imi-digital.de-contao4relaunch.content.imi.de Open in urlscan Pro
116.203.179.237 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://imi-digital.de-contao4relaunch.content.imi.de/
Submission: On May 12 via automatic, source certstream-suspicious (May 12th 2021, 2:47:39 pm UTC)

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 8 HTTP transactions. The main IP is 116.203.179.237, located in Germany and belongs to HETZNER-AS, DE. The main domain is imi-digital.de-contao4relaunch.content.imi.de.
TLS certificate: Issued by R3 on March 18th 2021. Valid for: 3 months.

This is the only time imi-digital.de-contao4relaunch.content.imi.de was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Belgian Government (Government)

Domain & IP information

	IP Address		AS Autonomous System
8	116.203.179.237 116.203.179.237		24940 (HETZNER-AS) (HETZNER-AS)
8	1

8 116.203.179.237 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: imi-digital.de

imi-digital.de-contao4relaunch.content.imi.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	imi.de imi-digital.de-contao4relaunch.content.imi.de	994 KB
8	1

	Domain	Requested by
8	imi-digital.de-contao4relaunch.content.imi.de	imi-digital.de-contao4relaunch.content.imi.de
8	1

This site contains no links.

Subject Issuer	Validity	Valid
freigabe.imi.de R3	`2021-03-18` - `2021-06-16`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://imi-digital.de-contao4relaunch.content.imi.de/
Frame ID: 2223161BA2CAAC5A02F4EB0C41EABAD7
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

