2bed8e2e3dd1f76d9fa

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://unllcredllt.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 12:07:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 25 Apr 2024 13:40:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"662a5d66-c854"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oMFe73EuCUT2TRzAvGiqf5oA%2F7T7rXy3jnklERLaRX%2B0C%2BTA2KdvyTRfnzv7%2Bvyny9vcauf8wlyx0uHlUOP%2FjZKmpCPwbh2jlGI2sOB%2FFCw0XypaRu8xWk9kZs6%2FrhmpuUA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 879e372effd51e55-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 styles.css
unllcredllt.com/assets/css/ 195 B
561 B 415ms
413ms Stylesheet
text/css 172.67.133.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://unllcredllt.com/assets/css/styles.css
Requested by: Host: unllcredllt.com
URL: https://unllcredllt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.133.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c123957af2652c051453758356b8ac074193732f5d0b92f985b2896363db7876

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://unllcredllt.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 12:07:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 25 Apr 2024 13:40:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"662a5d66-c3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UGofHO61sxUDHVJ8mE3mH7z8sYE%2BVp8TB48pkdOiLg8%2BNSiA35W5CIHwUo4aiO55M1s0AXL3UvZXEWnRlgmdDS0vYpHaq7ejdXhfgleIsp%2BWF0cMDTF3sBrZN7shu3D%2FqYA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 879e372effd71e55-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 logo_uc.png
unllcredllt.com/assets/img/ 4 KB
4 KB 421ms
419ms Image
image/png 172.67.133.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://unllcredllt.com/assets/img/logo_uc.png
Requested by: Host: unllcredllt.com
URL: https://unllcredllt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.133.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 807e575b3390b8e07a59b8fbd6140eb2909929d461e8ab5a5510c78375ff6ef3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://unllcredllt.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 12:07:56 GMT
cf-cache-status: MISS
last-modified: Thu, 25 Apr 2024 13:40:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"662a5d66-e79"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1FAVnSJtHUXm%2BwZtIfqjgiwMzhpBFgyn8WIkmLQn%2BQM4Zocyh8v1qFMWjfLvVKJdEAmPD8WSAHfDblVqsVhaoYgftNQze9hdm6NVgIPaGn3okh%2BdPl2gLW88S1aMAjxrDCU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 879e372effd91e55-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 image-removebg-preview.png
unllcredllt.com/assets/img/ 239 KB
240 KB 497ms
496ms Image
image/png 172.67.133.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://unllcredllt.com/assets/img/image-removebg-preview.png
Requested by: Host: unllcredllt.com
URL: https://unllcredllt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.133.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdce9e8a0d13e8d59ce315cc1afc995bce4738d5b14dc0c3b6133edcd0ffc625

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://unllcredllt.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 12:07:56 GMT
cf-cache-status: MISS
last-modified: Thu, 25 Apr 2024 13:40:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"662a5d66-3bd6b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XPqXJcB561tt6lMyg%2Fn8zH4JVGnnp6LY4lg2soMVH5y%2FyIY%2BCCOXsJSQcQZ3RJT4cPMxnblbq9lDeYHAfdwL2KKsYQ1jr0VhLbrvOtMM10vizBdURxX1%2Ft3JWeiTrA88OKg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 879e372effda1e55-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 bootstrap.min.js Show response
unllcredllt.com/assets/bootstrap/js/ 79 KB
24 KB 558ms
557ms Script
application/javascript 172.67.133.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://unllcredllt.com/assets/bootstrap/js/bootstrap.min.js
Requested by: Host: unllcredllt.com
URL: https://unllcredllt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.133.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66af34efad8ad6be518c955fb42163a9f1178a2f51b6b16e7864a46973b04349

