urlscan.io logo urlscan.io
SecurityTrails logo

gruporioled.com.br Open in urlscan Pro
162.241.60.120  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://gruporioled.com.br/bankaustria/#2odbsx6gh0bpc7us9rld
Effective URL: https://gruporioled.com.br/bankaustria/
Submission: On July 04 via automatic, source phishtank — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 26 HTTP transactions. The main IP is 162.241.60.120, located in United States and belongs to NETWORK-SOLUTIONS-HOSTING, US. The main domain is gruporioled.com.br.
TLS certificate: Issued by R3 on May 31st 2024. Valid for: 3 months.
This is the only time gruporioled.com.br was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Unicredit (Banking)

Domain & IP information

IP Address AS Autonomous System
11 162.241.60.120 19871 (NETWORK-S...)
14 23.45.105.216 16625 (AKAMAI-AS)
1 34.232.153.227 14618 (AMAZON-AES)
26 3
Apex Domain
Subdomains		 Transfer
11 gruporioled.com.br
gruporioled.com.br
231 KB
9 bankaustria.at
login.bankaustria.at
79 KB
5 ucgstatic.eu
at-assets.ucgstatic.eu
351 KB
1 abstractapi.com
ipgeolocation.abstractapi.com — Cisco Umbrella Rank: 98217
1 KB
26 4
Domain Requested by
11 gruporioled.com.br gruporioled.com.br
9 login.bankaustria.at gruporioled.com.br
login.bankaustria.at
5 at-assets.ucgstatic.eu login.bankaustria.at
gruporioled.com.br
1 ipgeolocation.abstractapi.com gruporioled.com.br
26 4

This site contains links to these domains. Also see Links.

Domain
banking.bankaustria.at
Subject Issuer Validity Valid
*.gruporioled.com.br
R3		 2024-05-31 -
2024-08-29		 3 months crt.sh
www.bankaustria.at
Actalis Organization Validated Server CA G3		 2024-03-14 -
2025-03-14		 a year crt.sh
ipgeolocation.abstractapi.com
Amazon RSA 2048 M02		 2024-03-23 -
2025-04-21		 a year crt.sh

This page contains 1 frames:

Primary Page: https://gruporioled.com.br/bankaustria/
Frame ID: CF77BDF4C362FCE0B9D1F5C4C272668C
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bank Austria

Detected technologies

Overall confidence: 100%
Detected patterns
  • /etc/designs/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

26
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

663 kB
Transfer

1336 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
gruporioled.com.br/bankaustria/ 		42 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gruporioled.com.br/bankaustria/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.120 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-60-120.unifiedlayer.com
Software
Apache /
Resource Hash
3d012f15a3bcc342db4e1d02525a9c25c9f0ee11858343136c6e5548460221db