8
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

994 kB
Transfer

3916 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response imi-digital.de-contao4relaunch.content.imi.de/	7 KB 2 KB	136ms 40ms	Document text/html	116.203.179.237 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://imi-digital.de-contao4relaunch.content.imi.de/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 116.203.179.237 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS imi-digital.de Software Apache/2.4.46 (Ubuntu) / Resource Hash `475df89354f918b09fe6101b9e24cc3e6950bf21df73d83967aeab45e66ebbf7` Request headers Host imi-digital.de-contao4relaunch.content.imi.de Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 12 May 2021 14:45:48 GMT Server Apache/2.4.46 (Ubuntu) Last-Modified Thu, 17 Sep 2020 09:15:10 GMT ETag "1cf6-5af7ed231bcc5-gzip" Accept-Ranges bytes Vary Accept-Encoding Content-Encoding gzip Content-Length 1912 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html
GET H/1.1	200 OK	font-awesome.min.css imi-digital.de-contao4relaunch.content.imi.de/index_files/	20 KB 5 KB	523ms 522ms	Stylesheet text/css	116.203.179.237 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://imi-digital.de-contao4relaunch.content.imi.de/index_files/font-awesome.min.css Requested by Host: imi-digital.de-contao4relaunch.content.imi.de URL: https://imi-digital.de-contao4relaunch.content.imi.de/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 116.203.179.237 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS imi-digital.de Software Apache/2.4.46 (Ubuntu) / Resource Hash `b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0` Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host imi-digital.de-contao4relaunch.content.imi.de Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,/;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://imi-digital.de-contao4relaunch.content.imi.de/ Connection keep-alive Referer https://imi-digital.de-contao4relaunch.content.imi.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 12 May 2021 14:45:48 GMT Content-Encoding gzip Last-Modified Thu, 17 Sep 2020 09:15:10 GMT Server Apache/2.4.46 (Ubuntu) ETag "511e-5af7ed2310905-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 4696
GET H/1.1	200 OK	app-82402b456a.css imi-digital.de-contao4relaunch.content.imi.de/index_files/	270 KB 59 KB	132ms 64ms	Stylesheet text/css	116.203.179.237 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://imi-digital.de-contao4relaunch.content.imi.de/index_files/app-82402b456a.css Requested by Host: imi-digital.de-contao4relaunch.content.imi.de URL: https://imi-digital.de-contao4relaunch.content.imi.de/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 116.203.179.237 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS imi-digital.de Software Apache/2.4.46 (Ubuntu) / Resource Hash `d6bbf10444939172fd59d8d6ff88e85c5f855a223ccba98d331c6ee5a38cce0b` Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host imi-digital.de-contao4relaunch.content.imi.de Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,/;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://imi-digital.de-contao4relaunch.content.imi.de/ Connection keep-alive Referer https://imi-digital.de-contao4relaunch.content.imi.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 12 May 2021 14:45:48 GMT Content-Encoding gzip Last-Modified Thu, 17 Sep 2020 09:15:10 GMT Server Apache/2.4.46 (Ubuntu) ETag "43672-5af7ed2305555-gzip" Vary Accept-Encoding Content-Type text/css Transfer-Encoding chunked Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100
GET H/1.1	200 OK	css imi-digital.de-contao4relaunch.content.imi.de/index_files/	5 KB 5 KB	134ms 59ms	Stylesheet text/plain	116.203.179.237 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://imi-digital.de-contao4relaunch.content.imi.de/index_files/css Requested by Host: imi-digital.de-contao4relaunch.content.imi.de URL: https://imi-digital.de-contao4relaunch.content.imi.de/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 116.203.179.237 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS imi-digital.de Software Apache/2.4.46 (Ubuntu) / Resource Hash `5f2e43b0385f0a4cbbdfc5225b9d3abebcfa0390fffdf424064ef61783e0822e` Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host imi-digital.de-contao4relaunch.content.imi.de Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,/;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://imi-digital.de-contao4relaunch.content.imi.de/ Connection keep-alive Referer https://imi-digital.de-contao4relaunch.content.imi.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 12 May 2021 14:45:48 GMT Last-Modified Thu, 17 Sep 2020 09:15:10 GMT Server Apache/2.4.46 (Ubuntu) ETag "1208-5af7ed23097bd" Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 4616
GET H/1.1	200 OK	app-495ab99cf3.js.Download Show response imi-digital.de-contao4relaunch.content.imi.de/index_files/	3 MB 850 KB	159ms 82ms	Script application/javascript	116.203.179.237 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://imi-digital.de-contao4relaunch.content.imi.de/index_files/app-495ab99cf3.js.Download Requested by Host: imi-digital.de-contao4relaunch.content.imi.de URL: https://imi-digital.de-contao4relaunch.content.imi.de/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 116.203.179.237 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS imi-digital.de Software Apache/2.4.46 (Ubuntu) / Resource Hash `02824fa426407d008731ac6b9a828b6466ae61a628f0c1710f36c899a176840e` Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host imi-digital.de-contao4relaunch.content.imi.de Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept / Cache-Control no-cache Sec-Fetch-Dest script Referer https://imi-digital.de-contao4relaunch.content.imi.de/ Connection keep-alive Referer https://imi-digital.de-contao4relaunch.content.imi.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 12 May 2021 14:45:48 GMT Content-Encoding gzip Last-Modified Thu, 17 Sep 2020 09:15:10 GMT Server Apache/2.4.46 (Ubuntu) ETag "3756d5-5af7ed22fdc3c-gzip" Vary Accept-Encoding Content-Type application/javascript Transfer-Encoding chunked Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100
