emsgrivorycom.srv145.basel.cs2.ch Open in urlscan Pro
77.109.176.166 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://emsgrivorycom.srv145.basel.cs2.ch/
Submission Tags: phishingrod
Submission: On June 04 via api (June 4th 2024, 2:26:01 pm UTC) from DE — Scanned from CH

Summary HTTP 8 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 8 HTTP transactions. The main IP is 77.109.176.166, located in Zurich, Switzerland and belongs to INIT7, CH. The main domain is emsgrivorycom.srv145.basel.cs2.ch.
TLS certificate: Issued by R3 on June 4th 2024. Valid for: 3 months.

This is the only time emsgrivorycom.srv145.basel.cs2.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
8	77.109.176.166 77.109.176.166		13030 (INIT7) (INIT7)
8	1

8 77.109.176.166 (Zurich, Switzerland)

ASN13030 (INIT7, CH)

emsgrivorycom.srv145.basel.cs2.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	cs2.ch emsgrivorycom.srv145.basel.cs2.ch	23 KB
8	1

	Domain	Requested by
8	emsgrivorycom.srv145.basel.cs2.ch	emsgrivorycom.srv145.basel.cs2.ch
8	1

This site contains links to these domains. Also see Links.

Domain
typo3.org

Subject Issuer	Validity	Valid
ems-groupcom.srv145.basel.cs2.ch R3	`2024-06-04` - `2024-09-02`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://emsgrivorycom.srv145.basel.cs2.ch/
Frame ID: 761FF9142D4C7CA5C206219CE9790A79
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Oops, an error occurred!

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

23 kB
Transfer

23 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://typo3.org/go/exception/CMS/1396795884
Title: online

