belastingdienst.dynv6.net Open in urlscan Pro
185.45.195.219 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://belastingdienst.dynv6.net/
Submission: On December 02 via manual (December 2nd 2024, 3:01:38 pm UTC) from NL — Scanned from NL

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 6 domains to perform 19 HTTP transactions. The main IP is 185.45.195.219, located in Los Angeles, United States and belongs to HS Host Sailor Ltd, AE. The main domain is belastingdienst.dynv6.net.
TLS certificate: Issued by R10 on December 2nd 2024. Valid for: 3 months.

This is the only time belastingdienst.dynv6.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: NL Government (Government)

Domain & IP information

	IP Address	AS Autonomous System
9	185.45.195.219 185.45.195.219	60117 (HS Host S...) (HS Host Sailor Ltd)
4	2a04:9a01:100... 2a04:9a01:1002::19	34663 (ASBELASTI...) (ASBELASTINGDIENST Belastingdienst)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:2313	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:9a01:100... 2a04:9a01:1002::33	34663 (ASBELASTI...) (ASBELASTINGDIENST Belastingdienst)
2	142.250.185.67 142.250.185.67	15169 (GOOGLE) (GOOGLE)
1	2a03:b0c0:2:d... 2a03:b0c0:2:d0::1057:2001	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
19	8

9 185.45.195.219 (Los Angeles, United States)

ASN60117 (HS Host Sailor Ltd, AE)

belastingdienst.dynv6.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:9a01:1002::19 (Netherlands)

ASN34663 (ASBELASTINGDIENST Belastingdienst, NL)

download.belastingdienst.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2313 (United States)

ASN13335 (CLOUDFLARENET, US)

downloads-global.3cx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:9a01:1002::33 (Netherlands)

ASN34663 (ASBELASTINGDIENST Belastingdienst, NL)

www.belastingdienst.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:b0c0:2:d0::1057:2001 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

1513.3cx.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	dynv6.net belastingdienst.dynv6.net	607 KB
5	belastingdienst.nl download.belastingdienst.nl — Cisco Umbrella Rank: 220301 www.belastingdienst.nl — Cisco Umbrella Rank: 211131	172 KB
2	gstatic.com fonts.gstatic.com	15 KB
1	3cx.cloud 1513.3cx.cloud	1 KB
1	3cx.com downloads-global.3cx.com — Cisco Umbrella Rank: 111751	206 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	838 B
19	6

	Domain	Requested by
9	belastingdienst.dynv6.net	belastingdienst.dynv6.net
4	download.belastingdienst.nl	belastingdienst.dynv6.net download.belastingdienst.nl
2	fonts.gstatic.com	belastingdienst.dynv6.net
1	1513.3cx.cloud	downloads-global.3cx.com
1	www.belastingdienst.nl	belastingdienst.dynv6.net
1	downloads-global.3cx.com	belastingdienst.dynv6.net
1	fonts.googleapis.com	belastingdienst.dynv6.net
19	7

This site contains no links.

Subject Issuer	Validity	Valid
belastingdienst.dynv6.net R10	`2024-12-02` - `2025-03-02`	3 months	crt.sh
download.belastingdienst.nl DigiCert G2 TLS EU RSA4096 SHA384 2022 CA1	`2024-10-10` - `2025-10-09`	a year	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.3cx.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-28` - `2025-02-27`	a year	crt.sh
www.belastingdienst.nl DigiCert G2 TLS EU RSA4096 SHA384 2022 CA1	`2024-05-02` - `2025-05-01`	a year	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
1513.3cx.cloud R11	`2024-10-20` - `2025-01-18`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://belastingdienst.dynv6.net/
Frame ID: BAD94D31077CC28822895CB7875975AF
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Belastingdienst Nederland | Dwangbevel

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

100 %
HTTPS

71 %
IPv6

6
Domains

7
Subdomains

8
IPs

3
Countries

1002 kB
Transfer

1470 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
belastingdienst.dynv6.net/ 604 KB
605 KB 1054ms
200ms Document
text/html 185.45.195.219
HS Host Sailor Ltd

General

Check archive.org

Show headers Download Go to

Full URL: https://belastingdienst.dynv6.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.45.195.219 Los Angeles, United States, ASN60117 (HS Host Sailor Ltd, AE),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 33d3ea6a812870264966f5cd8f56ab61dcc351312093396503568c06a9c4293b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Linux"

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Length: 618822
Date: Mon, 02 Dec 2024 15:01:32 GMT
ETag: "97146-6284a9dd5f640"
Keep-Alive: timeout=5, max=100
Last-Modified: Mon, 02 Dec 2024 14:46:41 GMT
Server: Apache/2.4.18 (Ubuntu)

GET
H/1.1 200
OK rofonts.css
download.belastingdienst.nl/assets/bold/rofonts/1.0.2/css/ 552 B
3 KB 386ms
24ms Stylesheet
text/css 2a04:9a01:1002::19
ASBELASTINGDIENST...

