bundesministerium-finanzen.at Open in urlscan Pro
163.123.142.220 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bundesministerium-finanzen.at/BMF/23894891/
Submission: On February 28 via manual (February 28th 2023, 8:54:58 am UTC) from CH — Scanned from DE

Summary HTTP 13 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 13 HTTP transactions. The main IP is 163.123.142.220, located in Reston, United States and belongs to AS-SERVERION, US. The main domain is bundesministerium-finanzen.at.
TLS certificate: Issued by R3 on February 27th 2023. Valid for: 3 months.

This is the only time bundesministerium-finanzen.at was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Austrian Government (Government)

Domain & IP information

	IP Address	AS Autonomous System
1 12	163.123.142.220 163.123.142.220	399471 (AS-SERVERION) (AS-SERVERION)
1	2620:0:862:ed... 2620:0:862:ed1a::2:b	14907 (WIKIMEDIA) (WIKIMEDIA)
1	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
13	3

12 163.123.142.220 (Reston, United States) 1 redirects

ASN399471 (AS-SERVERION, US)

bundesministerium-finanzen.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:0:862:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)

upload.wikimedia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	bundesministerium-finanzen.at 1 redirects bundesministerium-finanzen.at	236 KB
1	gstatic.com fonts.gstatic.com	38 KB
1	wikimedia.org upload.wikimedia.org — Cisco Umbrella Rank: 2261	15 KB
13	3

	Domain	Requested by
12	bundesministerium-finanzen.at	1 redirects bundesministerium-finanzen.at
1	fonts.gstatic.com	bundesministerium-finanzen.at
1	upload.wikimedia.org	bundesministerium-finanzen.at
13	3

This site contains links to these domains. Also see Links.

Domain
fbs6847550-financien-belgium.info

Subject Issuer	Validity	Valid
bundesministerium-finanzen.at R3	`2023-02-27` - `2023-05-28`	3 months	crt.sh
*.wikipedia.org DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-27` - `2023-11-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://bundesministerium-finanzen.at/BMF/23894891/
Frame ID: E23C3BF75ACD96C8BB66B21CE4371D66
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Finanzamt Österreich

Page URL History Show full URLs

https://bundesministerium-finanzen.at/BMF/23894891 HTTP 301
https://bundesministerium-finanzen.at/BMF/23894891/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

288 kB
Transfer

966 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://fbs6847550-financien-belgium.info/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bundesministerium-finanzen.at/BMF/23894891 HTTP 301
https://bundesministerium-finanzen.at/BMF/23894891/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
bundesministerium-finanzen.at/BMF/23894891/
Redirect Chain

https://bundesministerium-finanzen.at/BMF/23894891
https://bundesministerium-finanzen.at/BMF/23894891/

81 KB
16 KB

89ms
89ms

Document
text/html

163.123.142.220
AS-SERVERION

General

Check archive.org

Show headers Download Go to

Full URL: https://bundesministerium-finanzen.at/BMF/23894891/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 163.123.142.220 Reston, United States, ASN399471 (AS-SERVERION, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 884923540e1db22fd93b8bcb03137391488394d1efdd9a23d6ea910b31145f9e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 15640
Content-Type: text/html; charset=UTF-8
Date: Tue, 28 Feb 2023 08:54:53 GMT
Keep-Alive: timeout=5, max=99
Server: Apache/2.4.29 (Ubuntu)
Vary: Accept-Encoding

Redirect headers

Connection: Keep-Alive
Content-Length: 355
Content-Type: text/html; charset=iso-8859-1
Date: Tue, 28 Feb 2023 08:54:53 GMT
Keep-Alive: timeout=5, max=100
Location: https://bundesministerium-finanzen.at/BMF/23894891/
Server: Apache/2.4.29 (Ubuntu)

GET
H/1.1 200
OK css2
bundesministerium-finanzen.at/BMF/23894891/Federale%20Overheidsdienst%20Financien_files/ 15 KB
16 KB 87ms
86ms Stylesheet
text/plain 163.123.142.220
AS-SERVERION

