www-digitaleomgeving.nl-y94.ru Open in urlscan Pro
45.137.152.29 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://s.id/R4aJ
Effective URL:
https://www-digitaleomgeving.nl-y94.ru/xx/digid.php
Submission: On March 15 via manual (March 15th 2022, 10:23:48 pm UTC) from NL — Scanned from NL

Summary HTTP 22 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 22 HTTP transactions. The main IP is 45.137.152.29, located in St Petersburg, Russian Federation and belongs to RETN-AS, GB. The main domain is www-digitaleomgeving.nl-y94.ru.
TLS certificate: Issued by R3 on March 15th 2022. Valid for: 3 months.

This is the only time www-digitaleomgeving.nl-y94.ru was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: NL Government (Government)

Domain & IP information

	IP Address	AS Autonomous System
1 1	45.126.58.78 45.126.58.78	132647 (IDNIC-PAN...) (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia)
1 14	45.137.152.29 45.137.152.29	9002 (RETN-AS) (RETN-AS)
7	2a04:9a00:101... 2a04:9a00:1010:1900::a	212157 (LOGIUS-AZ-1) (LOGIUS-AZ-1)
22	3

1 45.126.58.78 (Indonesia) 1 redirects

ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID)

s.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 45.137.152.29 (St Petersburg, Russian Federation) 1 redirects

ASN9002 (RETN-AS, GB)

russianspaceshuttleservicell1i.nl-y91.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www-digitaleomgeving.nl-y94.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a04:9a00:1010:1900::a (Netherlands)

ASN212157 (LOGIUS-AZ-1, NL)

digid.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	nl-y94.ru www-digitaleomgeving.nl-y94.ru	90 KB
7	digid.nl digid.nl — Cisco Umbrella Rank: 89305	48 KB
1	nl-y91.ru 1 redirects russianspaceshuttleservicell1i.nl-y91.ru	236 B
1	s.id 1 redirects s.id — Cisco Umbrella Rank: 137591	154 B
22	4

	Domain	Requested by
13	www-digitaleomgeving.nl-y94.ru	www-digitaleomgeving.nl-y94.ru
7	digid.nl	www-digitaleomgeving.nl-y94.ru digid.nl
1	russianspaceshuttleservicell1i.nl-y91.ru	1 redirects
1	s.id	1 redirects
22	4

This site contains links to these domains. Also see Links.

Domain
www.digid.nl
bunq.com
handelsbanken.nl

Subject Issuer	Validity	Valid
www-digitaleomgeving.nl-y94.ru R3	`2022-03-15` - `2022-06-13`	3 months	crt.sh
digid.nl KPN PKIoverheid Server CA 2020	`2021-12-01` - `2022-12-01`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www-digitaleomgeving.nl-y94.ru/xx/digid.php
Frame ID: E5809426711276C4081BD6C60936629A
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DigiD: Inloggen | Keuze

Page URL History Show full URLs

https://s.id/R4aJ HTTP 301
https://russianspaceshuttleservicell1i.nl-y91.ru/03/digid.php HTTP 302
https://www-digitaleomgeving.nl-y94.ru/xx/digid.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

22
Requests

91 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

138 kB
Transfer

193 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.digid.nl/

Search URL Search Domain Scan URL

URL: https://bunq.com/404
Title: | BUNQ

Search URL Search Domain Scan URL

URL: https://handelsbanken.nl/404
Title: | Handelsbanken

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://s.id/R4aJ HTTP 301
https://russianspaceshuttleservicell1i.nl-y91.ru/03/digid.php HTTP 302
https://www-digitaleomgeving.nl-y94.ru/xx/digid.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request digid.php Show response
www-digitaleomgeving.nl-y94.ru/xx/
Redirect Chain

https://s.id/R4aJ
https://russianspaceshuttleservicell1i.nl-y91.ru/03/digid.php
https://www-digitaleomgeving.nl-y94.ru/xx/digid.php