GET H/1.1	200 OK	imi-gruppe-logo.png imi-digital.de-contao4relaunch.content.imi.de/index_files/	30 KB 31 KB	181ms 181ms	Image image/png	116.203.179.237 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://imi-digital.de-contao4relaunch.content.imi.de/index_files/imi-gruppe-logo.png Requested by Host: imi-digital.de-contao4relaunch.content.imi.de URL: https://imi-digital.de-contao4relaunch.content.imi.de/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 116.203.179.237 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS imi-digital.de Software Apache/2.4.46 (Ubuntu) / Resource Hash `8d5123494545269909004741dd1fa342df509cf7182d50dbadaabbacf372df93` Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host imi-digital.de-contao4relaunch.content.imi.de Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 Cache-Control* no-cache Sec-Fetch-Dest image Referer https://imi-digital.de-contao4relaunch.content.imi.de/ Connection keep-alive Referer https://imi-digital.de-contao4relaunch.content.imi.de/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 12 May 2021 14:45:48 GMT Last-Modified Thu, 17 Sep 2020 09:15:10 GMT Server Apache/2.4.46 (Ubuntu) ETag "7978-5af7ed2315ef6" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 31096
GET H/1.1	200 OK	body-bg.png imi-digital.de-contao4relaunch.content.imi.de/images/	9 KB 9 KB	39ms 38ms	Image image/png	116.203.179.237 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://imi-digital.de-contao4relaunch.content.imi.de/images/body-bg.png Requested by Host: imi-digital.de-contao4relaunch.content.imi.de URL: https://imi-digital.de-contao4relaunch.content.imi.de/index_files/app-82402b456a.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 116.203.179.237 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS imi-digital.de Software Apache/2.4.46 (Ubuntu) / Resource Hash `b915045e86b64e41c18d4ee17670cb0130cdce720f9d90ee63bc5cdb509b8eb4` Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host imi-digital.de-contao4relaunch.content.imi.de Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 Cache-Control* no-cache Sec-Fetch-Dest image Referer https://imi-digital.de-contao4relaunch.content.imi.de/index_files/app-82402b456a.css Connection keep-alive Referer https://imi-digital.de-contao4relaunch.content.imi.de/index_files/app-82402b456a.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 12 May 2021 14:45:49 GMT Last-Modified Thu, 17 Sep 2020 09:15:09 GMT Server Apache/2.4.46 (Ubuntu) ETag "229b-5af7ed22099d0" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 8859
GET H/1.1	200 OK	highlight-bg.jpg imi-digital.de-contao4relaunch.content.imi.de/images/	33 KB 34 KB	38ms 38ms	Image image/jpeg	116.203.179.237 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://imi-digital.de-contao4relaunch.content.imi.de/images/highlight-bg.jpg Requested by Host: imi-digital.de-contao4relaunch.content.imi.de URL: https://imi-digital.de-contao4relaunch.content.imi.de/index_files/app-82402b456a.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 116.203.179.237 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS imi-digital.de Software Apache/2.4.46 (Ubuntu) / Resource Hash `32351412fca17022365f6b8ca9616fd11fd3966aa45795c536fcc78f91219dba` Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host imi-digital.de-contao4relaunch.content.imi.de Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 Cache-Control* no-cache Sec-Fetch-Dest image Referer https://imi-digital.de-contao4relaunch.content.imi.de/index_files/app-82402b456a.css Connection keep-alive Referer https://imi-digital.de-contao4relaunch.content.imi.de/index_files/app-82402b456a.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 12 May 2021 14:45:49 GMT Last-Modified Thu, 17 Sep 2020 09:15:09 GMT Server Apache/2.4.46 (Ubuntu) ETag "85ae-5af7ed220ff5f" Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 34222

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Belgian Government (Government)

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

imi-digital.de-contao4relaunch.content.imi.de
116.203.179.237
02824fa426407d008731ac6b9a828b6466ae61a628f0c1710f36c899a176840e
32351412fca17022365f6b8ca9616fd11fd3966aa45795c536fcc78f91219dba
475df89354f918b09fe6101b9e24cc3e6950bf21df73d83967aeab45e66ebbf7
5f2e43b0385f0a4cbbdfc5225b9d3abebcfa0390fffdf424064ef61783e0822e
8d5123494545269909004741dd1fa342df509cf7182d50dbadaabbacf372df93
b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0
b915045e86b64e41c18d4ee17670cb0130cdce720f9d90ee63bc5cdb509b8eb4
d6bbf10444939172fd59d8d6ff88e85c5f855a223ccba98d331c6ee5a38cce0b

imi-digital.de-contao4relaunch.content.imi.de Open in urlscan Pro 116.203.179.237 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

8 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

994 kBTransfer

3916 kBSize

0 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

28 JavaScript Global Variables

0 Cookies

Indicators

imi-digital.de-contao4relaunch.content.imi.de Open in urlscan Pro
116.203.179.237 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

994 kB
Transfer

3916 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!