General

Check archive.org

Show headers Download Go to

Full URL: https://bundesministerium-finanzen.at/BMF/23894891/Federale%20Overheidsdienst%20Financien_files/css2
Requested by: Host: bundesministerium-finanzen.at
URL: https://bundesministerium-finanzen.at/BMF/23894891/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 163.123.142.220 Reston, United States, ASN399471 (AS-SERVERION, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: bf0d3b063ac3ef59b95af60a4c424e478b3d4761d7a8dd9ecee4f60bb5ed398b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bundesministerium-finanzen.at/BMF/23894891/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 28 Feb 2023 08:54:53 GMT
Last-Modified: Thu, 16 Feb 2023 15:33:21 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "3d6a-5f4d2eab925c9"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 15722

GET
H/1.1 200
OK bootstrap.min.css
bundesministerium-finanzen.at/BMF/23894891/Federale%20Overheidsdienst%20Financien_files/ 190 KB
24 KB 184ms
95ms Stylesheet
text/css 163.123.142.220
AS-SERVERION

General

Check archive.org

Show headers Download Go to

Full URL: https://bundesministerium-finanzen.at/BMF/23894891/Federale%20Overheidsdienst%20Financien_files/bootstrap.min.css
Requested by: Host: bundesministerium-finanzen.at
URL: https://bundesministerium-finanzen.at/BMF/23894891/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 163.123.142.220 Reston, United States, ASN399471 (AS-SERVERION, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 5af227e11ae8182179bb71128abeadf07caf2fbb598d072561b8fe1675c94fe9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bundesministerium-finanzen.at/BMF/23894891/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 28 Feb 2023 08:54:53 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Feb 2023 15:33:21 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "2f6cb-5f4d2eab6e3aa-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 24428

GET
H/1.1 200
OK style.css
bundesministerium-finanzen.at/BMF/23894891/Federale%20Overheidsdienst%20Financien_files/ 40 KB
7 KB 263ms
89ms Stylesheet
text/css 163.123.142.220
AS-SERVERION

General

Check archive.org

Show headers Download Go to

Full URL: https://bundesministerium-finanzen.at/BMF/23894891/Federale%20Overheidsdienst%20Financien_files/style.css
Requested by: Host: bundesministerium-finanzen.at
URL: https://bundesministerium-finanzen.at/BMF/23894891/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 163.123.142.220 Reston, United States, ASN399471 (AS-SERVERION, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 4508fc1bc2caa0fbc3cce106ca6944dd090964df5a660822cf40a15145117402

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bundesministerium-finanzen.at/BMF/23894891/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 28 Feb 2023 08:54:53 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Feb 2023 15:33:24 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "a1d7-5f4d2eadb4417-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 6613

GET
H/1.1 200
OK responsive.css
bundesministerium-finanzen.at/BMF/23894891/Federale%20Overheidsdienst%20Financien_files/ 544 B
562 B 260ms
86ms Stylesheet
text/css 163.123.142.220
AS-SERVERION

General

Check archive.org

Show headers Download Go to

Full URL: https://bundesministerium-finanzen.at/BMF/23894891/Federale%20Overheidsdienst%20Financien_files/responsive.css
Requested by: Host: bundesministerium-finanzen.at
URL: https://bundesministerium-finanzen.at/BMF/23894891/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 163.123.142.220 Reston, United States, ASN399471 (AS-SERVERION, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 63cb886e6f3f3bd5dd0d1c38a4523028e30ba5bf70106a301022b8d3311d1979

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bundesministerium-finanzen.at/BMF/23894891/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 28 Feb 2023 08:54:53 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Feb 2023 15:33:23 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "220-5f4d2ead5681a-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 226

GET
H2 200 1280px-Bundesministerium_f%C3%BCr_Finanzen_logo.svg.png
upload.wikimedia.org/wikipedia/commons/thumb/5/50/Bundesministerium_f%C3%BCr_Finanzen_logo.svg/ 14 KB
15 KB 149ms
59ms Image
image/webp 2620:0:862:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/thumb/5/50/Bundesministerium_f%C3%BCr_Finanzen_logo.svg/1280px-Bundesministerium_f%C3%BCr_Finanzen_logo.svg.png

Requested by

Host: bundesministerium-finanzen.at
URL: https://bundesministerium-finanzen.at/BMF/23894891/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

Thumbor/6.3.2 /

Resource Hash

6aa96fe9f0f32783a8d39de834e74750e9a72239ad5ea5c20c5e68cf17fc7702

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bundesministerium-finanzen.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 18:52:43 GMT
strict-transport-security: max-age=106384710; includeSubDomains; preload
x-content-type-options: nosniff
nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
xkey: File:Bundesministerium_fÃ¼r_Finanzen_logo.svg
age: 50531
x-cache-status: hit-front
x-cache: cp3053 hit, cp3065 hit/369
content-disposition: inline;filename*=UTF-8''Bundesministerium_f%C3%BCr_Finanzen_logo.svg.webp
server-timing: cache;desc="hit-front", host;desc="cp3065"
content-length: 14364
x-client-ip: 2a02:6ea0:c71b:0:1011:9596:b5ea:4f0c
server: Thumbor/6.3.2
report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK line_pattern-01.png
bundesministerium-finanzen.at/BMF/23894891/Federale%20Overheidsdienst%20Financien_files/ 5 KB
6 KB 267ms
87ms Image
image/png 163.123.142.220
AS-SERVERION

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bundesministerium-finanzen.at/BMF/23894891/Federale%20Overheidsdienst%20Financien_files/line_pattern-01.png
Requested by: Host: bundesministerium-finanzen.at
URL: https://bundesministerium-finanzen.at/BMF/23894891/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 163.123.142.220 Reston, United States, ASN399471 (AS-SERVERION, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 6465ede05d85f87022d16d7353e4225d7a4c373ff3deba8f576464a4b5f4fb15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bundesministerium-finanzen.at/BMF/23894891/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 28 Feb 2023 08:54:53 GMT
Last-Modified: Thu, 16 Feb 2023 15:33:23 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "1523-5f4d2eacdc6fe"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 5411

GET
H/1.1 200
OK jquery-3.6.0.min.js.downloaden Show response
bundesministerium-finanzen.at/BMF/23894891/Federale%20Overheidsdienst%20Financien_files/ 87 KB
31 KB 268ms
94ms Script
application/javascript 163.123.142.220
AS-SERVERION

General

Check archive.org

Show headers Download Go to

Full URL: https://bundesministerium-finanzen.at/BMF/23894891/Federale%20Overheidsdienst%20Financien_files/jquery-3.6.0.min.js.downloaden
Requested by: Host: bundesministerium-finanzen.at
URL: https://bundesministerium-finanzen.at/BMF/23894891/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 163.123.142.220 Reston, United States, ASN399471 (AS-SERVERION, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bundesministerium-finanzen.at/BMF/23894891/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 28 Feb 2023 08:54:53 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Feb 2023 15:33:22 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "15d9f-5f4d2eac55ac2-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 30908

GET
H/1.1 200
OK bootstrap.min.js.downloaden Show response
bundesministerium-finanzen.at/BMF/23894891/Federale%20Overheidsdienst%20Financien_files/ 79 KB
22 KB 185ms
92ms Script
application/javascript 163.123.142.220
AS-SERVERION

General

Check archive.org

Show headers Download Go to

Full URL: https://bundesministerium-finanzen.at/BMF/23894891/Federale%20Overheidsdienst%20Financien_files/bootstrap.min.js.downloaden
Requested by: Host: bundesministerium-finanzen.at
URL: https://bundesministerium-finanzen.at/BMF/23894891/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 163.123.142.220 Reston, United States, ASN399471 (AS-SERVERION, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 06b35d0ea992522915d5ee5399f60cd693a5b6c118f7b92fde08135ba7eb0645

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bundesministerium-finanzen.at/BMF/23894891/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 28 Feb 2023 08:54:53 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Feb 2023 15:33:21 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "13b2b-5f4d2eab1462d-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 22015

GET
H/1.1 200
OK jspdf.min.js.downloaden Show response
bundesministerium-finanzen.at/BMF/23894891/Federale%20Overheidsdienst%20Financien_files/ 220 KB
69 KB 94ms
94ms Script
application/javascript 163.123.142.220
AS-SERVERION

General

Check archive.org

Show headers Download Go to

Full URL: https://bundesministerium-finanzen.at/BMF/23894891/Federale%20Overheidsdienst%20Financien_files/jspdf.min.js.downloaden
Requested by: Host: bundesministerium-finanzen.at
URL: https://bundesministerium-finanzen.at/BMF/23894891/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 163.123.142.220 Reston, United States, ASN399471 (AS-SERVERION, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: e7a9e5f81186a463db5f6e4f7489b618547de441cb54716cc9027fa7771109ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bundesministerium-finanzen.at/BMF/23894891/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 28 Feb 2023 08:54:53 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Feb 2023 15:33:23 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "36fd5-5f4d2eacba41f-gzip"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96