General

Check archive.org

Show headers Download Go to

Full URL

https://download.belastingdienst.nl/assets/bold/rofonts/1.0.2/css/rofonts.css

Requested by

Host: belastingdienst.dynv6.net
URL: https://belastingdienst.dynv6.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a04:9a01:1002::19 , Netherlands, ASN34663 (ASBELASTINGDIENST Belastingdienst, NL),

Reverse DNS

Software

Resource Hash

741fd13ddcab54d0fe9f6eb0c762a90c2842448db62dd407fdeb906cd2819f97

Security Headers

Name	Value
Content-Security-Policy	default-src https://.belastingdienst.nl https://vinden.belastingdienst.nl https://.readspeaker.com; connect-src 'self' https://.belastingdienst.nl https://.optimizely.com https://.readspeaker.com https://.abtasty.com https://api.pdok.nl; child-src 'self' https://belastingdienst.nl https://.belastingdienst.nl https://.cdn.optimizely.com https://secure.opinionlab.com https://.readspeaker.com https://www.anbi-instellingen.nl https://www.youtube.com https://www.youtube-nocookie.com ; frame-src 'self' https://.belastingdienst.nl https://.readspeaker.com https://secure.opinionlab.com https://www.youtube.com https://www.youtube-nocookie.com ; frame-ancestors 'self' https://.belastingdienst.nl https://.pagefreezer.com https://.pagefreezer.nl ; img-src 'self' https://n01d05.cumulus-cloud.com https://.readspeaker.com https://img.youtube.com data: https://.belastingdienst.nl blob: data: .abtasty.com; font-src 'self' https://.belastingdienst.nl blob: data: .abtasty.com; script-src 'self' https://.belastingdienst.nl https://cdn.optimizely.com https://.readspeaker.com https://bdtm.containers.piwik.pro 'unsafe-eval' 'unsafe-inline' blob: .abtasty.com ; style-src 'self' https://.belastingdienst.nl https://.readspeaker.com *.abtasty.com 'unsafe-inline'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://belastingdienst.dynv6.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

Strict-Transport-Security: max-age=31536000
Content-Security-Policy: default-src https://*.belastingdienst.nl https://vinden.belastingdienst.nl https://*.readspeaker.com; connect-src 'self' https://*.belastingdienst.nl https://*.optimizely.com https://*.readspeaker.com https://*.abtasty.com https://api.pdok.nl; child-src 'self' https://belastingdienst.nl https://*.belastingdienst.nl https://*.cdn.optimizely.com https://secure.opinionlab.com https://*.readspeaker.com https://www.anbi-instellingen.nl https://www.youtube.com https://www.youtube-nocookie.com ; frame-src 'self' https://*.belastingdienst.nl https://*.readspeaker.com https://secure.opinionlab.com https://www.youtube.com https://www.youtube-nocookie.com ; frame-ancestors 'self' https://*.belastingdienst.nl https://*.pagefreezer.com https://*.pagefreezer.nl ; img-src 'self' https://n01d05.cumulus-cloud.com https://*.readspeaker.com https://img.youtube.com data: https://*.belastingdienst.nl blob: data: *.abtasty.com; font-src 'self' https://*.belastingdienst.nl blob: data: *.abtasty.com; script-src 'self' https://*.belastingdienst.nl https://cdn.optimizely.com https://*.readspeaker.com https://bdtm.containers.piwik.pro 'unsafe-eval' 'unsafe-inline' blob: *.abtasty.com ; style-src 'self' https://*.belastingdienst.nl https://*.readspeaker.com *.abtasty.com 'unsafe-inline'
ETag: "228-62848dab2634f"
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 552
Keep-Alive: timeout=5, max=9
Date: Mon, 02 Dec 2024 15:01:33 GMT
X-XSS-Protection: 1; mode=block;
Last-Modified: Mon, 02 Dec 2024 12:40:32 GMT
Content-Type: text/css

GET
H/1.1 200
OK fonts.css
download.belastingdienst.nl/assets/css/ 2 KB
4 KB 418ms
30ms Stylesheet
text/css 2a04:9a01:1002::19
ASBELASTINGDIENST...

General

Check archive.org

Show headers Download Go to

Full URL

https://download.belastingdienst.nl/assets/css/fonts.css

Requested by

Host: belastingdienst.dynv6.net
URL: https://belastingdienst.dynv6.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a04:9a01:1002::19 , Netherlands, ASN34663 (ASBELASTINGDIENST Belastingdienst, NL),

Reverse DNS

Software

Resource Hash

890aac78854e24716a0fd5c7c3fbe4701d51a3f5ef2a44a60c8caf0699f3c5d2

Security Headers

Name	Value
Content-Security-Policy	default-src https://.belastingdienst.nl https://vinden.belastingdienst.nl https://.readspeaker.com; connect-src 'self' https://.belastingdienst.nl https://.optimizely.com https://.readspeaker.com https://.abtasty.com https://api.pdok.nl; child-src 'self' https://belastingdienst.nl https://.belastingdienst.nl https://.cdn.optimizely.com https://secure.opinionlab.com https://.readspeaker.com https://www.anbi-instellingen.nl https://www.youtube.com https://www.youtube-nocookie.com ; frame-src 'self' https://.belastingdienst.nl https://.readspeaker.com https://secure.opinionlab.com https://www.youtube.com https://www.youtube-nocookie.com ; frame-ancestors 'self' https://.belastingdienst.nl https://.pagefreezer.com https://.pagefreezer.nl ; img-src 'self' https://n01d05.cumulus-cloud.com https://.readspeaker.com https://img.youtube.com data: https://.belastingdienst.nl blob: data: .abtasty.com; font-src 'self' https://.belastingdienst.nl blob: data: .abtasty.com; script-src 'self' https://.belastingdienst.nl https://cdn.optimizely.com https://.readspeaker.com https://bdtm.containers.piwik.pro 'unsafe-eval' 'unsafe-inline' blob: .abtasty.com ; style-src 'self' https://.belastingdienst.nl https://.readspeaker.com *.abtasty.com 'unsafe-inline'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://belastingdienst.dynv6.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