8 KB
3 KB

1336ms
736ms

Document
text/html

45.137.152.29
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www-digitaleomgeving.nl-y94.ru/xx/digid.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.137.152.29 St Petersburg, Russian Federation, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 99764876ca8fdcd80e1169e717149fc8a98b3c740113bc82300dcf44e22ce8a4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: nl-NL,nl;q=0.9

Response headers

Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 15 Mar 2022 22:23:43 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 2754
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

Redirect headers

Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 15 Mar 2022 22:23:42 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: https://www-digitaleomgeving.nl-y94.ru/xx/digid.php

GET
H/1.1 200
OK application-89f07d8ad34368e53bff40ea9d8e7ed3e17ba90299dba2efa882fe7338055ef1.css
digid.nl/assets/ 70 KB
16 KB 92ms
19ms Stylesheet
text/css 2a04:9a00:1010:1900::a
LOGIUS-AZ-1

General

Check archive.org

Show headers Download Go to

Full URL

https://digid.nl/assets/application-89f07d8ad34368e53bff40ea9d8e7ed3e17ba90299dba2efa882fe7338055ef1.css

Requested by

Host: www-digitaleomgeving.nl-y94.ru
URL: https://www-digitaleomgeving.nl-y94.ru/xx/digid.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:9a00:1010:1900::a , Netherlands, ASN212157 (LOGIUS-AZ-1, NL),

Reverse DNS

Software

Resource Hash

89f07d8ad34368e53bff40ea9d8e7ed3e17ba90299dba2efa882fe7338055ef1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www-digitaleomgeving.nl-y94.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Content-Encoding: gzip
Last-Modified: Wed, 16 Feb 2022 12:59:51 GMT
Age: 49930
Date: Tue, 15 Mar 2022 22:23:43 GMT
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 16184
Expires: Tue, 15 Mar 2022 23:23:43 GMT

GET
H/1.1 404
Not Found piwik-88b8824a5f55a9bb5be3b1e48b0fe9e314196870c10116491a478817ac781065.js
www-digitaleomgeving.nl-y94.ru/assets/ 0
0 92ms
91ms Script
text/html 45.137.152.29
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www-digitaleomgeving.nl-y94.ru/assets/piwik-88b8824a5f55a9bb5be3b1e48b0fe9e314196870c10116491a478817ac781065.js
Requested by: Host: www-digitaleomgeving.nl-y94.ru
URL: https://www-digitaleomgeving.nl-y94.ru/xx/digid.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.137.152.29 St Petersburg, Russian Federation, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www-digitaleomgeving.nl-y94.ru/xx/digid.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 22:23:43 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found piwik-88b8824a5f55a9bb5be3b1e48b0fe9e314196870c10116491a478817ac781065.js
digid.nl/assets/ 0
0 29ms
27ms Script
text/html 2a04:9a00:1010:1900::a
LOGIUS-AZ-1

General

Check archive.org

Show headers Download Go to

Full URL: https://digid.nl/assets/piwik-88b8824a5f55a9bb5be3b1e48b0fe9e314196870c10116491a478817ac781065.js
Requested by: Host: www-digitaleomgeving.nl-y94.ru
URL: https://www-digitaleomgeving.nl-y94.ru/xx/digid.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:9a00:1010:1900::a , Netherlands, ASN212157 (LOGIUS-AZ-1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www-digitaleomgeving.nl-y94.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1 404
Not Found constants_nl-7fd3f4291ae652e54567a77f6001b7eed0cee0494fb1f77d362d38bf097cfa11.js
www-digitaleomgeving.nl-y94.ru/assets/ 0
0 184ms
91ms Script
text/html 45.137.152.29
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www-digitaleomgeving.nl-y94.ru/assets/constants_nl-7fd3f4291ae652e54567a77f6001b7eed0cee0494fb1f77d362d38bf097cfa11.js
Requested by: Host: www-digitaleomgeving.nl-y94.ru
URL: https://www-digitaleomgeving.nl-y94.ru/xx/digid.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.137.152.29 St Petersburg, Russian Federation, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www-digitaleomgeving.nl-y94.ru/xx/digid.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 22:23:43 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found application-2bf67cd1a8c2c1febbee201adac040faf651fbdc586bcb7e2f7c2f233f5ec167.js
digid.nl/assets/ 0
0 97ms
25ms Script
text/html 2a04:9a00:1010:1900::a
LOGIUS-AZ-1

