betalings-bericht.com Open in urlscan Pro
66.45.238.235 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://betalings-bericht.com/belastingdienst/nl/betaalpagina.html
Submission Tags: @ecarlesi threat phishing belastingdienst Search All
Submission: On May 08 via api (May 8th 2024, 5:19:42 am UTC) from IT — Scanned from IT

Summary HTTP 12 Redirects Links 54 Behaviour Indicators

Summary

This website contacted 6 IPs in 4 countries across 7 domains to perform 12 HTTP transactions. The main IP is 66.45.238.235, located in United States and belongs to IS-AS-1, US. The main domain is betalings-bericht.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on May 4th 2024. Valid for: 3 months.

This is the only time betalings-bericht.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: NL Government (Government)

Domain & IP information

	IP Address	AS Autonomous System
1	66.45.238.235 66.45.238.235	19318 (IS-AS-1) (IS-AS-1)
1	2a04:9a01:100... 2a04:9a01:1002::33	34663 (ASBELASTI...) (ASBELASTINGDIENST)
1 1	104.26.9.183 104.26.9.183	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:20:... 2606:4700:20::681a:98b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	6

1 66.45.238.235 (United States)

ASN19318 (IS-AS-1, US)
PTR: njsy-box-1.fordys.net

betalings-bericht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:9a01:1002::33 (Netherlands)

ASN34663 (ASBELASTINGDIENST, NL)

www.belastingdienst.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.9.183 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

code.tidio.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:98b (United States)

ASN13335 (CLOUDFLARENET, US)

widget-v4.tidiochat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

s2.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

t3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	tidiochat.com widget-v4.tidiochat.com — Cisco Umbrella Rank: 22230	319 KB
2	gstatic.com t3.gstatic.com	958 B
2	googleusercontent.com 2 redirects s2.googleusercontent.com — Cisco Umbrella Rank: 40618	297 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 237	2 KB
1	tidio.co 1 redirects code.tidio.co — Cisco Umbrella Rank: 17224	488 B
1	belastingdienst.nl www.belastingdienst.nl — Cisco Umbrella Rank: 150652	19 KB
1	betalings-bericht.com betalings-bericht.com	865 KB
12	7

	Domain	Requested by
6	widget-v4.tidiochat.com	betalings-bericht.com code.tidio.co
2	t3.gstatic.com
2	s2.googleusercontent.com	2 redirects
1	cdnjs.cloudflare.com
1	code.tidio.co	1 redirects
1	www.belastingdienst.nl	betalings-bericht.com
1	betalings-bericht.com
12	7

This site contains links to these domains. Also see Links.

Domain
www.cjib.nl
www.facebook.com
twitter.com
www.linkedin.com
api.whatsapp.com

Subject Issuer	Validity	Valid
wh1334841.ispot.cc cPanel, Inc. Certification Authority	`2024-05-04` - `2024-08-02`	3 months	crt.sh
www.belastingdienst.nl DigiCert G2 TLS EU RSA4096 SHA384 2022 CA1	`2024-05-02` - `2025-05-01`	a year	crt.sh
tidiochat.com GTS CA 1P5	`2024-03-17` - `2024-06-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://betalings-bericht.com/belastingdienst/nl/betaalpagina.html
Frame ID: 65D1EDCA606CD3FEC7BEA8830C35DF06
Requests: 17 HTTP requests in this frame

Frame: https://widget-v4.tidiochat.com/1_223_0/static/js/chunk-WidgetIframe-ab0ffde36be6aa7a153d.js
Frame ID: F126AEAF1363C1C041BDC99632685F5D
Requests: 4 HTTP requests in this frame

Frame: https://widget-v4.tidiochat.com/fonts/mulish_SGhgqk3wotYKNnBQ.woff2
Frame ID: 005DBD0C7213290A6EE4CE8BDDEBCB2D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Belastingdienst Nederland |

Page Statistics

12
Requests

67 %
HTTPS

57 %
IPv6

7
Domains

7
Subdomains

6
IPs

4
Countries

1431 kB
Transfer

4281 kB
Size

0
Cookies

54 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cjib.nl/
Title: Home

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.cjib.nl/direct-regelen/ik-wil-betalen