Strict-Transport-Security: max-age=31536000
Content-Security-Policy: default-src https://*.belastingdienst.nl https://vinden.belastingdienst.nl https://*.readspeaker.com; connect-src 'self' https://*.belastingdienst.nl https://*.optimizely.com https://*.readspeaker.com https://*.abtasty.com https://api.pdok.nl; child-src 'self' https://belastingdienst.nl https://*.belastingdienst.nl https://*.cdn.optimizely.com https://secure.opinionlab.com https://*.readspeaker.com https://www.anbi-instellingen.nl https://www.youtube.com https://www.youtube-nocookie.com ; frame-src 'self' https://*.belastingdienst.nl https://*.readspeaker.com https://secure.opinionlab.com https://www.youtube.com https://www.youtube-nocookie.com ; frame-ancestors 'self' https://*.belastingdienst.nl https://*.pagefreezer.com https://*.pagefreezer.nl ; img-src 'self' https://n01d05.cumulus-cloud.com https://*.readspeaker.com https://img.youtube.com data: https://*.belastingdienst.nl blob: data: *.abtasty.com; font-src 'self' https://*.belastingdienst.nl blob: data: *.abtasty.com; script-src 'self' https://*.belastingdienst.nl https://cdn.optimizely.com https://*.readspeaker.com https://bdtm.containers.piwik.pro 'unsafe-eval' 'unsafe-inline' blob: *.abtasty.com ; style-src 'self' https://*.belastingdienst.nl https://*.readspeaker.com *.abtasty.com 'unsafe-inline'
ETag: "650-62848dab2a1ce"
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 1616
Keep-Alive: timeout=5, max=67
Date: Mon, 02 Dec 2024 15:01:33 GMT
X-XSS-Protection: 1; mode=block;
Last-Modified: Mon, 02 Dec 2024 12:40:32 GMT
Content-Type: text/css

GET
H2 200 css
fonts.googleapis.com/ 774 B
838 B 121ms
47ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato

Requested by

Host: belastingdienst.dynv6.net
URL: https://belastingdienst.dynv6.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

52d62465d244bef9c22960bed269d931eb2b705dff7f09a0bcf5ddba62554f45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://belastingdienst.dynv6.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 02 Dec 2024 15:01:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 02 Dec 2024 15:01:33 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 02 Dec 2024 13:41:34 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 callus.js Show response
downloads-global.3cx.com/downloads/livechatandtalk/v1/ 683 KB
206 KB 138ms
70ms Script
text/javascript 2606:4700:4400::6812:2313
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://downloads-global.3cx.com/downloads/livechatandtalk/v1/callus.js
Requested by: Host: belastingdienst.dynv6.net
URL: https://belastingdienst.dynv6.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db46619d34a60708879ce78f5067a77a905380849ea3d8fb67d70cb6dcac5714

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://belastingdienst.dynv6.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: HIT
etag: "805a264c1bc1d91:0"
age: 5345
cf-ray: 8ebc31666bc87758-AMS
expires: Mon, 02 Dec 2024 19:01:33 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 209909
date: Mon, 02 Dec 2024 15:01:33 GMT
content-type: text/javascript;charset=utf-8
last-modified: Fri, 28 Jul 2023 06:18:17 GMT
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK bld_logo.svg
www.belastingdienst.nl/bld-assets/bld/rhslogos/ 17 KB
20 KB 268ms
184ms Image
image/svg+xml 2a04:9a01:1002::33
ASBELASTINGDIENST...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.belastingdienst.nl/bld-assets/bld/rhslogos/bld_logo.svg

Requested by

Host: belastingdienst.dynv6.net
URL: https://belastingdienst.dynv6.net/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a04:9a01:1002::33 , Netherlands, ASN34663 (ASBELASTINGDIENST Belastingdienst, NL),

Reverse DNS

Software

Resource Hash

24c2c8d65ef0423159d5505ed54492d1346611b076c14fd3af08e5364ce83d9e

Security Headers

Name	Value
Content-Security-Policy	default-src https://.belastingdienst.nl https://vinden.belastingdienst.nl https://.readspeaker.com; connect-src 'self' https://.belastingdienst.nl https://enquete.agconsult.com https://.readspeaker.com https://.abtasty.com https://attachuk.imi.chat https://api.pdok.nl; child-src 'self' https://belastingdienst.nl https://.belastingdienst.nl https://secure.opinionlab.com https://.readspeaker.com https://www.youtube.com https://www.youtube-nocookie.com ; frame-src 'self' https://.belastingdienst.nl https://.readspeaker.com https://secure.opinionlab.com https://www.youtube.com https://www.youtube-nocookie.com https://survey.alchemer.eu https://douane.livepresence.net https://attachuk.imi.chat; frame-ancestors 'self' https://.belastingdienst.nl https://.pagefreezer.com https://.pagefreezer.nl ; img-src 'self' https://.readspeaker.com https://img.youtube.com data: https://.belastingdienst.nl blob: data: .abtasty.com; font-src 'self' https://.belastingdienst.nl blob: data: .abtasty.com; script-src 'self' https://.belastingdienst.nl https://enquete.agconsult.com https://.readspeaker.com https://attachuk.imi.chat 'unsafe-eval' 'unsafe-inline' blob: .abtasty.com ; style-src 'self' https://.belastingdienst.nl https://.readspeaker.com https://attachuk.imi.chat *.abtasty.com 'unsafe-inline'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block;

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://belastingdienst.dynv6.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

Strict-Transport-Security: max-age=31536000
Content-Security-Policy: default-src https://*.belastingdienst.nl https://vinden.belastingdienst.nl https://*.readspeaker.com; connect-src 'self' https://*.belastingdienst.nl https://enquete.agconsult.com https://*.readspeaker.com https://*.abtasty.com https://attachuk.imi.chat https://api.pdok.nl; child-src 'self' https://belastingdienst.nl https://*.belastingdienst.nl https://secure.opinionlab.com https://*.readspeaker.com https://www.youtube.com https://www.youtube-nocookie.com ; frame-src 'self' https://*.belastingdienst.nl https://*.readspeaker.com https://secure.opinionlab.com https://www.youtube.com https://www.youtube-nocookie.com https://survey.alchemer.eu https://douane.livepresence.net https://attachuk.imi.chat; frame-ancestors 'self' https://*.belastingdienst.nl https://*.pagefreezer.com https://*.pagefreezer.nl ; img-src 'self' https://*.readspeaker.com https://img.youtube.com data: https://*.belastingdienst.nl blob: data: *.abtasty.com; font-src 'self' https://*.belastingdienst.nl blob: data: *.abtasty.com; script-src 'self' https://*.belastingdienst.nl https://enquete.agconsult.com https://*.readspeaker.com https://attachuk.imi.chat 'unsafe-eval' 'unsafe-inline' blob: *.abtasty.com ; style-src 'self' https://*.belastingdienst.nl https://*.readspeaker.com https://attachuk.imi.chat *.abtasty.com 'unsafe-inline'
ETag: "454b-603698a9b53a0"
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 17739
Keep-Alive: timeout=5, max=100
Date: Mon, 02 Dec 2024 15:01:33 GMT
X-XSS-Protection: 1; mode=block;
Last-Modified: Mon, 21 Aug 2023 07:08:12 GMT
Content-Type: image/svg+xml
X-Frame-Options: SAMEORIGIN

GET
H/1.1 404
Not Found jquery.min.js
belastingdienst.dynv6.net/assets/js/ 0
0 629ms
628ms Script
text/html 185.45.195.219
HS Host Sailor Ltd

General

Check archive.org

Show headers Download Go to

Full URL: https://belastingdienst.dynv6.net/assets/js/jquery.min.js
Requested by: Host: belastingdienst.dynv6.net
URL: https://belastingdienst.dynv6.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.45.195.219 Los Angeles, United States, ASN60117 (HS Host Sailor Ltd, AE),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://belastingdienst.dynv6.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

Keep-Alive: timeout=5, max=99
Content-Length: 288
Date: Mon, 02 Dec 2024 15:01:34 GMT
Content-Type: text/html; charset=iso-8859-1
Server: Apache/2.4.18 (Ubuntu)
Connection: Keep-Alive

GET
H/1.1 404
Not Found jspdf.min.js
belastingdienst.dynv6.net/assets/js/ 0
0 544ms
187ms Script
text/html 185.45.195.219
HS Host Sailor Ltd

General

Check archive.org

Show headers Download Go to

Full URL: https://belastingdienst.dynv6.net/assets/js/jspdf.min.js
Requested by: Host: belastingdienst.dynv6.net
URL: https://belastingdienst.dynv6.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.45.195.219 Los Angeles, United States, ASN60117 (HS Host Sailor Ltd, AE),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://belastingdienst.dynv6.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

Keep-Alive: timeout=5, max=100
Content-Length: 288
Date: Mon, 02 Dec 2024 15:01:34 GMT
Content-Type: text/html; charset=iso-8859-1
Server: Apache/2.4.18 (Ubuntu)
Connection: Keep-Alive

GET
H/1.1 404
Not Found html2canvas.js
belastingdienst.dynv6.net/assets/js/ 0
0 548ms
191ms Script
text/html 185.45.195.219
HS Host Sailor Ltd

General

Check archive.org

Show headers Download Go to

Full URL: https://belastingdienst.dynv6.net/assets/js/html2canvas.js
Requested by: Host: belastingdienst.dynv6.net
URL: https://belastingdienst.dynv6.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.45.195.219 Los Angeles, United States, ASN60117 (HS Host Sailor Ltd, AE),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://belastingdienst.dynv6.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

Keep-Alive: timeout=5, max=100
Content-Length: 288
Date: Mon, 02 Dec 2024 15:01:34 GMT
Content-Type: text/html; charset=iso-8859-1
Server: Apache/2.4.18 (Ubuntu)
Connection: Keep-Alive

GET
H/1.1 200
OK app.js Show response
belastingdienst.dynv6.net/assets/js/ 0
294 B 545ms
187ms Script
application/javascript 185.45.195.219
HS Host Sailor Ltd

General

Check archive.org

Show headers Download Go to

Full URL: https://belastingdienst.dynv6.net/assets/js/app.js
Requested by: Host: belastingdienst.dynv6.net
URL: https://belastingdienst.dynv6.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.45.195.219 Los Angeles, United States, ASN60117 (HS Host Sailor Ltd, AE),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://belastingdienst.dynv6.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

ETag: "0-5b27714995a00"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=100
Date: Mon, 02 Dec 2024 15:01:34 GMT
Last-Modified: Sun, 25 Oct 2020 04:16:40 GMT
Content-Type: application/javascript
Server: Apache/2.4.18 (Ubuntu)

GET
H/1.1 200
OK ROsanswebtextbold.woff
download.belastingdienst.nl/assets/bold/rofonts/1.0.2/fonts/ 68 KB
70 KB 175ms
77ms Font
text/plain 2a04:9a01:1002::19
ASBELASTINGDIENST...

General

Check archive.org

Show headers Download Go to

Full URL

https://download.belastingdienst.nl/assets/bold/rofonts/1.0.2/fonts/ROsanswebtextbold.woff

Requested by

Host: download.belastingdienst.nl
URL: https://download.belastingdienst.nl/assets/bold/rofonts/1.0.2/css/rofonts.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a04:9a01:1002::19 , Netherlands, ASN34663 (ASBELASTINGDIENST Belastingdienst, NL),

Reverse DNS

Software

Resource Hash

5563fe6bd2ded6f1ab13dd6c7961c0d93d06cfce99069a98eb0f4c593111fb80

Security Headers

Name	Value
Content-Security-Policy	default-src https://.belastingdienst.nl https://vinden.belastingdienst.nl https://.readspeaker.com; connect-src 'self' https://.belastingdienst.nl https://.optimizely.com https://.readspeaker.com https://.abtasty.com https://api.pdok.nl; child-src 'self' https://belastingdienst.nl https://.belastingdienst.nl https://.cdn.optimizely.com https://secure.opinionlab.com https://.readspeaker.com https://www.anbi-instellingen.nl https://www.youtube.com https://www.youtube-nocookie.com ; frame-src 'self' https://.belastingdienst.nl https://.readspeaker.com https://secure.opinionlab.com https://www.youtube.com https://www.youtube-nocookie.com ; frame-ancestors 'self' https://.belastingdienst.nl https://.pagefreezer.com https://.pagefreezer.nl ; img-src 'self' https://n01d05.cumulus-cloud.com https://.readspeaker.com https://img.youtube.com data: https://.belastingdienst.nl blob: data: .abtasty.com; font-src 'self' https://.belastingdienst.nl blob: data: .abtasty.com; script-src 'self' https://.belastingdienst.nl https://cdn.optimizely.com https://.readspeaker.com https://bdtm.containers.piwik.pro 'unsafe-eval' 'unsafe-inline' blob: .abtasty.com ; style-src 'self' https://.belastingdienst.nl https://.readspeaker.com *.abtasty.com 'unsafe-inline'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

Origin: https://belastingdienst.dynv6.net
sec-ch-ua-platform: "Linux"
Referer: https://download.belastingdienst.nl/assets/bold/rofonts/1.0.2/css/rofonts.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

Strict-Transport-Security: max-age=31536000
Content-Security-Policy: default-src https://*.belastingdienst.nl https://vinden.belastingdienst.nl https://*.readspeaker.com; connect-src 'self' https://*.belastingdienst.nl https://*.optimizely.com https://*.readspeaker.com https://*.abtasty.com https://api.pdok.nl; child-src 'self' https://belastingdienst.nl https://*.belastingdienst.nl https://*.cdn.optimizely.com https://secure.opinionlab.com https://*.readspeaker.com https://www.anbi-instellingen.nl https://www.youtube.com https://www.youtube-nocookie.com ; frame-src 'self' https://*.belastingdienst.nl https://*.readspeaker.com https://secure.opinionlab.com https://www.youtube.com https://www.youtube-nocookie.com ; frame-ancestors 'self' https://*.belastingdienst.nl https://*.pagefreezer.com https://*.pagefreezer.nl ; img-src 'self' https://n01d05.cumulus-cloud.com https://*.readspeaker.com https://img.youtube.com data: https://*.belastingdienst.nl blob: data: *.abtasty.com; font-src 'self' https://*.belastingdienst.nl blob: data: *.abtasty.com; script-src 'self' https://*.belastingdienst.nl https://cdn.optimizely.com https://*.readspeaker.com https://bdtm.containers.piwik.pro 'unsafe-eval' 'unsafe-inline' blob: *.abtasty.com ; style-src 'self' https://*.belastingdienst.nl https://*.readspeaker.com *.abtasty.com 'unsafe-inline'
ETag: "10f5b-62848dab26f07"
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 69467
Keep-Alive: timeout=5, max=29
Date: Mon, 02 Dec 2024 15:01:33 GMT
X-XSS-Protection: 1; mode=block;
Last-Modified: Mon, 02 Dec 2024 12:40:32 GMT

GET
H3 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 321ms
257ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: belastingdienst.dynv6.net
URL: https://belastingdienst.dynv6.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://belastingdienst.dynv6.net
sec-ch-ua-platform: "Linux"
Referer: https://belastingdienst.dynv6.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

age: 543033
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 26 Nov 2025 08:11:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 08:11:01 GMT
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7884
x-xss-protection: 0
server: sffe

GET
H3 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 320ms
256ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: belastingdienst.dynv6.net
URL: https://belastingdienst.dynv6.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://belastingdienst.dynv6.net
sec-ch-ua-platform: "Linux"
Referer: https://belastingdienst.dynv6.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

age: 460627
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 27 Nov 2025 07:04:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 27 Nov 2024 07:04:27 GMT
last-modified: Fri, 22 Mar 2024 00:01:14 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7748
x-xss-protection: 0
server: sffe

GET
H/1.1 404
Not Found fontawesome-webfont.woff2
belastingdienst.dynv6.net/fonts/ 0
0 527ms
196ms Font
text/html 185.45.195.219
HS Host Sailor Ltd

General

Check archive.org

Show headers Download Go to

Full URL: https://belastingdienst.dynv6.net/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: belastingdienst.dynv6.net
URL: https://belastingdienst.dynv6.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.45.195.219 Los Angeles, United States, ASN60117 (HS Host Sailor Ltd, AE),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash

Request headers

Origin: https://belastingdienst.dynv6.net
sec-ch-ua-platform: "Linux"
Referer: https://belastingdienst.dynv6.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

Keep-Alive: timeout=5, max=100
Content-Length: 288
Date: Mon, 02 Dec 2024 15:01:34 GMT
Content-Type: text/html; charset=iso-8859-1
Server: Apache/2.4.18 (Ubuntu)
Connection: Keep-Alive

GET
H/1.1 404
Not Found fontawesome-webfont.woff
belastingdienst.dynv6.net/fonts/ 0
0 196ms
196ms Font
text/html 185.45.195.219
HS Host Sailor Ltd

General

Check archive.org

Show headers Download Go to

Full URL: https://belastingdienst.dynv6.net/fonts/fontawesome-webfont.woff?v=4.7.0
Requested by: Host: belastingdienst.dynv6.net
URL: https://belastingdienst.dynv6.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.45.195.219 Los Angeles, United States, ASN60117 (HS Host Sailor Ltd, AE),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash

Request headers

Origin: https://belastingdienst.dynv6.net
sec-ch-ua-platform: "Linux"
Referer: https://belastingdienst.dynv6.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

Keep-Alive: timeout=5, max=99
Content-Length: 288
Date: Mon, 02 Dec 2024 15:01:34 GMT
Content-Type: text/html; charset=iso-8859-1
Server: Apache/2.4.18 (Ubuntu)
Connection: Keep-Alive

GET
H/1.1 200
OK ROsanswebtextregular.woff
download.belastingdienst.nl/assets/bold/rofonts/1.0.2/fonts/ 75 KB
77 KB 49ms
49ms Font
text/plain 2a04:9a01:1002::19
ASBELASTINGDIENST...

General

Check archive.org

Show headers Download Go to

Full URL

https://download.belastingdienst.nl/assets/bold/rofonts/1.0.2/fonts/ROsanswebtextregular.woff

Requested by

Host: download.belastingdienst.nl
URL: https://download.belastingdienst.nl/assets/bold/rofonts/1.0.2/css/rofonts.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a04:9a01:1002::19 , Netherlands, ASN34663 (ASBELASTINGDIENST Belastingdienst, NL),

Reverse DNS

Software

Resource Hash

751b9c590152dcaa5331b5580ceddd43c680fd076d9c09b536b5c36372f46087

Security Headers

Name	Value
Content-Security-Policy	default-src https://.belastingdienst.nl https://vinden.belastingdienst.nl https://.readspeaker.com; connect-src 'self' https://.belastingdienst.nl https://.optimizely.com https://.readspeaker.com https://.abtasty.com https://api.pdok.nl; child-src 'self' https://belastingdienst.nl https://.belastingdienst.nl https://.cdn.optimizely.com https://secure.opinionlab.com https://.readspeaker.com https://www.anbi-instellingen.nl https://www.youtube.com https://www.youtube-nocookie.com ; frame-src 'self' https://.belastingdienst.nl https://.readspeaker.com https://secure.opinionlab.com https://www.youtube.com https://www.youtube-nocookie.com ; frame-ancestors 'self' https://.belastingdienst.nl https://.pagefreezer.com https://.pagefreezer.nl ; img-src 'self' https://n01d05.cumulus-cloud.com https://.readspeaker.com https://img.youtube.com data: https://.belastingdienst.nl blob: data: .abtasty.com; font-src 'self' https://.belastingdienst.nl blob: data: .abtasty.com; script-src 'self' https://.belastingdienst.nl https://cdn.optimizely.com https://.readspeaker.com https://bdtm.containers.piwik.pro 'unsafe-eval' 'unsafe-inline' blob: .abtasty.com ; style-src 'self' https://.belastingdienst.nl https://.readspeaker.com *.abtasty.com 'unsafe-inline'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

Origin: https://belastingdienst.dynv6.net
sec-ch-ua-platform: "Linux"
Referer: https://download.belastingdienst.nl/assets/bold/rofonts/1.0.2/css/rofonts.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

Strict-Transport-Security: max-age=31536000
Content-Security-Policy: default-src https://*.belastingdienst.nl https://vinden.belastingdienst.nl https://*.readspeaker.com; connect-src 'self' https://*.belastingdienst.nl https://*.optimizely.com https://*.readspeaker.com https://*.abtasty.com https://api.pdok.nl; child-src 'self' https://belastingdienst.nl https://*.belastingdienst.nl https://*.cdn.optimizely.com https://secure.opinionlab.com https://*.readspeaker.com https://www.anbi-instellingen.nl https://www.youtube.com https://www.youtube-nocookie.com ; frame-src 'self' https://*.belastingdienst.nl https://*.readspeaker.com https://secure.opinionlab.com https://www.youtube.com https://www.youtube-nocookie.com ; frame-ancestors 'self' https://*.belastingdienst.nl https://*.pagefreezer.com https://*.pagefreezer.nl ; img-src 'self' https://n01d05.cumulus-cloud.com https://*.readspeaker.com https://img.youtube.com data: https://*.belastingdienst.nl blob: data: *.abtasty.com; font-src 'self' https://*.belastingdienst.nl blob: data: *.abtasty.com; script-src 'self' https://*.belastingdienst.nl https://cdn.optimizely.com https://*.readspeaker.com https://bdtm.containers.piwik.pro 'unsafe-eval' 'unsafe-inline' blob: *.abtasty.com ; style-src 'self' https://*.belastingdienst.nl https://*.readspeaker.com *.abtasty.com 'unsafe-inline'
ETag: "12ac9-62848dab28e47"
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 76489
Keep-Alive: timeout=5, max=53
Date: Mon, 02 Dec 2024 15:01:34 GMT
X-XSS-Protection: 1; mode=block;
Last-Modified: Mon, 02 Dec 2024 12:40:32 GMT

GET
H2 200 c2cinfo Show response
1513.3cx.cloud/MyPhone/ 149 B
1 KB 113ms
19ms Fetch
application/json 2a03:b0c0:2:d0::1057:2001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://1513.3cx.cloud/MyPhone/c2cinfo?c2cid=derpiebuns

Requested by

Host: downloads-global.3cx.com
URL: https://downloads-global.3cx.com/downloads/livechatandtalk/v1/callus.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:2:d0::1057:2001 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

ce8cd1720336b4719f6964a63674cdf2ec8c05121d321b4274e5079f595ace0e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' blob: https://downloads-global.3cx.com https://127.0.0.1:32018 'sha256-RCMl7PJ3K2nMoGZppLZeArO5M70Pbu1k+t6RIHZO7gE=' 'sha256-v6MhWrgXnOZrJTw+mK9MqEYevK8vvSmRZFjINsy76Mw=' 'sha256-Tui7QoFlnLXkJCSl1/JvEZdIXTmBttnWNxzJpXomQjg='; worker-src 'self' blob:; connect-src 'self' https://wmr-cdn.3cx.net https://downloads-global.3cx.com https://www.gravatar.com https://127.0.0.1:32018 https://platform-lookaside.fbsbx.com ws: wss:; img-src * data: blob:; frame-src 'self' docs.3cx.cloud tcx+app:; style-src 'self' 'unsafe-inline'; frame-ancestors 'none'; media-src 'self' data:; object-src 'none'; form-action 'self'; base-uri 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://belastingdienst.dynv6.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 02 Dec 2024 15:01:34 GMT
content-type: application/json; charset=utf-8
vary: Origin
x-frame-options: DENY
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self'; script-src 'self' blob: https://downloads-global.3cx.com https://127.0.0.1:32018 'sha256-RCMl7PJ3K2nMoGZppLZeArO5M70Pbu1k+t6RIHZO7gE=' 'sha256-v6MhWrgXnOZrJTw+mK9MqEYevK8vvSmRZFjINsy76Mw=' 'sha256-Tui7QoFlnLXkJCSl1/JvEZdIXTmBttnWNxzJpXomQjg='; worker-src 'self' blob:; connect-src 'self' https://wmr-cdn.3cx.net https://downloads-global.3cx.com https://www.gravatar.com https://127.0.0.1:32018 https://platform-lookaside.fbsbx.com ws: wss:; img-src * data: blob:; frame-src 'self' docs.3cx.cloud tcx+app:; style-src 'self' 'unsafe-inline'; frame-ancestors 'none'; media-src 'self' data:; object-src 'none'; form-action 'self'; base-uri 'self'
cache-control: no-store
cross-origin-opener-policy: same-origin
pragma: no-cache
referrer-policy: no-referrer
cross-origin-embedder-policy: credentialless
access-control-allow-origin: https://belastingdienst.dynv6.net
x-xss-protection: 0
server: nginx

GET
H/1.1 404
Not Found fontawesome-webfont.ttf
belastingdienst.dynv6.net/fonts/ 0
0 162ms
161ms Font
text/html 185.45.195.219
HS Host Sailor Ltd

General

Check archive.org

Show headers Download Go to

Full URL: https://belastingdienst.dynv6.net/fonts/fontawesome-webfont.ttf?v=4.7.0
Requested by: Host: belastingdienst.dynv6.net
URL: https://belastingdienst.dynv6.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.45.195.219 Los Angeles, United States, ASN60117 (HS Host Sailor Ltd, AE),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash

Request headers

Origin: https://belastingdienst.dynv6.net
sec-ch-ua-platform: "Linux"
Referer: https://belastingdienst.dynv6.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

Keep-Alive: timeout=5, max=98
Content-Length: 288
Date: Mon, 02 Dec 2024 15:01:34 GMT
Content-Type: text/html; charset=iso-8859-1
Server: Apache/2.4.18 (Ubuntu)
Connection: Keep-Alive

GET
H/1.1 200
OK favicon.ico
belastingdienst.dynv6.net/assets/img/ 2 KB
2 KB 187ms
187ms Other
image/vnd.microsoft.icon 185.45.195.219
HS Host Sailor Ltd

General

Check archive.org

Show headers Download Go to

Full URL: https://belastingdienst.dynv6.net/assets/img/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.45.195.219 Los Angeles, United States, ASN60117 (HS Host Sailor Ltd, AE),
Reverse DNS
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: bf0122567c08c9b8201194a22321f37a89a0e81a1644939a7cf19d3d40e87983

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://belastingdienst.dynv6.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

ETag: "710-627e65ff33680"
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1808
Keep-Alive: timeout=5, max=97
Date: Mon, 02 Dec 2024 15:01:34 GMT
Last-Modified: Wed, 27 Nov 2024 15:11:06 GMT
Content-Type: image/vnd.microsoft.icon
Server: Apache/2.4.18 (Ubuntu)

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05ae288d82ce8468e204b31d81cb54b2806d22fdd4cd1d2467851b317ec9123b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: NL Government (Government)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| callus

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.3cx.com/	1970-01-21 01:25:53	Name: __cf_bm Value: jCfAJggPge_xSZrZO4EDoMVbdVyGIaBr6vwc4B86Aek-1733151693-1.0.1.1-2U77S30CD_Tizp9F.WXcKIsZV9BLVCdKJz42NNH1R2bTW1Ty07BaDI_GbP3nA1mFFqSL3LmM_L5dWVnNjr7Jqg

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://belastingdienst.dynv6.net/(Line 3) Message: Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.
network	error	URL: https://belastingdienst.dynv6.net/assets/js/jspdf.min.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://belastingdienst.dynv6.net/fonts/fontawesome-webfont.woff2?v=4.7.0 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://belastingdienst.dynv6.net/assets/js/html2canvas.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://belastingdienst.dynv6.net/assets/js/jquery.min.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://belastingdienst.dynv6.net/fonts/fontawesome-webfont.woff?v=4.7.0 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://belastingdienst.dynv6.net/fonts/fontawesome-webfont.ttf?v=4.7.0 Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1513.3cx.cloud
belastingdienst.dynv6.net
download.belastingdienst.nl
downloads-global.3cx.com
fonts.googleapis.com
fonts.gstatic.com
www.belastingdienst.nl
142.250.185.67
185.45.195.219
2606:4700:4400::6812:2313
2a00:1450:4001:809::200a
2a03:b0c0:2:d0::1057:2001
2a04:9a01:1002::19
2a04:9a01:1002::33
05ae288d82ce8468e204b31d81cb54b2806d22fdd4cd1d2467851b317ec9123b
24c2c8d65ef0423159d5505ed54492d1346611b076c14fd3af08e5364ce83d9e
33d3ea6a812870264966f5cd8f56ab61dcc351312093396503568c06a9c4293b
52d62465d244bef9c22960bed269d931eb2b705dff7f09a0bcf5ddba62554f45
5563fe6bd2ded6f1ab13dd6c7961c0d93d06cfce99069a98eb0f4c593111fb80
741fd13ddcab54d0fe9f6eb0c762a90c2842448db62dd407fdeb906cd2819f97
751b9c590152dcaa5331b5580ceddd43c680fd076d9c09b536b5c36372f46087
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
890aac78854e24716a0fd5c7c3fbe4701d51a3f5ef2a44a60c8caf0699f3c5d2
bf0122567c08c9b8201194a22321f37a89a0e81a1644939a7cf19d3d40e87983
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
ce8cd1720336b4719f6964a63674cdf2ec8c05121d321b4274e5079f595ace0e
db46619d34a60708879ce78f5067a77a905380849ea3d8fb67d70cb6dcac5714
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

belastingdienst.dynv6.net Open in urlscan Pro 185.45.195.219 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

19 Requests

100 %HTTPS

71 %IPv6

6 Domains

7 Subdomains

8 IPs

3 Countries

1002 kBTransfer

1470 kBSize

1 Cookies

0 Outgoing links

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

1 Cookies

7 Console Messages

Indicators

belastingdienst.dynv6.net Open in urlscan Pro
185.45.195.219 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

100 %
HTTPS

71 %
IPv6

6
Domains

7
Subdomains

8
IPs

3
Countries

1002 kB
Transfer

1470 kB
Size

1
Cookies

19 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!