uitstaand-bedrag.com
Open in
urlscan Pro
193.143.1.14
Malicious Activity!
Public Scan
Effective URL: https://uitstaand-bedrag.com/
Submission Tags: @phish_report
Submission: On September 24 via api from FI — Scanned from FI
Summary
TLS certificate: Issued by R10 on September 20th 2024. Valid for: 3 months.
This is the only time uitstaand-bedrag.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: NL Government (Government)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 193.143.1.14 193.143.1.14 | 198953 (PROTON66) (PROTON66) | |
1 | 2a04:9a01:100... 2a04:9a01:1002::33 | 34663 (ASBELASTI...) (ASBELASTINGDIENST) | |
2 2 | 2a00:1450:400... 2a00:1450:4001:831::2001 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:812::2004 | 15169 (GOOGLE) (GOOGLE) | |
5 | 4 |
ASN15169 (GOOGLE, US)
s2.googleusercontent.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
gstatic.com
t0.gstatic.com |
960 B |
2 |
googleusercontent.com
2 redirects
s2.googleusercontent.com — Cisco Umbrella Rank: 25085 |
644 B |
2 |
uitstaand-bedrag.com
uitstaand-bedrag.com |
915 KB |
1 |
belastingdienst.nl
www.belastingdienst.nl — Cisco Umbrella Rank: 307411 |
19 KB |
5 | 4 |
Domain | Requested by | |
---|---|---|
2 | t0.gstatic.com | |
2 | s2.googleusercontent.com | 2 redirects |
2 | uitstaand-bedrag.com |
uitstaand-bedrag.com
|
1 | www.belastingdienst.nl |
uitstaand-bedrag.com
|
5 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.cjib.nl |
www.facebook.com |
twitter.com |
www.linkedin.com |
api.whatsapp.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.uitstaand-bedrag.com R10 |
2024-09-20 - 2024-12-19 |
3 months | crt.sh |
www.belastingdienst.nl DigiCert G2 TLS EU RSA4096 SHA384 2022 CA1 |
2024-05-02 - 2025-05-01 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://uitstaand-bedrag.com/
Frame ID: 91AE3A1220EEB95DA7A87DF2A93C0664
Requests: 17 HTTP requests in this frame
Screenshot
Page Title
Belastingdienst NederlandPage URL History Show full URLs
-
http://uitstaand-bedrag.com/
HTTP 307
https://uitstaand-bedrag.com/ Page URL
Page Statistics
54 Outgoing links
These are links going to different origins than the main page.
Title: Home
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Contact
Search URL Search Domain Scan URL
Title: Cookies
Search URL Search Domain Scan URL
Title: Persoonsgegevens
Search URL Search Domain Scan URL
Title: Proclaimer
Search URL Search Domain Scan URL
Title: Archief
Search URL Search Domain Scan URL
Title: Sitemap
Search URL Search Domain Scan URL
Title: Kwetsbaarheid melden
Search URL Search Domain Scan URL
Title: Toegankelijkheid
Search URL Search Domain Scan URL
Title: Nederlands (BE)
Search URL Search Domain Scan URL
Title: Čeština
Search URL Search Domain Scan URL
Title: Dansk
Search URL Search Domain Scan URL
Title: Deutsch
Search URL Search Domain Scan URL
Title: Eesti keel
Search URL Search Domain Scan URL
Title: English
Search URL Search Domain Scan URL
Title: Español
Search URL Search Domain Scan URL
Title: Ελληνικά
Search URL Search Domain Scan URL
Title: Français
Search URL Search Domain Scan URL
Title: Hrvatski
Search URL Search Domain Scan URL
Title: Italiano
Search URL Search Domain Scan URL
Title: Latviešu valoda
Search URL Search Domain Scan URL
Title: Lietuvių
Search URL Search Domain Scan URL
Title: Magyar
Search URL Search Domain Scan URL
Title: Polski
Search URL Search Domain Scan URL
Title: Português
Search URL Search Domain Scan URL
Title: Română
Search URL Search Domain Scan URL
Title: Slovenčina
Search URL Search Domain Scan URL
Title: Slovenščina
Search URL Search Domain Scan URL
Title: Suomi
Search URL Search Domain Scan URL
Title: Svenska
Search URL Search Domain Scan URL
Title: Verkeersboete
Search URL Search Domain Scan URL
Title: Premies voor uw zorgverzekering
Search URL Search Domain Scan URL
Title: Strafbeschikking
Search URL Search Domain Scan URL
Title: Boete opgelegd door de rechter
Search URL Search Domain Scan URL
Title: Schadevergoeding
Search URL Search Domain Scan URL
Title: Ontnemingsmaatregel
Search URL Search Domain Scan URL
Title: Europese boete
Search URL Search Domain Scan URL
Title: Legesveroordeling Huurcommissie
Search URL Search Domain Scan URL
Title: Transactievoorstel
Search URL Search Domain Scan URL
Title: Overheidsincasso
Search URL Search Domain Scan URL
Title: Bestuurlijke boete
Search URL Search Domain Scan URL
Title: Opgeven bestuurder
Search URL Search Domain Scan URL
Title: Dwangsom
Search URL Search Domain Scan URL
Title: Kosten bestuursdwang
Search URL Search Domain Scan URL
Title: Maatregel kostenverhaal
Search URL Search Domain Scan URL
Title: Bestuurlijke boete
Search URL Search Domain Scan URL
Title: Verhuurderbijdrage
Search URL Search Domain Scan URL
Title: Dwangsom
Search URL Search Domain Scan URL
Title: Legesveroordeling Huurcommissie
Search URL Search Domain Scan URL
Title: Kosten bestuursdwang
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://uitstaand-bedrag.com/
HTTP 307
https://uitstaand-bedrag.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 14- https://s2.googleusercontent.com/s2/favicons?domain=belastingdienst.nl&sz=32 HTTP 301
- https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://belastingdienst.nl&size=32
- https://s2.googleusercontent.com/s2/favicons?domain=belastingdienst.nl&sz=32 HTTP 301
- https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://belastingdienst.nl&size=32
5 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
uitstaand-bedrag.com/ Redirect Chain
|
3 MB 865 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bld_logo.svg
www.belastingdienst.nl/bld-assets/bld/rhslogos/ |
17 KB 19 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
29 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
325 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
75 KB 75 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
68 KB 68 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
82 KB 82 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ideal-logo-1024.png
uitstaand-bedrag.com/www.ideal.nl/img/logo/ |
51 KB 51 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
673 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
847 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
686 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
faviconV2
t0.gstatic.com/ Redirect Chain
|
399 B 960 B |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
faviconV2
t0.gstatic.com/ Redirect Chain
|
399 B 0 |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: NL Government (Government)1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| savepage_ShadowLoader0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
s2.googleusercontent.com
t0.gstatic.com
uitstaand-bedrag.com
www.belastingdienst.nl
193.143.1.14
2a00:1450:4001:812::2004
2a00:1450:4001:831::2001
2a04:9a01:1002::33
23bd40642eee01519340418eb8ee4bceb417788e6e3d4b39aebba070b16361bf
24c2c8d65ef0423159d5505ed54492d1346611b076c14fd3af08e5364ce83d9e
27c094142b294677babfd410f01ab0ef6450c30f0ced804477f1b98adfc3a591
4ec0583dd05c9ae23e4f612829312af92f4b38961c0b1fbf53a266f20d4eb182
54039c085acfdaf5124e55514d4153752a8526dc55b1d76c3bc731bfa4c3863a
64fd48770f59ad0d509ab6664933095321f797323c9965a8ef92cbb060acfa40
76cba8c616494b98ce3232bb080e8beef3583aa75368c65b5e121508f92bb6a4
85f028fadd26412f3ff050e58fab1c791a172e44f078db492c89bbb950053695
8c48b81b373e6dac8c9c39072db0ab401be309a8a2a4e2f032cb5d5f2017ae4c
8e1259c7006dfe0d19f6bcc4fc622c4ce555250e9924fa20cafbe137e64d72eb
95b8c28ae6c0c9d5657a44d5a6ca24c04165eef39d6a8e1e93627c8d755ffe3a
c922548cfe09320db090d544611419072db72918c07a3588e8138bd474eb41d3
dc4b94fbd1ec10e1ed4e130d8c785c2f0f7a6dacee88c019d3d77782b86d43ba
dc9b62c0c22ee9ed9efc6b63664e860df4979d42279d6d76d5720beec4c8b239
ea24041f1bf773952f69e1e98082de62b89f24ca6b60b147f2f052b21e3b6861
f325b8b3a6c772d7ebef4dea572c8da501e9c6ee286df0d96dfa49441258fd2f