herinnerings-bericht.com Open in urlscan Pro
64.20.51.238 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://herinnerings-bericht.com/belastingdienst/nl/betaalpagina.html
Effective URL:
https://herinnerings-bericht.com/belastingdienst/nl/betaalpagina.html
Submission Tags: @ecarlesi threat phishing belastingdienst Search All
Submission: On July 22 via api (July 22nd 2024, 6:37:16 pm UTC) from IT — Scanned from IT

Summary HTTP 11 Redirects Links 54 Behaviour Indicators

Summary

This website contacted 6 IPs in 4 countries across 7 domains to perform 11 HTTP transactions. The main IP is 64.20.51.238, located in United States and belongs to IS-AS-1, US. The main domain is herinnerings-bericht.com.
TLS certificate: Issued by R10 on July 21st 2024. Valid for: 3 months.

This is the only time herinnerings-bericht.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: NL Government (Government)

Domain & IP information

	IP Address	AS Autonomous System
1	64.20.51.238 64.20.51.238	19318 (IS-AS-1) (IS-AS-1)
1	2a04:9a01:100... 2a04:9a01:1002::33	34663 (ASBELASTI...) (ASBELASTINGDIENST)
1 1	172.67.72.223 172.67.72.223	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:20:... 2606:4700:20::681a:88b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	2a00:1450:400... 2a00:1450:4001:81d::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	6

1 64.20.51.238 (United States)

ASN19318 (IS-AS-1, US)

herinnerings-bericht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:9a01:1002::33 (Netherlands)

ASN34663 (ASBELASTINGDIENST, NL)

www.belastingdienst.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.72.223 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

code.tidio.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:88b (United States)

ASN13335 (CLOUDFLARENET, US)

widget-v4.tidiochat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

s2.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

t1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	tidiochat.com widget-v4.tidiochat.com — Cisco Umbrella Rank: 35486	368 KB
2	gstatic.com t1.gstatic.com	953 B
2	googleusercontent.com 2 redirects s2.googleusercontent.com — Cisco Umbrella Rank: 40687	639 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	2 KB
1	tidio.co 1 redirects code.tidio.co — Cisco Umbrella Rank: 27856	639 B
1	belastingdienst.nl www.belastingdienst.nl — Cisco Umbrella Rank: 384804	19 KB
1	herinnerings-bericht.com herinnerings-bericht.com	865 KB
11	7

	Domain	Requested by
6	widget-v4.tidiochat.com	herinnerings-bericht.com code.tidio.co
2	t1.gstatic.com
2	s2.googleusercontent.com	2 redirects
1	cdnjs.cloudflare.com
1	code.tidio.co	1 redirects
1	www.belastingdienst.nl	herinnerings-bericht.com
1	herinnerings-bericht.com
11	7

This site contains links to these domains. Also see Links.

Domain
www.cjib.nl
www.facebook.com
twitter.com
www.linkedin.com
api.whatsapp.com

Subject Issuer	Validity	Valid
wh1360391.ispot.cc R10	`2024-07-21` - `2024-10-19`	3 months	crt.sh
www.belastingdienst.nl DigiCert G2 TLS EU RSA4096 SHA384 2022 CA1	`2024-05-02` - `2025-05-01`	a year	crt.sh
tidiochat.com WE1	`2024-07-13` - `2024-10-11`	3 months	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://herinnerings-bericht.com/belastingdienst/nl/betaalpagina.html
Frame ID: 5AFBCD8944C0CB49C13A0D96CCACA935
Requests: 17 HTTP requests in this frame

Frame: https://widget-v4.tidiochat.com/1_233_0/static/js/chunk-WidgetIframe-d205141041c92a4f8ea5.js
Frame ID: 30CA80C4CCCF73CF402FDB423FA6F775
Requests: 4 HTTP requests in this frame

Frame: https://widget-v4.tidiochat.com/fonts/mulish_SGhgqk3wotYKNnBQ.woff2
Frame ID: 85B6DE2E0E2CE6E2FF0E3785677D0E81
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Belastingdienst Nederland |

Page URL History Show full URLs

http://herinnerings-bericht.com/belastingdienst/nl/betaalpagina.html HTTP 307
https://herinnerings-bericht.com/belastingdienst/nl/betaalpagina.html Page URL