General

Check archive.org

Show headers Download Go to

Full URL: https://digid.nl/assets/application-2bf67cd1a8c2c1febbee201adac040faf651fbdc586bcb7e2f7c2f233f5ec167.js
Requested by: Host: www-digitaleomgeving.nl-y94.ru
URL: https://www-digitaleomgeving.nl-y94.ru/xx/digid.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:9a00:1010:1900::a , Netherlands, ASN212157 (LOGIUS-AZ-1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www-digitaleomgeving.nl-y94.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1 200
OK RO_DigiD_Logo_Homepage-345fece8164e7c89abdcac29f20c438ca6b74414af1373642da630abd862da97.svg
digid.nl/assets/ 21 KB
21 KB 55ms
19ms Image
image/svg+xml 2a04:9a00:1010:1900::a
LOGIUS-AZ-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://digid.nl/assets/RO_DigiD_Logo_Homepage-345fece8164e7c89abdcac29f20c438ca6b74414af1373642da630abd862da97.svg

Requested by

Host: www-digitaleomgeving.nl-y94.ru
URL: https://www-digitaleomgeving.nl-y94.ru/xx/digid.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:9a00:1010:1900::a , Netherlands, ASN212157 (LOGIUS-AZ-1, NL),

Reverse DNS

Software

Resource Hash

345fece8164e7c89abdcac29f20c438ca6b74414af1373642da630abd862da97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www-digitaleomgeving.nl-y94.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Last-Modified: Wed, 16 Feb 2022 12:52:36 GMT
Age: 49928
Date: Tue, 15 Mar 2022 22:23:43 GMT
Content-Type: image/svg+xml
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 21493
Expires: Fri, 12 Mar 2032 08:31:36 GMT

GET
H/1.1 200
OK digid_eo_rgb-55f1daa50e8a463ddb0718ad1781c22195c16d3bfee3535b1df04fed763f488a.svg
digid.nl/assets/ 2 KB
2 KB 22ms
19ms Image
image/svg+xml 2a04:9a00:1010:1900::a
LOGIUS-AZ-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://digid.nl/assets/digid_eo_rgb-55f1daa50e8a463ddb0718ad1781c22195c16d3bfee3535b1df04fed763f488a.svg

Requested by

Host: www-digitaleomgeving.nl-y94.ru
URL: https://www-digitaleomgeving.nl-y94.ru/xx/digid.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:9a00:1010:1900::a , Netherlands, ASN212157 (LOGIUS-AZ-1, NL),

Reverse DNS

Software

Resource Hash

55f1daa50e8a463ddb0718ad1781c22195c16d3bfee3535b1df04fed763f488a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www-digitaleomgeving.nl-y94.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Last-Modified: Wed, 16 Feb 2022 12:52:36 GMT
Age: 49928
Date: Tue, 15 Mar 2022 22:23:43 GMT
Content-Type: image/svg+xml
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1594
Expires: Fri, 12 Mar 2032 08:31:36 GMT

GET
H/1.1 200
OK ing.png
www-digitaleomgeving.nl-y94.ru/xx/ICON/ 19 KB
19 KB 147ms
147ms Image
image/png 45.137.152.29
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www-digitaleomgeving.nl-y94.ru/xx/ICON/ing.png
Requested by: Host: www-digitaleomgeving.nl-y94.ru
URL: https://www-digitaleomgeving.nl-y94.ru/xx/digid.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.137.152.29 St Petersburg, Russian Federation, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: de6e8372a5c558a867da246aec5da3f8784235539fb44b7820e80c3a5238b55f