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://www.cjib.nl/direct-regelen/ik-wil-betalen

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.cjib.nl/direct-regelen/ik-wil-betalen

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=https://www.cjib.nl/direct-regelen/ik-wil-betalen

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/contact
Title: Contact

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/cookies
Title: Cookies

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/bescherming-persoonsgegevens
Title: Persoonsgegevens

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/proclaimer
Title: Proclaimer

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/archief
Title: Archief

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/sitemap
Title: Sitemap

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/kwetsbaarheid-melden
Title: Kwetsbaarheid melden

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/toegankelijkheid
Title: Toegankelijkheid

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/nl-b
Title: Nederlands (BE)

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/cs
Title: Čeština

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/da
Title: Dansk

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/de
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/et
Title: Eesti keel

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/en
Title: English

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/es
Title: Español

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/el
Title: Ελληνικά

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/fr
Title: Français

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/hr
Title: Hrvatski

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/it
Title: Italiano

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/lv
Title: Latviešu valoda

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/lt
Title: Lietuvių

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/hu
Title: Magyar

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/pl
Title: Polski

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/pt
Title: Português

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/ro
Title: Română

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/sk
Title: Slovenčina

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/sl
Title: Slovenščina

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/fi
Title: Suomi

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/sv
Title: Svenska

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/over-ons/hoe-werken-wij/verkeersboete
Title: Verkeersboete

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/over-ons/hoe-werken-wij/premies-voor-uw-zorgverzekering
Title: Premies voor uw zorgverzekering

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/over-ons/hoe-werken-wij/strafbeschikking
Title: Strafbeschikking

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/over-ons/hoe-werken-wij/boete-opgelegd-door-de-rechter
Title: Boete opgelegd door de rechter

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/over-ons/hoe-werken-wij/schadevergoedingsmaatregel
Title: Schadevergoeding

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/over-ons/hoe-werken-wij/ontnemingsmaatregel
Title: Ontnemingsmaatregel

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/over-ons/hoe-werken-wij/europese-boete
Title: Europese boete

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/legesveroordeling-huurcommissie-en-verwerking-van-persoonsgegevens
Title: Legesveroordeling Huurcommissie

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/over-ons/hoe-werken-wij/transactievoorstel
Title: Transactievoorstel

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/over-ons/hoe-werken-wij/aankondiging
Title: Overheidsincasso

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/bestuurlijke-boete
Title: Bestuurlijke boete

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/doorgeven-bestuurder-0
Title: Opgeven bestuurder

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/over-ons/hoe-werken-wij/dwangsom
Title: Dwangsom

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/over-ons/hoe-werken-wij/kosten-bestuursdwang
Title: Kosten bestuursdwang

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/maatregel-kostenverhaal
Title: Maatregel kostenverhaal

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/wat-doen-wij/bestuurlijke-boete
Title: Bestuurlijke boete

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/over-ons/hoe-werken-wij/verhuurderbijdrage-huurcommissie
Title: Verhuurderbijdrage

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/wat-doen-wij/dwangsom
Title: Dwangsom

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/wat-doen-wij/legesveroordeling-huurcommissie
Title: Legesveroordeling Huurcommissie

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/wat-doen-wij/kosten-bestuursdwang
Title: Kosten bestuursdwang

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://code.tidio.co/bicknj3hsltxgkrn3epaxde3nlhq96fy.js HTTP 302
https://widget-v4.tidiochat.com/1_223_0/static/js/render.ab0ffde36be6aa7a153d.js

Request Chain 17

https://s2.googleusercontent.com/s2/favicons?domain=belastingdienst.nl&sz=32 HTTP 301
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://belastingdienst.nl&size=32

Request Chain 19

https://s2.googleusercontent.com/s2/favicons?domain=belastingdienst.nl&sz=32 HTTP 301
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://belastingdienst.nl&size=32

