eherkenning.verificatie-nl-24.ru Open in urlscan Pro
176.124.209.176 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://spacesit.gxlrocket9-9.ru/03/digitaal3.php
Effective URL:
https://eherkenning.verificatie-nl-24.ru/xx/digid.php
Submission: On September 05 via manual (September 5th 2022, 11:04:42 am UTC) from NL — Scanned from NL

Summary HTTP 22 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 22 HTTP transactions. The main IP is 176.124.209.176, located in Netherlands and belongs to VDSINA-NL, RU. The main domain is eherkenning.verificatie-nl-24.ru.
TLS certificate: Issued by R3 on September 5th 2022. Valid for: 3 months.

This is the only time eherkenning.verificatie-nl-24.ru was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: NL Government (Government)

Domain & IP information

	IP Address	AS Autonomous System
1 13	176.124.209.176 176.124.209.176	207651 (VDSINA-NL) (VDSINA-NL)
8	2a04:9a00:101... 2a04:9a00:1010:1900::a	212157 (LOGIUS-AZ-1) (LOGIUS-AZ-1)
22	3

13 176.124.209.176 (Netherlands) 1 redirects

ASN207651 (VDSINA-NL, RU)
PTR: v1361902.hosted-by-vdsina.ru

spacesit.gxlrocket9-9.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eherkenning.verificatie-nl-24.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a04:9a00:1010:1900::a (Netherlands)

ASN212157 (LOGIUS-AZ-1, NL)

digid.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	verificatie-nl-24.ru eherkenning.verificatie-nl-24.ru	90 KB
8	digid.nl digid.nl — Cisco Umbrella Rank: 135051	50 KB
1	gxlrocket9-9.ru 1 redirects spacesit.gxlrocket9-9.ru	238 B
22	3

	Domain	Requested by
12	eherkenning.verificatie-nl-24.ru	eherkenning.verificatie-nl-24.ru
8	digid.nl	eherkenning.verificatie-nl-24.ru digid.nl
1	spacesit.gxlrocket9-9.ru	1 redirects
22	3

This site contains links to these domains. Also see Links.

Domain
www.digid.nl
bunq.com
handelsbanken.nl

Subject Issuer	Validity	Valid
eherkenning.verificatie-nl-24.ru R3	`2022-09-05` - `2022-12-04`	3 months	crt.sh
digid.nl KPN PKIoverheid Server CA 2020	`2021-12-01` - `2022-12-01`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://eherkenning.verificatie-nl-24.ru/xx/digid.php
Frame ID: 0FDBE2E3B6FD326CB2376DB989EA1D4E
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DigiD: Inloggen | Keuze

Page URL History Show full URLs

https://spacesit.gxlrocket9-9.ru/03/digitaal3.php HTTP 302
https://eherkenning.verificatie-nl-24.ru/xx/digid.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

22
Requests

91 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

140 kB
Transfer

193 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.digid.nl/

Search URL Search Domain Scan URL

URL: https://bunq.com/404
Title: | BUNQ

Search URL Search Domain Scan URL

URL: https://handelsbanken.nl/404
Title: | Handelsbanken

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://spacesit.gxlrocket9-9.ru/03/digitaal3.php HTTP 302
https://eherkenning.verificatie-nl-24.ru/xx/digid.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request digid.php Show response
eherkenning.verificatie-nl-24.ru/xx/
Redirect Chain

https://spacesit.gxlrocket9-9.ru/03/digitaal3.php
https://eherkenning.verificatie-nl-24.ru/xx/digid.php

8 KB
3 KB

248ms
33ms

Document
text/html

176.124.209.176
VDSINA-NL

General

Check archive.org

Show headers Download Go to

Full URL: https://eherkenning.verificatie-nl-24.ru/xx/digid.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.124.209.176 , Netherlands, ASN207651 (VDSINA-NL, RU),
Reverse DNS: v1361902.hosted-by-vdsina.ru
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1ca16abb316ab890b1f07bcba2402fc615694453f07b6477ec0700061cdfd95f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2804
Content-Type: text/html; charset=UTF-8
Date: Mon, 05 Sep 2022 11:04:38 GMT
Server: nginx/1.10.3 (Ubuntu)
Vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Mon, 05 Sep 2022 11:04:37 GMT
Location: https://eherkenning.verificatie-nl-24.ru/xx/digid.php
Server: nginx/1.10.3 (Ubuntu)

GET
H/1.1 200
OK application-f49816c7fb6dc24d3dedfb82291ed531e11b85e005fa2daa4b85c1adc9870062.css
digid.nl/assets/ 70 KB
17 KB 72ms
28ms Stylesheet
text/css 2a04:9a00:1010:1900::a
LOGIUS-AZ-1

General

Check archive.org

Show headers Download Go to

Full URL

https://digid.nl/assets/application-f49816c7fb6dc24d3dedfb82291ed531e11b85e005fa2daa4b85c1adc9870062.css

Requested by

Host: eherkenning.verificatie-nl-24.ru
URL: https://eherkenning.verificatie-nl-24.ru/xx/digid.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a04:9a00:1010:1900::a , Netherlands, ASN212157 (LOGIUS-AZ-1, NL),

Reverse DNS

Software

Resource Hash

ff687457b06c3f6793f6bbda956b7471e0a43d1dda5569f1f4dc2b7ca2348aaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eherkenning.verificatie-nl-24.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Content-Encoding: gzip
Last-Modified: Tue, 02 Aug 2022 13:02:41 GMT
Age: 39412
Date: Mon, 05 Sep 2022 11:04:38 GMT
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public
Permissions-Policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=()
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 16231
Expires: Mon, 05 Sep 2022 12:04:38 GMT

GET
H/1.1 404
Not Found piwik-88b8824a5f55a9bb5be3b1e48b0fe9e314196870c10116491a478817ac781065.js
digid.nl/assets/ 0
0 64ms
20ms Script
text/html 2a04:9a00:1010:1900::a
LOGIUS-AZ-1

General

Check archive.org

Show headers Download Go to

Full URL: https://digid.nl/assets/piwik-88b8824a5f55a9bb5be3b1e48b0fe9e314196870c10116491a478817ac781065.js
Requested by: Host: eherkenning.verificatie-nl-24.ru
URL: https://eherkenning.verificatie-nl-24.ru/xx/digid.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:9a00:1010:1900::a , Netherlands, ASN212157 (LOGIUS-AZ-1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eherkenning.verificatie-nl-24.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H/1.1 404
Not Found piwik-88b8824a5f55a9bb5be3b1e48b0fe9e314196870c10116491a478817ac781065.js
eherkenning.verificatie-nl-24.ru/assets/ 0
0 29ms
29ms Script
text/html 176.124.209.176
VDSINA-NL

General

Check archive.org

Show headers Download Go to

Full URL: https://eherkenning.verificatie-nl-24.ru/assets/piwik-88b8824a5f55a9bb5be3b1e48b0fe9e314196870c10116491a478817ac781065.js
Requested by: Host: eherkenning.verificatie-nl-24.ru
URL: https://eherkenning.verificatie-nl-24.ru/xx/digid.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.124.209.176 , Netherlands, ASN207651 (VDSINA-NL, RU),
Reverse DNS: v1361902.hosted-by-vdsina.ru
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eherkenning.verificatie-nl-24.ru/xx/digid.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 05 Sep 2022 11:04:38 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found constants_nl-7fd3f4291ae652e54567a77f6001b7eed0cee0494fb1f77d362d38bf097cfa11.js
eherkenning.verificatie-nl-24.ru/assets/ 0
0 33ms
32ms Script
text/html 176.124.209.176
VDSINA-NL

General

Check archive.org

Show headers Download Go to

Full URL: https://eherkenning.verificatie-nl-24.ru/assets/constants_nl-7fd3f4291ae652e54567a77f6001b7eed0cee0494fb1f77d362d38bf097cfa11.js
Requested by: Host: eherkenning.verificatie-nl-24.ru
URL: https://eherkenning.verificatie-nl-24.ru/xx/digid.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.124.209.176 , Netherlands, ASN207651 (VDSINA-NL, RU),
Reverse DNS: v1361902.hosted-by-vdsina.ru
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eherkenning.verificatie-nl-24.ru/xx/digid.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 05 Sep 2022 11:04:38 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found application-2bf67cd1a8c2c1febbee201adac040faf651fbdc586bcb7e2f7c2f233f5ec167.js
digid.nl/assets/ 0
0 63ms
20ms Script
text/html 2a04:9a00:1010:1900::a
LOGIUS-AZ-1

General

Check archive.org

Show headers Download Go to

Full URL: https://digid.nl/assets/application-2bf67cd1a8c2c1febbee201adac040faf651fbdc586bcb7e2f7c2f233f5ec167.js
Requested by: Host: eherkenning.verificatie-nl-24.ru
URL: https://eherkenning.verificatie-nl-24.ru/xx/digid.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:9a00:1010:1900::a , Netherlands, ASN212157 (LOGIUS-AZ-1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eherkenning.verificatie-nl-24.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H/1.1 200
OK RO_DigiD_Logo_Homepage-98037d2a69f1bbe535478420a93e0ed9d1888c4f956e6994fbb1f58b2a258910.svg
digid.nl/assets/ 21 KB
22 KB 15ms
14ms Image
image/svg+xml 2a04:9a00:1010:1900::a
LOGIUS-AZ-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://digid.nl/assets/RO_DigiD_Logo_Homepage-98037d2a69f1bbe535478420a93e0ed9d1888c4f956e6994fbb1f58b2a258910.svg

Requested by

Host: eherkenning.verificatie-nl-24.ru
URL: https://eherkenning.verificatie-nl-24.ru/xx/digid.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a04:9a00:1010:1900::a , Netherlands, ASN212157 (LOGIUS-AZ-1, NL),

Reverse DNS

Software

Resource Hash

345fece8164e7c89abdcac29f20c438ca6b74414af1373642da630abd862da97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eherkenning.verificatie-nl-24.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Last-Modified: Tue, 02 Aug 2022 13:02:41 GMT
Age: 39419
Date: Mon, 05 Sep 2022 11:04:38 GMT
Content-Type: image/svg+xml
Cache-Control: max-age=315360000, public
Permissions-Policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=()
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 21493
Expires: Thu, 02 Sep 2032 00:07:40 GMT

GET
H/1.1 404
Not Found digid_eo_rgb-55f1daa50e8a463ddb0718ad1781c22195c16d3bfee3535b1df04fed763f488a.svg
digid.nl/assets/ 0
0 35ms
21ms Image
text/html 2a04:9a00:1010:1900::a
LOGIUS-AZ-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://digid.nl/assets/digid_eo_rgb-55f1daa50e8a463ddb0718ad1781c22195c16d3bfee3535b1df04fed763f488a.svg
Requested by: Host: eherkenning.verificatie-nl-24.ru
URL: https://eherkenning.verificatie-nl-24.ru/xx/digid.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:9a00:1010:1900::a , Netherlands, ASN212157 (LOGIUS-AZ-1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eherkenning.verificatie-nl-24.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H/1.1 200
OK digid_eo_rgb-820f0a1b9037b16f4b73778ea7a4582aff3eaa9eb13ae88c7e49f9a00cef7678.svg
digid.nl/assets/ 2 KB
2 KB 60ms
16ms Image
image/svg+xml 2a04:9a00:1010:1900::a
LOGIUS-AZ-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://digid.nl/assets/digid_eo_rgb-820f0a1b9037b16f4b73778ea7a4582aff3eaa9eb13ae88c7e49f9a00cef7678.svg

Requested by

Host: eherkenning.verificatie-nl-24.ru
URL: https://eherkenning.verificatie-nl-24.ru/xx/digid.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a04:9a00:1010:1900::a , Netherlands, ASN212157 (LOGIUS-AZ-1, NL),

Reverse DNS

Software

Resource Hash

55f1daa50e8a463ddb0718ad1781c22195c16d3bfee3535b1df04fed763f488a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eherkenning.verificatie-nl-24.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Last-Modified: Tue, 02 Aug 2022 13:02:41 GMT
Age: 39412
Date: Mon, 05 Sep 2022 11:04:38 GMT
Content-Type: image/svg+xml
Cache-Control: max-age=315360000, public
Permissions-Policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=()
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1594
Expires: Thu, 02 Sep 2032 00:07:47 GMT

GET
H/1.1 200
OK ing.png
eherkenning.verificatie-nl-24.ru/xx/ICON/ 19 KB
19 KB 103ms
33ms Image
image/png 176.124.209.176
VDSINA-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eherkenning.verificatie-nl-24.ru/xx/ICON/ing.png
Requested by: Host: eherkenning.verificatie-nl-24.ru
URL: https://eherkenning.verificatie-nl-24.ru/xx/digid.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.124.209.176 , Netherlands, ASN207651 (VDSINA-NL, RU),
Reverse DNS: v1361902.hosted-by-vdsina.ru
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: de6e8372a5c558a867da246aec5da3f8784235539fb44b7820e80c3a5238b55f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eherkenning.verificatie-nl-24.ru/xx/digid.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 05 Sep 2022 11:04:38 GMT
Last-Modified: Sun, 19 Apr 2020 02:40:06 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "4a7f-5a39bb33e0d80"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19071

GET
H/1.1 200
OK abnamro.png
eherkenning.verificatie-nl-24.ru/xx/ICON/ 4 KB
4 KB 109ms
37ms Image
image/png 176.124.209.176
VDSINA-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eherkenning.verificatie-nl-24.ru/xx/ICON/abnamro.png
Requested by: Host: eherkenning.verificatie-nl-24.ru
URL: https://eherkenning.verificatie-nl-24.ru/xx/digid.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.124.209.176 , Netherlands, ASN207651 (VDSINA-NL, RU),
Reverse DNS: v1361902.hosted-by-vdsina.ru
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 0929ae9ee710499eaed79da1ce885212a853924f71e17ab61affd71e942c9aab

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eherkenning.verificatie-nl-24.ru/xx/digid.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 05 Sep 2022 11:04:38 GMT
Last-Modified: Wed, 15 Apr 2020 17:45:02 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "feb-5a357e02bc380"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4075

GET
H/1.1 200
OK rabobank.png
eherkenning.verificatie-nl-24.ru/xx/ICON/ 8 KB
8 KB 111ms
38ms Image
image/png 176.124.209.176
VDSINA-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eherkenning.verificatie-nl-24.ru/xx/ICON/rabobank.png
Requested by: Host: eherkenning.verificatie-nl-24.ru
URL: https://eherkenning.verificatie-nl-24.ru/xx/digid.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.124.209.176 , Netherlands, ASN207651 (VDSINA-NL, RU),
Reverse DNS: v1361902.hosted-by-vdsina.ru
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 0c2f68cbfad4836ed49e9ada48383b08218c93d8fbf199dcd71001d8ddc7d104

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eherkenning.verificatie-nl-24.ru/xx/digid.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 05 Sep 2022 11:04:38 GMT
Last-Modified: Wed, 15 Apr 2020 17:49:02 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "209e-5a357ee79df80"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8350

GET
H/1.1 200
OK sns.png
eherkenning.verificatie-nl-24.ru/xx/ICON/ 6 KB
6 KB 119ms
29ms Image
image/png 176.124.209.176
VDSINA-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eherkenning.verificatie-nl-24.ru/xx/ICON/sns.png
Requested by: Host: eherkenning.verificatie-nl-24.ru
URL: https://eherkenning.verificatie-nl-24.ru/xx/digid.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.124.209.176 , Netherlands, ASN207651 (VDSINA-NL, RU),
Reverse DNS: v1361902.hosted-by-vdsina.ru
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: d502bc9291a1bbb701057d61bd23f9910cb265fc14e1c5e4f29b6de0f21e7852

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eherkenning.verificatie-nl-24.ru/xx/digid.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 05 Sep 2022 11:04:38 GMT
Last-Modified: Wed, 15 Apr 2020 17:50:36 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "1763-5a357f4143300"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5987

GET
H/1.1 200
OK asn.png
eherkenning.verificatie-nl-24.ru/xx/ICON/ 3 KB
4 KB 129ms
29ms Image
image/png 176.124.209.176
VDSINA-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eherkenning.verificatie-nl-24.ru/xx/ICON/asn.png
Requested by: Host: eherkenning.verificatie-nl-24.ru
URL: https://eherkenning.verificatie-nl-24.ru/xx/digid.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.124.209.176 , Netherlands, ASN207651 (VDSINA-NL, RU),
Reverse DNS: v1361902.hosted-by-vdsina.ru
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: c3c7bae7e5e599fb3a7d97811e6ac893b0fcb44d421a867fd9dea28a6bb216ab

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eherkenning.verificatie-nl-24.ru/xx/digid.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 05 Sep 2022 11:04:38 GMT
Last-Modified: Wed, 15 Apr 2020 17:50:56 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "d3e-5a357f5456000"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3390

GET
H/1.1 200
OK rg.png
eherkenning.verificatie-nl-24.ru/xx/ICON/ 19 KB
19 KB 51ms
45ms Image
image/png 176.124.209.176
VDSINA-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eherkenning.verificatie-nl-24.ru/xx/ICON/rg.png
Requested by: Host: eherkenning.verificatie-nl-24.ru
URL: https://eherkenning.verificatie-nl-24.ru/xx/digid.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.124.209.176 , Netherlands, ASN207651 (VDSINA-NL, RU),
Reverse DNS: v1361902.hosted-by-vdsina.ru
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 62b52a7b9341d585ed13dda445aeb31c4929563166812690ba7c8a96ec1a400c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eherkenning.verificatie-nl-24.ru/xx/digid.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 05 Sep 2022 11:04:38 GMT
Last-Modified: Wed, 15 Apr 2020 17:51:50 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "4a5c-5a357f87d5980"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19036

GET
H/1.1 200
OK bunq.png
eherkenning.verificatie-nl-24.ru/xx/ICON/ 2 KB
2 KB 74ms
30ms Image
image/png 176.124.209.176
VDSINA-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eherkenning.verificatie-nl-24.ru/xx/ICON/bunq.png
Requested by: Host: eherkenning.verificatie-nl-24.ru
URL: https://eherkenning.verificatie-nl-24.ru/xx/digid.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.124.209.176 , Netherlands, ASN207651 (VDSINA-NL, RU),
Reverse DNS: v1361902.hosted-by-vdsina.ru
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: a784d60c5d83fa1221a4707544f3687383e2b205984aac835557a6f1a58ca602

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eherkenning.verificatie-nl-24.ru/xx/digid.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 05 Sep 2022 11:04:38 GMT
Last-Modified: Wed, 15 Apr 2020 17:52:32 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "6ea-5a357fafe3800"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1770

GET
H/1.1 200
OK hb.png
eherkenning.verificatie-nl-24.ru/xx/ICON/ 6 KB
6 KB 81ms
32ms Image
image/png 176.124.209.176
VDSINA-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eherkenning.verificatie-nl-24.ru/xx/ICON/hb.png
Requested by: Host: eherkenning.verificatie-nl-24.ru
URL: https://eherkenning.verificatie-nl-24.ru/xx/digid.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.124.209.176 , Netherlands, ASN207651 (VDSINA-NL, RU),
Reverse DNS: v1361902.hosted-by-vdsina.ru
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: c11e3ee15321fd30bcff4fcb0570b0ba2f881715b1ed14fda58669cbf1f4c974

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eherkenning.verificatie-nl-24.ru/xx/digid.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 05 Sep 2022 11:04:38 GMT
Last-Modified: Wed, 15 Apr 2020 17:53:08 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "179c-5a357fd238900"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6044

GET
H/1.1 200
OK triodos.png
eherkenning.verificatie-nl-24.ru/xx/ICON/ 19 KB
19 KB 96ms
47ms Image
image/png 176.124.209.176
VDSINA-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eherkenning.verificatie-nl-24.ru/xx/ICON/triodos.png
Requested by: Host: eherkenning.verificatie-nl-24.ru
URL: https://eherkenning.verificatie-nl-24.ru/xx/digid.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.124.209.176 , Netherlands, ASN207651 (VDSINA-NL, RU),
Reverse DNS: v1361902.hosted-by-vdsina.ru
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 7c8a4f08d19f6d1f364c09b57812425453df476baabf2ec78246d7bc1332e23b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eherkenning.verificatie-nl-24.ru/xx/digid.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 05 Sep 2022 11:04:38 GMT
Last-Modified: Sun, 19 Apr 2020 02:41:20 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: "4b93-5a39bb7a73400"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19347

GET
H/1.1 200
OK info-e5687a8b80df873eacd364f749fb8d7be0dff8c6c9541db9edbf3aa117d8b2ce.svg
digid.nl/assets/ 3 KB
4 KB 59ms
16ms Image
image/svg+xml 2a04:9a00:1010:1900::a
LOGIUS-AZ-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://digid.nl/assets/info-e5687a8b80df873eacd364f749fb8d7be0dff8c6c9541db9edbf3aa117d8b2ce.svg

Requested by

Host: digid.nl
URL: https://digid.nl/assets/application-f49816c7fb6dc24d3dedfb82291ed531e11b85e005fa2daa4b85c1adc9870062.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a04:9a00:1010:1900::a , Netherlands, ASN212157 (LOGIUS-AZ-1, NL),

Reverse DNS

Software

Resource Hash

b2f7f0f4cba483d416e7dfa44d4dd8b9c3c610953c0f4a5f70a2d6d2f34769fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://digid.nl/assets/application-f49816c7fb6dc24d3dedfb82291ed531e11b85e005fa2daa4b85c1adc9870062.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Last-Modified: Tue, 02 Aug 2022 13:02:41 GMT
Age: 38911
Date: Mon, 05 Sep 2022 11:04:38 GMT
Content-Type: image/svg+xml
Cache-Control: max-age=315360000, public
Permissions-Policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=()
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 2843
Expires: Thu, 02 Sep 2032 00:16:08 GMT

GET
H/1.1 200
OK app-74090d25235891e5322db099866ee4c62e750c56d154f78ab6bcec2569fcf02f.svg
digid.nl/assets/tiles/ 5 KB
5 KB 50ms
18ms Image
image/svg+xml 2a04:9a00:1010:1900::a
LOGIUS-AZ-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://digid.nl/assets/tiles/app-74090d25235891e5322db099866ee4c62e750c56d154f78ab6bcec2569fcf02f.svg

Requested by

Host: digid.nl
URL: https://digid.nl/assets/application-f49816c7fb6dc24d3dedfb82291ed531e11b85e005fa2daa4b85c1adc9870062.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a04:9a00:1010:1900::a , Netherlands, ASN212157 (LOGIUS-AZ-1, NL),

Reverse DNS

Software

Resource Hash

6ff8ab98a6bd136e396d2dd79e22b9171438438070787e355db6974bcbc53085

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://digid.nl/assets/application-f49816c7fb6dc24d3dedfb82291ed531e11b85e005fa2daa4b85c1adc9870062.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Last-Modified: Tue, 02 Aug 2022 13:02:41 GMT
Age: 39411
Date: Mon, 05 Sep 2022 11:04:38 GMT
Content-Type: image/svg+xml
Cache-Control: max-age=315360000, public
Permissions-Policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=()
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 4615
Expires: Thu, 02 Sep 2032 00:07:48 GMT

GET ROsanswebtextregular-7b2f7cc90ece83a09f4eb3f53cf7b444ffab68fb73879c83aaa6062c1579d449.woff
digid.nl/assets/ 0
0

GET ROsanswebtextbold-73535d8657b9e96989dcd694be87b32b0b4d0c1a03d37b065cbf293c93cbe01d.woff
digid.nl/assets/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: digid.nl
URL: https://digid.nl/assets/ROsanswebtextregular-7b2f7cc90ece83a09f4eb3f53cf7b444ffab68fb73879c83aaa6062c1579d449.woff

Domain: digid.nl
URL: https://digid.nl/assets/ROsanswebtextbold-73535d8657b9e96989dcd694be87b32b0b4d0c1a03d37b065cbf293c93cbe01d.woff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: NL Government (Government)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://eherkenning.verificatie-nl-24.ru/assets/constants_nl-7fd3f4291ae652e54567a77f6001b7eed0cee0494fb1f77d362d38bf097cfa11.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://digid.nl/assets/application-2bf67cd1a8c2c1febbee201adac040faf651fbdc586bcb7e2f7c2f233f5ec167.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://digid.nl/assets/piwik-88b8824a5f55a9bb5be3b1e48b0fe9e314196870c10116491a478817ac781065.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://eherkenning.verificatie-nl-24.ru/assets/piwik-88b8824a5f55a9bb5be3b1e48b0fe9e314196870c10116491a478817ac781065.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://digid.nl/assets/digid_eo_rgb-55f1daa50e8a463ddb0718ad1781c22195c16d3bfee3535b1df04fed763f488a.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	error	URL: https://eherkenning.verificatie-nl-24.ru/xx/digid.php Message: Access to font at 'https://digid.nl/assets/ROsanswebtextregular-7b2f7cc90ece83a09f4eb3f53cf7b444ffab68fb73879c83aaa6062c1579d449.woff' from origin 'https://eherkenning.verificatie-nl-24.ru' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://digid.nl/assets/ROsanswebtextregular-7b2f7cc90ece83a09f4eb3f53cf7b444ffab68fb73879c83aaa6062c1579d449.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://eherkenning.verificatie-nl-24.ru/xx/digid.php Message: Access to font at 'https://digid.nl/assets/ROsanswebtextbold-73535d8657b9e96989dcd694be87b32b0b4d0c1a03d37b065cbf293c93cbe01d.woff' from origin 'https://eherkenning.verificatie-nl-24.ru' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://digid.nl/assets/ROsanswebtextbold-73535d8657b9e96989dcd694be87b32b0b4d0c1a03d37b065cbf293c93cbe01d.woff Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

digid.nl
eherkenning.verificatie-nl-24.ru
spacesit.gxlrocket9-9.ru
digid.nl
176.124.209.176
2a04:9a00:1010:1900::a
0929ae9ee710499eaed79da1ce885212a853924f71e17ab61affd71e942c9aab
0c2f68cbfad4836ed49e9ada48383b08218c93d8fbf199dcd71001d8ddc7d104
1ca16abb316ab890b1f07bcba2402fc615694453f07b6477ec0700061cdfd95f
345fece8164e7c89abdcac29f20c438ca6b74414af1373642da630abd862da97
55f1daa50e8a463ddb0718ad1781c22195c16d3bfee3535b1df04fed763f488a
62b52a7b9341d585ed13dda445aeb31c4929563166812690ba7c8a96ec1a400c
6ff8ab98a6bd136e396d2dd79e22b9171438438070787e355db6974bcbc53085
7c8a4f08d19f6d1f364c09b57812425453df476baabf2ec78246d7bc1332e23b
a784d60c5d83fa1221a4707544f3687383e2b205984aac835557a6f1a58ca602
b2f7f0f4cba483d416e7dfa44d4dd8b9c3c610953c0f4a5f70a2d6d2f34769fa
c11e3ee15321fd30bcff4fcb0570b0ba2f881715b1ed14fda58669cbf1f4c974
c3c7bae7e5e599fb3a7d97811e6ac893b0fcb44d421a867fd9dea28a6bb216ab
d502bc9291a1bbb701057d61bd23f9910cb265fc14e1c5e4f29b6de0f21e7852
de6e8372a5c558a867da246aec5da3f8784235539fb44b7820e80c3a5238b55f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ff687457b06c3f6793f6bbda956b7471e0a43d1dda5569f1f4dc2b7ca2348aaa

eherkenning.verificatie-nl-24.ru Open in urlscan Pro 176.124.209.176 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

91 %HTTPS

50 %IPv6

3 Domains

3 Subdomains

3 IPs

1 Countries

140 kBTransfer

193 kBSize

0 Cookies

3 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

10 JavaScript Global Variables

0 Cookies

9 Console Messages

Indicators

eherkenning.verificatie-nl-24.ru Open in urlscan Pro
176.124.209.176 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

91 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

140 kB
Transfer

193 kB
Size

0
Cookies

22 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!