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www-digitaleomgeving.nl-y94.ru/xx/digid.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 22:23:43 GMT
Last-Modified: Sun, 19 Apr 2020 02:40:06 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "4a7f-5a39bb33e0d80"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19071

GET
H/1.1 200
OK abnamro.png
www-digitaleomgeving.nl-y94.ru/xx/ICON/ 4 KB
4 KB 97ms
96ms Image
image/png 45.137.152.29
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www-digitaleomgeving.nl-y94.ru/xx/ICON/abnamro.png
Requested by: Host: www-digitaleomgeving.nl-y94.ru
URL: https://www-digitaleomgeving.nl-y94.ru/xx/digid.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.137.152.29 St Petersburg, Russian Federation, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 0929ae9ee710499eaed79da1ce885212a853924f71e17ab61affd71e942c9aab

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www-digitaleomgeving.nl-y94.ru/xx/digid.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 22:23:43 GMT
Last-Modified: Wed, 15 Apr 2020 17:45:02 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "feb-5a357e02bc380"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4075

GET
H/1.1 200
OK rabobank.png
www-digitaleomgeving.nl-y94.ru/xx/ICON/ 8 KB
8 KB 315ms
120ms Image
image/png 45.137.152.29
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www-digitaleomgeving.nl-y94.ru/xx/ICON/rabobank.png
Requested by: Host: www-digitaleomgeving.nl-y94.ru
URL: https://www-digitaleomgeving.nl-y94.ru/xx/digid.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.137.152.29 St Petersburg, Russian Federation, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 0c2f68cbfad4836ed49e9ada48383b08218c93d8fbf199dcd71001d8ddc7d104

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www-digitaleomgeving.nl-y94.ru/xx/digid.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 22:23:43 GMT
Last-Modified: Wed, 15 Apr 2020 17:49:02 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "209e-5a357ee79df80"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8350

GET
H/1.1 200
OK sns.png
www-digitaleomgeving.nl-y94.ru/xx/ICON/ 6 KB
6 KB 315ms
120ms Image
image/png 45.137.152.29
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www-digitaleomgeving.nl-y94.ru/xx/ICON/sns.png
Requested by: Host: www-digitaleomgeving.nl-y94.ru
URL: https://www-digitaleomgeving.nl-y94.ru/xx/digid.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.137.152.29 St Petersburg, Russian Federation, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: d502bc9291a1bbb701057d61bd23f9910cb265fc14e1c5e4f29b6de0f21e7852

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www-digitaleomgeving.nl-y94.ru/xx/digid.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 22:23:43 GMT
Last-Modified: Wed, 15 Apr 2020 17:50:36 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "1763-5a357f4143300"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5987

GET
H/1.1 200
OK asn.png
www-digitaleomgeving.nl-y94.ru/xx/ICON/ 3 KB
4 KB 299ms
99ms Image
image/png 45.137.152.29
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www-digitaleomgeving.nl-y94.ru/xx/ICON/asn.png
Requested by: Host: www-digitaleomgeving.nl-y94.ru
URL: https://www-digitaleomgeving.nl-y94.ru/xx/digid.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.137.152.29 St Petersburg, Russian Federation, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: c3c7bae7e5e599fb3a7d97811e6ac893b0fcb44d421a867fd9dea28a6bb216ab

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www-digitaleomgeving.nl-y94.ru/xx/digid.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 22:23:43 GMT
Last-Modified: Wed, 15 Apr 2020 17:50:56 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "d3e-5a357f5456000"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3390