12 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request betaalpagina.html Show response
betalings-bericht.com/belastingdienst/nl/ 3 MB
865 KB 425ms
111ms Document
text/html 66.45.238.235
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://betalings-bericht.com/belastingdienst/nl/betaalpagina.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.45.238.235 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: njsy-box-1.fordys.net
Software: LiteSpeed /
Resource Hash: 247fd060d67e8cd1c2c67aa9d402b75178f4eac88de37372d3d19191dc51fb84

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 884838
content-type: text/html
date: Wed, 08 May 2024 05:19:36 GMT
last-modified: Wed, 08 May 2024 00:15:22 GMT
server: LiteSpeed
vary: Accept-Encoding

GET
H/1.1 200
OK bld_logo.svg
www.belastingdienst.nl/bld-assets/bld/rhslogos/ 17 KB
19 KB 173ms
54ms Image
image/svg+xml 2a04:9a01:1002::33
ASBELASTINGDIENST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.belastingdienst.nl/bld-assets/bld/rhslogos/bld_logo.svg

Requested by

Host: betalings-bericht.com
URL: https://betalings-bericht.com/belastingdienst/nl/betaalpagina.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a04:9a01:1002::33 , Netherlands, ASN34663 (ASBELASTINGDIENST, NL),

Reverse DNS

Software

Resource Hash

24c2c8d65ef0423159d5505ed54492d1346611b076c14fd3af08e5364ce83d9e

Security Headers

Name	Value
Content-Security-Policy	default-src https://.belastingdienst.nl https://vinden.belastingdienst.nl https://.readspeaker.com; connect-src 'self' https://.belastingdienst.nl https://enquete.agconsult.com https://.readspeaker.com https://.abtasty.com https://api.pdok.nl; child-src 'self' https://belastingdienst.nl https://.belastingdienst.nl https://secure.opinionlab.com https://.readspeaker.com https://www.youtube.com https://www.youtube-nocookie.com ; frame-src 'self' https://.belastingdienst.nl https://.readspeaker.com https://secure.opinionlab.com https://www.youtube.com https://www.youtube-nocookie.com https://survey.alchemer.eu ; frame-ancestors 'self' https://.belastingdienst.nl https://.pagefreezer.com https://.pagefreezer.nl ; img-src 'self' https://.readspeaker.com https://img.youtube.com data: https://.belastingdienst.nl blob: data: .abtasty.com; font-src 'self' https://.belastingdienst.nl blob: data: .abtasty.com; script-src 'self' https://.belastingdienst.nl https://enquete.agconsult.com https://.readspeaker.com 'unsafe-eval' 'unsafe-inline' blob: .abtasty.com ; style-src 'self' https://.belastingdienst.nl https://.readspeaker.com *.abtasty.com 'unsafe-inline'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://betalings-bericht.com/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 08 May 2024 05:19:37 GMT
Content-Security-Policy: default-src https://*.belastingdienst.nl https://vinden.belastingdienst.nl https://*.readspeaker.com; connect-src 'self' https://*.belastingdienst.nl https://enquete.agconsult.com https://*.readspeaker.com https://*.abtasty.com https://api.pdok.nl; child-src 'self' https://belastingdienst.nl https://*.belastingdienst.nl https://secure.opinionlab.com https://*.readspeaker.com https://www.youtube.com https://www.youtube-nocookie.com ; frame-src 'self' https://*.belastingdienst.nl https://*.readspeaker.com https://secure.opinionlab.com https://www.youtube.com https://www.youtube-nocookie.com https://survey.alchemer.eu ; frame-ancestors 'self' https://*.belastingdienst.nl https://*.pagefreezer.com https://*.pagefreezer.nl ; img-src 'self' https://*.readspeaker.com https://img.youtube.com data: https://*.belastingdienst.nl blob: data: *.abtasty.com; font-src 'self' https://*.belastingdienst.nl blob: data: *.abtasty.com; script-src 'self' https://*.belastingdienst.nl https://enquete.agconsult.com https://*.readspeaker.com 'unsafe-eval' 'unsafe-inline' blob: *.abtasty.com ; style-src 'self' https://*.belastingdienst.nl https://*.readspeaker.com *.abtasty.com 'unsafe-inline'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 21 Aug 2023 07:08:12 GMT
ETag: "454b-603698a9b53a0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 17739
X-XSS-Protection: 1; mode=block;