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	500	Primary Request / Show response emsgrivorycom.srv145.basel.cs2.ch/	2 KB 2 KB	89ms 28ms	Document text/html	77.109.176.166 INIT7
General Check archive.org Show headers Download Go to Full URL https://emsgrivorycom.srv145.basel.cs2.ch/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 77.109.176.166 Zurich, Switzerland, ASN13030 (INIT7, CH), Reverse DNS Software nginx / Resource Hash `6e53f1fbb1216c41b492145837e78272d21b3734c6daafdcfc31fe552f649541` Request headers Accept-Language de-CH,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers content-type text/html; charset=UTF-8 date Tue, 04 Jun 2024 14:25:56 GMT server nginx
GET H2	200	errorpage-message.css emsgrivorycom.srv145.basel.cs2.ch/typo3/sysext/t3skin/stylesheets/standalone/	2 KB 993 B	19ms 19ms	Stylesheet text/css	77.109.176.166 INIT7
General Check archive.org Show headers Download Go to Full URL https://emsgrivorycom.srv145.basel.cs2.ch/typo3/sysext/t3skin/stylesheets/standalone/errorpage-message.css Requested by Host: emsgrivorycom.srv145.basel.cs2.ch URL: https://emsgrivorycom.srv145.basel.cs2.ch/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 77.109.176.166 Zurich, Switzerland, ASN13030 (INIT7, CH), Reverse DNS Software nginx / Resource Hash `fdbaa2db9b9ac350d16c3745cc0bc62be0faa87bd8c30473cd64d93142f92723` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://emsgrivorycom.srv145.basel.cs2.ch/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 04 Jun 2024 14:25:56 GMT content-encoding gzip last-modified Thu, 07 Dec 2017 15:31:54 GMT server nginx content-type text/css access-control-allow-origin * cache-control max-age=315360000 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	typo3logo-white-greyback.gif emsgrivorycom.srv145.basel.cs2.ch/typo3/sysext/t3skin/images/login/	2 KB 2 KB	20ms 20ms	Image image/gif	77.109.176.166 INIT7
General Check archive.org Show headers Download Go to Show image Full URL https://emsgrivorycom.srv145.basel.cs2.ch/typo3/sysext/t3skin/images/login/typo3logo-white-greyback.gif Requested by Host: emsgrivorycom.srv145.basel.cs2.ch URL: https://emsgrivorycom.srv145.basel.cs2.ch/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 77.109.176.166 Zurich, Switzerland, ASN13030 (INIT7, CH), Reverse DNS Software nginx / Resource Hash `b0e942f495e6c43ff56ce50a39babfc186616470de9ba1a5b21eda730fa472f3` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://emsgrivorycom.srv145.basel.cs2.ch/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 04 Jun 2024 14:25:56 GMT last-modified Thu, 07 Dec 2017 15:31:54 GMT server nginx etag "5a295eea-861" content-type image/gif access-control-allow-origin * cache-control max-age=315360000 accept-ranges bytes content-length 2145 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	gray-gradient.png emsgrivorycom.srv145.basel.cs2.ch/typo3/sysext/t3skin/images/backgrounds/	14 KB 15 KB	37ms 37ms	Image image/png	77.109.176.166 INIT7
General Check archive.org Show headers Download Go to Show image Full URL https://emsgrivorycom.srv145.basel.cs2.ch/typo3/sysext/t3skin/images/backgrounds/gray-gradient.png Requested by Host: emsgrivorycom.srv145.basel.cs2.ch URL: https://emsgrivorycom.srv145.basel.cs2.ch/typo3/sysext/t3skin/stylesheets/standalone/errorpage-message.css Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 77.109.176.166 Zurich, Switzerland, ASN13030 (INIT7, CH), Reverse DNS Software nginx / Resource Hash `67954ac9782cc8592e75ce9a85c789b35bf8ea1949ec49e559ba102d51ec4b75` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://emsgrivorycom.srv145.basel.cs2.ch/typo3/sysext/t3skin/stylesheets/standalone/errorpage-message.css Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 04 Jun 2024 14:25:56 GMT last-modified Thu, 07 Dec 2017 15:31:54 GMT server nginx etag "5a295eea-3972" content-type image/png access-control-allow-origin * cache-control max-age=315360000 accept-ranges bytes content-length 14706 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	box-top-428.png emsgrivorycom.srv145.basel.cs2.ch/typo3/sysext/t3skin/images/shadows/	253 B 461 B	38ms 38ms	Image image/png	77.109.176.166 INIT7
General Check archive.org Show headers Download Go to Show image Full URL https://emsgrivorycom.srv145.basel.cs2.ch/typo3/sysext/t3skin/images/shadows/box-top-428.png Requested by Host: emsgrivorycom.srv145.basel.cs2.ch URL: https://emsgrivorycom.srv145.basel.cs2.ch/typo3/sysext/t3skin/stylesheets/standalone/errorpage-message.css Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 77.109.176.166 Zurich, Switzerland, ASN13030 (INIT7, CH), Reverse DNS Software nginx / Resource Hash `238eb02361347919000db8e6f00ef251b9309694a52d1619299c65b49a495b60` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://emsgrivorycom.srv145.basel.cs2.ch/typo3/sysext/t3skin/stylesheets/standalone/errorpage-message.css Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 04 Jun 2024 14:25:56 GMT last-modified Thu, 07 Dec 2017 15:31:54 GMT server nginx etag "5a295eea-fd" content-type image/png access-control-allow-origin * cache-control max-age=315360000 accept-ranges bytes content-length 253 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	dialog-error.png emsgrivorycom.srv145.basel.cs2.ch/typo3/sysext/t3skin/images/icons/status/	647 B 855 B	39ms 39ms	Image image/png	77.109.176.166 INIT7