GET
H/1.1 200
OK rg.png
www-digitaleomgeving.nl-y94.ru/xx/ICON/ 19 KB
19 KB 364ms
165ms Image
image/png 45.137.152.29
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www-digitaleomgeving.nl-y94.ru/xx/ICON/rg.png
Requested by: Host: www-digitaleomgeving.nl-y94.ru
URL: https://www-digitaleomgeving.nl-y94.ru/xx/digid.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.137.152.29 St Petersburg, Russian Federation, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 62b52a7b9341d585ed13dda445aeb31c4929563166812690ba7c8a96ec1a400c

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www-digitaleomgeving.nl-y94.ru/xx/digid.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 22:23:43 GMT
Last-Modified: Wed, 15 Apr 2020 17:51:50 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "4a5c-5a357f87d5980"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19036

GET
H/1.1 200
OK bunq.png
www-digitaleomgeving.nl-y94.ru/xx/ICON/ 2 KB
2 KB 175ms
96ms Image
image/png 45.137.152.29
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www-digitaleomgeving.nl-y94.ru/xx/ICON/bunq.png
Requested by: Host: www-digitaleomgeving.nl-y94.ru
URL: https://www-digitaleomgeving.nl-y94.ru/xx/digid.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.137.152.29 St Petersburg, Russian Federation, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: a784d60c5d83fa1221a4707544f3687383e2b205984aac835557a6f1a58ca602

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www-digitaleomgeving.nl-y94.ru/xx/digid.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 22:23:43 GMT
Last-Modified: Wed, 15 Apr 2020 17:52:32 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "6ea-5a357fafe3800"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1770

GET
H/1.1 200
OK hb.png
www-digitaleomgeving.nl-y94.ru/xx/ICON/ 6 KB
6 KB 218ms
94ms Image
image/png 45.137.152.29
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www-digitaleomgeving.nl-y94.ru/xx/ICON/hb.png
Requested by: Host: www-digitaleomgeving.nl-y94.ru
URL: https://www-digitaleomgeving.nl-y94.ru/xx/digid.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.137.152.29 St Petersburg, Russian Federation, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: c11e3ee15321fd30bcff4fcb0570b0ba2f881715b1ed14fda58669cbf1f4c974

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www-digitaleomgeving.nl-y94.ru/xx/digid.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 22:23:43 GMT
Last-Modified: Wed, 15 Apr 2020 17:53:08 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "179c-5a357fd238900"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6044

GET
H/1.1 200
OK triodos.png
www-digitaleomgeving.nl-y94.ru/xx/ICON/ 19 KB
19 KB 325ms
154ms Image
image/png 45.137.152.29
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www-digitaleomgeving.nl-y94.ru/xx/ICON/triodos.png
Requested by: Host: www-digitaleomgeving.nl-y94.ru
URL: https://www-digitaleomgeving.nl-y94.ru/xx/digid.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.137.152.29 St Petersburg, Russian Federation, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 7c8a4f08d19f6d1f364c09b57812425453df476baabf2ec78246d7bc1332e23b

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www-digitaleomgeving.nl-y94.ru/xx/digid.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 22:23:43 GMT
Last-Modified: Sun, 19 Apr 2020 02:41:20 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "4b93-5a39bb7a73400"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19347

GET
H/1.1 200
OK info-b2f7f0f4cba483d416e7dfa44d4dd8b9c3c610953c0f4a5f70a2d6d2f34769fa.svg
digid.nl/assets/ 3 KB
3 KB 38ms
19ms Image
image/svg+xml 2a04:9a00:1010:1900::a
LOGIUS-AZ-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://digid.nl/assets/info-b2f7f0f4cba483d416e7dfa44d4dd8b9c3c610953c0f4a5f70a2d6d2f34769fa.svg

Requested by

Host: digid.nl
URL: https://digid.nl/assets/application-89f07d8ad34368e53bff40ea9d8e7ed3e17ba90299dba2efa882fe7338055ef1.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:9a00:1010:1900::a , Netherlands, ASN212157 (LOGIUS-AZ-1, NL),

