belastingdienst.dns.army Open in urlscan Pro
185.45.195.173 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://belastingdienst.dns.army/
Submission: On December 18 via api (December 18th 2024, 1:52:02 am UTC) from US — Scanned from DE

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 6 domains to perform 19 HTTP transactions. The main IP is 185.45.195.173, located in Los Angeles, United States and belongs to HS Host Sailor Ltd, AE. The main domain is belastingdienst.dns.army.
TLS certificate: Issued by R11 on December 17th 2024. Valid for: 3 months.

This is the only time belastingdienst.dns.army was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: NL Government (Government)

Domain & IP information

	IP Address	AS Autonomous System
9	185.45.195.173 185.45.195.173	60117 (HS Host S...) (HS Host Sailor Ltd)
4	2a04:9a01:100... 2a04:9a01:1002::19	34663 (ASBELASTI...) (ASBELASTINGDIENST Belastingdienst)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::ac40:98ed	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:9a01:100... 2a04:9a01:1002::33	34663 (ASBELASTI...) (ASBELASTINGDIENST Belastingdienst)
2	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
1	2a03:b0c0:2:d... 2a03:b0c0:2:d0::14a6:2001	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
19	8

9 185.45.195.173 (Los Angeles, United States)

ASN60117 (HS Host Sailor Ltd, AE)

belastingdienst.dns.army	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:9a01:1002::19 (Netherlands)

ASN34663 (ASBELASTINGDIENST Belastingdienst, NL)

download.belastingdienst.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:98ed (United States)

ASN13335 (CLOUDFLARENET, US)

downloads-global.3cx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:9a01:1002::33 (Netherlands)

ASN34663 (ASBELASTINGDIENST Belastingdienst, NL)

www.belastingdienst.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:b0c0:2:d0::14a6:2001 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

1894.3cx.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	dns.army belastingdienst.dns.army	607 KB
5	belastingdienst.nl download.belastingdienst.nl — Cisco Umbrella Rank: 220301 www.belastingdienst.nl — Cisco Umbrella Rank: 211131	172 KB
2	gstatic.com fonts.gstatic.com	15 KB
1	3cx.cloud 1894.3cx.cloud	1 KB
1	3cx.com downloads-global.3cx.com — Cisco Umbrella Rank: 111751	198 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	838 B
19	6

	Domain	Requested by
9	belastingdienst.dns.army	belastingdienst.dns.army
4	download.belastingdienst.nl	belastingdienst.dns.army download.belastingdienst.nl
2	fonts.gstatic.com	belastingdienst.dns.army
1	1894.3cx.cloud	downloads-global.3cx.com
1	www.belastingdienst.nl	belastingdienst.dns.army
1	downloads-global.3cx.com	belastingdienst.dns.army
1	fonts.googleapis.com	belastingdienst.dns.army
19	7

This site contains no links.

Subject Issuer	Validity	Valid
belastingdienst.dns.army R11	`2024-12-17` - `2025-03-17`	3 months	crt.sh
download.belastingdienst.nl DigiCert G2 TLS EU RSA4096 SHA384 2022 CA1	`2024-10-10` - `2025-10-09`	a year	crt.sh
upload.video.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.3cx.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-28` - `2025-02-27`	a year	crt.sh
www.belastingdienst.nl DigiCert G2 TLS EU RSA4096 SHA384 2022 CA1	`2024-05-02` - `2025-05-01`	a year	crt.sh
*.gstatic.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
1894.3cx.cloud R11	`2024-12-13` - `2025-03-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://belastingdienst.dns.army/
Frame ID: C847DBB2E392F11701B30FB61FEA237E
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Belastingdienst Nederland | Dwangbevel

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

100 %
HTTPS

71 %
IPv6

6
Domains

7
Subdomains

8
IPs

3
Countries

994 kB
Transfer

1470 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
belastingdienst.dns.army/ 604 KB
604 KB 565ms
165ms Document
text/html 185.45.195.173
HS Host Sailor Ltd

General

Check archive.org

Show headers Download Go to

Full URL: https://belastingdienst.dns.army/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.45.195.173 Los Angeles, United States, ASN60117 (HS Host Sailor Ltd, AE),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 964c3d93a1b348e1bc73eae0869a04d9744189a633b8fb92d2dcec4cc4e76b7d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Length: 618721
Date: Wed, 18 Dec 2024 01:51:54 GMT
ETag: "970e1-62977ed8cddbc"
Keep-Alive: timeout=5, max=100
Last-Modified: Tue, 17 Dec 2024 14:15:23 GMT
Server: Apache/2.4.18 (Ubuntu)

GET
H/1.1 200
OK rofonts.css
download.belastingdienst.nl/assets/bold/rofonts/1.0.2/css/ 552 B
3 KB 151ms
24ms Stylesheet
text/css 2a04:9a01:1002::19
ASBELASTINGDIENST...