GET
DATA 200
OK truncated
/ 325 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e1259c7006dfe0d19f6bcc4fc622c4ce555250e9924fa20cafbe137e64d72eb

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 75 KB
75 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 54039c085acfdaf5124e55514d4153752a8526dc55b1d76c3bc731bfa4c3863a

Request headers

Referer
Origin: https://betalings-bericht.com
Accept-Language: it-IT,it;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: font/woff

GET
DATA 200
OK truncated
/ 68 KB
68 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 27c094142b294677babfd410f01ab0ef6450c30f0ced804477f1b98adfc3a591

Request headers

Referer
Origin: https://betalings-bericht.com
Accept-Language: it-IT,it;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: font/woff

GET
DATA 200
OK truncated
/ 29 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ec0583dd05c9ae23e4f612829312af92f4b38961c0b1fbf53a266f20d4eb182

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 673 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c922548cfe09320db090d544611419072db72918c07a3588e8138bd474eb41d3

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 847 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea24041f1bf773952f69e1e98082de62b89f24ca6b60b147f2f052b21e3b6861

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 686 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f325b8b3a6c772d7ebef4dea572c8da501e9c6ee286df0d96dfa49441258fd2f

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 85f028fadd26412f3ff050e58fab1c791a172e44f078db492c89bbb950053695

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc4b94fbd1ec10e1ed4e130d8c785c2f0f7a6dacee88c019d3d77782b86d43ba

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc9b62c0c22ee9ed9efc6b63664e860df4979d42279d6d76d5720beec4c8b239

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76cba8c616494b98ce3232bb080e8beef3583aa75368c65b5e121508f92bb6a4

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 82 KB
82 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95b8c28ae6c0c9d5657a44d5a6ca24c04165eef39d6a8e1e93627c8d755ffe3a

Request headers

Referer
Origin: https://betalings-bericht.com
Accept-Language: it-IT,it;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: font/woff

GET
H2

200

render.ab0ffde36be6aa7a153d.js Show response
widget-v4.tidiochat.com/1_223_0/static/js/
Redirect Chain

https://code.tidio.co/bicknj3hsltxgkrn3epaxde3nlhq96fy.js
https://widget-v4.tidiochat.com/1_223_0/static/js/render.ab0ffde36be6aa7a153d.js

5 KB
2 KB

102ms
50ms

Script
application/javascript

2606:4700:20::681a:98b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v4.tidiochat.com/1_223_0/static/js/render.ab0ffde36be6aa7a153d.js
Requested by: Host: betalings-bericht.com
URL: https://betalings-bericht.com/belastingdienst/nl/betaalpagina.html
Protocol: H2
Server: 2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5d95d14910af85648443b6c5c45602ad1075b028950459e1ceaad8ef63578c0

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer: https://betalings-bericht.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Wed, 08 May 2024 05:19:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 22 Apr 2024 07:40:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5702
etag: W/"6626145b-1472"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vR%2FwlIqedAw%2BZWGaKLB%2F1mfteB44yIvIrOsqyKVyjfYsn42VX8ZpLSisf8ftkoko5ur8NkTumVXnIGEMPBVcmXv3HvibwMQCsz20Sl5FQgFzgj2K2%2FADjXWYcutLMDoOcdBQBCjTHRvnT%2F2HDh06cnYELxEI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
cf-ray: 8806fef63b354be8-MXP

Redirect headers

date: Wed, 08 May 2024 05:19:37 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
widget-cache-status: HIT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WvkDLFXMIzurGlRfhb%2BuI31PHlsdZIdwgnfqX5hM26b%2Fqo1HxvIslRFN6L64anTBxqnyYJ3E7rAaJWKboN9BJ9%2BDMX%2B8n9z7KIExuCRnfAbE%2BQnOMHNt4rwJwrFfhXA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://widget-v4.tidiochat.com/1_223_0/static/js/render.ab0ffde36be6aa7a153d.js
cache-control: public, s-maxage=300, max-age=0
cf-ray: 8806fef4ee1059d1-MXP

GET
H2 200 chunk-WidgetIframe-ab0ffde36be6aa7a153d.js Show response
widget-v4.tidiochat.com/1_223_0/static/js/ Frame F126 477 KB
124 KB 37ms
36ms Script
application/javascript 2606:4700:20::681a:98b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v4.tidiochat.com/1_223_0/static/js/chunk-WidgetIframe-ab0ffde36be6aa7a153d.js
Requested by: Host: code.tidio.co
URL: https://code.tidio.co/bicknj3hsltxgkrn3epaxde3nlhq96fy.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5262e3f73f35616febd13fbe6feee14613d076774ff644e48489f7cd6694a8dc

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 05:19:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 22 Apr 2024 07:40:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5688
etag: W/"6626145b-775a9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KaQnK5ND0CUHX9anIyoDbxrJHsofv%2BxI5lOalCQAR5D7ABpbQHYYBSRzZ%2FF7p2GUk7zqsSCAZS%2FfZte1ZAayiFigtYs%2BPrwH077ALWj2%2BT3VIATY52P3IqTfkUyG6FqIMdrDJhngYRHYKn7oqoDGy91LNEz4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
cf-ray: 8806fef69ba94be8-MXP

GET
H2 200 mulish_SGhgqk3wotYKNnBQ.woff2
widget-v4.tidiochat.com/fonts/ Frame F126 27 KB
27 KB 108ms
68ms Font
font/woff2 2606:4700:20::681a:98b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v4.tidiochat.com/fonts/mulish_SGhgqk3wotYKNnBQ.woff2
Requested by: Host: code.tidio.co
URL: https://code.tidio.co/bicknj3hsltxgkrn3epaxde3nlhq96fy.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 577db921a554af3596942d3c48b5c91feaac8c767e183d518a8de8de86e5c7d8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://betalings-bericht.com
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 05:19:38 GMT
cf-cache-status: MISS
last-modified: Mon, 22 Apr 2024 07:40:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66261456-6b08"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vDOD0l7ppw3wXNDoEWTAZtmY4S%2F04stWljcQRIU3cPgyobOy0EB%2F%2BJG6u3rgpJYwlOiz6TqBc0SA%2FxGtaeevnGuahTy58q2NRV%2FP9Xq5F3ouCMlO4c7Z4l1vf%2Bdstdlt1k8g2RFf5X3DpiOyFzhinjypC7GI"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 8806fef6d9670e13-MXP
content-length: 27400

GET
H2 206 tururu.mp3
widget-v4.tidiochat.com// Frame F126 7 KB
7 KB 26ms
26ms Media
audio/mpeg 2606:4700:20::681a:98b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v4.tidiochat.com//tururu.mp3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 05:19:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 730110
Content-Range: bytes 0-7223/7224
Content-Length: 7224
pragma: public
last-modified: Mon, 22 Apr 2024 07:40:06 GMT
server: cloudflare
etag: "66261456-1c38"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=haL%2BGU04AcgIRhzbpbQSBvsmMtW3cz57Y2rWQExUfjZIvHLINVVikUjbkA1WoW3bVjtHbwr54KW2K87oyXd6RfaBzKuuqdWhA8tzvsRIP9gqTTLltDLqW0SHlvtyJX4pFwUK8FsNsZiwsWGW7uFkPGmaXHyt"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
cache-control: public, max-age=31536000
cf-ray: 8806fef69bb44be8-MXP
expires: Mon, 13 May 2024 18:31:08 GMT

GET
H2

200

faviconV2
t3.gstatic.com/
Redirect Chain

https://s2.googleusercontent.com/s2/favicons?domain=belastingdienst.nl&sz=32
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://belastingdienst.nl&size=32

399 B
958 B

106ms
27ms

Other
image/png

2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://belastingdienst.nl&size=32

Protocol

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64fd48770f59ad0d509ab6664933095321f797323c9965a8ef92cbb060acfa40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer: https://betalings-bericht.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Wed, 08 May 2024 05:08:51 GMT
x-content-type-options: nosniff
age: 647
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 399
x-xss-protection: 0
last-modified: Wed, 19 Jun 2019 07:23:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://www.belastingdienst.nl/bld-assets/bld/images/favicon.ico
expires: Wed, 15 May 2024 05:08:51 GMT

Redirect headers

date: Wed, 08 May 2024 05:08:51 GMT
x-content-type-options: nosniff
server: sffe
age: 647
content-type: text/html; charset=UTF-8
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://belastingdienst.nl&size=32
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 338
x-xss-protection: 0
expires: Wed, 08 May 2024 05:38:51 GMT

GET
H2 200 widget.ab0ffde36be6aa7a153d.js Show response
widget-v4.tidiochat.com/1_223_0/static/js/ Frame F126 493 KB
158 KB 47ms
47ms Script
application/javascript 2606:4700:20::681a:98b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v4.tidiochat.com/1_223_0/static/js/widget.ab0ffde36be6aa7a153d.js
Requested by: Host: code.tidio.co
URL: https://code.tidio.co/bicknj3hsltxgkrn3epaxde3nlhq96fy.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69db969f017b237bf909e05cfc9a8b5fac05a5363f17888651bafb818a7e651c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 05:19:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 22 Apr 2024 07:40:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5688
etag: W/"6626145b-7b531"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zhZ5BJVBh%2FNgTQP%2FjW9ZZFgAj%2BLkNpjiSK%2BOqbSBeVUGfcsIBg4BQaJOAiXI80aVa2q3jJabmFXjODeSbELOQqHonRV0%2FyJ%2Fc%2BTrjzM1HBIA5WiedGYacf5ahUt%2BVZaMh1XeK0d%2FY09SWW3gcq%2F7LjEDMZ8b"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
cf-ray: 8806fef69bb64be8-MXP

GET
H2

200

faviconV2
t3.gstatic.com/
Redirect Chain

https://s2.googleusercontent.com/s2/favicons?domain=belastingdienst.nl&sz=32
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://belastingdienst.nl&size=32

399 B
0

0ms
0ms

Other
image/png

2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://belastingdienst.nl&size=32

Protocol

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64fd48770f59ad0d509ab6664933095321f797323c9965a8ef92cbb060acfa40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer: https://betalings-bericht.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Wed, 08 May 2024 05:08:51 GMT
x-content-type-options: nosniff
age: 647
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 399
x-xss-protection: 0
last-modified: Wed, 19 Jun 2019 07:23:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://www.belastingdienst.nl/bld-assets/bld/images/favicon.ico
expires: Wed, 15 May 2024 05:08:51 GMT

Redirect headers

date: Wed, 08 May 2024 05:08:51 GMT
x-content-type-options: nosniff
server: sffe
age: 647
content-type: text/html; charset=UTF-8
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://belastingdienst.nl&size=32
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 338
x-xss-protection: 0
expires: Wed, 08 May 2024 05:38:51 GMT

GET
H2 200 mulish_SGhgqk3wotYKNnBQ.woff2
widget-v4.tidiochat.com/fonts/ Frame 005D 27 KB
0 108ms
68ms Font
font/woff2 2606:4700:20::681a:98b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v4.tidiochat.com/fonts/mulish_SGhgqk3wotYKNnBQ.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:98b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://betalings-bericht.com/
Origin: https://betalings-bericht.com
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 05:19:38 GMT
cf-cache-status: MISS
last-modified: Mon, 22 Apr 2024 07:40:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66261456-6b08"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vDOD0l7ppw3wXNDoEWTAZtmY4S%2F04stWljcQRIU3cPgyobOy0EB%2F%2BJG6u3rgpJYwlOiz6TqBc0SA%2FxGtaeevnGuahTy58q2NRV%2FP9Xq5F3ouCMlO4c7Z4l1vf%2Bdstdlt1k8g2RFf5X3DpiOyFzhinjypC7GI"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 8806fef6d9670e13-MXP
content-length: 27400

GET
H3 200 1f44b.png
cdnjs.cloudflare.com/ajax/libs/twemoji/12.1.1/72x72/ Frame 005D 1 KB
2 KB 48ms
26ms Image
image/png 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twemoji/12.1.1/72x72/1f44b.png

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfee1561c6e59c90f7a292f90157bae85f75ccb3ae27b655898a51429e3a8910