Page Statistics

11
Requests

73 %
HTTPS

57 %
IPv6

7
Domains

7
Subdomains

6
IPs

4
Countries

1479 kB
Transfer

4278 kB
Size

0
Cookies

54 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cjib.nl/
Title: Home

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.cjib.nl/direct-regelen/ik-wil-betalen

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://www.cjib.nl/direct-regelen/ik-wil-betalen

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.cjib.nl/direct-regelen/ik-wil-betalen

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=https://www.cjib.nl/direct-regelen/ik-wil-betalen

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/contact
Title: Contact

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/cookies
Title: Cookies

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/bescherming-persoonsgegevens
Title: Persoonsgegevens

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/proclaimer
Title: Proclaimer

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/archief
Title: Archief

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/sitemap
Title: Sitemap

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/kwetsbaarheid-melden
Title: Kwetsbaarheid melden

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/toegankelijkheid
Title: Toegankelijkheid

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/nl-b
Title: Nederlands (BE)

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/cs
Title: Čeština

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/da
Title: Dansk

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/de
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/et
Title: Eesti keel

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/en
Title: English

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/es
Title: Español

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/el
Title: Ελληνικά

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/fr
Title: Français

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/hr
Title: Hrvatski

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/it
Title: Italiano

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/lv
Title: Latviešu valoda

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/lt
Title: Lietuvių

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/hu
Title: Magyar

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/pl
Title: Polski

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/pt
Title: Português

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/ro
Title: Română

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/sk
Title: Slovenčina

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/sl
Title: Slovenščina

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/fi
Title: Suomi

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/sv
Title: Svenska

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/over-ons/hoe-werken-wij/verkeersboete
Title: Verkeersboete

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/over-ons/hoe-werken-wij/premies-voor-uw-zorgverzekering
Title: Premies voor uw zorgverzekering

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/over-ons/hoe-werken-wij/strafbeschikking
Title: Strafbeschikking

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/over-ons/hoe-werken-wij/boete-opgelegd-door-de-rechter
Title: Boete opgelegd door de rechter

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/over-ons/hoe-werken-wij/schadevergoedingsmaatregel
Title: Schadevergoeding

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/over-ons/hoe-werken-wij/ontnemingsmaatregel
Title: Ontnemingsmaatregel

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/over-ons/hoe-werken-wij/europese-boete
Title: Europese boete

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/legesveroordeling-huurcommissie-en-verwerking-van-persoonsgegevens
Title: Legesveroordeling Huurcommissie

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/over-ons/hoe-werken-wij/transactievoorstel
Title: Transactievoorstel

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/over-ons/hoe-werken-wij/aankondiging
Title: Overheidsincasso

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/bestuurlijke-boete
Title: Bestuurlijke boete

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/doorgeven-bestuurder-0
Title: Opgeven bestuurder

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/over-ons/hoe-werken-wij/dwangsom
Title: Dwangsom

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/over-ons/hoe-werken-wij/kosten-bestuursdwang
Title: Kosten bestuursdwang

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/maatregel-kostenverhaal
Title: Maatregel kostenverhaal

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/wat-doen-wij/bestuurlijke-boete
Title: Bestuurlijke boete

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/over-ons/hoe-werken-wij/verhuurderbijdrage-huurcommissie
Title: Verhuurderbijdrage

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/wat-doen-wij/dwangsom
Title: Dwangsom

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/wat-doen-wij/legesveroordeling-huurcommissie
Title: Legesveroordeling Huurcommissie

Search URL Search Domain Scan URL

URL: https://www.cjib.nl/wat-doen-wij/kosten-bestuursdwang
Title: Kosten bestuursdwang

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://herinnerings-bericht.com/belastingdienst/nl/betaalpagina.html HTTP 307
https://herinnerings-bericht.com/belastingdienst/nl/betaalpagina.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://code.tidio.co/8jfq8q7unfuswma8ior7wed258xc2w8d.js HTTP 302
https://widget-v4.tidiochat.com/1_233_0/static/js/render.d205141041c92a4f8ea5.js