General

Check archive.org

Show headers Download Go to

Full URL

https://download.belastingdienst.nl/assets/bold/rofonts/1.0.2/css/rofonts.css

Requested by

Host: belastingdienst.dns.army
URL: https://belastingdienst.dns.army/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a04:9a01:1002::19 , Netherlands, ASN34663 (ASBELASTINGDIENST Belastingdienst, NL),

Reverse DNS

Software

Resource Hash

741fd13ddcab54d0fe9f6eb0c762a90c2842448db62dd407fdeb906cd2819f97

Security Headers

Name	Value
Content-Security-Policy	default-src https://.belastingdienst.nl https://vinden.belastingdienst.nl https://.readspeaker.com; connect-src 'self' https://.belastingdienst.nl https://.optimizely.com https://.readspeaker.com https://.abtasty.com https://api.pdok.nl; child-src 'self' https://belastingdienst.nl https://.belastingdienst.nl https://.cdn.optimizely.com https://secure.opinionlab.com https://.readspeaker.com https://www.anbi-instellingen.nl https://www.youtube.com https://www.youtube-nocookie.com ; frame-src 'self' https://.belastingdienst.nl https://.readspeaker.com https://secure.opinionlab.com https://www.youtube.com https://www.youtube-nocookie.com ; frame-ancestors 'self' https://.belastingdienst.nl https://.pagefreezer.com https://.pagefreezer.nl ; img-src 'self' https://n01d05.cumulus-cloud.com https://.readspeaker.com https://img.youtube.com data: https://.belastingdienst.nl blob: data: .abtasty.com; font-src 'self' https://.belastingdienst.nl blob: data: .abtasty.com; script-src 'self' https://.belastingdienst.nl https://cdn.optimizely.com https://.readspeaker.com https://bdtm.containers.piwik.pro 'unsafe-eval' 'unsafe-inline' blob: .abtasty.com ; style-src 'self' https://.belastingdienst.nl https://.readspeaker.com *.abtasty.com 'unsafe-inline'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://belastingdienst.dns.army/

Response headers

Strict-Transport-Security: max-age=31536000
Content-Security-Policy: default-src https://*.belastingdienst.nl https://vinden.belastingdienst.nl https://*.readspeaker.com; connect-src 'self' https://*.belastingdienst.nl https://*.optimizely.com https://*.readspeaker.com https://*.abtasty.com https://api.pdok.nl; child-src 'self' https://belastingdienst.nl https://*.belastingdienst.nl https://*.cdn.optimizely.com https://secure.opinionlab.com https://*.readspeaker.com https://www.anbi-instellingen.nl https://www.youtube.com https://www.youtube-nocookie.com ; frame-src 'self' https://*.belastingdienst.nl https://*.readspeaker.com https://secure.opinionlab.com https://www.youtube.com https://www.youtube-nocookie.com ; frame-ancestors 'self' https://*.belastingdienst.nl https://*.pagefreezer.com https://*.pagefreezer.nl ; img-src 'self' https://n01d05.cumulus-cloud.com https://*.readspeaker.com https://img.youtube.com data: https://*.belastingdienst.nl blob: data: *.abtasty.com; font-src 'self' https://*.belastingdienst.nl blob: data: *.abtasty.com; script-src 'self' https://*.belastingdienst.nl https://cdn.optimizely.com https://*.readspeaker.com https://bdtm.containers.piwik.pro 'unsafe-eval' 'unsafe-inline' blob: *.abtasty.com ; style-src 'self' https://*.belastingdienst.nl https://*.readspeaker.com *.abtasty.com 'unsafe-inline'
ETag: "228-629760d753123"
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 552
Keep-Alive: timeout=5, max=98
Date: Wed, 18 Dec 2024 01:51:55 GMT
X-XSS-Protection: 1; mode=block;
Last-Modified: Tue, 17 Dec 2024 12:01:08 GMT
Content-Type: text/css

GET
H/1.1 200
OK fonts.css
download.belastingdienst.nl/assets/css/ 2 KB
4 KB 149ms
23ms Stylesheet
text/css 2a04:9a01:1002::19
ASBELASTINGDIENST...

General

Check archive.org

Show headers Download Go to

Full URL

https://download.belastingdienst.nl/assets/css/fonts.css

Requested by

Host: belastingdienst.dns.army
URL: https://belastingdienst.dns.army/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a04:9a01:1002::19 , Netherlands, ASN34663 (ASBELASTINGDIENST Belastingdienst, NL),

Reverse DNS

Software

Resource Hash

890aac78854e24716a0fd5c7c3fbe4701d51a3f5ef2a44a60c8caf0699f3c5d2

Security Headers

Name	Value
Content-Security-Policy	default-src https://.belastingdienst.nl https://vinden.belastingdienst.nl https://.readspeaker.com; connect-src 'self' https://.belastingdienst.nl https://.optimizely.com https://.readspeaker.com https://.abtasty.com https://api.pdok.nl; child-src 'self' https://belastingdienst.nl https://.belastingdienst.nl https://.cdn.optimizely.com https://secure.opinionlab.com https://.readspeaker.com https://www.anbi-instellingen.nl https://www.youtube.com https://www.youtube-nocookie.com ; frame-src 'self' https://.belastingdienst.nl https://.readspeaker.com https://secure.opinionlab.com https://www.youtube.com https://www.youtube-nocookie.com ; frame-ancestors 'self' https://.belastingdienst.nl https://.pagefreezer.com https://.pagefreezer.nl ; img-src 'self' https://n01d05.cumulus-cloud.com https://.readspeaker.com https://img.youtube.com data: https://.belastingdienst.nl blob: data: .abtasty.com; font-src 'self' https://.belastingdienst.nl blob: data: .abtasty.com; script-src 'self' https://.belastingdienst.nl https://cdn.optimizely.com https://.readspeaker.com https://bdtm.containers.piwik.pro 'unsafe-eval' 'unsafe-inline' blob: .abtasty.com ; style-src 'self' https://.belastingdienst.nl https://.readspeaker.com *.abtasty.com 'unsafe-inline'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://belastingdienst.dns.army/

Response headers

Strict-Transport-Security: max-age=31536000
Content-Security-Policy: default-src https://*.belastingdienst.nl https://vinden.belastingdienst.nl https://*.readspeaker.com; connect-src 'self' https://*.belastingdienst.nl https://*.optimizely.com https://*.readspeaker.com https://*.abtasty.com https://api.pdok.nl; child-src 'self' https://belastingdienst.nl https://*.belastingdienst.nl https://*.cdn.optimizely.com https://secure.opinionlab.com https://*.readspeaker.com https://www.anbi-instellingen.nl https://www.youtube.com https://www.youtube-nocookie.com ; frame-src 'self' https://*.belastingdienst.nl https://*.readspeaker.com https://secure.opinionlab.com https://www.youtube.com https://www.youtube-nocookie.com ; frame-ancestors 'self' https://*.belastingdienst.nl https://*.pagefreezer.com https://*.pagefreezer.nl ; img-src 'self' https://n01d05.cumulus-cloud.com https://*.readspeaker.com https://img.youtube.com data: https://*.belastingdienst.nl blob: data: *.abtasty.com; font-src 'self' https://*.belastingdienst.nl blob: data: *.abtasty.com; script-src 'self' https://*.belastingdienst.nl https://cdn.optimizely.com https://*.readspeaker.com https://bdtm.containers.piwik.pro 'unsafe-eval' 'unsafe-inline' blob: *.abtasty.com ; style-src 'self' https://*.belastingdienst.nl https://*.readspeaker.com *.abtasty.com 'unsafe-inline'
ETag: "650-629760d756003"
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 1616
Keep-Alive: timeout=5, max=85
Date: Wed, 18 Dec 2024 01:51:55 GMT
X-XSS-Protection: 1; mode=block;
Last-Modified: Tue, 17 Dec 2024 12:01:08 GMT
Content-Type: text/css

GET
H2 200 css
fonts.googleapis.com/ 774 B
838 B 161ms
32ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato

Requested by

Host: belastingdienst.dns.army
URL: https://belastingdienst.dns.army/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

52d62465d244bef9c22960bed269d931eb2b705dff7f09a0bcf5ddba62554f45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://belastingdienst.dns.army/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 18 Dec 2024 01:51:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 18 Dec 2024 01:51:56 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 17 Dec 2024 23:59:32 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 callus.js Show response
downloads-global.3cx.com/downloads/livechatandtalk/v1/ 683 KB
198 KB 130ms
24ms Script
text/javascript 2606:4700:4400::ac40:98ed
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads-global.3cx.com/downloads/livechatandtalk/v1/callus.js
Requested by: Host: belastingdienst.dns.army
URL: https://belastingdienst.dns.army/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:98ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db46619d34a60708879ce78f5067a77a905380849ea3d8fb67d70cb6dcac5714

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://belastingdienst.dns.army/

Response headers

cache-control: public, max-age=14400
content-encoding: br
cf-cache-status: HIT
etag: W/"f373a64c1bc1d91:0"
age: 5608
cf-ray: 8f3b82b88d42dc76-FRA
expires: Wed, 18 Dec 2024 05:51:56 GMT
access-control-allow-origin: *
date: Wed, 18 Dec 2024 01:51:56 GMT
content-type: text/javascript;charset=utf-8
last-modified: Fri, 28 Jul 2023 06:18:17 GMT
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK bld_logo.svg
www.belastingdienst.nl/bld-assets/bld/rhslogos/ 17 KB
20 KB 247ms
79ms Image
image/svg+xml 2a04:9a01:1002::33
ASBELASTINGDIENST...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.belastingdienst.nl/bld-assets/bld/rhslogos/bld_logo.svg

Requested by

Host: belastingdienst.dns.army
URL: https://belastingdienst.dns.army/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a04:9a01:1002::33 , Netherlands, ASN34663 (ASBELASTINGDIENST Belastingdienst, NL),

Reverse DNS

Software

Resource Hash

24c2c8d65ef0423159d5505ed54492d1346611b076c14fd3af08e5364ce83d9e

Security Headers

Name	Value
Content-Security-Policy	default-src https://.belastingdienst.nl https://vinden.belastingdienst.nl https://.readspeaker.com; connect-src 'self' https://.belastingdienst.nl https://enquete.agconsult.com https://.readspeaker.com https://.abtasty.com https://attachuk.imi.chat https://cdn-widget.eu.webexengage.com https://api.pdok.nl; child-src 'self' https://belastingdienst.nl https://.belastingdienst.nl https://secure.opinionlab.com https://.readspeaker.com https://www.youtube.com https://www.youtube-nocookie.com ; frame-src 'self' https://.belastingdienst.nl https://.readspeaker.com https://secure.opinionlab.com https://www.youtube.com https://www.youtube-nocookie.com https://survey.alchemer.eu https://douane.livepresence.net https://attachuk.imi.chat; frame-ancestors 'self' https://.belastingdienst.nl https://.pagefreezer.com https://.pagefreezer.nl ; img-src 'self' https://.readspeaker.com https://img.youtube.com data: https://.belastingdienst.nl blob: data: .abtasty.com; font-src 'self' https://.belastingdienst.nl blob: data: .abtasty.com; script-src 'self' https://.belastingdienst.nl https://enquete.agconsult.com https://.readspeaker.com https://attachuk.imi.chat 'unsafe-eval' 'unsafe-inline' blob: .abtasty.com ; style-src 'self' https://.belastingdienst.nl https://.readspeaker.com https://attachuk.imi.chat *.abtasty.com 'unsafe-inline'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://belastingdienst.dns.army/

Response headers

Strict-Transport-Security: max-age=31536000
Content-Security-Policy: default-src https://*.belastingdienst.nl https://vinden.belastingdienst.nl https://*.readspeaker.com; connect-src 'self' https://*.belastingdienst.nl https://enquete.agconsult.com https://*.readspeaker.com https://*.abtasty.com https://attachuk.imi.chat https://cdn-widget.eu.webexengage.com https://api.pdok.nl; child-src 'self' https://belastingdienst.nl https://*.belastingdienst.nl https://secure.opinionlab.com https://*.readspeaker.com https://www.youtube.com https://www.youtube-nocookie.com ; frame-src 'self' https://*.belastingdienst.nl https://*.readspeaker.com https://secure.opinionlab.com https://www.youtube.com https://www.youtube-nocookie.com https://survey.alchemer.eu https://douane.livepresence.net https://attachuk.imi.chat; frame-ancestors 'self' https://*.belastingdienst.nl https://*.pagefreezer.com https://*.pagefreezer.nl ; img-src 'self' https://*.readspeaker.com https://img.youtube.com data: https://*.belastingdienst.nl blob: data: *.abtasty.com; font-src 'self' https://*.belastingdienst.nl blob: data: *.abtasty.com; script-src 'self' https://*.belastingdienst.nl https://enquete.agconsult.com https://*.readspeaker.com https://attachuk.imi.chat 'unsafe-eval' 'unsafe-inline' blob: *.abtasty.com ; style-src 'self' https://*.belastingdienst.nl https://*.readspeaker.com https://attachuk.imi.chat *.abtasty.com 'unsafe-inline'
ETag: "454b-603698a9b53a0"
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 17739
Keep-Alive: timeout=5, max=13
Date: Wed, 18 Dec 2024 01:51:56 GMT
X-XSS-Protection: 1; mode=block;
Last-Modified: Mon, 21 Aug 2023 07:08:12 GMT
Content-Type: image/svg+xml
X-Frame-Options: SAMEORIGIN

GET
H/1.1 404
Not Found jquery.min.js
belastingdienst.dns.army/assets/js/ 0
0 247ms
242ms Script
text/html 185.45.195.173
HS Host Sailor Ltd

General

Check archive.org

Show headers Download Go to

Full URL: https://belastingdienst.dns.army/assets/js/jquery.min.js
Requested by: Host: belastingdienst.dns.army
URL: https://belastingdienst.dns.army/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.45.195.173 Los Angeles, United States, ASN60117 (HS Host Sailor Ltd, AE),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://belastingdienst.dns.army/

Response headers

Keep-Alive: timeout=5, max=99
Content-Length: 287
Date: Wed, 18 Dec 2024 01:51:56 GMT
Content-Type: text/html; charset=iso-8859-1
Server: Apache/2.4.18 (Ubuntu)
Connection: Keep-Alive

GET
H/1.1 404
Not Found jspdf.min.js
belastingdienst.dns.army/assets/js/ 0
0 431ms
178ms Script
text/html 185.45.195.173
HS Host Sailor Ltd

General

Check archive.org

Show headers Download Go to

Full URL: https://belastingdienst.dns.army/assets/js/jspdf.min.js
Requested by: Host: belastingdienst.dns.army
URL: https://belastingdienst.dns.army/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.45.195.173 Los Angeles, United States, ASN60117 (HS Host Sailor Ltd, AE),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://belastingdienst.dns.army/

Response headers

Keep-Alive: timeout=5, max=98
Content-Length: 287
Date: Wed, 18 Dec 2024 01:51:56 GMT
Content-Type: text/html; charset=iso-8859-1
Server: Apache/2.4.18 (Ubuntu)
Connection: Keep-Alive

GET
H/1.1 404
Not Found html2canvas.js
belastingdienst.dns.army/assets/js/ 0
0 545ms
160ms Script
text/html 185.45.195.173
HS Host Sailor Ltd

General

Check archive.org

Show headers Download Go to

Full URL: https://belastingdienst.dns.army/assets/js/html2canvas.js
Requested by: Host: belastingdienst.dns.army
URL: https://belastingdienst.dns.army/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.45.195.173 Los Angeles, United States, ASN60117 (HS Host Sailor Ltd, AE),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://belastingdienst.dns.army/

Response headers

Keep-Alive: timeout=5, max=100
Content-Length: 287
Date: Wed, 18 Dec 2024 01:51:56 GMT
Content-Type: text/html; charset=iso-8859-1
Server: Apache/2.4.18 (Ubuntu)
Connection: Keep-Alive

GET
H/1.1 200
OK app.js Show response
belastingdienst.dns.army/assets/js/ 0
294 B 545ms
148ms Script
application/javascript 185.45.195.173
HS Host Sailor Ltd

General

Check archive.org

Show headers Download Go to

Full URL: https://belastingdienst.dns.army/assets/js/app.js
Requested by: Host: belastingdienst.dns.army
URL: https://belastingdienst.dns.army/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.45.195.173 Los Angeles, United States, ASN60117 (HS Host Sailor Ltd, AE),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://belastingdienst.dns.army/

Response headers

ETag: "0-5b27714995a00"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=100
Date: Wed, 18 Dec 2024 01:51:56 GMT
Last-Modified: Sun, 25 Oct 2020 04:16:40 GMT
Content-Type: application/javascript
Server: Apache/2.4.18 (Ubuntu)

GET
H/1.1 200
OK ROsanswebtextbold.woff
download.belastingdienst.nl/assets/bold/rofonts/1.0.2/fonts/ 68 KB
70 KB 191ms
52ms Font
text/plain 2a04:9a01:1002::19
ASBELASTINGDIENST...

General

Check archive.org

Show headers Download Go to

Full URL

https://download.belastingdienst.nl/assets/bold/rofonts/1.0.2/fonts/ROsanswebtextbold.woff

Requested by

Host: download.belastingdienst.nl
URL: https://download.belastingdienst.nl/assets/bold/rofonts/1.0.2/css/rofonts.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a04:9a01:1002::19 , Netherlands, ASN34663 (ASBELASTINGDIENST Belastingdienst, NL),

Reverse DNS

Software

Resource Hash

5563fe6bd2ded6f1ab13dd6c7961c0d93d06cfce99069a98eb0f4c593111fb80

Security Headers

Name	Value
Content-Security-Policy	default-src https://.belastingdienst.nl https://vinden.belastingdienst.nl https://.readspeaker.com; connect-src 'self' https://.belastingdienst.nl https://.optimizely.com https://.readspeaker.com https://.abtasty.com https://api.pdok.nl; child-src 'self' https://belastingdienst.nl https://.belastingdienst.nl https://.cdn.optimizely.com https://secure.opinionlab.com https://.readspeaker.com https://www.anbi-instellingen.nl https://www.youtube.com https://www.youtube-nocookie.com ; frame-src 'self' https://.belastingdienst.nl https://.readspeaker.com https://secure.opinionlab.com https://www.youtube.com https://www.youtube-nocookie.com ; frame-ancestors 'self' https://.belastingdienst.nl https://.pagefreezer.com https://.pagefreezer.nl ; img-src 'self' https://n01d05.cumulus-cloud.com https://.readspeaker.com https://img.youtube.com data: https://.belastingdienst.nl blob: data: .abtasty.com; font-src 'self' https://.belastingdienst.nl blob: data: .abtasty.com; script-src 'self' https://.belastingdienst.nl https://cdn.optimizely.com https://.readspeaker.com https://bdtm.containers.piwik.pro 'unsafe-eval' 'unsafe-inline' blob: .abtasty.com ; style-src 'self' https://.belastingdienst.nl https://.readspeaker.com *.abtasty.com 'unsafe-inline'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://belastingdienst.dns.army
Referer: https://download.belastingdienst.nl/assets/bold/rofonts/1.0.2/css/rofonts.css

Response headers

Strict-Transport-Security: max-age=31536000
Content-Security-Policy: default-src https://*.belastingdienst.nl https://vinden.belastingdienst.nl https://*.readspeaker.com; connect-src 'self' https://*.belastingdienst.nl https://*.optimizely.com https://*.readspeaker.com https://*.abtasty.com https://api.pdok.nl; child-src 'self' https://belastingdienst.nl https://*.belastingdienst.nl https://*.cdn.optimizely.com https://secure.opinionlab.com https://*.readspeaker.com https://www.anbi-instellingen.nl https://www.youtube.com https://www.youtube-nocookie.com ; frame-src 'self' https://*.belastingdienst.nl https://*.readspeaker.com https://secure.opinionlab.com https://www.youtube.com https://www.youtube-nocookie.com ; frame-ancestors 'self' https://*.belastingdienst.nl https://*.pagefreezer.com https://*.pagefreezer.nl ; img-src 'self' https://n01d05.cumulus-cloud.com https://*.readspeaker.com https://img.youtube.com data: https://*.belastingdienst.nl blob: data: *.abtasty.com; font-src 'self' https://*.belastingdienst.nl blob: data: *.abtasty.com; script-src 'self' https://*.belastingdienst.nl https://cdn.optimizely.com https://*.readspeaker.com https://bdtm.containers.piwik.pro 'unsafe-eval' 'unsafe-inline' blob: *.abtasty.com ; style-src 'self' https://*.belastingdienst.nl https://*.readspeaker.com *.abtasty.com 'unsafe-inline'
ETag: "10f5b-629760d7538f3"
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 69467
Keep-Alive: timeout=5, max=97
Date: Wed, 18 Dec 2024 01:51:56 GMT
X-XSS-Protection: 1; mode=block;
Last-Modified: Tue, 17 Dec 2024 12:01:08 GMT

GET
H3 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 172ms
34ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: belastingdienst.dns.army
URL: https://belastingdienst.dns.army/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://belastingdienst.dns.army
Referer: https://belastingdienst.dns.army/

Response headers

age: 59229
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 17 Dec 2025 09:24:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Dec 2024 09:24:47 GMT
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7884
x-xss-protection: 0
server: sffe

GET
H3 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 172ms
34ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: belastingdienst.dns.army
URL: https://belastingdienst.dns.army/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://belastingdienst.dns.army
Referer: https://belastingdienst.dns.army/

Response headers

age: 280200
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 14 Dec 2025 20:01:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 14 Dec 2024 20:01:56 GMT
last-modified: Fri, 22 Mar 2024 00:01:14 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7748
x-xss-protection: 0
server: sffe

GET
H/1.1 404
Not Found fontawesome-webfont.woff2
belastingdienst.dns.army/fonts/ 0
0 298ms
160ms Font
text/html 185.45.195.173
HS Host Sailor Ltd

General

Check archive.org

Show headers Download Go to

Full URL: https://belastingdienst.dns.army/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: belastingdienst.dns.army
URL: https://belastingdienst.dns.army/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.45.195.173 Los Angeles, United States, ASN60117 (HS Host Sailor Ltd, AE),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://belastingdienst.dns.army
Referer: https://belastingdienst.dns.army/

Response headers

Keep-Alive: timeout=5, max=100
Content-Length: 287
Date: Wed, 18 Dec 2024 01:51:56 GMT
Content-Type: text/html; charset=iso-8859-1
Server: Apache/2.4.18 (Ubuntu)
Connection: Keep-Alive

GET
H2 200 c2cinfo Show response
1894.3cx.cloud/MyPhone/ 163 B
1 KB 273ms
29ms Fetch
application/json 2a03:b0c0:2:d0::14a6:2001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://1894.3cx.cloud/MyPhone/c2cinfo?c2cid=nederlandbelastingdi

Requested by

Host: downloads-global.3cx.com
URL: https://downloads-global.3cx.com/downloads/livechatandtalk/v1/callus.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:2:d0::14a6:2001 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

987acb3f302ec3792519ac801ec836631f9a307ba5ebbbc2c0d3d5ec89eac599

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' blob: https://downloads-global.3cx.com https://127.0.0.1:32018 'sha256-RCMl7PJ3K2nMoGZppLZeArO5M70Pbu1k+t6RIHZO7gE=' 'sha256-v6MhWrgXnOZrJTw+mK9MqEYevK8vvSmRZFjINsy76Mw=' 'sha256-Tui7QoFlnLXkJCSl1/JvEZdIXTmBttnWNxzJpXomQjg='; worker-src 'self' blob:; connect-src 'self' https://wmr-cdn.3cx.net https://downloads-global.3cx.com https://www.gravatar.com https://127.0.0.1:32018 https://platform-lookaside.fbsbx.com ws: wss:; img-src * data: blob:; frame-src 'self' docs.3cx.cloud tcx+app:; style-src 'self' 'unsafe-inline'; frame-ancestors 'none'; media-src 'self' data:; object-src 'none'; form-action 'self'; base-uri 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://belastingdienst.dns.army/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 18 Dec 2024 01:51:57 GMT
content-type: application/json; charset=utf-8
vary: Origin
x-frame-options: DENY
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self'; script-src 'self' blob: https://downloads-global.3cx.com https://127.0.0.1:32018 'sha256-RCMl7PJ3K2nMoGZppLZeArO5M70Pbu1k+t6RIHZO7gE=' 'sha256-v6MhWrgXnOZrJTw+mK9MqEYevK8vvSmRZFjINsy76Mw=' 'sha256-Tui7QoFlnLXkJCSl1/JvEZdIXTmBttnWNxzJpXomQjg='; worker-src 'self' blob:; connect-src 'self' https://wmr-cdn.3cx.net https://downloads-global.3cx.com https://www.gravatar.com https://127.0.0.1:32018 https://platform-lookaside.fbsbx.com ws: wss:; img-src * data: blob:; frame-src 'self' docs.3cx.cloud tcx+app:; style-src 'self' 'unsafe-inline'; frame-ancestors 'none'; media-src 'self' data:; object-src 'none'; form-action 'self'; base-uri 'self'
cache-control: no-store
cross-origin-opener-policy: same-origin
pragma: no-cache
referrer-policy: no-referrer
cross-origin-embedder-policy: credentialless
access-control-allow-origin: https://belastingdienst.dns.army
x-xss-protection: 0
server: nginx

GET
H/1.1 404
Not Found fontawesome-webfont.woff
belastingdienst.dns.army/fonts/ 0
0 176ms
175ms Font
text/html 185.45.195.173
HS Host Sailor Ltd

General

Check archive.org

Show headers Download Go to

Full URL: https://belastingdienst.dns.army/fonts/fontawesome-webfont.woff?v=4.7.0
Requested by: Host: belastingdienst.dns.army
URL: https://belastingdienst.dns.army/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.45.195.173 Los Angeles, United States, ASN60117 (HS Host Sailor Ltd, AE),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://belastingdienst.dns.army
Referer: https://belastingdienst.dns.army/

Response headers

Keep-Alive: timeout=5, max=99
Content-Length: 287
Date: Wed, 18 Dec 2024 01:51:56 GMT
Content-Type: text/html; charset=iso-8859-1
Server: Apache/2.4.18 (Ubuntu)
Connection: Keep-Alive

GET
H/1.1 200
OK ROsanswebtextregular.woff
download.belastingdienst.nl/assets/bold/rofonts/1.0.2/fonts/ 75 KB
77 KB 59ms
57ms Font
text/plain 2a04:9a01:1002::19
ASBELASTINGDIENST...

General

Check archive.org

Show headers Download Go to

Full URL

https://download.belastingdienst.nl/assets/bold/rofonts/1.0.2/fonts/ROsanswebtextregular.woff

Requested by

Host: download.belastingdienst.nl
URL: https://download.belastingdienst.nl/assets/bold/rofonts/1.0.2/css/rofonts.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a04:9a01:1002::19 , Netherlands, ASN34663 (ASBELASTINGDIENST Belastingdienst, NL),

Reverse DNS

Software

Resource Hash

751b9c590152dcaa5331b5580ceddd43c680fd076d9c09b536b5c36372f46087

Security Headers

Name	Value
Content-Security-Policy	default-src https://.belastingdienst.nl https://vinden.belastingdienst.nl https://.readspeaker.com; connect-src 'self' https://.belastingdienst.nl https://.optimizely.com https://.readspeaker.com https://.abtasty.com https://api.pdok.nl; child-src 'self' https://belastingdienst.nl https://.belastingdienst.nl https://.cdn.optimizely.com https://secure.opinionlab.com https://.readspeaker.com https://www.anbi-instellingen.nl https://www.youtube.com https://www.youtube-nocookie.com ; frame-src 'self' https://.belastingdienst.nl https://.readspeaker.com https://secure.opinionlab.com https://www.youtube.com https://www.youtube-nocookie.com ; frame-ancestors 'self' https://.belastingdienst.nl https://.pagefreezer.com https://.pagefreezer.nl ; img-src 'self' https://n01d05.cumulus-cloud.com https://.readspeaker.com https://img.youtube.com data: https://.belastingdienst.nl blob: data: .abtasty.com; font-src 'self' https://.belastingdienst.nl blob: data: .abtasty.com; script-src 'self' https://.belastingdienst.nl https://cdn.optimizely.com https://.readspeaker.com https://bdtm.containers.piwik.pro 'unsafe-eval' 'unsafe-inline' blob: .abtasty.com ; style-src 'self' https://.belastingdienst.nl https://.readspeaker.com *.abtasty.com 'unsafe-inline'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://belastingdienst.dns.army
Referer: https://download.belastingdienst.nl/assets/bold/rofonts/1.0.2/css/rofonts.css

Response headers

Strict-Transport-Security: max-age=31536000
Content-Security-Policy: default-src https://*.belastingdienst.nl https://vinden.belastingdienst.nl https://*.readspeaker.com; connect-src 'self' https://*.belastingdienst.nl https://*.optimizely.com https://*.readspeaker.com https://*.abtasty.com https://api.pdok.nl; child-src 'self' https://belastingdienst.nl https://*.belastingdienst.nl https://*.cdn.optimizely.com https://secure.opinionlab.com https://*.readspeaker.com https://www.anbi-instellingen.nl https://www.youtube.com https://www.youtube-nocookie.com ; frame-src 'self' https://*.belastingdienst.nl https://*.readspeaker.com https://secure.opinionlab.com https://www.youtube.com https://www.youtube-nocookie.com ; frame-ancestors 'self' https://*.belastingdienst.nl https://*.pagefreezer.com https://*.pagefreezer.nl ; img-src 'self' https://n01d05.cumulus-cloud.com https://*.readspeaker.com https://img.youtube.com data: https://*.belastingdienst.nl blob: data: *.abtasty.com; font-src 'self' https://*.belastingdienst.nl blob: data: *.abtasty.com; script-src 'self' https://*.belastingdienst.nl https://cdn.optimizely.com https://*.readspeaker.com https://bdtm.containers.piwik.pro 'unsafe-eval' 'unsafe-inline' blob: *.abtasty.com ; style-src 'self' https://*.belastingdienst.nl https://*.readspeaker.com *.abtasty.com 'unsafe-inline'
ETag: "12ac9-629760d754893"
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 76489
Keep-Alive: timeout=5, max=95
Date: Wed, 18 Dec 2024 01:51:56 GMT
X-XSS-Protection: 1; mode=block;
Last-Modified: Tue, 17 Dec 2024 12:01:08 GMT

GET
H/1.1 404
Not Found fontawesome-webfont.ttf
belastingdienst.dns.army/fonts/ 0
0 208ms
187ms Font
text/html 185.45.195.173
HS Host Sailor Ltd

General

Check archive.org

Show headers Download Go to

Full URL: https://belastingdienst.dns.army/fonts/fontawesome-webfont.ttf?v=4.7.0
Requested by: Host: belastingdienst.dns.army
URL: https://belastingdienst.dns.army/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.45.195.173 Los Angeles, United States, ASN60117 (HS Host Sailor Ltd, AE),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://belastingdienst.dns.army
Referer: https://belastingdienst.dns.army/

Response headers

Keep-Alive: timeout=5, max=98
Content-Length: 287
Date: Wed, 18 Dec 2024 01:51:57 GMT
Content-Type: text/html; charset=iso-8859-1
Server: Apache/2.4.18 (Ubuntu)
Connection: Keep-Alive

GET
H/1.1 200
OK favicon.ico
belastingdienst.dns.army/assets/img/ 2 KB
2 KB 157ms
157ms Other
image/vnd.microsoft.icon 185.45.195.173
HS Host Sailor Ltd

General

Check archive.org

Show headers Download Go to

Full URL: https://belastingdienst.dns.army/assets/img/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.45.195.173 Los Angeles, United States, ASN60117 (HS Host Sailor Ltd, AE),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: bf0122567c08c9b8201194a22321f37a89a0e81a1644939a7cf19d3d40e87983

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://belastingdienst.dns.army/

Response headers

ETag: "710-627e65ff33680"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1808
Keep-Alive: timeout=5, max=97
Date: Wed, 18 Dec 2024 01:51:57 GMT
Last-Modified: Wed, 27 Nov 2024 15:11:06 GMT
Content-Type: image/vnd.microsoft.icon
Server: Apache/2.4.18 (Ubuntu)

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05ae288d82ce8468e204b31d81cb54b2806d22fdd4cd1d2467851b317ec9123b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: NL Government (Government)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| callus

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.3cx.com/	1970-01-21 01:48:08	Name: __cf_bm Value: b1YSG4EDq0pdMx8pqhuh1ns6EvIZcPrJtG3I18NHTvU-1734486716-1.0.1.1-o_mGekiAWSJHA3IvBh84HP6mJCeg0w2mHQtyHiZAAhoCHSiYLjx1wg8_o5dKyJYo05yXAC7m_HUQHhQGhB5aUg

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://belastingdienst.dns.army/(Line 3) Message: Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.
network	error	URL: https://belastingdienst.dns.army/assets/js/jquery.min.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://belastingdienst.dns.army/assets/js/jspdf.min.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://belastingdienst.dns.army/assets/js/html2canvas.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://belastingdienst.dns.army/fonts/fontawesome-webfont.woff2?v=4.7.0 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://belastingdienst.dns.army/fonts/fontawesome-webfont.woff?v=4.7.0 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://belastingdienst.dns.army/fonts/fontawesome-webfont.ttf?v=4.7.0 Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1894.3cx.cloud
belastingdienst.dns.army
download.belastingdienst.nl
downloads-global.3cx.com
fonts.googleapis.com
fonts.gstatic.com
www.belastingdienst.nl
142.250.186.35
185.45.195.173
2606:4700:4400::ac40:98ed
2a00:1450:4001:80e::200a
2a03:b0c0:2:d0::14a6:2001
2a04:9a01:1002::19
2a04:9a01:1002::33
05ae288d82ce8468e204b31d81cb54b2806d22fdd4cd1d2467851b317ec9123b
24c2c8d65ef0423159d5505ed54492d1346611b076c14fd3af08e5364ce83d9e
52d62465d244bef9c22960bed269d931eb2b705dff7f09a0bcf5ddba62554f45
5563fe6bd2ded6f1ab13dd6c7961c0d93d06cfce99069a98eb0f4c593111fb80
741fd13ddcab54d0fe9f6eb0c762a90c2842448db62dd407fdeb906cd2819f97
751b9c590152dcaa5331b5580ceddd43c680fd076d9c09b536b5c36372f46087
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
890aac78854e24716a0fd5c7c3fbe4701d51a3f5ef2a44a60c8caf0699f3c5d2
964c3d93a1b348e1bc73eae0869a04d9744189a633b8fb92d2dcec4cc4e76b7d
987acb3f302ec3792519ac801ec836631f9a307ba5ebbbc2c0d3d5ec89eac599
bf0122567c08c9b8201194a22321f37a89a0e81a1644939a7cf19d3d40e87983
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
db46619d34a60708879ce78f5067a77a905380849ea3d8fb67d70cb6dcac5714
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

belastingdienst.dns.army Open in urlscan Pro 185.45.195.173 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

19 Requests

100 %HTTPS

71 %IPv6

6 Domains

7 Subdomains

8 IPs

3 Countries

994 kBTransfer

1470 kBSize

1 Cookies

0 Outgoing links

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

1 Cookies

7 Console Messages

Indicators

belastingdienst.dns.army Open in urlscan Pro
185.45.195.173 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

100 %
HTTPS

71 %
IPv6

6
Domains

7
Subdomains

8
IPs

3
Countries

994 kB
Transfer

1470 kB
Size

1
Cookies

19 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!