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://betalings-bericht.com/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 08 May 2024 05:19:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 458652
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1224
last-modified: Sat, 19 Dec 2020 02:18:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fdd6306-505"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZF8j%2FOpeKdTcYX6u%2BajcYC1mj%2FG%2FoAr9kkPbcUL42iigjdWCwTpFeiQJJnEIyHjsFw4blWePC49ZgZzfGmeNAIJ8H65ZSBajy%2B4MqZIY9RY%2B%2FA6WfBEQ%2BDipSbTmeDTyusDSDKyi"}],"group":"cf-nel","max_age":604800}
content-type: image/png; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8806fefafc50525b-MXP
expires: Mon, 28 Apr 2025 05:19:38 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: NL Government (Government)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: about:blank Message: The resource https://widget-v4.tidiochat.com/fonts/mulish_SGhgqk3wotYKNnBQ.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

betalings-bericht.com
cdnjs.cloudflare.com
code.tidio.co
s2.googleusercontent.com
t3.gstatic.com
widget-v4.tidiochat.com
www.belastingdienst.nl
104.17.24.14
104.26.9.183
2606:4700:20::681a:98b
2a00:1450:4001:803::2004
2a00:1450:4001:831::2001
2a04:9a01:1002::33
66.45.238.235
12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f
247fd060d67e8cd1c2c67aa9d402b75178f4eac88de37372d3d19191dc51fb84
24c2c8d65ef0423159d5505ed54492d1346611b076c14fd3af08e5364ce83d9e
27c094142b294677babfd410f01ab0ef6450c30f0ced804477f1b98adfc3a591
4ec0583dd05c9ae23e4f612829312af92f4b38961c0b1fbf53a266f20d4eb182
5262e3f73f35616febd13fbe6feee14613d076774ff644e48489f7cd6694a8dc
54039c085acfdaf5124e55514d4153752a8526dc55b1d76c3bc731bfa4c3863a
577db921a554af3596942d3c48b5c91feaac8c767e183d518a8de8de86e5c7d8
64fd48770f59ad0d509ab6664933095321f797323c9965a8ef92cbb060acfa40
69db969f017b237bf909e05cfc9a8b5fac05a5363f17888651bafb818a7e651c
6b683c486d5ac58822706a5b853e188089c8ac224f68788c35cc27844357ec2d
76cba8c616494b98ce3232bb080e8beef3583aa75368c65b5e121508f92bb6a4
85f028fadd26412f3ff050e58fab1c791a172e44f078db492c89bbb950053695
8e1259c7006dfe0d19f6bcc4fc622c4ce555250e9924fa20cafbe137e64d72eb
95b8c28ae6c0c9d5657a44d5a6ca24c04165eef39d6a8e1e93627c8d755ffe3a
c922548cfe09320db090d544611419072db72918c07a3588e8138bd474eb41d3
dc4b94fbd1ec10e1ed4e130d8c785c2f0f7a6dacee88c019d3d77782b86d43ba
dc9b62c0c22ee9ed9efc6b63664e860df4979d42279d6d76d5720beec4c8b239
dfee1561c6e59c90f7a292f90157bae85f75ccb3ae27b655898a51429e3a8910
e5d95d14910af85648443b6c5c45602ad1075b028950459e1ceaad8ef63578c0
ea24041f1bf773952f69e1e98082de62b89f24ca6b60b147f2f052b21e3b6861
f325b8b3a6c772d7ebef4dea572c8da501e9c6ee286df0d96dfa49441258fd2f

betalings-bericht.com Open in urlscan Pro 66.45.238.235 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

12 Requests

67 %HTTPS

57 %IPv6

7 Domains

7 Subdomains

6 IPs

4 Countries

1431 kBTransfer

4281 kBSize

0 Cookies

54 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

5 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

betalings-bericht.com Open in urlscan Pro
66.45.238.235 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

67 %
HTTPS

57 %
IPv6

7
Domains

7
Subdomains

6
IPs

4
Countries

1431 kB
Transfer

4281 kB
Size

0
Cookies

12 HTTP transactions
11 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!