unicreditro.online
Open in
urlscan Pro
45.133.203.39
Malicious Activity!
Public Scan
Effective URL: https://unicreditro.online/my/ro/login_form.php
Submission Tags: #phishing @atomspam Search All
Submission: On October 21 via api from FI — Scanned from FI
Summary
TLS certificate: Issued by R3 on October 20th 2022. Valid for: 3 months.
This is the only time unicreditro.online was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Unicredit (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 34 | 45.133.203.39 45.133.203.39 | 200313 (INTERNET-IT) (INTERNET-IT) | |
33 | 2 |
ASN200313 (INTERNET-IT, VG)
PTR: support1.ptr1.ru
unicreditro.online |
Apex Domain Subdomains |
Transfer | |
---|---|---|
34 |
unicreditro.online
1 redirects
unicreditro.online |
1 MB |
33 | 1 |
Domain | Requested by | |
---|---|---|
34 | unicreditro.online |
1 redirects
unicreditro.online
|
33 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
unicreditro.online R3 |
2022-10-20 - 2023-01-18 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://unicreditro.online/my/ro/login_form.php
Frame ID: F9A34EFCBE238E744ED6E1F72C820B89
Requests: 10 HTTP requests in this frame
Frame:
https://unicreditro.online/my/ro/files/saved_resource.html
Frame ID: 11ADFD7BA73B9487DE06E64661C9F55E
Requests: 1 HTTP requests in this frame
Frame:
https://unicreditro.online/my/ro/files/login-page.html
Frame ID: 78289EBDF1D42A1CDB9EE9C9880D235A
Requests: 23 HTTP requests in this frame
Screenshot
Page Title
My UniCredit BankingPage URL History Show full URLs
-
http://unicreditro.online/my/ro/login_form.php
HTTP 301
https://unicreditro.online/my/ro/login_form.php Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://unicreditro.online/my/ro/login_form.php
HTTP 301
https://unicreditro.online/my/ro/login_form.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
33 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login_form.php
unicreditro.online/my/ro/ Redirect Chain
|
34 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
framework-1.10.44.3.css
unicreditro.online/my/ro/files/ |
332 KB 47 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cwblogincore.css
unicreditro.online/my/ro/files/ |
683 KB 141 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
etciu-02x.gif
unicreditro.online/my/ro/files/ |
807 B 983 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
saved_resource.html
unicreditro.online/my/ro/files/ Frame 11AD |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login-page.html
unicreditro.online/my/ro/files/ Frame 7828 |
15 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_uc.png
unicreditro.online/my/ro/files/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.1562054216056.min.css
unicreditro.online/my/ro/files/ Frame 7828 |
128 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ib_login.1586279958151.min.css
unicreditro.online/my/ro/files/ Frame 7828 |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-critical.1615914578326.min.css
unicreditro.online/my/ro/files/ Frame 7828 |
53 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-noncritical.1663088573720.min.css
unicreditro.online/my/ro/files/ Frame 7828 |
63 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fonts.1634055477527.min.css
unicreditro.online/my/ro/files/ Frame 7828 |
73 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
buttons.1558935958396.min.css
unicreditro.online/my/ro/files/ Frame 7828 |
3 KB 1000 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shared.1558427190243.min.css
unicreditro.online/my/ro/files/ Frame 7828 |
3 KB 795 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
responsive.1615914580564.min.css
unicreditro.online/my/ro/files/ Frame 7828 |
18 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
exchange-rates-homepage.1647968880242.min.css
unicreditro.online/my/ro/files/ Frame 7828 |
0 162 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
side_personal_menu-critical.1558427194815.min.css
unicreditro.online/my/ro/files/ Frame 7828 |