Request Chain 17

https://s2.googleusercontent.com/s2/favicons?domain=belastingdienst.nl&sz=32 HTTP 301
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://belastingdienst.nl&size=32

Request Chain 19

https://s2.googleusercontent.com/s2/favicons?domain=belastingdienst.nl&sz=32 HTTP 301
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://belastingdienst.nl&size=32

11 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request betaalpagina.html Show response
herinnerings-bericht.com/belastingdienst/nl/
Redirect Chain

http://herinnerings-bericht.com/belastingdienst/nl/betaalpagina.html
https://herinnerings-bericht.com/belastingdienst/nl/betaalpagina.html

3 MB
865 KB

366ms
116ms

Document
text/html

64.20.51.238
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://herinnerings-bericht.com/belastingdienst/nl/betaalpagina.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.20.51.238 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 0ba9e7d2dfbe927f697735b9055a4e9ab2fe86a671aa00269d67beedb20cb8ed

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 884837
content-type: text/html
date: Mon, 22 Jul 2024 18:37:11 GMT
last-modified: Mon, 22 Jul 2024 14:44:45 GMT
server: LiteSpeed
vary: Accept-Encoding

Redirect headers

Location: https://herinnerings-bericht.com/belastingdienst/nl/betaalpagina.html
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 200
OK bld_logo.svg
www.belastingdienst.nl/bld-assets/bld/rhslogos/ 17 KB
19 KB 191ms
64ms Image
image/svg+xml 2a04:9a01:1002::33
ASBELASTINGDIENST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.belastingdienst.nl/bld-assets/bld/rhslogos/bld_logo.svg

Requested by

Host: herinnerings-bericht.com
URL: https://herinnerings-bericht.com/belastingdienst/nl/betaalpagina.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a04:9a01:1002::33 , Netherlands, ASN34663 (ASBELASTINGDIENST, NL),

Reverse DNS

Software

Resource Hash

24c2c8d65ef0423159d5505ed54492d1346611b076c14fd3af08e5364ce83d9e

Security Headers

Name	Value
Content-Security-Policy	default-src https://.belastingdienst.nl https://vinden.belastingdienst.nl https://.readspeaker.com; connect-src 'self' https://.belastingdienst.nl https://enquete.agconsult.com https://.readspeaker.com https://.abtasty.com https://api.pdok.nl; child-src 'self' https://belastingdienst.nl https://.belastingdienst.nl https://secure.opinionlab.com https://.readspeaker.com https://www.youtube.com https://www.youtube-nocookie.com ; frame-src 'self' https://.belastingdienst.nl https://.readspeaker.com https://secure.opinionlab.com https://www.youtube.com https://www.youtube-nocookie.com https://survey.alchemer.eu https://douane.livepresence.net; frame-ancestors 'self' https://.belastingdienst.nl https://.pagefreezer.com https://.pagefreezer.nl ; img-src 'self' https://.readspeaker.com https://img.youtube.com data: https://.belastingdienst.nl blob: data: .abtasty.com; font-src 'self' https://.belastingdienst.nl blob: data: .abtasty.com; script-src 'self' https://.belastingdienst.nl https://enquete.agconsult.com https://.readspeaker.com 'unsafe-eval' 'unsafe-inline' blob: .abtasty.com ; style-src 'self' https://.belastingdienst.nl https://.readspeaker.com *.abtasty.com 'unsafe-inline'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

Referer: https://herinnerings-bericht.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 22 Jul 2024 18:37:11 GMT
Content-Security-Policy: default-src https://*.belastingdienst.nl https://vinden.belastingdienst.nl https://*.readspeaker.com; connect-src 'self' https://*.belastingdienst.nl https://enquete.agconsult.com https://*.readspeaker.com https://*.abtasty.com https://api.pdok.nl; child-src 'self' https://belastingdienst.nl https://*.belastingdienst.nl https://secure.opinionlab.com https://*.readspeaker.com https://www.youtube.com https://www.youtube-nocookie.com ; frame-src 'self' https://*.belastingdienst.nl https://*.readspeaker.com https://secure.opinionlab.com https://www.youtube.com https://www.youtube-nocookie.com https://survey.alchemer.eu https://douane.livepresence.net; frame-ancestors 'self' https://*.belastingdienst.nl https://*.pagefreezer.com https://*.pagefreezer.nl ; img-src 'self' https://*.readspeaker.com https://img.youtube.com data: https://*.belastingdienst.nl blob: data: *.abtasty.com; font-src 'self' https://*.belastingdienst.nl blob: data: *.abtasty.com; script-src 'self' https://*.belastingdienst.nl https://enquete.agconsult.com https://*.readspeaker.com 'unsafe-eval' 'unsafe-inline' blob: *.abtasty.com ; style-src 'self' https://*.belastingdienst.nl https://*.readspeaker.com *.abtasty.com 'unsafe-inline'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 21 Aug 2023 07:08:12 GMT
ETag: "454b-603698a9b53a0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=21
Content-Length: 17739
X-XSS-Protection: 1; mode=block;