GET
H/1.1 200
OK html2canvas.min.js.downloaden Show response
bundesministerium-finanzen.at/BMF/23894891/Federale%20Overheidsdienst%20Financien_files/ 194 KB
45 KB 98ms
98ms Script
application/javascript 163.123.142.220
AS-SERVERION

General

Check archive.org

Show headers Download Go to

Full URL: https://bundesministerium-finanzen.at/BMF/23894891/Federale%20Overheidsdienst%20Financien_files/html2canvas.min.js.downloaden
Requested by: Host: bundesministerium-finanzen.at
URL: https://bundesministerium-finanzen.at/BMF/23894891/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 163.123.142.220 Reston, United States, ASN399471 (AS-SERVERION, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 4736e6ec02be31c3e7e0f84d9208d8e51c2fc299a0680ec0afd3ef5c4fbf2fab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bundesministerium-finanzen.at/BMF/23894891/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 28 Feb 2023 08:54:53 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Feb 2023 15:33:22 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "3085a-5f4d2eac1b144-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 45688

GET
H/1.1 200
OK main.js.downloaden Show response
bundesministerium-finanzen.at/BMF/23894891/Federale%20Overheidsdienst%20Financien_files/ 3 KB
1 KB 86ms
86ms Script
application/javascript 163.123.142.220
AS-SERVERION

General

Check archive.org

Show headers Download Go to

Full URL: https://bundesministerium-finanzen.at/BMF/23894891/Federale%20Overheidsdienst%20Financien_files/main.js.downloaden
Requested by: Host: bundesministerium-finanzen.at
URL: https://bundesministerium-finanzen.at/BMF/23894891/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 163.123.142.220 Reston, United States, ASN399471 (AS-SERVERION, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 0645130af45d1271af39ab1dcb87902a521767c79e1735c219e81afe71d6fbfc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bundesministerium-finanzen.at/BMF/23894891/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 28 Feb 2023 08:54:53 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Feb 2023 15:33:23 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "ad0-5f4d2ead325fb-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 807

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 37 KB
38 KB 97ms
26ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: bundesministerium-finanzen.at
URL: https://bundesministerium-finanzen.at/BMF/23894891/Federale%20Overheidsdienst%20Financien_files/css2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bundesministerium-finanzen.at/
Origin: https://bundesministerium-finanzen.at
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 18:59:53 GMT
x-content-type-options: nosniff
age: 395700
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37924
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 18:59:53 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Austrian Government (Government)

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bundesministerium-finanzen.at
fonts.gstatic.com
upload.wikimedia.org
163.123.142.220
2620:0:862:ed1a::2:b
2a00:1450:400d:80a::2003
0645130af45d1271af39ab1dcb87902a521767c79e1735c219e81afe71d6fbfc
06b35d0ea992522915d5ee5399f60cd693a5b6c118f7b92fde08135ba7eb0645
4508fc1bc2caa0fbc3cce106ca6944dd090964df5a660822cf40a15145117402
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
4736e6ec02be31c3e7e0f84d9208d8e51c2fc299a0680ec0afd3ef5c4fbf2fab
5af227e11ae8182179bb71128abeadf07caf2fbb598d072561b8fe1675c94fe9
63cb886e6f3f3bd5dd0d1c38a4523028e30ba5bf70106a301022b8d3311d1979
6465ede05d85f87022d16d7353e4225d7a4c373ff3deba8f576464a4b5f4fb15
6aa96fe9f0f32783a8d39de834e74750e9a72239ad5ea5c20c5e68cf17fc7702
884923540e1db22fd93b8bcb03137391488394d1efdd9a23d6ea910b31145f9e
bf0d3b063ac3ef59b95af60a4c424e478b3d4761d7a8dd9ecee4f60bb5ed398b
ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b
e7a9e5f81186a463db5f6e4f7489b618547de441cb54716cc9027fa7771109ad

bundesministerium-finanzen.at Open in urlscan Pro 163.123.142.220 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

288 kBTransfer

966 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

21 JavaScript Global Variables

0 Cookies

Indicators

bundesministerium-finanzen.at Open in urlscan Pro
163.123.142.220 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

288 kB
Transfer

966 kB
Size

0
Cookies

13 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!