Reverse DNS

Software

Resource Hash

b2f7f0f4cba483d416e7dfa44d4dd8b9c3c610953c0f4a5f70a2d6d2f34769fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://digid.nl/assets/application-89f07d8ad34368e53bff40ea9d8e7ed3e17ba90299dba2efa882fe7338055ef1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Last-Modified: Wed, 16 Feb 2022 12:52:36 GMT
Age: 73115
Date: Tue, 15 Mar 2022 22:23:43 GMT
Content-Type: image/svg+xml
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 2843
Expires: Fri, 12 Mar 2032 02:05:09 GMT

GET
H/1.1 200
OK app-6ff8ab98a6bd136e396d2dd79e22b9171438438070787e355db6974bcbc53085.svg
digid.nl/assets/tiles/ 5 KB
5 KB 41ms
15ms Image
image/svg+xml 2a04:9a00:1010:1900::a
LOGIUS-AZ-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://digid.nl/assets/tiles/app-6ff8ab98a6bd136e396d2dd79e22b9171438438070787e355db6974bcbc53085.svg

Requested by

Host: digid.nl
URL: https://digid.nl/assets/application-89f07d8ad34368e53bff40ea9d8e7ed3e17ba90299dba2efa882fe7338055ef1.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:9a00:1010:1900::a , Netherlands, ASN212157 (LOGIUS-AZ-1, NL),

Reverse DNS

Software

Resource Hash

6ff8ab98a6bd136e396d2dd79e22b9171438438070787e355db6974bcbc53085

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://digid.nl/assets/application-89f07d8ad34368e53bff40ea9d8e7ed3e17ba90299dba2efa882fe7338055ef1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Last-Modified: Wed, 16 Feb 2022 12:52:36 GMT
Age: 49926
Date: Tue, 15 Mar 2022 22:23:43 GMT
Content-Type: image/svg+xml
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 4615
Expires: Fri, 12 Mar 2032 08:31:38 GMT

GET ROsanswebtextregular-54039c085acfdaf5124e55514d4153752a8526dc55b1d76c3bc731bfa4c3863a.woff
digid.nl/assets/ 0
0

GET ROsanswebtextbold-27c094142b294677babfd410f01ab0ef6450c30f0ced804477f1b98adfc3a591.woff
digid.nl/assets/ 0
0

GET
H/1.1 404
Not Found piwik-88b8824a5f55a9bb5be3b1e48b0fe9e314196870c10116491a478817ac781065.js
www-digitaleomgeving.nl-y94.ru/assets/ 0
0 100ms
100ms Script
text/html 45.137.152.29
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www-digitaleomgeving.nl-y94.ru/assets/piwik-88b8824a5f55a9bb5be3b1e48b0fe9e314196870c10116491a478817ac781065.js
Requested by: Host: www-digitaleomgeving.nl-y94.ru
URL: https://www-digitaleomgeving.nl-y94.ru/xx/digid.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.137.152.29 St Petersburg, Russian Federation, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash

Request headers

Accept-Language: nl-NL,nl;q=0.9
Referer: https://www-digitaleomgeving.nl-y94.ru/xx/digid.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 22:23:43 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=iso-8859-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: digid.nl
URL: https://digid.nl/assets/ROsanswebtextregular-54039c085acfdaf5124e55514d4153752a8526dc55b1d76c3bc731bfa4c3863a.woff

Domain: digid.nl
URL: https://digid.nl/assets/ROsanswebtextbold-27c094142b294677babfd410f01ab0ef6450c30f0ced804477f1b98adfc3a591.woff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: NL Government (Government)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored object| _paq