GET
DATA 200
OK truncated
/ 325 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e1259c7006dfe0d19f6bcc4fc622c4ce555250e9924fa20cafbe137e64d72eb

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 75 KB
75 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 54039c085acfdaf5124e55514d4153752a8526dc55b1d76c3bc731bfa4c3863a

Request headers

Referer
Origin: https://herinnerings-bericht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: font/woff

GET
DATA 200
OK truncated
/ 68 KB
68 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 27c094142b294677babfd410f01ab0ef6450c30f0ced804477f1b98adfc3a591

Request headers

Referer
Origin: https://herinnerings-bericht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: font/woff

GET
DATA 200
OK truncated
/ 29 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ec0583dd05c9ae23e4f612829312af92f4b38961c0b1fbf53a266f20d4eb182

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 673 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c922548cfe09320db090d544611419072db72918c07a3588e8138bd474eb41d3

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 847 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea24041f1bf773952f69e1e98082de62b89f24ca6b60b147f2f052b21e3b6861

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 686 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f325b8b3a6c772d7ebef4dea572c8da501e9c6ee286df0d96dfa49441258fd2f

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 85f028fadd26412f3ff050e58fab1c791a172e44f078db492c89bbb950053695

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc4b94fbd1ec10e1ed4e130d8c785c2f0f7a6dacee88c019d3d77782b86d43ba

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc9b62c0c22ee9ed9efc6b63664e860df4979d42279d6d76d5720beec4c8b239

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76cba8c616494b98ce3232bb080e8beef3583aa75368c65b5e121508f92bb6a4

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 82 KB
82 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95b8c28ae6c0c9d5657a44d5a6ca24c04165eef39d6a8e1e93627c8d755ffe3a

Request headers

Referer
Origin: https://herinnerings-bericht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: font/woff

GET
H2

200

render.d205141041c92a4f8ea5.js Show response
widget-v4.tidiochat.com/1_233_0/static/js/
Redirect Chain

https://code.tidio.co/8jfq8q7unfuswma8ior7wed258xc2w8d.js
https://widget-v4.tidiochat.com/1_233_0/static/js/render.d205141041c92a4f8ea5.js

5 KB
3 KB

149ms
78ms

Script
application/javascript

2606:4700:20::681a:88b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v4.tidiochat.com/1_233_0/static/js/render.d205141041c92a4f8ea5.js
Requested by: Host: herinnerings-bericht.com
URL: https://herinnerings-bericht.com/belastingdienst/nl/betaalpagina.html
Protocol: H2
Server: 2606:4700:20::681a:88b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1813334e43eb929d074ba482d7dc42f3a98ade0273a86422bfabb42f1b8065cc

Request headers

Referer: https://herinnerings-bericht.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 18:37:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 15 Jul 2024 09:41:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2964
etag: W/"6694eed1-1472"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7YT4Bq97xAwzlKWZGgiX2bS4FHZIwTTduqXnfRT8Ll5TW0iPqZQAcjRaGUqPDQG5HxLYCPtQaGr0FevpqZnMkVEG4u8JY6d5k1g3Q2oA7sWbKFN8RdAbkZQseuu%2BzHN016DpzwZmIE%2BbLR5Ae3pqEyECv6KA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
cf-ray: 8a758a667d780d5f-MXP

Redirect headers

date: Mon, 22 Jul 2024 18:37:11 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
widget-cache-status: HIT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LKfTmlmKDNBpLwmeEePb6Bsdeaj4r1wz5xb3awoV2aOqqoHxrbERqjEaW11lqpsXgZ62LHiZXb0b75kFIsgWtIzWXptP%2F2dhiGtl4TY3YodQcRXXcGEt1jTKgLVqrhM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://widget-v4.tidiochat.com/1_233_0/static/js/render.d205141041c92a4f8ea5.js
cache-control: public, s-maxage=300, max-age=0
cf-ray: 8a758a656adbbab1-MXP

GET
H2 200 chunk-WidgetIframe-d205141041c92a4f8ea5.js Show response
widget-v4.tidiochat.com/1_233_0/static/js/ Frame 30CA 474 KB
149 KB 96ms
95ms Script
application/javascript 2606:4700:20::681a:88b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v4.tidiochat.com/1_233_0/static/js/chunk-WidgetIframe-d205141041c92a4f8ea5.js
Requested by: Host: code.tidio.co
URL: https://code.tidio.co/8jfq8q7unfuswma8ior7wed258xc2w8d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:88b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a4be612a06df791fb5b4ee4faabb3b90ab632fa37d71b6fd1b275cb675e18f9

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 18:37:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 15 Jul 2024 09:41:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2957
etag: W/"6694eed1-76750"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XOZJl9wgBqSWiA23pCR4cktoVpl8WDQ5IG5CycNy9ng1QbK%2BYdtcgGR9%2BDHuLSivMC5k%2BF20mt0fV2K962iebGtL5q9TaU6ITfSqEqHZOmrqvXG21oOe1hazs%2FP84YM9Vfhqa1jfqBAEjD7yn0430vosPXFY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
cf-ray: 8a758a671e710d5f-MXP

GET
H2 200 mulish_SGhgqk3wotYKNnBQ.woff2
widget-v4.tidiochat.com/fonts/ Frame 30CA 27 KB
27 KB 165ms
98ms Font
font/woff2 2606:4700:20::681a:88b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v4.tidiochat.com/fonts/mulish_SGhgqk3wotYKNnBQ.woff2
Requested by: Host: code.tidio.co
URL: https://code.tidio.co/8jfq8q7unfuswma8ior7wed258xc2w8d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:88b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 577db921a554af3596942d3c48b5c91feaac8c767e183d518a8de8de86e5c7d8

Request headers

Referer
Origin: https://herinnerings-bericht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 18:37:12 GMT
cf-cache-status: MISS
last-modified: Mon, 15 Jul 2024 09:41:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6694eecf-6b08"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RjfUv9HU8UPwOrhSFLHHO6zAW8IDTYyQcO572%2FIfFsBlmWV4ZAjyOxRlHFqRS51WaE03jK%2BoePyN6HwQHtfFUNtBzb4azHCN9oG8FIw1gObhVMNG3qTucseqbqS%2FLJJdX2M4FTXaqhCFmOmNM49YBv3aeqje"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 8a758a678e790f6a-MXP
content-length: 27400

GET
H2 206 tururu.mp3
widget-v4.tidiochat.com// Frame 30CA 7 KB
7 KB 47ms
46ms Media
audio/mpeg 2606:4700:20::681a:88b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v4.tidiochat.com//tururu.mp3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:88b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 22 Jul 2024 18:37:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2339896
Content-Range: bytes 0-7223/7224
Content-Length: 7224
pragma: public
last-modified: Fri, 21 Jun 2024 08:13:13 GMT
server: cloudflare
etag: "66753619-1c38"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mqbv8Q9o4JDQzXkzq3vWruteG4V%2BtR3ymVkXUupiLZv0BS9j11jd%2FB3Gi%2FimIp49TlZ7ZGuh7yY7rmSulqFna8pkug7KLlAQ5D%2BdqXrTuKQYGQ8lP30YMbFo1TYEEN9Ru7sbYwMFe3%2Bk8t85VDDRAhDmSRhY"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
cache-control: public, max-age=31536000
cf-ray: 8a758a671e820d5f-MXP
expires: Tue, 09 Jul 2024 16:38:56 GMT