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
8555
content-type
text/html
date
Thu, 04 Jul 2024 04:39:16 GMT
last-modified
Thu, 01 Jun 2023 14:17:51 GMT
server
Apache
vary
Accept-Encoding
ruxitagentjs_ICA27NVdfghijoqrux_10261230220152234.js
gruporioled.com.br/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://gruporioled.com.br/ruxitagentjs_ICA27NVdfghijoqrux_10261230220152234.js
Requested by
Host: gruporioled.com.br
URL: https://gruporioled.com.br/bankaustria/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.120 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-60-120.unifiedlayer.com
Software
Apache /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gruporioled.com.br/bankaustria/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:39:16 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
link
<https://gruporioled.com.br/wp-json/>; rel="https://api.w.org/"
content-length
17388
expires
Wed, 11 Jan 1984 05:00:00 GMT
styles.784a1ee08c2d3dba8753.css
login.bankaustria.at/ 		194 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.bankaustria.at/styles.784a1ee08c2d3dba8753.css
Requested by
Host: gruporioled.com.br
URL: https://gruporioled.com.br/bankaustria/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.105.216 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-105-216.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
138eda952719e15e5343f2fdf4ad5890b0588839ce5a7c5c2258e6e14a5d27b3
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gruporioled.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
x-content-type-options
nosniff
date
Thu, 04 Jul 2024 04:39:16 GMT
content-encoding
gzip
content-security-policy-report-only
style-src 'self' 'unsafe-inline' https://login.bankaustria.at ; style-src-elem 'self' 'unsafe-inline' https://login.bankaustria.at ; img-src 'self' https://login.bankaustria.at https://at-assets.ucgstatic.eu blob: https://www.gstatic.com https://fonts.gstatic.com ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
server-timing
dtSInfo;desc="0", dtRpid;desc="-336514019"
x-cell-n
1
content-length
26917
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 27 May 2024 22:01:03 GMT
x-cell
ON
etag
"306b3-61976a74917ed"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
121-icon01.png
login.bankaustria.at/assets/icons/ 		924 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.bankaustria.at/assets/icons/121-icon01.png?121L=Ready&1685628541267
Requested by
Host: gruporioled.com.br
URL: https://gruporioled.com.br/bankaustria/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.105.216 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-105-216.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
705a4996f7b4dbd5bc22eec596d9b6480563938c73dec3f7f57ad31403b9e790
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gruporioled.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Mon, 27 May 2024 22:01:03 GMT
x-cell
ON
date
Thu, 04 Jul 2024 04:39:16 GMT
etag
"39c-61976a749d36d"
content-security-policy-report-only
style-src 'self' 'unsafe-inline' https://login.bankaustria.at ; style-src-elem 'self' 'unsafe-inline' https://login.bankaustria.at ; img-src 'self' https://login.bankaustria.at https://at-assets.ucgstatic.eu blob: https://www.gstatic.com https://fonts.gstatic.com ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
content-type
image/png
server-timing
dtSInfo;desc="0", dtRpid;desc="-1706777854"
accept-ranges
bytes
x-cell-n
1
content-length
924
x-xss-protection
1; mode=block
BAMofUC-logo-flat.svg
gruporioled.com.br/content/dam/gimb/at/Common%20area/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gruporioled.com.br/content/dam/gimb/at/Common%20area/BAMofUC-logo-flat.svg
Requested by
Host: gruporioled.com.br
URL: https://gruporioled.com.br/bankaustria/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.120 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-60-120.unifiedlayer.com
Software
Apache /
Resource Hash
d4cda931633edf068679e5d9afe47749cbac51256f7ab741a26bc0e2fc48eab1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gruporioled.com.br/bankaustria/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:39:16 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
link
<https://gruporioled.com.br/wp-json/>; rel="https://api.w.org/"
content-length
17388
expires
Wed, 11 Jan 1984 05:00:00 GMT
jquery-1.11.3.min.js
gruporioled.com.br/bankaustria/static/js/ 		94 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gruporioled.com.br/bankaustria/static/js/jquery-1.11.3.min.js
Requested by
Host: gruporioled.com.br
URL: https://gruporioled.com.br/bankaustria/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.120 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-60-120.unifiedlayer.com
Software
Apache /
Resource Hash
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gruporioled.com.br/bankaustria/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:39:16 GMT
content-encoding
gzip
last-modified
Thu, 01 Jun 2023 14:17:51 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding
content-type
application/javascript
firebase-app.js
gruporioled.com.br/bankaustria/static/js/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gruporioled.com.br/bankaustria/static/js/firebase-app.js
Requested by
Host: gruporioled.com.br
URL: https://gruporioled.com.br/bankaustria/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.120 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-60-120.unifiedlayer.com
Software
Apache /
Resource Hash
6704c8c217305558f1238332118ecb9184dfc060541bf9bf09b8b35bed5d7789

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gruporioled.com.br/bankaustria/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:39:16 GMT
content-encoding
gzip
last-modified
Thu, 01 Jun 2023 14:17:51 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
7942
firebase-database.js
gruporioled.com.br/bankaustria/static/js/ 		188 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gruporioled.com.br/bankaustria/static/js/firebase-database.js
Requested by
Host: gruporioled.com.br
URL: https://gruporioled.com.br/bankaustria/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.120 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-60-120.unifiedlayer.com
Software
Apache /
Resource Hash
d7d2640fe6a4d1fffff63feaedc932df97522a06845016952e173b753fd47640

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gruporioled.com.br/bankaustria/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:39:17 GMT
content-encoding
gzip
last-modified
Thu, 01 Jun 2023 14:17:51 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding
content-type
application/javascript
jquery.mask.min.js
gruporioled.com.br/bankaustria/static/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gruporioled.com.br/bankaustria/static/js/jquery.mask.min.js
Requested by
Host: gruporioled.com.br
URL: https://gruporioled.com.br/bankaustria/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.120 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-60-120.unifiedlayer.com
Software
Apache /
Resource Hash
5f8e21f061de1874e4af063f095a389187c40583c9033946e406a8bb825ca358

