![](/screenshots/a4fa9710-3040-4c9e-89e1-48523ac205c1.png)
belastingeherkenning.digital
Open in
urlscan Pro
2a06:98c1:3120::3
Malicious Activity!
Public Scan
Effective URL: https://belastingeherkenning.digital/kvk.php
Submission: On July 27 via manual from NL — Scanned from NL
Summary
TLS certificate: Issued by E1 on July 21st 2022. Valid for: 3 months.
This is the only time belastingeherkenning.digital was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: NL Government (Government)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 54.83.52.76 54.83.52.76 | 14618 (AMAZON-AES) (AMAZON-AES) | |
2 | 2a06:98c1:312... 2a06:98c1:3120::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:3a | 20446 (STACKPATH...) (STACKPATH-CDN) | |
3 | 3 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-52-76.compute-1.amazonaws.com
bit.do |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
belastingeherkenning.digital
belastingeherkenning.digital |
969 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 613 |
30 KB |
1 |
bit.do
1 redirects
bit.do — Cisco Umbrella Rank: 250954 |
239 B |
3 | 3 |
Domain | Requested by | |
---|---|---|
2 | belastingeherkenning.digital |
belastingeherkenning.digital
|
1 | code.jquery.com |
belastingeherkenning.digital
|
1 | bit.do | 1 redirects |
3 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.belastingdienst.nl |
services.belastingdienst.nl |
www.overdedouane.nl |
www.fiod.nl |
over-ons.belastingdienst.nl |
werken.belastingdienst.nl |
mijn.belastingdienst.nl |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.belastingeherkenning.digital E1 |
2022-07-21 - 2022-10-19 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2021-07-14 - 2022-08-14 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://belastingeherkenning.digital/kvk.php
Frame ID: C8E2FF19146C064B25D8F4F778C17A47
Requests: 12 HTTP requests in this frame
Screenshot
![](/screenshots/a4fa9710-3040-4c9e-89e1-48523ac205c1.png)
Page Title
eHerkenning aanvragenPage URL History Show full URLs
-
http://bit.do/eHerkenning1
HTTP 301
https://belastingeherkenning.digital/kvk.php Page URL
Detected technologies
Detected patterns
- \.php(?:$|\?)
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
64 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Belastingaangifte
Search URL Search Domain Scan URL
Title: Aftrekposten en kortingen
Search URL Search Domain Scan URL
Title: Eigen woning
Search URL Search Domain Scan URL
Title: Box 3 (vermogensrendementsheffing)
Search URL Search Domain Scan URL
Title: Buitenland
Search URL Search Domain Scan URL
Title: Betalen en ontvangen
Search URL Search Domain Scan URL
Title: Auto en woon-werkverkeer
Search URL Search Domain Scan URL
Title: Schenken en schenkbelasting
Search URL Search Domain Scan URL
Title: Erven en erfbelasting
Search URL Search Domain Scan URL
Title: Btw (omzetbelasting)
Search URL Search Domain Scan URL
Title: Voorlopige aanslag
Search URL Search Domain Scan URL
Title: Toeslagen
Search URL Search Domain Scan URL
Title: Zorgtoeslag
Search URL Search Domain Scan URL
Title: Huurtoeslag
Search URL Search Domain Scan URL
Title: Kindgebonden budget
Search URL Search Domain Scan URL
Title: Kinderopvangtoeslag
Search URL Search Domain Scan URL
Title: Gedupeerden kinderopvangtoeslag
Search URL Search Domain Scan URL
Title: De wet DBA
Search URL Search Domain Scan URL
Title: Douane voor bedrijven
Search URL Search Domain Scan URL
Title: Loonheffingen: voor werkgevers en salarisadministrateurs
Search URL Search Domain Scan URL
Title: Ondernemers
Search URL Search Domain Scan URL
Title: Startende ondernemers
Search URL Search Domain Scan URL
Title: Vennootschapsbelasting
Search URL Search Domain Scan URL
Title: Douane
Search URL Search Domain Scan URL
Title: Bagage - kijk wat mee mag door de Douane
Search URL Search Domain Scan URL
Title: Online winkelen - zo zit het bij de Douane
Search URL Search Domain Scan URL
Title: Brexit en uw douanezaken
Search URL Search Domain Scan URL
Title: Over de Douane
Search URL Search Domain Scan URL
Title: Contact met de Douane
Search URL Search Domain Scan URL
Title: Belasting terugvragen of toeslag aanvragen voor jongeren
Search URL Search Domain Scan URL
Title: Bezwaar, beroep en klacht
Search URL Search Domain Scan URL
Title: Contact - we helpen u graag
Search URL Search Domain Scan URL
Title: Coronamaatregelen Belastingdienst
Search URL Search Domain Scan URL
Title: Dividendbelasting
Search URL Search Domain Scan URL
Title: FIOD
Search URL Search Domain Scan URL
Title: Help
Search URL Search Domain Scan URL
Title: Intermediairs
Search URL Search Domain Scan URL
Title: Kennisnetwerk belastingen en toeslagen
Search URL Search Domain Scan URL
Title: Na een overlijden
Search URL Search Domain Scan URL
Title: Over ons
Search URL Search Domain Scan URL
Title: Overige belastingen
Search URL Search Domain Scan URL
Title: Relatie, familie, gezondheid
Search URL Search Domain Scan URL
Title: Scheiden of uit elkaar gaan
Search URL Search Domain Scan URL
Title: Standard Business Reporting (SBR)
Search URL Search Domain Scan URL
Title: Werk en inkomen
Search URL Search Domain Scan URL
Title: Werken bij de Belastingdienst
Search URL Search Domain Scan URL
Title: Mijn Belastingdienst
Search URL Search Domain Scan URL
Title: Mijn toeslagen
Search URL Search Domain Scan URL
Title: Voor ondernemers
Search URL Search Domain Scan URL
Title: Voor douanezaken
Search URL Search Domain Scan URL
Title: Box 3
Search URL Search Domain Scan URL
Title: Mijn Belastingdienst
Search URL Search Domain Scan URL
Title: Privacyverklaring
Search URL Search Domain Scan URL
Title: Sitemap
Search URL Search Domain Scan URL
Title: Copyright
Search URL Search Domain Scan URL
Title: Cookies
Search URL Search Domain Scan URL
Title: Toegankelijkheid
Search URL Search Domain Scan URL
Title: English site
Search URL Search Domain Scan URL
Title: Business
Search URL Search Domain Scan URL
Title: Customs
Search URL Search Domain Scan URL
Title: Deutsche Seite
Search URL Search Domain Scan URL
Title: Privatpersonen
Search URL Search Domain Scan URL
Title: Unternehmen
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://bit.do/eHerkenning1
HTTP 301
https://belastingeherkenning.digital/kvk.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
3 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
kvk.php
belastingeherkenning.digital/ Redirect Chain
|
2 MB 968 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.0.min.js
code.jquery.com/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
requests.js
belastingeherkenning.digital/ |
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
17 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
75 KB 75 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
103 KB 103 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
266 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
479 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
68 KB 68 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
10 KB 10 KB |
Font
application/x-font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
25 KB 25 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: NL Government (Government)11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| savepage_ShadowLoader function| $ function| jQuery1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
belastingeherkenning.digital/ | Name: PHPSESSID Value: 0m2ik009bljr781epdh0ucnco3 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
belastingeherkenning.digital
bit.do
code.jquery.com
2001:4de0:ac18::1:a:3a
2a06:98c1:3120::3
54.83.52.76
24c2c8d65ef0423159d5505ed54492d1346611b076c14fd3af08e5364ce83d9e
27c094142b294677babfd410f01ab0ef6450c30f0ced804477f1b98adfc3a591
2c587d8fb801a7de62f7c1985e521ec81e771f58ae23224ab075e8bec59ddd46
54039c085acfdaf5124e55514d4153752a8526dc55b1d76c3bc731bfa4c3863a
5fb6566195e7cc0f5c6960d59004fad1e36841b0ca0e9e609600db9eb8546298
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
6f8a98838ea5cae13a20e34529149ac5731cfaf8a8a80261e368ed3ab76cf219
76b7bb62d24c8ed3c3fa7b1b41af442199610e1c02d4d7fcbf275abdc69a1366
d4b768e315d68a768157f6b6ba4120604b335ee856635d00f958566d4b4d5360
d52728361053f1db95f6e3d13a88b473c3a2dfa9ab23c5ec0771367c623fc13d
de04110c4fb35d40e49f9becb0c5e0c6b0252bd8eab6c4a1aae18b03249e8fbd
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e