GET
H2

200

faviconV2
t1.gstatic.com/
Redirect Chain

https://s2.googleusercontent.com/s2/favicons?domain=belastingdienst.nl&sz=32
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://belastingdienst.nl&size=32

399 B
953 B

146ms
42ms

Other
image/png

2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://belastingdienst.nl&size=32

Protocol

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64fd48770f59ad0d509ab6664933095321f797323c9965a8ef92cbb060acfa40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://herinnerings-bericht.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 18:37:12 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 399
x-xss-protection: 0
last-modified: Wed, 19 Jun 2019 07:23:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://www.belastingdienst.nl/bld-assets/bld/images/favicon.ico
expires: Mon, 29 Jul 2024 18:37:12 GMT

Redirect headers

date: Mon, 22 Jul 2024 18:37:12 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://belastingdienst.nl&size=32
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 338
x-xss-protection: 0
expires: Mon, 22 Jul 2024 19:07:12 GMT

GET
H2 200 widget.d205141041c92a4f8ea5.js Show response
widget-v4.tidiochat.com/1_233_0/static/js/ Frame 30CA 494 KB
182 KB 50ms
50ms Script
application/javascript 2606:4700:20::681a:88b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v4.tidiochat.com/1_233_0/static/js/widget.d205141041c92a4f8ea5.js
Requested by: Host: code.tidio.co
URL: https://code.tidio.co/8jfq8q7unfuswma8ior7wed258xc2w8d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:88b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c13633f01aaad977627423b153407bc903271956dbfb124ee70a7f9888e4102f

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 18:37:12 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 15 Jul 2024 09:41:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2959
etag: W/"6694eed1-7b7e3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nsOOmpo3wlt4PPpr86s6lIJihJEcBSTX6cdRfY3uSZ2k19RtbrxbQ8o87lkq1SOIsz1qzo8%2BrO5mDOJGC%2BoCZAa9XhLKBFOy%2BO21qjcBOLWKzmhGaPGooa44sszYCLiVpllQ4gJjFJ1Aqpv%2BdosU8Q2BlrhM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
cf-ray: 8a758a671e860d5f-MXP

GET
H2

200

faviconV2
t1.gstatic.com/
Redirect Chain

https://s2.googleusercontent.com/s2/favicons?domain=belastingdienst.nl&sz=32
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://belastingdienst.nl&size=32

399 B
0

0ms
0ms

Other
image/png

2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://belastingdienst.nl&size=32

Protocol

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64fd48770f59ad0d509ab6664933095321f797323c9965a8ef92cbb060acfa40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://herinnerings-bericht.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 18:37:12 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 399
x-xss-protection: 0
last-modified: Wed, 19 Jun 2019 07:23:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://www.belastingdienst.nl/bld-assets/bld/images/favicon.ico
expires: Mon, 29 Jul 2024 18:37:12 GMT

Redirect headers

date: Mon, 22 Jul 2024 18:37:12 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://belastingdienst.nl&size=32
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 338
x-xss-protection: 0
expires: Mon, 22 Jul 2024 19:07:12 GMT

GET
H2 200 mulish_SGhgqk3wotYKNnBQ.woff2
widget-v4.tidiochat.com/fonts/ Frame 85B6 27 KB
0 165ms
98ms Font
font/woff2 2606:4700:20::681a:88b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-v4.tidiochat.com/fonts/mulish_SGhgqk3wotYKNnBQ.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:88b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://herinnerings-bericht.com/
Origin: https://herinnerings-bericht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 18:37:12 GMT
cf-cache-status: MISS
last-modified: Mon, 15 Jul 2024 09:41:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6694eecf-6b08"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RjfUv9HU8UPwOrhSFLHHO6zAW8IDTYyQcO572%2FIfFsBlmWV4ZAjyOxRlHFqRS51WaE03jK%2BoePyN6HwQHtfFUNtBzb4azHCN9oG8FIw1gObhVMNG3qTucseqbqS%2FLJJdX2M4FTXaqhCFmOmNM49YBv3aeqje"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 8a758a678e790f6a-MXP
content-length: 27400

GET
H3 200 1f44b.png
cdnjs.cloudflare.com/ajax/libs/twemoji/12.1.1/72x72/ Frame 85B6 1 KB
2 KB 73ms
41ms Image
image/png 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/twemoji/12.1.1/72x72/1f44b.png