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gruporioled.com.br/bankaustria/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:39:17 GMT
content-encoding
gzip
last-modified
Thu, 01 Jun 2023 14:17:51 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
3442
jquery.payment.min.js
gruporioled.com.br/bankaustria/static/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gruporioled.com.br/bankaustria/static/js/jquery.payment.min.js
Requested by
Host: gruporioled.com.br
URL: https://gruporioled.com.br/bankaustria/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.120 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-60-120.unifiedlayer.com
Software
Apache /
Resource Hash
6c4ba1c662b440b3aefe5e5147ea2df72f80e510e4979c65485a7b0fff894e37

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gruporioled.com.br/bankaustria/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:39:17 GMT
content-encoding
gzip
last-modified
Thu, 01 Jun 2023 14:17:51 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
3121
script.js
gruporioled.com.br/bankaustria/static/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gruporioled.com.br/bankaustria/static/js/script.js
Requested by
Host: gruporioled.com.br
URL: https://gruporioled.com.br/bankaustria/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.120 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-60-120.unifiedlayer.com
Software
Apache /
Resource Hash
8bdc9d15752e1eeab7b682b952c2b839f02a942236fb5373fd854a9e52361dd9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gruporioled.com.br/bankaustria/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:39:17 GMT
content-encoding
gzip
last-modified
Thu, 01 Jun 2023 14:17:51 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
3334
sprite-common.3e5b2c121f315bbb93fb.png
login.bankaustria.at/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.bankaustria.at/sprite-common.3e5b2c121f315bbb93fb.png
Requested by
Host: login.bankaustria.at
URL: https://login.bankaustria.at/styles.784a1ee08c2d3dba8753.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.105.216 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-105-216.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9ba28c18fb75f3a6fcee96df6421c475570a4161b0c59637b878d7b4520169c3
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.bankaustria.at/styles.784a1ee08c2d3dba8753.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Mon, 27 May 2024 22:01:03 GMT
x-cell
ON
date
Thu, 04 Jul 2024 04:39:17 GMT
etag
"58ad-61976a748f4c4"
content-security-policy-report-only
style-src 'self' 'unsafe-inline' https://login.bankaustria.at ; style-src-elem 'self' 'unsafe-inline' https://login.bankaustria.at ; img-src 'self' https://login.bankaustria.at https://at-assets.ucgstatic.eu blob: https://www.gstatic.com https://fonts.gstatic.com ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
content-type
image/png
server-timing
dtSInfo;desc="0", dtRpid;desc="-1524372004"
accept-ranges
bytes
x-cell-n
1
content-length
22701
x-xss-protection
1; mode=block
logo-bank-austria.7e424a2ba17a0f3748e9.svg
login.bankaustria.at/ 		9 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.bankaustria.at/logo-bank-austria.7e424a2ba17a0f3748e9.svg
Requested by
Host: login.bankaustria.at
URL: https://login.bankaustria.at/styles.784a1ee08c2d3dba8753.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.105.216 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-105-216.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
208b4feaf8e35d6c6cc15eb83133d392297a0723562bc07d584d17bbea505514
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.bankaustria.at/styles.784a1ee08c2d3dba8753.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
x-content-type-options
nosniff
date
Thu, 04 Jul 2024 04:39:17 GMT
content-encoding
gzip
content-security-policy-report-only
style-src 'self' 'unsafe-inline' https://login.bankaustria.at ; style-src-elem 'self' 'unsafe-inline' https://login.bankaustria.at ; img-src 'self' https://login.bankaustria.at https://at-assets.ucgstatic.eu blob: https://www.gstatic.com https://fonts.gstatic.com ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
server-timing
dtSInfo;desc="0", dtRpid;desc="-1775616626"
x-cell-n
1
content-length
3309
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 27 May 2024 22:01:03 GMT
x-cell
ON
etag
"243b-61976a74844fc"
vary
Accept-Encoding
content-type
image/svg+xml
accept-ranges
bytes
unicredit-light.otf
at-assets.ucgstatic.eu/etc/designs/gimb/fonts/ 		102 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://at-assets.ucgstatic.eu/etc/designs/gimb/fonts/unicredit-light.otf
Requested by
Host: login.bankaustria.at
URL: https://login.bankaustria.at/styles.784a1ee08c2d3dba8753.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.105.216 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-105-216.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d2a581a44777e10ff328ea0bd91f0da802af4d9d8b5f5a7f3d5473560e338fb6
Security Headers
Name Value
Content-Security-Policy frame-src 'self' ; frame-ancestors 'self' ;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.bankaustria.at/
Origin
https://gruporioled.com.br
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
frame-src 'self' ; frame-ancestors 'self' ;
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-encoding
gzip
vts-h4
GN LM
etag
"19930"
date
Thu, 04 Jul 2024 04:39:17 GMT
content-security-policy-report-only
script-src 'self' 'unsafe-inline' ; script-src-elem 'self' 'unsafe-inline' ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
vary
Accept-Encoding
access-control-allow-origin
*
accept-ranges
bytes
content-length
43445
x-xss-protection
1; mode=block
ico-infologin.053916b87369ee8dcb7c.png
login.bankaustria.at/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.bankaustria.at/ico-infologin.053916b87369ee8dcb7c.png
Requested by
Host: gruporioled.com.br
URL: https://gruporioled.com.br/bankaustria/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.105.216 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-105-216.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e41c557c2dcc8f98c3bb29c83a23b4cf79b4606e9fe6e692331e128ccecc51f6
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gruporioled.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Mon, 27 May 2024 22:01:03 GMT
x-cell
ON
date
Thu, 04 Jul 2024 04:39:17 GMT
etag
"647-61976a7481a04"
content-security-policy-report-only
style-src 'self' 'unsafe-inline' https://login.bankaustria.at ; style-src-elem 'self' 'unsafe-inline' https://login.bankaustria.at ; img-src 'self' https://login.bankaustria.at https://at-assets.ucgstatic.eu blob: https://www.gstatic.com https://fonts.gstatic.com ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
content-type
image/png
server-timing
dtSInfo;desc="0", dtRpid;desc="1430780187"
accept-ranges
bytes
x-cell-n
1
content-length
1607
x-xss-protection
1; mode=block
sprite-lang-at.0b5293ce47991ab4293d.png
login.bankaustria.at/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.bankaustria.at/sprite-lang-at.0b5293ce47991ab4293d.png
Requested by
Host: gruporioled.com.br
URL: https://gruporioled.com.br/bankaustria/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.105.216 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-105-216.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
14fcf0f22a5e48daed3bf981ac816103c8c68bfbd16ab8bbd5c38352d702c4d9
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gruporioled.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Mon, 27 May 2024 22:01:03 GMT
x-cell
ON
date
Thu, 04 Jul 2024 04:39:17 GMT
etag
"834-61976a749007c"
content-security-policy-report-only
style-src 'self' 'unsafe-inline' https://login.bankaustria.at ; style-src-elem 'self' 'unsafe-inline' https://login.bankaustria.at ; img-src 'self' https://login.bankaustria.at https://at-assets.ucgstatic.eu blob: https://www.gstatic.com https://fonts.gstatic.com ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
content-type
image/png
server-timing
dtSInfo;desc="0", dtRpid;desc="1711681996"
accept-ranges
bytes
x-cell-n
1
content-length
2100
x-xss-protection
1; mode=block
sprite-lang-en.710420b130f6d415cd2d.png
login.bankaustria.at/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.bankaustria.at/sprite-lang-en.710420b130f6d415cd2d.png
Requested by
Host: gruporioled.com.br
URL: https://gruporioled.com.br/bankaustria/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.105.216 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-105-216.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e556970daffaaa792d747bc5a7ed2d7d256913abddc89c37ab259e786873e4af
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gruporioled.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Mon, 27 May 2024 22:01:03 GMT
x-cell
ON
date
Thu, 04 Jul 2024 04:39:17 GMT
etag
"145a-61976a749084c"
content-security-policy-report-only
style-src 'self' 'unsafe-inline' https://login.bankaustria.at ; style-src-elem 'self' 'unsafe-inline' https://login.bankaustria.at ; img-src 'self' https://login.bankaustria.at https://at-assets.ucgstatic.eu blob: https://www.gstatic.com https://fonts.gstatic.com ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
content-type
image/png
server-timing
dtSInfo;desc="0", dtRpid;desc="-1363912667"
accept-ranges
bytes
x-cell-n
1
content-length
5210
x-xss-protection
1; mode=block
1683702467764.png
at-assets.ucgstatic.eu/content/gimb2_at/de/login/login/jcr:content/content_parsys/bordercontainer/wcm/wcmparsys/WCMparsys_cont/verticalbanner/img.img.png/ 		203 KB
204 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://at-assets.ucgstatic.eu/content/gimb2_at/de/login/login/jcr:content/content_parsys/bordercontainer/wcm/wcmparsys/WCMparsys_cont/verticalbanner/img.img.png/1683702467764.png
Requested by
Host: gruporioled.com.br
URL: https://gruporioled.com.br/bankaustria/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.105.216 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-105-216.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ddee286bdeb36ce66fbd672136f76aa929947f90966342aba352464337182f3c
Security Headers
Name Value
Content-Security-Policy frame-src 'self' ; frame-ancestors 'self' ;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gruporioled.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
frame-src 'self' ; frame-ancestors 'self' ;
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
date
Thu, 04 Jul 2024 04:39:17 GMT
etag
"32c2f"
content-security-policy-report-only
script-src 'self' 'unsafe-inline' ; script-src-elem 'self' 'unsafe-inline' ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
207919
x-xss-protection
1; mode=block
vts-h2
FP FD FR
expires
Sat, 03 Aug 2024 04:39:17 GMT
footer_spriteAT.a2190986effe21e90449.png
login.bankaustria.at/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.bankaustria.at/footer_spriteAT.a2190986effe21e90449.png
Requested by
Host: login.bankaustria.at
URL: https://login.bankaustria.at/styles.784a1ee08c2d3dba8753.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.105.216 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-105-216.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
03f64a4e3a0b274988a9573bff90344401b3c58bfff26eec0090f57a397a97ea
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.bankaustria.at/styles.784a1ee08c2d3dba8753.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
last-modified
Mon, 27 May 2024 22:01:03 GMT
x-cell
ON
date
Thu, 04 Jul 2024 04:39:17 GMT
etag
"a06-61976a748067c"
content-security-policy-report-only
style-src 'self' 'unsafe-inline' https://login.bankaustria.at ; style-src-elem 'self' 'unsafe-inline' https://login.bankaustria.at ; img-src 'self' https://login.bankaustria.at https://at-assets.ucgstatic.eu blob: https://www.gstatic.com https://fonts.gstatic.com ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
content-type
image/png
server-timing
dtSInfo;desc="0", dtRpid;desc="-1786010200"
accept-ranges
bytes
x-cell-n
1
content-length
2566
x-xss-protection
1; mode=block
IconWerk2-mono-v05.woff
at-assets.ucgstatic.eu/etc/designs/gimb/fonts/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://at-assets.ucgstatic.eu/etc/designs/gimb/fonts/IconWerk2-mono-v05.woff
Requested by
Host: login.bankaustria.at
URL: https://login.bankaustria.at/styles.784a1ee08c2d3dba8753.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.105.216 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-105-216.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ed52d1853f53680f3555bdb1df68e1fd7f9e05d0736ad4c178c1bc135c45bc3c
Security Headers
Name Value
Content-Security-Policy frame-src 'self' ; frame-ancestors 'self' ;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.bankaustria.at/
Origin
https://gruporioled.com.br
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
frame-src 'self' ; frame-ancestors 'self' ;
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
vts-h4
GN LM
etag
"3cb8"
date
Thu, 04 Jul 2024 04:39:17 GMT
content-security-policy-report-only
script-src 'self' 'unsafe-inline' ; script-src-elem 'self' 'unsafe-inline' ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
access-control-allow-origin
*
accept-ranges
bytes
content-length
15544
x-xss-protection
1; mode=block
unicredit-regular.otf
at-assets.ucgstatic.eu/etc/designs/gimb/fonts/ 		98 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://at-assets.ucgstatic.eu/etc/designs/gimb/fonts/unicredit-regular.otf
Requested by
Host: login.bankaustria.at
URL: https://login.bankaustria.at/styles.784a1ee08c2d3dba8753.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.105.216 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-105-216.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
963393f63d45aeaac62538ec34e43d160ee37b7f5de2aa13b3161ab432742d9f
Security Headers
Name Value
Content-Security-Policy frame-src 'self' ; frame-ancestors 'self' ;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.bankaustria.at/
Origin
https://gruporioled.com.br
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
frame-src 'self' ; frame-ancestors 'self' ;
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-encoding
gzip
vts-h4
GN LM
etag
"186c0"
date
Thu, 04 Jul 2024 04:39:17 GMT
content-security-policy-report-only
script-src 'self' 'unsafe-inline' ; script-src-elem 'self' 'unsafe-inline' ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
vary
Accept-Encoding
access-control-allow-origin
*
accept-ranges
bytes
content-length
42487
x-xss-protection
1; mode=block
unicredit-medium.otf
at-assets.ucgstatic.eu/etc/designs/gimb/fonts/ 		114 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://at-assets.ucgstatic.eu/etc/designs/gimb/fonts/unicredit-medium.otf
Requested by
Host: login.bankaustria.at
URL: https://login.bankaustria.at/styles.784a1ee08c2d3dba8753.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.105.216 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-105-216.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
04128b81d8363303ec8d2724ec3892f00ba147ed86ef90d91e121c85476a1234
Security Headers
Name Value
Content-Security-Policy frame-src 'self' ; frame-ancestors 'self' ;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://login.bankaustria.at/
Origin
https://gruporioled.com.br
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
frame-src 'self' ; frame-ancestors 'self' ;
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-encoding
gzip
vts-h4
GN LM
etag
"1c9fc"
date
Thu, 04 Jul 2024 04:39:17 GMT
content-security-policy-report-only
script-src 'self' 'unsafe-inline' ; script-src-elem 'self' 'unsafe-inline' ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
vary
Accept-Encoding
access-control-allow-origin
*
accept-ranges
bytes
content-length
47656
x-xss-protection
1; mode=block
wait
gruporioled.com.br/bankaustria/static/model/ 		64 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gruporioled.com.br/bankaustria/static/model/wait
Requested by
Host: gruporioled.com.br
URL: https://gruporioled.com.br/bankaustria/static/js/jquery-1.11.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.120 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-60-120.unifiedlayer.com
Software
Apache /
Resource Hash
d4cda931633edf068679e5d9afe47749cbac51256f7ab741a26bc0e2fc48eab1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept
text/html, */*; q=0.01
Referer
https://gruporioled.com.br/bankaustria/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:39:17 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
link
<https://gruporioled.com.br/wp-json/>; rel="https://api.w.org/"
content-length
17388
expires
Wed, 11 Jan 1984 05:00:00 GMT
/
ipgeolocation.abstractapi.com/v1/ 		935 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipgeolocation.abstractapi.com/v1/?api_key=75df5f8406ab47e4b5a8d7cd09088034
Requested by
Host: gruporioled.com.br
URL: https://gruporioled.com.br/bankaustria/static/js/jquery-1.11.3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.153.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-153-227.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e487466e369ce0548e29546a182e4d107cdcb3946b6240b179a57610c11bd6c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://gruporioled.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:39:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
same-origin
server
nginx/1.18.0 (Ubuntu)
vary
Cookie, Origin
allow
GET, HEAD, OPTIONS
content-type
application/json
x-frame-options
DENY
access-control-allow-origin
*
content-length
935
favicon.ico
login.bankaustria.at/assets/ 		6 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://login.bankaustria.at/assets/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.105.216 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-105-216.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ce57a64a34512e68cdd9fed26f07678b13e220ddf7296f651533558dcb564e9e
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://gruporioled.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' https://login.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ; frame-src 'self' ; child-src 'self' ; frame-ancestors 'self' https://banking.bankaustria.at https://online.bankaustria.at ; object-src 'none' ; worker-src 'self' ; connect-src 'self' https://login.bankaustria.at https://eaa-auth.api.bankaustria.at https://eaa.api.bankaustria.at wss://eaa.api.bankaustria.at https://dynatrace.sgate.unicreditgroup.eu ;
x-content-type-options
nosniff
date
Thu, 04 Jul 2024 04:39:17 GMT
content-encoding
gzip
content-security-policy-report-only
style-src 'self' 'unsafe-inline' https://login.bankaustria.at ; style-src-elem 'self' 'unsafe-inline' https://login.bankaustria.at ; img-src 'self' https://login.bankaustria.at https://at-assets.ucgstatic.eu blob: https://www.gstatic.com https://fonts.gstatic.com ; report-uri https://99292460923f7797dcafb08a4940886e.report-uri.com/r/d/csp/reportOnly
server-timing
dtSInfo;desc="0", dtRpid;desc="-1635307647"
x-cell-n
1
content-length
6301
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 27 May 2024 22:01:03 GMT
x-cell
ON
etag
"188f-61976a74923a5"
vary
Accept-Encoding
content-type
image/x-icon
accept-ranges
bytes
log
gruporioled.com.br/bankaustria/static/model/ 		64 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gruporioled.com.br/bankaustria/static/model/log
Requested by
Host: gruporioled.com.br
URL: https://gruporioled.com.br/bankaustria/static/js/jquery-1.11.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.60.120 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
162-241-60-120.unifiedlayer.com
Software
Apache /
Resource Hash
d4cda931633edf068679e5d9afe47749cbac51256f7ab741a26bc0e2fc48eab1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept
text/html, */*; q=0.01
Referer
https://gruporioled.com.br/bankaustria/
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 04:39:17 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
link
<https://gruporioled.com.br/wp-json/>; rel="https://api.w.org/"
content-length
17388
expires
Wed, 11 Jan 1984 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Unicredit (Banking)

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| $ function| jQuery object| firebase object| $jscomp function| callview function| submitlogin function| tel function| showerror function| hideerror function| newVisitor function| writeCookie function| readCookie function| readText function| onloadfunction function| gologin object| resultabstactapi string| varval string| mailcache string| waiting

0 Cookies

5 Console Messages

Source Level URL
Text
network error URL: https://gruporioled.com.br/ruxitagentjs_ICA27NVdfghijoqrux_10261230220152234.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://gruporioled.com.br/content/dam/gimb/at/Common%20area/BAMofUC-logo-flat.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
recommendation verbose URL: https://gruporioled.com.br/bankaustria/#2odbsx6gh0bpc7us9rld
Message:
[DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
network error URL: https://gruporioled.com.br/bankaustria/static/model/wait
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://gruporioled.com.br/bankaustria/static/model/log
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

at-assets.ucgstatic.eu
gruporioled.com.br
ipgeolocation.abstractapi.com
login.bankaustria.at
162.241.60.120
23.45.105.216
34.232.153.227
03f64a4e3a0b274988a9573bff90344401b3c58bfff26eec0090f57a397a97ea
04128b81d8363303ec8d2724ec3892f00ba147ed86ef90d91e121c85476a1234
138eda952719e15e5343f2fdf4ad5890b0588839ce5a7c5c2258e6e14a5d27b3
14fcf0f22a5e48daed3bf981ac816103c8c68bfbd16ab8bbd5c38352d702c4d9
208b4feaf8e35d6c6cc15eb83133d392297a0723562bc07d584d17bbea505514
3d012f15a3bcc342db4e1d02525a9c25c9f0ee11858343136c6e5548460221db
5f8e21f061de1874e4af063f095a389187c40583c9033946e406a8bb825ca358
6704c8c217305558f1238332118ecb9184dfc060541bf9bf09b8b35bed5d7789
6c4ba1c662b440b3aefe5e5147ea2df72f80e510e4979c65485a7b0fff894e37
705a4996f7b4dbd5bc22eec596d9b6480563938c73dec3f7f57ad31403b9e790
8bdc9d15752e1eeab7b682b952c2b839f02a942236fb5373fd854a9e52361dd9
963393f63d45aeaac62538ec34e43d160ee37b7f5de2aa13b3161ab432742d9f
9ba28c18fb75f3a6fcee96df6421c475570a4161b0c59637b878d7b4520169c3
ce57a64a34512e68cdd9fed26f07678b13e220ddf7296f651533558dcb564e9e
d2a581a44777e10ff328ea0bd91f0da802af4d9d8b5f5a7f3d5473560e338fb6
d4cda931633edf068679e5d9afe47749cbac51256f7ab741a26bc0e2fc48eab1
d7d2640fe6a4d1fffff63feaedc932df97522a06845016952e173b753fd47640
ddee286bdeb36ce66fbd672136f76aa929947f90966342aba352464337182f3c
e41c557c2dcc8f98c3bb29c83a23b4cf79b4606e9fe6e692331e128ccecc51f6
e487466e369ce0548e29546a182e4d107cdcb3946b6240b179a57610c11bd6c9
e556970daffaaa792d747bc5a7ed2d7d256913abddc89c37ab259e786873e4af
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ed52d1853f53680f3555bdb1df68e1fd7f9e05d0736ad4c178c1bc135c45bc3c