belastingherkenning.digital
Open in
urlscan Pro
2606:4700:3034::6815:3e6b
Malicious Activity!
Public Scan
Submission Tags: falconsandbox
Submission: On August 11 via api from US — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on August 10th 2022. Valid for: 3 months.
This is the only time belastingherkenning.digital was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: NL Government (Government)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 2606:4700:303... 2606:4700:3034::6815:3e6b | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:1a | 20446 (STACKPATH...) (STACKPATH-CDN) | |
3 | 3 |
ASN13335 (CLOUDFLARENET, US)
belastingherkenning.digital |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
belastingherkenning.digital
belastingherkenning.digital |
969 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 615 |
30 KB |
3 | 2 |
Domain | Requested by | |
---|---|---|
2 | belastingherkenning.digital |
belastingherkenning.digital
|
1 | code.jquery.com |
belastingherkenning.digital
|
3 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.belastingdienst.nl |
services.belastingdienst.nl |
www.overdedouane.nl |
www.fiod.nl |
over-ons.belastingdienst.nl |
werken.belastingdienst.nl |
mijn.belastingdienst.nl |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.belastingherkenning.digital GTS CA 1P5 |
2022-08-10 - 2022-11-08 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2021-07-14 - 2022-08-14 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://belastingherkenning.digital/herkenning.php
Frame ID: 613540EF75CC60CE9AD9C5A73FFC8FA7
Requests: 13 HTTP requests in this frame
Screenshot
Page Title
eHerkenning aanvragenDetected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
64 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Belastingaangifte
Search URL Search Domain Scan URL
Title: Aftrekposten en kortingen
Search URL Search Domain Scan URL
Title: Eigen woning
Search URL Search Domain Scan URL
Title: Box 3 (vermogensrendementsheffing)
Search URL Search Domain Scan URL
Title: Buitenland
Search URL Search Domain Scan URL
Title: Betalen en ontvangen
Search URL Search Domain Scan URL
Title: Auto en woon-werkverkeer
Search URL Search Domain Scan URL
Title: Schenken en schenkbelasting
Search URL Search Domain Scan URL
Title: Erven en erfbelasting
Search URL Search Domain Scan URL
Title: Btw (omzetbelasting)
Search URL Search Domain Scan URL
Title: Voorlopige aanslag
Search URL Search Domain Scan URL
Title: Toeslagen
Search URL Search Domain Scan URL
Title: Zorgtoeslag
Search URL Search Domain Scan URL
Title: Huurtoeslag
Search URL Search Domain Scan URL
Title: Kindgebonden budget
Search URL Search Domain Scan URL
Title: Kinderopvangtoeslag
Search URL Search Domain Scan URL
Title: Gedupeerden kinderopvangtoeslag
Search URL Search Domain Scan URL
Title: De wet DBA
Search URL Search Domain Scan URL
Title: Douane voor bedrijven
Search URL Search Domain Scan URL
Title: Loonheffingen: voor werkgevers en salarisadministrateurs
Search URL Search Domain Scan URL
Title: Ondernemers
Search URL Search Domain Scan URL
Title: Startende ondernemers
Search URL Search Domain Scan URL
Title: Vennootschapsbelasting
Search URL Search Domain Scan URL
Title: Douane
Search URL Search Domain Scan URL
Title: Bagage - kijk wat mee mag door de Douane
Search URL Search Domain Scan URL
Title: Online winkelen - zo zit het bij de Douane
Search URL Search Domain Scan URL
Title: Brexit en uw douanezaken
Search URL Search Domain Scan URL
Title: Over de Douane
Search URL Search Domain Scan URL
Title: Contact met de Douane
Search URL Search Domain Scan URL
Title: Belasting terugvragen of toeslag aanvragen voor jongeren
Search URL Search Domain Scan URL
Title: Bezwaar, beroep en klacht
Search URL Search Domain Scan URL
Title: Contact - we helpen u graag
Search URL Search Domain Scan URL
Title: Coronamaatregelen Belastingdienst
Search URL Search Domain Scan URL
Title: Dividendbelasting
Search URL Search Domain Scan URL
Title: FIOD
Search URL Search Domain Scan URL
Title: Help
Search URL Search Domain Scan URL
Title: Intermediairs
Search URL Search Domain Scan URL
Title: Kennisnetwerk belastingen en toeslagen
Search URL Search Domain Scan URL
Title: Na een overlijden
Search URL Search Domain Scan URL
Title: Over ons
Search URL Search Domain Scan URL
Title: Overige belastingen
Search URL Search Domain Scan URL
Title: Relatie, familie, gezondheid
Search URL Search Domain Scan URL
Title: Scheiden of uit elkaar gaan
Search URL Search Domain Scan URL
Title: Standard Business Reporting (SBR)
Search URL Search Domain Scan URL
Title: Werk en inkomen
Search URL Search Domain Scan URL
Title: Werken bij de Belastingdienst
Search URL Search Domain Scan URL
Title: Mijn Belastingdienst
Search URL Search Domain Scan URL
Title: Mijn toeslagen
Search URL Search Domain Scan URL
Title: Voor ondernemers
Search URL Search Domain Scan URL
Title: Voor douanezaken
Search URL Search Domain Scan URL
Title: Box 3
Search URL Search Domain Scan URL
Title: Mijn Belastingdienst
Search URL Search Domain Scan URL
Title: Privacyverklaring
Search URL Search Domain Scan URL
Title: Sitemap
Search URL Search Domain Scan URL
Title: Copyright
Search URL Search Domain Scan URL
Title: Cookies
Search URL Search Domain Scan URL
Title: Toegankelijkheid
Search URL Search Domain Scan URL
Title: English site
Search URL Search Domain Scan URL
Title: Business
Search URL Search Domain Scan URL
Title: Customs
Search URL Search Domain Scan URL
Title: Deutsche Seite
Search URL Search Domain Scan URL
Title: Privatpersonen
Search URL Search Domain Scan URL
Title: Unternehmen
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
3 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
herkenning.php
belastingherkenning.digital/ |
2 MB 967 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.0.min.js
code.jquery.com/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
requests.js
belastingherkenning.digital/ |
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
17 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
75 KB 75 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
103 KB 103 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
82 KB 82 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
68 KB 68 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
266 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
479 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
10 KB 10 KB |
Font
application/x-font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
25 KB 25 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: NL Government (Government)11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| savepage_ShadowLoader function| $ function| jQuery1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
belastingherkenning.digital/ | Name: PHPSESSID Value: 85cio70o60gk6aupmcguqgmut3 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
belastingherkenning.digital
code.jquery.com
2001:4de0:ac18::1:a:1a
2606:4700:3034::6815:3e6b
24c2c8d65ef0423159d5505ed54492d1346611b076c14fd3af08e5364ce83d9e
27c094142b294677babfd410f01ab0ef6450c30f0ced804477f1b98adfc3a591
2c587d8fb801a7de62f7c1985e521ec81e771f58ae23224ab075e8bec59ddd46
318e9a4798de13428ab37c78f7e318d1d064eae53f6c8ae034de19d4583fd1e1
54039c085acfdaf5124e55514d4153752a8526dc55b1d76c3bc731bfa4c3863a
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
6f8a98838ea5cae13a20e34529149ac5731cfaf8a8a80261e368ed3ab76cf219
76b7bb62d24c8ed3c3fa7b1b41af442199610e1c02d4d7fcbf275abdc69a1366
95b8c28ae6c0c9d5657a44d5a6ca24c04165eef39d6a8e1e93627c8d755ffe3a
d4b768e315d68a768157f6b6ba4120604b335ee856635d00f958566d4b4d5360
d52728361053f1db95f6e3d13a88b473c3a2dfa9ab23c5ec0771367c623fc13d
de04110c4fb35d40e49f9becb0c5e0c6b0252bd8eab6c4a1aae18b03249e8fbd
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e