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfee1561c6e59c90f7a292f90157bae85f75ccb3ae27b655898a51429e3a8910

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://herinnerings-bericht.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Jul 2024 18:37:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 876466
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1224
last-modified: Sat, 19 Dec 2020 02:18:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fdd6306-505"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5ufxJX5P28PgWnSti2QoJPwoG%2FNOjBDCjpr927pYCQUYv0g02xgHvcE4Vik1hz0OAWuuCzujeyh5vWQc1B4KNFH5ndZv63RTbx%2B5B%2BtN4idVEGlpSjmLsvujOebV3PnqRXmcsLnt"}],"group":"cf-nel","max_age":604800}
content-type: image/png; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8a758a6c8bbc0e42-MXP
expires: Sat, 12 Jul 2025 18:37:13 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: NL Government (Government)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: about:blank Message: The resource https://widget-v4.tidiochat.com/fonts/mulish_SGhgqk3wotYKNnBQ.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
code.tidio.co
herinnerings-bericht.com
s2.googleusercontent.com
t1.gstatic.com
widget-v4.tidiochat.com
www.belastingdienst.nl
104.17.24.14
172.67.72.223
2606:4700:20::681a:88b
2a00:1450:4001:80e::2004
2a00:1450:4001:81d::2001
2a04:9a01:1002::33
64.20.51.238
0a4be612a06df791fb5b4ee4faabb3b90ab632fa37d71b6fd1b275cb675e18f9
0ba9e7d2dfbe927f697735b9055a4e9ab2fe86a671aa00269d67beedb20cb8ed
12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f
1813334e43eb929d074ba482d7dc42f3a98ade0273a86422bfabb42f1b8065cc
24c2c8d65ef0423159d5505ed54492d1346611b076c14fd3af08e5364ce83d9e
27c094142b294677babfd410f01ab0ef6450c30f0ced804477f1b98adfc3a591
4ec0583dd05c9ae23e4f612829312af92f4b38961c0b1fbf53a266f20d4eb182
54039c085acfdaf5124e55514d4153752a8526dc55b1d76c3bc731bfa4c3863a
577db921a554af3596942d3c48b5c91feaac8c767e183d518a8de8de86e5c7d8
64fd48770f59ad0d509ab6664933095321f797323c9965a8ef92cbb060acfa40
76cba8c616494b98ce3232bb080e8beef3583aa75368c65b5e121508f92bb6a4
85f028fadd26412f3ff050e58fab1c791a172e44f078db492c89bbb950053695
8e1259c7006dfe0d19f6bcc4fc622c4ce555250e9924fa20cafbe137e64d72eb
95b8c28ae6c0c9d5657a44d5a6ca24c04165eef39d6a8e1e93627c8d755ffe3a
c13633f01aaad977627423b153407bc903271956dbfb124ee70a7f9888e4102f
c922548cfe09320db090d544611419072db72918c07a3588e8138bd474eb41d3
dc4b94fbd1ec10e1ed4e130d8c785c2f0f7a6dacee88c019d3d77782b86d43ba
dc9b62c0c22ee9ed9efc6b63664e860df4979d42279d6d76d5720beec4c8b239
dfee1561c6e59c90f7a292f90157bae85f75ccb3ae27b655898a51429e3a8910
ea24041f1bf773952f69e1e98082de62b89f24ca6b60b147f2f052b21e3b6861
f325b8b3a6c772d7ebef4dea572c8da501e9c6ee286df0d96dfa49441258fd2f

herinnerings-bericht.com Open in urlscan Pro 64.20.51.238 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

11 Requests

73 %HTTPS

57 %IPv6

7 Domains

7 Subdomains

6 IPs

4 Countries

1479 kBTransfer

4278 kBSize

0 Cookies

54 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

5 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

herinnerings-bericht.com Open in urlscan Pro
64.20.51.238 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

73 %
HTTPS

57 %
IPv6

7
Domains

7
Subdomains

6
IPs

4
Countries

1479 kB
Transfer

4278 kB
Size

0
Cookies

11 HTTP transactions
12 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!