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www-digitaleomgeving.nl-y94.ru/assets/piwik-88b8824a5f55a9bb5be3b1e48b0fe9e314196870c10116491a478817ac781065.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://digid.nl/assets/application-2bf67cd1a8c2c1febbee201adac040faf651fbdc586bcb7e2f7c2f233f5ec167.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://digid.nl/assets/piwik-88b8824a5f55a9bb5be3b1e48b0fe9e314196870c10116491a478817ac781065.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www-digitaleomgeving.nl-y94.ru/assets/constants_nl-7fd3f4291ae652e54567a77f6001b7eed0cee0494fb1f77d362d38bf097cfa11.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	error	URL: https://www-digitaleomgeving.nl-y94.ru/xx/digid.php Message: Access to font at 'https://digid.nl/assets/ROsanswebtextregular-54039c085acfdaf5124e55514d4153752a8526dc55b1d76c3bc731bfa4c3863a.woff' from origin 'https://www-digitaleomgeving.nl-y94.ru' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://digid.nl/assets/ROsanswebtextregular-54039c085acfdaf5124e55514d4153752a8526dc55b1d76c3bc731bfa4c3863a.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www-digitaleomgeving.nl-y94.ru/xx/digid.php Message: Access to font at 'https://digid.nl/assets/ROsanswebtextbold-27c094142b294677babfd410f01ab0ef6450c30f0ced804477f1b98adfc3a591.woff' from origin 'https://www-digitaleomgeving.nl-y94.ru' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://digid.nl/assets/ROsanswebtextbold-27c094142b294677babfd410f01ab0ef6450c30f0ced804477f1b98adfc3a591.woff Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://www-digitaleomgeving.nl-y94.ru/assets/piwik-88b8824a5f55a9bb5be3b1e48b0fe9e314196870c10116491a478817ac781065.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

digid.nl
russianspaceshuttleservicell1i.nl-y91.ru
s.id
www-digitaleomgeving.nl-y94.ru
digid.nl
2a04:9a00:1010:1900::a
45.126.58.78
45.137.152.29
0929ae9ee710499eaed79da1ce885212a853924f71e17ab61affd71e942c9aab
0c2f68cbfad4836ed49e9ada48383b08218c93d8fbf199dcd71001d8ddc7d104
345fece8164e7c89abdcac29f20c438ca6b74414af1373642da630abd862da97
55f1daa50e8a463ddb0718ad1781c22195c16d3bfee3535b1df04fed763f488a
62b52a7b9341d585ed13dda445aeb31c4929563166812690ba7c8a96ec1a400c
6ff8ab98a6bd136e396d2dd79e22b9171438438070787e355db6974bcbc53085
7c8a4f08d19f6d1f364c09b57812425453df476baabf2ec78246d7bc1332e23b
89f07d8ad34368e53bff40ea9d8e7ed3e17ba90299dba2efa882fe7338055ef1
99764876ca8fdcd80e1169e717149fc8a98b3c740113bc82300dcf44e22ce8a4
a784d60c5d83fa1221a4707544f3687383e2b205984aac835557a6f1a58ca602
b2f7f0f4cba483d416e7dfa44d4dd8b9c3c610953c0f4a5f70a2d6d2f34769fa
c11e3ee15321fd30bcff4fcb0570b0ba2f881715b1ed14fda58669cbf1f4c974
c3c7bae7e5e599fb3a7d97811e6ac893b0fcb44d421a867fd9dea28a6bb216ab
d502bc9291a1bbb701057d61bd23f9910cb265fc14e1c5e4f29b6de0f21e7852
de6e8372a5c558a867da246aec5da3f8784235539fb44b7820e80c3a5238b55f

www-digitaleomgeving.nl-y94.ru Open in urlscan Pro 45.137.152.29 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

91 %HTTPS

33 %IPv6

4 Domains

4 Subdomains

3 IPs

3 Countries

138 kBTransfer

193 kBSize

0 Cookies

3 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Global Variables

0 Cookies

9 Console Messages

Indicators

www-digitaleomgeving.nl-y94.ru Open in urlscan Pro
45.137.152.29 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

91 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

138 kB
Transfer

193 kB
Size

0
Cookies

22 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!