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://unllcredllt.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 12:07:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 25 Apr 2024 13:40:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"662a5d66-13ae7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O04n70zZqifMFe%2FEMZhueSMSj8cUoPQ6vIusvnZT5zDKh1lAzD6uKVHBXgvEn3br%2FE%2FWEuQ3b09pBRJfBZLTGl7D4L9S%2BsIwLM7bD5JDQKEhzsG4qV2vIGad6PK27SPcucU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 879e372f1ffa1e55-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 loader.js Show response
unllcredllt.com/assets/js/ 207 B
585 B 570ms
569ms Script
application/javascript 172.67.133.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://unllcredllt.com/assets/js/loader.js
Requested by: Host: unllcredllt.com
URL: https://unllcredllt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.133.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 084f860cd6e1fdaebdb930348fb960da894e0fe7dd21c50d67c45c3366f30ba8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://unllcredllt.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 12:07:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 25 Apr 2024 13:55:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"662a60c6-cf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K3KSWXd6%2BV22fAw4Bd6C9WbQgQx%2BHP7AYwAnuALwGtefdF7dGj1Ub4%2F7%2Bd5G1GQcQN721VdrnyVQtCzUTAvKmRCch8jz9bG2U3xsf7Np2hwi0JqFe0ysgs4XtGGe1BsbOYk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 879e372f18001e55-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 untitled.js Show response
unllcredllt.com/assets/js/ 797 B
814 B 570ms
570ms Script
application/javascript 172.67.133.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://unllcredllt.com/assets/js/untitled.js
Requested by: Host: unllcredllt.com
URL: https://unllcredllt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.133.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55d1fc42254f068017d5e1db6b0f4d6fee00bd3b6121759733095fc98d20957d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://unllcredllt.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 12:07:56 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 25 Apr 2024 13:40:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"662a5d66-31d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CgGF9jHBlYk8sWj8FmMNySTbEFDnzF8Xsz9DmK2Eyft0aX%2BTQBqrJ9pdaLGIH7E4DC%2FochV0vLWZeaKHxJxqFBmeBOvAhHl9WykL2JejTzzfHtVHrv8UgvS3dgoxb6HbW90%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 879e372f18021e55-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 ionicons.ttf
unllcredllt.com/assets/fonts/ 184 KB
185 KB 465ms
465ms Font
application/octet-stream 172.67.133.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://unllcredllt.com/assets/fonts/ionicons.ttf?v=2.0.0
Requested by: Host: unllcredllt.com
URL: https://unllcredllt.com/assets/fonts/ionicons.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.133.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://unllcredllt.com/assets/fonts/ionicons.min.css
Origin: https://unllcredllt.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 12:07:56 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 188508
last-modified: Thu, 25 Apr 2024 13:40:54 GMT
server: cloudflare
etag: "662a5d66-2e05c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=muvPo%2FVM9VVlkEmnwynZUukXbpgODOcmagcn3BddOcdnrCsza5q7R9Ux9QaWjbEK7oWCSMPK4ITuh3OuXAhBnO3tnRoyRfGus9sug88%2BG6%2F8ssr1wL7y11xpNJMZF1xo9b8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 879e37322be11e55-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 favicon.ico
unllcredllt.com/ 5 KB
2 KB 51ms
51ms Other
image/x-icon 172.67.133.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://unllcredllt.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.133.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c19f24d43d79049bdff012eea2f30b9486ca60f0917f25141dfd5fdc963a1f9d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://unllcredllt.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 12:07:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 738
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 25 Apr 2024 13:40:04 GMT
server: cloudflare
etag: W/"662a5d34-1536"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OsweBH9Z1RYdS3zrzANgADfAjV70ytgiVuD%2BcAjpXSMWfkmMN%2FiKu5EJhxAaSCxZMlEcYP0IQRen%2FaldyYm9r1u%2BEvkPIQsSt1YhngxOkWGQAttK3XvRvJF5gHyi3ztsobQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 879e373558801e55-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Unicredit (Banking)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| uidEvent object| bootstrap function| cislo

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://unllcredllt.com/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

unllcredllt.com
172.67.133.131
084f860cd6e1fdaebdb930348fb960da894e0fe7dd21c50d67c45c3366f30ba8
2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9
3b4b080b4438819e21e302be4b5a4c02b6316da27495604c610f25d3c165225e
55d1fc42254f068017d5e1db6b0f4d6fee00bd3b6121759733095fc98d20957d
66af34efad8ad6be518c955fb42163a9f1178a2f51b6b16e7864a46973b04349
807e575b3390b8e07a59b8fbd6140eb2909929d461e8ab5a5510c78375ff6ef3
c123957af2652c051453758356b8ac074193732f5d0b92f985b2896363db7876
c19f24d43d79049bdff012eea2f30b9486ca60f0917f25141dfd5fdc963a1f9d
c3e961cdfcabb381b35f856e821d6e4214737c6984ec40801ad0faeb520fa2de
de2bbd8e0b32f53a53c1729bedb350cea59e9115fba4f2bed8e2e3dd1f76d9fa
fdce9e8a0d13e8d59ce315cc1afc995bce4738d5b14dc0c3b6133edcd0ffc625

unllcredllt.com Open in urlscan Pro 172.67.133.131 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

500 kBTransfer

795 kBSize

0 Cookies

0 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

unllcredllt.com Open in urlscan Pro
172.67.133.131 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

500 kB
Transfer

795 kB
Size

0
Cookies

11 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!