10 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
side_personal_menu-noncritical.1656000618598.min.css
unicreditro.online/my/ro/files/ Frame 7828 |
29 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
close-button-white.svg
unicreditro.online/my/ro/files/ Frame 7828 |
860 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
map-locations.jpg
unicreditro.online/my/ro/files/ Frame 7828 |
19 KB 19 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
documents.png
unicreditro.online/my/ro/files/ Frame 7828 |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PTS55F-webfont.woff
unicreditro.online/my/ro/files/ |
150 KB 151 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PTS75F-webfont.woff
unicreditro.online/my/ro/files/ |
157 KB 157 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-solid-900.woff2
unicreditro.online/my/ro/files/ |
77 KB 77 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rw-widgets.woff
unicreditro.online/my/ro/files/ |
4 KB 4 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MOB-loginRO.png
unicreditro.online/my/ro/files/ Frame 7828 |
518 KB 518 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
glyphicons-halflings-regular.woff2
unicreditro.online/my/ro/files/ Frame 7828 |
18 KB 18 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
UniCredit-Regular.woff
unicreditro.online/my/ro/files/ Frame 7828 |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
UniCredit-Bold.woff
unicreditro.online/my/ro/files/ Frame 7828 |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
UniCredit-Medium.woff
unicreditro.online/my/ro/files/ Frame 7828 |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
UniCredit-Bold.ttf
unicreditro.online/my/ro/files/ Frame 7828 |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
UniCredit-Regular.ttf
unicreditro.online/my/ro/files/ Frame 7828 |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
UniCredit-Medium.ttf
unicreditro.online/my/ro/files/ Frame 7828 |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Unicredit (Banking)11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
7 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
unicreditro.online
45.133.203.39
03d2be923d9411ea60f561214263d416ed595e9bf1f6926f24a6e6b3b1e2b6fd
08aa3a5ee68a21d5771a70b20495b6da1c0f996c46982cd1b0447ad2db730d11
0b2e04c0f8d630b6cca503c43a38c5356f83ed71d6bd20dce01db2e39c439630
0bcd4e79a592c60817c8b2d12439ae52835052ea75a0fd08dbd10d5faf3bda1c
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030
1d3c36d4bf39eac770819179699a8a3543c272cd50273a9b01e2cf7c7ee41e9a
2001ee7c9cb0ad36287e3ddf4feb44266b1f0d39dc1a3d1d2b0daec413c7cce9
2fbefd35f4be11e700b8d9d6312544451fea8ad47df7f15b36f32ce663f71e66
5251db7e1b764ebf71f7fdf1480895809b2dd4cba5322a31fe6a8470491c6f2f
5fb0e9cb27b4f9c25503387e76bd1e72a5006883938e38fc3764ae02062a6fc7
6772fc92845e9d5126526086975e1de0efe91339986057a8ebe4f512d36db373
6f3652b4eefb9bae5208a76894c2c3a3963caac732935225c279f66c9db8be47
8035c3890ac8b66123869d90e7ccfbe151b5a46b3c6feb4267e3203b66f0aa12
807e575b3390b8e07a59b8fbd6140eb2909929d461e8ab5a5510c78375ff6ef3
aebc793d0064383ee6b1625bf3bb32532ec30a5c12bf9117066107d412119123
b2ec3cbddbfcd0bb004de60088c2dabde8df94222d3070f89e4a0208e9a0e6ac
b3392d0c657d56ab5fba4d246a3b5bc1de60a90c8065b364e7daaf4cd8edc62a
b720bf5127a27dfe3df869abc3aa4ca08ac54e8eb9ed6a30b355c1bfd82a2502
bc10e9f17fd2a2416ef31d3acee29e4cf5406a45e7374dabb192cc487eb50170
cbf0d69aab942a435e709078118e95bb45091fb0cf55a57f44b253cbb4b0795d
da8e7fad547bd8f30ee57da9f8ecd719518f2a9f2128ea5751c14207e6bdb28a
db9efb02624ae1915282bf97726ec48435253953571900984907c92d3d383811
e187cf9cde4f67be75326b98c17a04e758fcdcc0aa36f64ffd2ed0a48dd12c2a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a357f1c5a2ed0d0490ba4f4e0707f466dd9bb59d09398dbf85757e6149a7a4
e647eaca8dc1255d70d978d86d9a048525584af607cf106c8b34ce878794ffd8
f0f96c799a1c6fba0b918506eba034618a8f70d4051a1a550eb9beb74b70c4b1
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c