urlscan.io logo urlscan.io
SecurityTrails logo

alfea-online.be Open in urlscan Pro
157.254.3.134  Public Scan

Go To Rescan Add Verdict Report
URL: https://alfea-online.be/
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On April 09 via api from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 8 HTTP transactions. The main IP is 157.254.3.134, located in United States and belongs to AMAZON-02, US. The main domain is alfea-online.be.
TLS certificate: Issued by R3 on April 9th 2024. Valid for: 3 months.
This is the only time alfea-online.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 157.254.3.134 16509 (AMAZON-02)
1 104.16.204.238 13335 (CLOUDFLAR...)
1 136.243.89.249 24940 (HETZNER-AS)
1 172.67.69.55 13335 (CLOUDFLAR...)
8 5
Apex Domain
Subdomains		 Transfer
5 alfea-online.be
alfea-online.be
58 KB
1 nha.nl
www.nha.nl
14 KB
1 beroepen.nl
beroepen.nl
26 KB
1 jobat.be
www.jobat.be — Cisco Umbrella Rank: 153025
417 KB
8 4
Domain Requested by
5 alfea-online.be alfea-online.be
1 www.nha.nl alfea-online.be
1 beroepen.nl alfea-online.be
1 www.jobat.be alfea-online.be
8 4
Subject Issuer Validity Valid
*.alfea-online.be
R3		 2024-04-09 -
2024-07-08		 3 months crt.sh
jobat.be
Cloudflare Inc ECC CA-3		 2024-03-02 -
2024-12-31		 10 months crt.sh
beroepen.nl
R3		 2024-02-11 -
2024-05-11		 3 months crt.sh
nha.nl
GTS CA 1P5		 2024-03-01 -
2024-05-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://alfea-online.be/
Frame ID: E93EABB88FA160FDA6E1CBB43A1276C3
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

alfea-online.be | Home

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

5
IPs

3
Countries

517 kB
Transfer

683 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
alfea-online.be/ 		67 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://alfea-online.be/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
157.254.3.134 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
05b6e543fa65fd71f00edf1b0b2770c74fbda55ba11307af048a0c987eceaf07
Security Headers
Name Value
Content-Security-Policy default-src *; script-src * 'unsafe-inline' 'unsafe-eval'; object-src *; style-src * 'unsafe-inline'; img-src * data:; media-src *; frame-src *; font-src * data:; connect-src *
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src *; script-src * 'unsafe-inline' 'unsafe-eval'; object-src *; style-src * 'unsafe-inline'; img-src * data:; media-src *; frame-src *; font-src * data:; connect-src *
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
it-IT,it;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-security-policy
default-src *; script-src * 'unsafe-inline' 'unsafe-eval'; object-src *; style-src * 'unsafe-inline'; img-src * data:; media-src *; frame-src *; font-src * data:; connect-src *
content-type
text/html; charset=utf-8
date
Tue, 09 Apr 2024 16:05:13 GMT
etag
W/"10b68-U35B4gqAoFcxH5er4XiZB669L1Y"
permissions-policy
autoplay=*
referrer-policy
no-referrer-when-downgrade
server
nginx/1.17.9
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-security-policy
default-src *; script-src * 'unsafe-inline' 'unsafe-eval'; object-src *; style-src * 'unsafe-inline'; img-src * data:; media-src *; frame-src *; font-src * data:; connect-src *
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN SAMEORIGIN
x-webkit-csp
default-src *; script-src * 'unsafe-inline' 'unsafe-eval'; object-src *; style-src * 'unsafe-inline'; img-src * data:; media-src *; frame-src *; font-src * data:; connect-src *
x-xss-protection
1; mode=block
swiper.min.js
alfea-online.be/swiper/ 		138 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://alfea-online.be/swiper/swiper.min.js
Requested by
Host: alfea-online.be
URL: https://alfea-online.be/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
157.254.3.134 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
36231d9ccbf4581029b3733c99c07b587ce56a7113b74ae7c0c0a083aec38029
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://alfea-online.be/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 16:05:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 11 Mar 2024 14:56:01 GMT
server
nginx/1.17.9
etag
W/"22681-18e2e036fe8"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
x-xss-protection
1; mode=block
swiper.min.css
alfea-online.be/swiper/ 		13 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://alfea-online.be/swiper/swiper.min.css
Requested by
Host: alfea-online.be
URL: https://alfea-online.be/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
157.254.3.134 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
906ba97c9e3365be3f9b418f3d56349e0ec5c128d99b5134c0c586d5a4586f09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://alfea-online.be/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 16:05:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 11 Mar 2024 14:56:01 GMT
server
nginx/1.17.9
etag
W/"356d-18e2e036fe8"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
x-xss-protection
1; mode=block
index.js
alfea-online.be/lazysizes/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://alfea-online.be/lazysizes/index.js
Requested by
Host: alfea-online.be
URL: https://alfea-online.be/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
157.254.3.134 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
e85dc8540219ba11faaa7392297b39482650972c35704f979bea2312f28af936
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://alfea-online.be/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 16:05:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 11 Mar 2024 14:56:01 GMT
server
nginx/1.17.9
etag
W/"1e41-18e2e036fe8"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
x-xss-protection
1; mode=block
beroep-boekhouder.jpg
www.jobat.be//-/media/jobat/jobat-be/profession-guide/ 		416 KB
417 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.jobat.be//-/media/jobat/jobat-be/profession-guide/beroep-boekhouder.jpg?mw=906&hash=69A3CEA506231CF571732F6C467DA0C8
Requested by
Host: alfea-online.be
URL: https://alfea-online.be/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.204.238 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39c85170341b7e054d70d5a2ced2438c82ba0fd006516ad79adc384d92c28c4d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://alfea-online.be/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 16:05:14 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
cf-cache-status
MISS
content-disposition
inline; filename="beroep-boekhouder.jpg"
content-length
426067
request-context
appId=cid-v1:30112174-e4a2-425f-9162-ff2c4036be43
last-modified
Fri, 01 Sep 2023 11:31:51 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/jpeg
access-control-expose-headers
Request-Context
cache-control
private, max-age=604800
accept-ranges
bytes
cf-ray
871bbcc9ab32baab-MXP
boekhouder.jpg
beroepen.nl/wp-content/uploads/2017/01/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beroepen.nl/wp-content/uploads/2017/01/boekhouder.jpg
Requested by
Host: alfea-online.be
URL: https://alfea-online.be/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.89.249 Cologne, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
s31.domeinwinkel.nl
Software
Apache/2 /
Resource Hash
50e7b1ad75197c0af838ea17222e7c272d29f4b684bb103db7f78bea6821ac46

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://alfea-online.be/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 16:05:13 GMT
last-modified
Sat, 02 Dec 2017 16:10:00 GMT
server
Apache/2
accept-ranges
bytes
etag
"6844-55f5db792c600"
content-length
26692
content-type
image/jpeg
wat-verdient-een-boekhouder.jpg
www.nha.nl/static/upload/Nederland/Overige/SEO%20Paginas/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nha.nl/static/upload/Nederland/Overige/SEO%20Paginas/wat-verdient-een-boekhouder.jpg?1538121814724
Requested by
Host: alfea-online.be
URL: https://alfea-online.be/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2c3a292524094ece0e4ce3f4769b145b582633d061dadd40d0dffba5a13ad56
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.nha.nl *.nha.be *.nhad.de *.buddywise.nl
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://alfea-online.be/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

xc
m
date
Tue, 09 Apr 2024 16:05:14 GMT
content-security-policy
frame-ancestors *.nha.nl *.nha.be *.nhad.de *.buddywise.nl
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
content-length
13286
x-xss-protection
1; mode=block
last-modified
Tue, 09 Apr 2024 11:07:23 GMT
server
cloudflare
etag
"33e6-615a7ed2d0b75"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j%2FRGAzXVpbb4EbingfN5sEWHUFue%2FxJaFDpbsuQ2vPk7U7%2BH1GC9KenFAkB44XZ9JtXNbySxK8BfMW5C1AmQKaGldAXkzdRLZUqgOvVVHMqX1gVTUfW2J4mh8mk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=259200
xch
0
accept-ranges
bytes, bytes
cf-ray
871bbcc9cdbf3759-MXP
truncated
/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c239fbd2387ceff073b22f05559eb6a3a9425ccde003eccb22a998429465302f

Request headers

Referer
Origin
https://alfea-online.be
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
favicon.ico
alfea-online.be/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://alfea-online.be/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
157.254.3.134 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
b2c7c98415bf34629f8cb1f6d820e04a35894616d387dd55a05734073f631a14
Security Headers
Name Value
Content-Security-Policy default-src *; script-src * 'unsafe-inline' 'unsafe-eval'; object-src *; style-src * 'unsafe-inline'; img-src * data:; media-src *; frame-src *; font-src * data:; connect-src *
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src *; script-src * 'unsafe-inline' 'unsafe-eval'; object-src *; style-src * 'unsafe-inline'; img-src * data:; media-src *; frame-src *; font-src * data:; connect-src *
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://alfea-online.be/
accept-language
it-IT,it;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 09 Apr 2024 16:05:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff, nosniff
referrer-policy
no-referrer-when-downgrade
content-encoding
gzip
server
nginx/1.17.9
content-security-policy
default-src *; script-src * 'unsafe-inline' 'unsafe-eval'; object-src *; style-src * 'unsafe-inline'; img-src * data:; media-src *; frame-src *; font-src * data:; connect-src *
x-frame-options
SAMEORIGIN, SAMEORIGIN
vary
Accept-Encoding
content-type
image/x-icon
cache-control
max-age=2592000
permissions-policy
autoplay=*
x-webkit-csp
default-src *; script-src * 'unsafe-inline' 'unsafe-eval'; object-src *; style-src * 'unsafe-inline'; img-src * data:; media-src *; frame-src *; font-src * data:; connect-src *
x-xss-protection
1; mode=block
x-content-security-policy
default-src *; script-src * 'unsafe-inline' 'unsafe-eval'; object-src *; style-src * 'unsafe-inline'; img-src * data:; media-src *; frame-src *; font-src * data:; connect-src *

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| bootSwiper function| ssc number| loaded function| checkStyleLoaded object| button object| tooltip undefined| create undefined| destroy undefined| show undefined| hide function| runSwiper function| Swiper object| lazySizes

1 Cookies

Domain/Path Name / Value
.jobat.be/ Name: __cf_bm
Value: jfzhFI5xasZdSOo3UGJlc_RFgdBa49sLpYMYnK0a4Kk-1712678714-1.0.1.1-dboM5v6DlBA1dxeu1I3AcVr7eSXr0S8AU2g5E07jWHJhn0Fqs78_yW2yw3nTx.YgEep8Y9wWgRmA1IjLlKvYGg

1 Console Messages

Source Level URL
Text
other warning URL: https://alfea-online.be/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src *; script-src * 'unsafe-inline' 'unsafe-eval'; object-src *; style-src * 'unsafe-inline'; img-src * data:; media-src *; frame-src *; font-src * data:; connect-src *
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Security-Policy default-src *; script-src * 'unsafe-inline' 'unsafe-eval'; object-src *; style-src * 'unsafe-inline'; img-src * data:; media-src *; frame-src *; font-src * data:; connect-src *
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block