General Check archive.org Show headers Download Go to Show image Full URL https://emsgrivorycom.srv145.basel.cs2.ch/typo3/sysext/t3skin/images/icons/status/dialog-error.png Requested by Host: emsgrivorycom.srv145.basel.cs2.ch URL: https://emsgrivorycom.srv145.basel.cs2.ch/typo3/sysext/t3skin/stylesheets/standalone/errorpage-message.css Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 77.109.176.166 Zurich, Switzerland, ASN13030 (INIT7, CH), Reverse DNS Software nginx / Resource Hash `e3c1af6b57c5bbc6d985f649f87d121297bc2eef01d43e51af25972d28d4a974` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://emsgrivorycom.srv145.basel.cs2.ch/typo3/sysext/t3skin/stylesheets/standalone/errorpage-message.css Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 04 Jun 2024 14:25:56 GMT last-modified Thu, 07 Dec 2017 15:31:54 GMT server nginx etag "5a295eea-287" content-type image/png access-control-allow-origin * cache-control max-age=315360000 accept-ranges bytes content-length 647 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	box-bottom-424.png emsgrivorycom.srv145.basel.cs2.ch/typo3/sysext/t3skin/images/shadows/	387 B 595 B	40ms 40ms	Image image/png	77.109.176.166 INIT7
General Check archive.org Show headers Download Go to Show image Full URL https://emsgrivorycom.srv145.basel.cs2.ch/typo3/sysext/t3skin/images/shadows/box-bottom-424.png Requested by Host: emsgrivorycom.srv145.basel.cs2.ch URL: https://emsgrivorycom.srv145.basel.cs2.ch/typo3/sysext/t3skin/stylesheets/standalone/errorpage-message.css Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 77.109.176.166 Zurich, Switzerland, ASN13030 (INIT7, CH), Reverse DNS Software nginx / Resource Hash `d2abbc036f0d1eba695a45a7adc0acf12a7e1a6f2c2a4dda984f4fb89c1d9380` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://emsgrivorycom.srv145.basel.cs2.ch/typo3/sysext/t3skin/stylesheets/standalone/errorpage-message.css Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 04 Jun 2024 14:25:56 GMT last-modified Thu, 07 Dec 2017 15:31:54 GMT server nginx etag "5a295eea-183" content-type image/png access-control-allow-origin * cache-control max-age=315360000 accept-ranges bytes content-length 387 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	favicon.ico emsgrivorycom.srv145.basel.cs2.ch/	1 KB 2 KB	19ms 19ms	Other image/x-icon	77.109.176.166 INIT7
General Check archive.org Show headers Download Go to Full URL https://emsgrivorycom.srv145.basel.cs2.ch/favicon.ico Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 77.109.176.166 Zurich, Switzerland, ASN13030 (INIT7, CH), Reverse DNS Software nginx / Resource Hash `8380ad1c84bfcb02eeabee5fc45deeee1779619718c1876072395935d49cee11` Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://emsgrivorycom.srv145.basel.cs2.ch/ Accept-Language de-CH,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 04 Jun 2024 14:25:56 GMT last-modified Tue, 04 Sep 2012 06:57:35 GMT server nginx etag "5045a65f-57e" content-type image/x-icon access-control-allow-origin * cache-control max-age=315360000 accept-ranges bytes content-length 1406 expires Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://emsgrivorycom.srv145.basel.cs2.ch/ Message: Failed to load resource: the server responded with a status of 500 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

emsgrivorycom.srv145.basel.cs2.ch
77.109.176.166
238eb02361347919000db8e6f00ef251b9309694a52d1619299c65b49a495b60
67954ac9782cc8592e75ce9a85c789b35bf8ea1949ec49e559ba102d51ec4b75
6e53f1fbb1216c41b492145837e78272d21b3734c6daafdcfc31fe552f649541
8380ad1c84bfcb02eeabee5fc45deeee1779619718c1876072395935d49cee11
b0e942f495e6c43ff56ce50a39babfc186616470de9ba1a5b21eda730fa472f3
d2abbc036f0d1eba695a45a7adc0acf12a7e1a6f2c2a4dda984f4fb89c1d9380
e3c1af6b57c5bbc6d985f649f87d121297bc2eef01d43e51af25972d28d4a974
fdbaa2db9b9ac350d16c3745cc0bc62be0faa87bd8c30473cd64d93142f92723

emsgrivorycom.srv145.basel.cs2.ch Open in urlscan Pro 77.109.176.166 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

8 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

23 kBTransfer

23 kBSize

0 Cookies

1 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

emsgrivorycom.srv145.basel.cs2.ch Open in urlscan Pro
77.109.176.166 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

23 kB
Transfer

23 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions