urlscan.io logo urlscan.io
SecurityTrails logo

belasting.elsa.nlaic.ia2ai.nl Open in urlscan Pro
20.82.31.136  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://belasting.elsa.nlaic.ia2ai.nl/#/
Effective URL: https://belasting.elsa.nlaic.ia2ai.nl/
Submission: On March 29 via manual from NL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 17 HTTP transactions. The main IP is 20.82.31.136, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is belasting.elsa.nlaic.ia2ai.nl.
TLS certificate: Issued by R3 on March 27th 2023. Valid for: 3 months.
This is the only time belasting.elsa.nlaic.ia2ai.nl was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: NL Government (Government)

Domain & IP information

IP Address AS Autonomous System
12 20.82.31.136 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
17 5
12    20.82.31.136 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
belasting.elsa.nlaic.ia2ai.nl
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700:10::6816:1ca7 (United States)

ASN13335 (CLOUDFLARENET, US)
www.tno.nl
Apex Domain
Subdomains		 Transfer
12 ia2ai.nl
belasting.elsa.nlaic.ia2ai.nl
2 MB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 194
385 KB
1 tno.nl
www.tno.nl — Cisco Umbrella Rank: 848602
29 KB
1 gstatic.com
fonts.gstatic.com
14 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
942 B
17 5
Domain Requested by
12 belasting.elsa.nlaic.ia2ai.nl belasting.elsa.nlaic.ia2ai.nl
2 cdnjs.cloudflare.com belasting.elsa.nlaic.ia2ai.nl
cdnjs.cloudflare.com
1 www.tno.nl belasting.elsa.nlaic.ia2ai.nl
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com belasting.elsa.nlaic.ia2ai.nl
17 5

This site contains no links.

Subject Issuer Validity Valid
belasting.elsa.nlaic.ia2ai.nl
R3		 2023-03-27 -
2023-06-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
www.tno.nl
GEANT OV RSA CA 4		 2023-02-20 -
2024-02-20		 a year crt.sh

This page contains 1 frames:

Primary Page: https://belasting.elsa.nlaic.ia2ai.nl/
Frame ID: 153828526F5AB339795F80D6993F6701
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Dashboard — ELSA Producer WEBUI

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

17
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

2135 kB
Transfer

1747 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
belasting.elsa.nlaic.ia2ai.nl/ 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://belasting.elsa.nlaic.ia2ai.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.82.31.136 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3ec9647484895bc910d51d6f0656f21b04c758a1904c5f895002ea34889683f0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
content-length
2381
content-type
text/html
date
Wed, 29 Mar 2023 06:57:07 GMT
etag
"6388b0f9-94d"
last-modified
Thu, 01 Dec 2022 13:49:45 GMT
strict-transport-security
max-age=15724800; includeSubDomains
css2
fonts.googleapis.com/ 		2 KB
942 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Nunito&display=swap
Requested by
Host: belasting.elsa.nlaic.ia2ai.nl
URL: https://belasting.elsa.nlaic.ia2ai.nl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3c8de707408da9bc0d49a3960ddb9dab41b7577322867211c72614484eb8a991
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://belasting.elsa.nlaic.ia2ai.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 29 Mar 2023 06:57:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 29 Mar 2023 05:25:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Mar 2023 06:57:07 GMT
app.aceb222d.css
belasting.elsa.nlaic.ia2ai.nl/css/ 		362 KB
363 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://belasting.elsa.nlaic.ia2ai.nl/css/app.aceb222d.css
Requested by
Host: belasting.elsa.nlaic.ia2ai.nl
URL: https://belasting.elsa.nlaic.ia2ai.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.82.31.136 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b31ee59f6e784bf66f1d9b0002d412c25a6ad2a805d6c780f2456b023a781d8e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://belasting.elsa.nlaic.ia2ai.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 06:57:07 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Thu, 01 Dec 2022 13:49:45 GMT
accept-ranges
bytes
etag
"6388b0f9-5a6df"
content-length
370399
content-type
text/css
app.868b4e5a.js
belasting.elsa.nlaic.ia2ai.nl/js/ 		17 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://belasting.elsa.nlaic.ia2ai.nl/js/app.868b4e5a.js
Requested by
Host: belasting.elsa.nlaic.ia2ai.nl
URL: https://belasting.elsa.nlaic.ia2ai.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.82.31.136 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f2733808e52aed516869b14f8c6efeb40aabed9c2693b0219473d3a5ea24c710
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://belasting.elsa.nlaic.ia2ai.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 06:57:07 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Thu, 01 Dec 2022 13:49:45 GMT
accept-ranges
bytes
etag
"6388b0f9-44c4"
content-length
17604
content-type
application/javascript
chunk-vendors.da82357a.js
belasting.elsa.nlaic.ia2ai.nl/js/ 		504 KB
506 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://belasting.elsa.nlaic.ia2ai.nl/js/chunk-vendors.da82357a.js
Requested by
Host: belasting.elsa.nlaic.ia2ai.nl
URL: https://belasting.elsa.nlaic.ia2ai.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.82.31.136 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2af6624294ea7cbc345efc6fe8e60fcc5abe9b63329c83d08165d015e7b8b853
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://belasting.elsa.nlaic.ia2ai.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 06:57:07 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Thu, 01 Dec 2022 13:49:45 GMT
accept-ranges
bytes
etag
"6388b0f9-7e19b"
content-length
516507
content-type
application/javascript
materialdesignicons.min.css
cdnjs.cloudflare.com/ajax/libs/MaterialDesign-Webfont/6.4.95/css/ 		293 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/MaterialDesign-Webfont/6.4.95/css/materialdesignicons.min.css
Requested by
Host: belasting.elsa.nlaic.ia2ai.nl
URL: https://belasting.elsa.nlaic.ia2ai.nl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e662d5f7621fb5a963e80dfb06289cc6e560a5c58496f7704a7503e3bacea907
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://belasting.elsa.nlaic.ia2ai.nl
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 06:57:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
466174
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37469
last-modified
Mon, 25 Oct 2021 03:06:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"61761f18-925d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJBZSSQXAfPpQ1JPvUnOStfGy0U9Nr%2BG21dQxk6Hvpy5ntMfr58Xm4yCqkzreHSiz78vZz1GDhvNIe4dyMt1aCjxSb7jrJqcb%2FDnCWQajnvoPrMkIw30Q1G5c2W%2BLbxJzpctiGEjAwS8tocEtKTI0f0E"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7af63785fb3406c0-AMS
expires
Mon, 18 Mar 2024 06:57:07 GMT
chunk-14a0980b.6ffcc715.css
belasting.elsa.nlaic.ia2ai.nl/css/ 		0
227 B 		Other
General
Check archive.org
Download Go to
Full URL
https://belasting.elsa.nlaic.ia2ai.nl/css/chunk-14a0980b.6ffcc715.css
Requested by
Host: belasting.elsa.nlaic.ia2ai.nl
URL: https://belasting.elsa.nlaic.ia2ai.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.82.31.136 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://belasting.elsa.nlaic.ia2ai.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 06:57:07 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Thu, 01 Dec 2022 13:49:45 GMT
accept-ranges
bytes
etag
"6388b0f9-32"
content-length
50
content-type
text/css
chunk-16eba25c.6548cb3a.css
belasting.elsa.nlaic.ia2ai.nl/css/ 		0
18 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://belasting.elsa.nlaic.ia2ai.nl/css/chunk-16eba25c.6548cb3a.css
Requested by
Host: belasting.elsa.nlaic.ia2ai.nl
URL: https://belasting.elsa.nlaic.ia2ai.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.82.31.136 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://belasting.elsa.nlaic.ia2ai.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 06:57:07 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Thu, 01 Dec 2022 13:49:45 GMT
accept-ranges
bytes
etag
"6388b0f9-48a1"
content-length
18593
content-type
text/css
chunk-14a0980b.20af5507.js
belasting.elsa.nlaic.ia2ai.nl/js/ 		0
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://belasting.elsa.nlaic.ia2ai.nl/js/chunk-14a0980b.20af5507.js
Requested by
Host: belasting.elsa.nlaic.ia2ai.nl
URL: https://belasting.elsa.nlaic.ia2ai.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.82.31.136 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://belasting.elsa.nlaic.ia2ai.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 06:57:07 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Thu, 01 Dec 2022 13:49:45 GMT
accept-ranges
bytes
etag
"6388b0f9-146a"
content-length
5226
content-type
application/javascript
chunk-16eba25c.3ebbf12d.js
belasting.elsa.nlaic.ia2ai.nl/js/ 		0
615 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://belasting.elsa.nlaic.ia2ai.nl/js/chunk-16eba25c.3ebbf12d.js
Requested by
Host: belasting.elsa.nlaic.ia2ai.nl
URL: https://belasting.elsa.nlaic.ia2ai.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.82.31.136 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://belasting.elsa.nlaic.ia2ai.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 06:57:07 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Thu, 01 Dec 2022 13:49:45 GMT
accept-ranges
bytes
etag
"6388b0f9-99602"
content-length
628226
content-type
application/javascript
XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
fonts.gstatic.com/s/nunito/v25/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v25/XRXI3I6Li01BKofiOc5wtlZ2di8HDLshdTQ3jw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e2f97ea0fb92d5e3ae31eeef403b9c34363c8fb2a387e13cf381fa97f3e8cf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://belasting.elsa.nlaic.ia2ai.nl
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 08:37:53 GMT
x-content-type-options
nosniff
age
80354
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14060
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:44:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Mar 2024 08:37:53 GMT
materialdesignicons-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/MaterialDesign-Webfont/6.4.95/fonts/ 		347 KB
347 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/MaterialDesign-Webfont/6.4.95/fonts/materialdesignicons-webfont.woff2?v=6.4.95
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/MaterialDesign-Webfont/6.4.95/css/materialdesignicons.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d663f7fbb05d81d87a610120de0dc1163bad5f4df27e28d56ab59379b5f0c10
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/MaterialDesign-Webfont/6.4.95/css/materialdesignicons.min.css
Origin
https://belasting.elsa.nlaic.ia2ai.nl
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 06:57:07 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
425217
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
354984
last-modified
Mon, 25 Oct 2021 03:06:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"61761f18-56aa8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ujuvdOFSIWgK0vVMVS1ws22AUtxjKmVEGRORDWE6Hdp6pP%2BpYS0Ro%2BLkuH4egMAmD92DlcBzH0XH6nHDxuhez%2B1ufdj9EDvlH0uTyGX6i9Y6JpY7qoQQhrTfs2JmmyQ4smGgt%2FLKCcmjEkE31ZLC60g2"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7af637877c9706c0-AMS
expires
Mon, 18 Mar 2024 06:57:07 GMT
/
belasting.elsa.nlaic.ia2ai.nl/branding/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://belasting.elsa.nlaic.ia2ai.nl/branding/
Requested by
Host: belasting.elsa.nlaic.ia2ai.nl
URL: https://belasting.elsa.nlaic.ia2ai.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.82.31.136 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
629fb0c4df844710f5ed3d2f807ac4fac53631a888d3368e8df44d5ed47589fb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://belasting.elsa.nlaic.ia2ai.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 06:57:07 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Thu, 01 Dec 2022 13:49:45 GMT
accept-ranges
bytes
etag
"6388b0f9-bef"
content-length
3055
content-type
image/png
ElsaLabs_400x400.jpg
belasting.elsa.nlaic.ia2ai.nl/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://belasting.elsa.nlaic.ia2ai.nl/ElsaLabs_400x400.jpg
Requested by
Host: belasting.elsa.nlaic.ia2ai.nl
URL: https://belasting.elsa.nlaic.ia2ai.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.82.31.136 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
59c9cd71157d132a8a54f7e46ccfbae5e2b454cc3042be7e9b24c64553d04085
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://belasting.elsa.nlaic.ia2ai.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 06:57:07 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Thu, 01 Dec 2022 13:49:45 GMT
accept-ranges
bytes
etag
"6388b0f9-8134"
content-length
33076
content-type
image/jpeg
tno-logo-1484x835_003_.jpg
www.tno.nl/publish/pages/5604/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tno.nl/publish/pages/5604/tno-logo-1484x835_003_.jpg
Requested by
Host: belasting.elsa.nlaic.ia2ai.nl
URL: https://belasting.elsa.nlaic.ia2ai.nl/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1ca7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / IPROX-CMS
Resource Hash
1d76b56f8049ab71841557329ade23094d7bb3d21406760d1ca288af808590df
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://belasting.elsa.nlaic.ia2ai.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 06:57:08 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000;includeSubDomains;preload
cf-cache-status
BYPASS
x-aspnet-version
-
x-powered-by
IPROX-CMS
p3p
CP="NOI DSP MON CUR ADM DEV TAI OUR NOR STA"
x-xss-protection
1; mode=block
referrer-policy
same-origin,no-referrer-when-downgrade
last-modified
Fri, 12 Aug 2022 10:41:00 GMT
server
cloudflare
etag
"46af81afb958404fc6262ad704ea2568"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=1800, s-maxage=1800
permissions-policy
payment=()
cf-ray
7af637884d3db960-AMS
expires
Wed, 29 Mar 2023 07:27:08 GMT
NL-AI-Coalitie.jpg
belasting.elsa.nlaic.ia2ai.nl/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://belasting.elsa.nlaic.ia2ai.nl/NL-AI-Coalitie.jpg
Requested by
Host: belasting.elsa.nlaic.ia2ai.nl
URL: https://belasting.elsa.nlaic.ia2ai.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.82.31.136 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6ec2f1dc8ae227640da145c5805911114e4c3c3f0844e4f31fd75fa5ae02c740
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://belasting.elsa.nlaic.ia2ai.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 06:57:07 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Thu, 01 Dec 2022 13:49:45 GMT
accept-ranges
bytes
etag
"6388b0f9-4546"
content-length
17734
content-type
image/jpeg
Architecture.png
belasting.elsa.nlaic.ia2ai.nl/ 		126 KB
126 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://belasting.elsa.nlaic.ia2ai.nl/Architecture.png
Requested by
Host: belasting.elsa.nlaic.ia2ai.nl
URL: https://belasting.elsa.nlaic.ia2ai.nl/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.82.31.136 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44426106de3f606a80871b7cb415f891456a75d5945bb3c6178d212c4ea9c2ec
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://belasting.elsa.nlaic.ia2ai.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 06:57:07 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Thu, 01 Dec 2022 13:49:45 GMT
accept-ranges
bytes
etag
"6388b0f9-1f6d9"
content-length
128729
content-type
image/png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: NL Government (Government)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| webpackJsonp

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains