Report - overheid-deurwaarders-schuld.com

Report Overview

Visited public
2025-02-28 11:03:24
Tags
URL
overheid-deurwaarders-schuld.com
Finishing URL
overheid-deurwaarders-schuld.com/
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Title
Belastingdienst

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
widget-v4.tidiochat.com	17456	2014-06-01	2018-06-14	2025-02-23	4.8 kB	1.5 MB	172.67.71.3
socket.tidio.co	14023	2014-06-01	2017-11-23	2025-02-23	1.3 kB	330 B	52.213.183.135
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-02-26	575 B	135 kB	142.250.74.10
code.tidio.co	15677	2014-06-01	2014-11-27	2025-02-22	454 B	6.8 kB	104.26.8.183
overheid-deurwaarders-schuld.com	unknown	2025-02-27	2025-02-28	2025-02-28	3.3 kB	2.0 MB	104.21.80.1
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-02-26	1.7 kB	139 kB	142.250.74.35

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-02-28	medium	overheid-deurwaarders-schuld.com	Sinkholed
2025-02-28	medium	overheid-deurwaarders-schuld.com	Sinkholed
2025-02-28	medium	overheid-deurwaarders-schuld.com	Sinkholed
2025-02-28	medium	overheid-deurwaarders-schuld.com	Sinkholed
2025-02-28	medium	overheid-deurwaarders-schuld.com	Sinkholed
2025-02-28	medium	overheid-deurwaarders-schuld.com	Sinkholed
2025-02-28	medium	overheid-deurwaarders-schuld.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (6)

	URL	From	Size	First Seen	Last Seen
	unknown	Function	37 B	2023-04-11	2025-06-24
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:31 Last Seen2025-06-24 04:48 Times Seen279784 Hash 29d0c84b9d1d8da446a6062c6a840ad9 6d6b3a6065667c7c50d92f3889c85ed65a9ad784 3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1 Loading...

	code.tidio.co/gnoddxbcwfxhbrac1ap3m8dtctmbwsew.js	ScriptElement	5.9 kB	2025-02-27	2025-03-04
Pretty URL code.tidio.co/gnoddxbcwfxhbrac1ap3m8dtctmbwsew.js IP 104.26.8.183 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-27 05:21 Last Seen2025-03-04 10:24 Times Seen70 Hash 9822af10eb11c33777e16c9285faacc8 09abea1c2f92ce840f7356c29ae0e05b001862d4 40b0b9bef5bb40453de4f4a1142d113c64602b7efaa58394225254719aa8abb6 Loading...

	widget-v4.tidiochat.com/1_305_0/static/js/widget.1a25e6864d7a4408e575.js	ScriptElement	496 kB	2025-02-27	2025-03-04
Pretty URL widget-v4.tidiochat.com/1_305_0/static/js/widget.1a25e6864d7a4408e575.js IP 172.67.71.3 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-27 05:21 Last Seen2025-03-04 10:24 Times Seen70 Hash 3ef5753b80b5118fa676812ddb559f6a 267a955747279bf8c1994bf2849d82e2945c14d3 98f3a1a1fbe9c856963cb47b5bded62cbfd90fc7271e72cc5f0436713c6e2c2d Loading...

	widget-v4.tidiochat.com/1_305_0/static/js/chunk-WidgetIframe-1a25e6864d7a4408e575.js	ScriptElement	434 kB	2025-02-27	2025-03-04
Pretty URL widget-v4.tidiochat.com/1_305_0/static/js/chunk-WidgetIframe-1a25e6864d7a4408e575.js IP 172.67.71.3 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-27 05:21 Last Seen2025-03-04 10:24 Times Seen69 Hash 735068b03ce2920f03986ad8a346dcd2 98b2c29aead69138c19311b18d461d90a9741f54 a775ef69e143001149239e795d91cd2b660c2b4ea26c4b260fdb532bb5f98869 Loading...

	overheid-deurwaarders-schuld.com/jquery-1.9.1.min.js	ScriptElement	93 kB	2023-03-07	2025-06-24
Pretty URL overheid-deurwaarders-schuld.com/jquery-1.9.1.min.js IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-24 04:37 Times Seen16063 Hash 397754ba49e9e0cf4e7c190da78dda05 ae49e56999d82802727455f0ba83b63acd90a22b c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4 Loading...

	overheid-deurwaarders-schuld.com/nicepage.js	ScriptElement	391 kB	2025-02-09	2025-03-05
Pretty URL overheid-deurwaarders-schuld.com/nicepage.js IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-09 22:00 Last Seen2025-03-05 18:50 Times Seen4 Hash 22066caf0bfe9fd23dd61ee8f765416d 1136b07d4797ac3e7c2accee3c5ac454651b6ff7 c2d8b93e685f46ae07948a7a3c98765ee909a6a287d1826aed4a7928c19ee36e Loading...

HTTP Transactions (24)

URL IP Response Size

GET overheid-deurwaarders-schuld.com/index.css

104.21.80.1

200 OK

906 B

URL GET HTTP/2
overheid-deurwaarders-schuld.com/index.css
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://overheid-deurwaarders-schuld.com/
Certificate
IssuerGoogle Trust Services
Subjectoverheid-deurwaarders-schuld.com
FingerprintEC:F0:0F:FD:F8:24:8D:98:8F:CD:4E:E5:CC:E9:A8:97:57:C9:49:FD
ValidityThu, 27 Feb 2025 19:17:43 GMT - Wed, 28 May 2025 20:13:41 GMT

File type
ASCII text
Size
906 B (906 bytes)
Hash
9b7e9afbf8f8981366897dcb33da931a
462aaeffb1d0d292b30dbfd805b3f25935d9d417
98267b76ae2c852e67054adf610c74922d7fce43f073d5fc9fc0480a24643a41

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /index.css HTTP/1.1
Host: overheid-deurwaarders-schuld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://overheid-deurwaarders-schuld.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 28 Feb 2025 11:02:59 GMT
content-type: text/css
content-length: 906
last-modified: Thu, 27 Feb 2025 12:13:36 GMT
etag: "17bf-62f1e9e943dfe-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KtPYUZnNU21fG1kBTO8TE%2Fnk%2Bc8dXMTlWJs9iS%2B87uVYpOc8UinQpvzuZLUSQhYo90A6obr4dS04toDkBIf7xdmBaXFwYSm3Wq5domQmYfuUnwEb8S0X4IUQ9dNUrlbWiH5qi05qTUvtLhM8yMF9vsywVA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 918feced3fd40b55-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=3871&min_rtt=466&rtt_var=6674&sent=17&recv=20&lost=0&retrans=0&sent_bytes=5914&recv_bytes=1641&delivery_rate=9252396&cwnd=257&unsent_bytes=0&cid=ce303c8e12228476&ts=796&x=0"
X-Firefox-Spdy: h2

GET overheid-deurwaarders-schuld.com/images/Logo_Belastingdienst.svg.png

104.21.80.1

200 OK

55 kB

URL GET HTTP/2
overheid-deurwaarders-schuld.com/images/Logo_Belastingdienst.svg.png
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://overheid-deurwaarders-schuld.com/
Certificate
IssuerGoogle Trust Services
Subjectoverheid-deurwaarders-schuld.com
FingerprintEC:F0:0F:FD:F8:24:8D:98:8F:CD:4E:E5:CC:E9:A8:97:57:C9:49:FD
ValidityThu, 27 Feb 2025 19:17:43 GMT - Wed, 28 May 2025 20:13:41 GMT

File type
PNG image data, 1200 x 667, 8-bit/color RGBA, non-interlaced
Size
55 kB (54584 bytes)
Hash
d8068d73964894082324d2de1c824d47
10afe7601742890d52c39135e520ec1afef22d5e
0149f7a894e28f6971802b0f74b0254337ce6176709d8113baacc0f691f8e69a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/Logo_Belastingdienst.svg.png HTTP/1.1
Host: overheid-deurwaarders-schuld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://overheid-deurwaarders-schuld.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 28 Feb 2025 11:02:59 GMT
content-type: image/png
content-length: 54584
last-modified: Thu, 27 Feb 2025 12:13:40 GMT
etag: "d538-62f1e9ed1376d"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HmcKKZuVjhou1CE1322v2srpwfc0ZrIgiDe8VNzTYjtF5THbhPbk%2BSFj9IsLg6YLyuVykKPFBG5GYYbx5zJ9B6BC3GwgvYznVJqFRRKzq80wz2jwyv6fTPVIxpWg%2FvJwbOT5PFe9LlAB3Z%2FDyn8I5IvqGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 918feced3fe10b55-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=958&min_rtt=410&rtt_var=882&sent=32&recv=35&lost=0&retrans=0&sent_bytes=22296&recv_bytes=1641&delivery_rate=25001438&cwnd=257&unsent_bytes=0&cid=ce303c8e12228476&ts=810&x=0"
X-Firefox-Spdy: h2

GET overheid-deurwaarders-schuld.com/jquery-1.9.1.min.js

104.21.80.1

200 OK

33 kB

URL GET HTTP/2
overheid-deurwaarders-schuld.com/jquery-1.9.1.min.js
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://overheid-deurwaarders-schuld.com/
Certificate
IssuerGoogle Trust Services
Subjectoverheid-deurwaarders-schuld.com
FingerprintEC:F0:0F:FD:F8:24:8D:98:8F:CD:4E:E5:CC:E9:A8:97:57:C9:49:FD
ValidityThu, 27 Feb 2025 19:17:43 GMT - Wed, 28 May 2025 20:13:41 GMT

File type
JavaScript source, ASCII text, with very long lines (32089)
Size
33 kB (32775 bytes)
Hash
397754ba49e9e0cf4e7c190da78dda05
ae49e56999d82802727455f0ba83b63acd90a22b
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /jquery-1.9.1.min.js HTTP/1.1
Host: overheid-deurwaarders-schuld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://overheid-deurwaarders-schuld.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 28 Feb 2025 11:02:59 GMT
content-type: text/javascript
content-length: 32775
last-modified: Thu, 27 Feb 2025 12:13:36 GMT
etag: "169d5-62f1e9e97dbc7-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EwSGoCqTk2xpl6IFqSrDacoq%2BQ7wo6JC862%2F9366gSJRxDrDqfHdxY2iHLQBejB8LsZgZpXxIOyYnIymPkYBHYZK%2FD%2FQeY2rUhkV%2Bl3vT%2FtGNCfZlfEBdbPQvU6V1OXr1hU6ThUhwMn9gaZbkvZ2szC%2F5g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 918feced3fd90b55-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2735&min_rtt=410&rtt_var=4524&sent=20&recv=23&lost=0&retrans=0&sent_bytes=7411&recv_bytes=1641&delivery_rate=9252396&cwnd=257&unsent_bytes=0&cid=ce303c8e12228476&ts=809&x=0"
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2

142.250.74.35

200 OK

40 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://overheid-deurwaarders-schuld.com/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintE1:4C:7D:BD:65:DC:FC:CD:59:FD:40:F4:A9:EE:C2:BA:91:98:B2:3D
ValidityMon, 03 Feb 2025 08:37:09 GMT - Mon, 28 Apr 2025 08:37:08 GMT

File type
Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
Size
40 kB (40128 bytes)
Hash
9a01b69183a9604ab3a439e388b30501
8ed1d59003d0dbe6360481017b44665153665fbe
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2

HTTP Headers

GET /s/roboto/v47/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://overheid-deurwaarders-schuld.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 27 Feb 2025 10:03:46 GMT
expires: Fri, 27 Feb 2026 10:03:46 GMT
cache-control: public, max-age=31536000
age: 89953
last-modified: Wed, 08 Jan 2025 18:23:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.35

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://overheid-deurwaarders-schuld.com/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintE1:4C:7D:BD:65:DC:FC:CD:59:FD:40:F4:A9:EE:C2:BA:91:98:B2:3D
ValidityMon, 03 Feb 2025 08:37:09 GMT - Mon, 28 Apr 2025 08:37:08 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://overheid-deurwaarders-schuld.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 27 Feb 2025 10:12:20 GMT
expires: Fri, 27 Feb 2026 10:12:20 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
age: 89439
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.35

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://overheid-deurwaarders-schuld.com/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintE1:4C:7D:BD:65:DC:FC:CD:59:FD:40:F4:A9:EE:C2:BA:91:98:B2:3D
ValidityMon, 03 Feb 2025 08:37:09 GMT - Mon, 28 Apr 2025 08:37:08 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://overheid-deurwaarders-schuld.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 27 Feb 2025 10:12:20 GMT
expires: Fri, 27 Feb 2026 10:12:20 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
age: 89439
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET widget-v4.tidiochat.com/gnoddxbcwfxhbrac1ap3m8dtctmbwsew.js

172.67.71.3

302 Found

2.9 kB

URL GET HTTP/2
widget-v4.tidiochat.com/gnoddxbcwfxhbrac1ap3m8dtctmbwsew.js
IP
172.67.71.3:443
ASN
#13335 CLOUDFLARENET

Requested by
https://overheid-deurwaarders-schuld.com/
Certificate
IssuerGoogle Trust Services
Subjecttidiochat.com
Fingerprint3E:79:22:6C:F5:1A:0C:47:5A:4E:99:53:35:34:7C:7E:7F:27:1D:AF
ValidityMon, 06 Jan 2025 06:13:03 GMT - Sun, 06 Apr 2025 07:12:50 GMT

File type
data
Size
2.9 kB (2945 bytes)
Hash
ed9ba5fbde44524ac08fabd5f40c69ea
0ac5c209ffd7d0ee123b9c27db310f5992e22697
1a057c89a0ba01b321fdb50bee36a6701340bfe398b85cee2ecd318f99af5f78

HTTP Headers

GET /gnoddxbcwfxhbrac1ap3m8dtctmbwsew.js HTTP/1.1
Host: widget-v4.tidiochat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://overheid-deurwaarders-schuld.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 28 Feb 2025 11:02:59 GMT
content-type: text/html
location: https://widget-v4.tidiochat.com/1_305_0/static/js/render.1a25e6864d7a4408e575.js
cache-control: private, no-cache, no-store, must-revalidate
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cugqFpejcOAaOva9YEliGsAvw28fy20LG7%2BNTzR4xoHHKFkmhYvgG0Hwt1JHbZUNBszSB3MDAinUb7d%2BDamElNaN%2FB9IFQv4UU0XIoGIXvObvdORl1VrhITp61HMfIzeOsHyMXN7hCtt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 918fecef3fd7568f-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=6238&min_rtt=473&rtt_var=11534&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3281&recv_bytes=1238&delivery_rate=7337837&cwnd=253&unsent_bytes=0&cid=79e19e5c895ada78&ts=95&x=0"
X-Firefox-Spdy: h2

GET widget-v4.tidiochat.com//tururu.mp3

172.67.71.3

206 Partial Content

7.2 kB

URL GET HTTP/2
widget-v4.tidiochat.com//tururu.mp3
IP
172.67.71.3:443
ASN
#13335 CLOUDFLARENET

Requested by
https://overheid-deurwaarders-schuld.com/
Certificate
IssuerGoogle Trust Services
Subjecttidiochat.com
Fingerprint3E:79:22:6C:F5:1A:0C:47:5A:4E:99:53:35:34:7C:7E:7F:27:1D:AF
ValidityMon, 06 Jan 2025 06:13:03 GMT - Sun, 06 Apr 2025 07:12:50 GMT

File type
MPEG ADTS, layer III, v1, 64 kbps, 44.1 kHz, Monaural
Size
7.2 kB (7224 bytes)
Hash
5061b4d134a7b4d5d744f9a127b757a8
c5e240ac60d3914cb3836ba6652105c67720b845
12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f

HTTP Headers

GET //tururu.mp3 HTTP/1.1
Host: widget-v4.tidiochat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 206 Partial Content
date: Fri, 28 Feb 2025 11:03:00 GMT
content-type: audio/mpeg
content-length: 7224
last-modified: Tue, 11 Feb 2025 08:53:33 GMT
etag: "67ab100d-1c38"
expires: Wed, 26 Feb 2025 03:07:34 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 1410926
content-range: bytes 0-7223/7224
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=crSFgdU3ctEEsvyVSb895RKuuLaeycXCFAPWSGnC5b08r34i59r9vFDn7Um2uwHTDFJmQH30Bkm7oAVmbvY3fVTeW5ti8%2FVU6CsXnGfLCRwvEHCroeeFtzud4swHDv5nb6OoRJhn9iW0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 918fecf21db4568f-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=968&min_rtt=426&rtt_var=610&sent=93&recv=43&lost=0&retrans=0&sent_bytes=111081&recv_bytes=1806&delivery_rate=36019900&cwnd=256&unsent_bytes=18288&cid=79e19e5c895ada78&ts=495&x=0"
X-Firefox-Spdy: h2

GET widget-v4.tidiochat.com/fonts/mulish_SGhgqk3wotYKNnBQ.woff2

172.67.71.3

200 OK

27 kB

URL GET HTTP/2
widget-v4.tidiochat.com/fonts/mulish_SGhgqk3wotYKNnBQ.woff2
IP
172.67.71.3:443
ASN
#13335 CLOUDFLARENET

Requested by
https://overheid-deurwaarders-schuld.com/
Certificate
IssuerGoogle Trust Services
Subjecttidiochat.com
Fingerprint3E:79:22:6C:F5:1A:0C:47:5A:4E:99:53:35:34:7C:7E:7F:27:1D:AF
ValidityMon, 06 Jan 2025 06:13:03 GMT - Sun, 06 Apr 2025 07:12:50 GMT

File type
Web Open Font Format (Version 2), TrueType, length 27400, version 1.0
Size
27 kB (27400 bytes)
Hash
d96e6550e1c6b3063f60875bfd4a0870
c1b22f0d075bd4413686866134fffcccb3f487b8
577db921a554af3596942d3c48b5c91feaac8c767e183d518a8de8de86e5c7d8

HTTP Headers

GET /fonts/mulish_SGhgqk3wotYKNnBQ.woff2 HTTP/1.1
Host: widget-v4.tidiochat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://overheid-deurwaarders-schuld.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 28 Feb 2025 11:03:00 GMT
content-type: font/woff2
content-length: 27400
last-modified: Wed, 26 Feb 2025 09:33:48 GMT
etag: "67bedffc-6b08"
access-control-allow-origin: *
cache-control: max-age=691200
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=351Vzigal4m7uNSfba2kL39Ul1Avc8XrpWUwpA%2BQKsnlXB3v0x8sasA5fSIib0b3niJnvVYu3WZYkUhtsdI3yQIhufHp8QfJy6DQlvus1UrHNyDk3r3Oe9woIp7n3IKKQwfgd1guXlTb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 918fecf1fd84568f-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=879&min_rtt=420&rtt_var=111&sent=263&recv=136&lost=0&retrans=0&sent_bytes=349918&recv_bytes=1906&delivery_rate=51075837&cwnd=160&unsent_bytes=0&cid=79e19e5c895ada78&ts=545&x=0"
X-Firefox-Spdy: h2

GET widget-v4.tidiochat.com//tururu.mp3

172.67.71.3

206 Partial Content

7.2 kB

URL GET HTTP/2
widget-v4.tidiochat.com//tururu.mp3
IP
172.67.71.3:443
ASN
#13335 CLOUDFLARENET

Requested by
https://overheid-deurwaarders-schuld.com/
Certificate
IssuerGoogle Trust Services
Subjecttidiochat.com
Fingerprint3E:79:22:6C:F5:1A:0C:47:5A:4E:99:53:35:34:7C:7E:7F:27:1D:AF
ValidityMon, 06 Jan 2025 06:13:03 GMT - Sun, 06 Apr 2025 07:12:50 GMT

File type
MPEG ADTS, layer III, v1, 64 kbps, 44.1 kHz, Monaural
Size
7.2 kB (7224 bytes)
Hash
5061b4d134a7b4d5d744f9a127b757a8
c5e240ac60d3914cb3836ba6652105c67720b845
12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f

HTTP Headers

GET //tururu.mp3 HTTP/1.1
Host: widget-v4.tidiochat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 206 Partial Content
date: Fri, 28 Feb 2025 11:03:00 GMT
content-type: audio/mpeg
content-length: 7224
last-modified: Tue, 11 Feb 2025 08:53:33 GMT
etag: "67ab100d-1c38"
expires: Wed, 26 Feb 2025 03:07:34 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 1410926
content-range: bytes 0-7223/7224
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kzw3cZQWdktb15IasONFe53cATeTU7Xshq3fEW619D1QOjI3KrwVJ9vNAKY4YfHXdQGJCs3PKG%2Fw3IjHq2MM3ng%2BGzp2uS34kMsKEI0OKX9xJEWPbJlLTZ%2F2I9ZqSs8puI4zc8Mm4guj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 918fecf35841568f-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=6746&min_rtt=420&rtt_var=11619&sent=284&recv=148&lost=0&retrans=0&sent_bytes=377998&recv_bytes=1981&delivery_rate=51075837&cwnd=182&unsent_bytes=0&cid=79e19e5c895ada78&ts=708&x=0"
X-Firefox-Spdy: h2

socket.tidio.co/socket.io/?ppk=gnoddxbcwfxhbrac1ap3m8dtctmbwsew&device=desktop&cmv=2_0&EIO=4&transport=websocket

52.213.183.135

101 Switching Protocols

0 B

URL
socket.tidio.co/socket.io/?ppk=gnoddxbcwfxhbrac1ap3m8dtctmbwsew&device=desktop&cmv=2_0&EIO=4&transport=websocket
IP
52.213.183.135:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /socket.io/?ppk=gnoddxbcwfxhbrac1ap3m8dtctmbwsew&device=desktop&cmv=2_0&EIO=4&transport=websocket HTTP/1.1
Host: socket.tidio.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://overheid-deurwaarders-schuld.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: fcH8h+r1pdHFGKwliEn74Q==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Fri, 28 Feb 2025 11:03:00 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: b97YFzyviGaRwqrsRRCE1pfF66Y=

GET widget-v4.tidiochat.com/fonts/mulish_SGhgqk3wotYKNnBQ.woff2

172.67.71.3

200 OK

27 kB

URL GET HTTP/2
widget-v4.tidiochat.com/fonts/mulish_SGhgqk3wotYKNnBQ.woff2
IP
172.67.71.3:443
ASN
#13335 CLOUDFLARENET

Requested by
https://overheid-deurwaarders-schuld.com/
Certificate
IssuerGoogle Trust Services
Subjecttidiochat.com
Fingerprint3E:79:22:6C:F5:1A:0C:47:5A:4E:99:53:35:34:7C:7E:7F:27:1D:AF
ValidityMon, 06 Jan 2025 06:13:03 GMT - Sun, 06 Apr 2025 07:12:50 GMT

File type
Web Open Font Format (Version 2), TrueType, length 27400, version 1.0
Size
27 kB (27400 bytes)
Hash
d96e6550e1c6b3063f60875bfd4a0870
c1b22f0d075bd4413686866134fffcccb3f487b8
577db921a554af3596942d3c48b5c91feaac8c767e183d518a8de8de86e5c7d8

HTTP Headers

GET /fonts/mulish_SGhgqk3wotYKNnBQ.woff2 HTTP/1.1
Host: widget-v4.tidiochat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://overheid-deurwaarders-schuld.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 28 Feb 2025 11:03:01 GMT
content-type: font/woff2
content-length: 27400
last-modified: Wed, 26 Feb 2025 09:33:48 GMT
etag: "67bedffc-6b08"
access-control-allow-origin: *
cache-control: max-age=691200
cf-cache-status: HIT
age: 1
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8qHWYVQ4Lfk8EVLviDpYQOQr40IrusZI6jfeI60b%2B3it%2F1ltFkP3%2BXumXiiBjoXUz6UPju1oCx1fpiXOEalFc0B0TyNyQUKWs7w%2BBSx25fRpZLdbW81iBA3B%2BLQUOjyMqOQlgJr9%2F4aC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 918fecf728f8568f-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=1510&min_rtt=420&rtt_var=214&sent=397&recv=262&lost=0&retrans=0&sent_bytes=535453&recv_bytes=2184&delivery_rate=50654672&cwnd=186&unsent_bytes=0&cid=79e19e5c895ada78&ts=1317&x=0"
X-Firefox-Spdy: h2

GET widget-v4.tidiochat.com/fonts/mulish_SGhgqk3wotYKNnBQ.woff2

172.67.71.3

200 OK

27 kB

URL GET HTTP/2
widget-v4.tidiochat.com/fonts/mulish_SGhgqk3wotYKNnBQ.woff2
IP
172.67.71.3:443
ASN
#13335 CLOUDFLARENET

Requested by
https://overheid-deurwaarders-schuld.com/
Certificate
IssuerGoogle Trust Services
Subjecttidiochat.com
Fingerprint3E:79:22:6C:F5:1A:0C:47:5A:4E:99:53:35:34:7C:7E:7F:27:1D:AF
ValidityMon, 06 Jan 2025 06:13:03 GMT - Sun, 06 Apr 2025 07:12:50 GMT

File type
Web Open Font Format (Version 2), TrueType, length 27400, version 1.0
Size
27 kB (27400 bytes)
Hash
d96e6550e1c6b3063f60875bfd4a0870
c1b22f0d075bd4413686866134fffcccb3f487b8
577db921a554af3596942d3c48b5c91feaac8c767e183d518a8de8de86e5c7d8

HTTP Headers

GET /fonts/mulish_SGhgqk3wotYKNnBQ.woff2 HTTP/1.1
Host: widget-v4.tidiochat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://overheid-deurwaarders-schuld.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 28 Feb 2025 11:03:01 GMT
content-type: font/woff2
content-length: 27400
last-modified: Wed, 26 Feb 2025 09:33:48 GMT
etag: "67bedffc-6b08"
access-control-allow-origin: *
cache-control: max-age=691200
cf-cache-status: HIT
age: 1
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pc25jaHdK8LZXKazXAgOP%2FFHzztT8ZMBOoiku%2B7iN1Jcv6xjhWNPGFZs5I6SN9kasH0vOrbn3brFNnyoSI6BZDhW3%2FKwk7Wi%2F%2F%2BUMTSGaimcP95QiwDgqGhW0NoUTKccQwslR8tPLZtu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 918fecfcecac568f-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=763&min_rtt=420&rtt_var=91&sent=418&recv=284&lost=0&retrans=0&sent_bytes=563428&recv_bytes=2278&delivery_rate=50654672&cwnd=186&unsent_bytes=0&cid=79e19e5c895ada78&ts=2231&x=0"
X-Firefox-Spdy: h2

GET widget-v4.tidiochat.com/1_305_0/static/js/widget.1a25e6864d7a4408e575.js

172.67.71.3

200 OK

496 kB

URL GET HTTP/2
widget-v4.tidiochat.com/1_305_0/static/js/widget.1a25e6864d7a4408e575.js
IP
172.67.71.3:443
ASN
#13335 CLOUDFLARENET

Requested by
https://overheid-deurwaarders-schuld.com/
Certificate
IssuerGoogle Trust Services
Subjecttidiochat.com
Fingerprint3E:79:22:6C:F5:1A:0C:47:5A:4E:99:53:35:34:7C:7E:7F:27:1D:AF
ValidityMon, 06 Jan 2025 06:13:03 GMT - Sun, 06 Apr 2025 07:12:50 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
496 kB (496169 bytes)
Hash
3ef5753b80b5118fa676812ddb559f6a
267a955747279bf8c1994bf2849d82e2945c14d3
98f3a1a1fbe9c856963cb47b5bded62cbfd90fc7271e72cc5f0436713c6e2c2d

HTTP Headers

GET /1_305_0/static/js/widget.1a25e6864d7a4408e575.js HTTP/1.1
Host: widget-v4.tidiochat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 28 Feb 2025 11:03:00 GMT
content-type: application/javascript
last-modified: Wed, 26 Feb 2025 09:33:51 GMT
vary: Accept-Encoding
etag: W/"67bedfff-79229"
content-encoding: gzip
cache-control: max-age=691200
cf-cache-status: HIT
age: 4897
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wRiN%2FarQQFIgvTYkpTggiKr4Zh5w1fRCxRsmOnzybj3PNdqRwBgKiYhgeXjnncpsZgK5fZwWzRJ86PxPiZOxU%2FbLxPe6FAKdSdlglNHdA%2FG3QC4FzMMW%2F%2B1t1xr9Ci9KNNSjToNCctDZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 918fecf22def568f-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=598&min_rtt=426&rtt_var=30&sent=134&recv=72&lost=0&retrans=0&sent_bytes=165571&recv_bytes=1906&delivery_rate=43669841&cwnd=148&unsent_bytes=0&cid=79e19e5c895ada78&ts=512&x=0"
X-Firefox-Spdy: h2

GET fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i|Open+Sans:300,300i,400,400i,500,500i,600,600i,700,700i,800,800i

142.250.74.10

200 OK

134 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i|Open+Sans:300,300i,400,400i,500,500i,600,600i,700,700i,800,800i
IP
142.250.74.10:443
ASN
#15169 GOOGLE

Requested by
https://overheid-deurwaarders-schuld.com/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintD9:DA:31:61:C2:D7:49:CF:50:B6:1B:FE:BA:EC:9D:12:91:8D:10:AC
ValidityMon, 03 Feb 2025 08:37:09 GMT - Mon, 28 Apr 2025 08:37:08 GMT

File type
ASCII text, with very long lines (1572)
Size
134 kB (134502 bytes)
Hash
abad298b32a0c9b6b173fbe2d27aba89
1420978a5cf5ebd87a588a8e903073f013c9d23e
485671d887f8f137d94949044b6af42ebdf57c463f1f3f251486071c975a4096

HTTP Headers

GET /css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i|Open+Sans:300,300i,400,400i,500,500i,600,600i,700,700i,800,800i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://overheid-deurwaarders-schuld.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 28 Feb 2025 11:02:59 GMT
date: Fri, 28 Feb 2025 11:02:59 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET widget-v4.tidiochat.com/1_305_0/static/js/render.1a25e6864d7a4408e575.js

172.67.71.3

200 OK

5.9 kB

URL GET HTTP/2
widget-v4.tidiochat.com/1_305_0/static/js/render.1a25e6864d7a4408e575.js
IP
172.67.71.3:443
ASN
#13335 CLOUDFLARENET

Requested by
https://overheid-deurwaarders-schuld.com/
Certificate
IssuerGoogle Trust Services
Subjecttidiochat.com
Fingerprint3E:79:22:6C:F5:1A:0C:47:5A:4E:99:53:35:34:7C:7E:7F:27:1D:AF
ValidityMon, 06 Jan 2025 06:13:03 GMT - Sun, 06 Apr 2025 07:12:50 GMT

File type
JavaScript source, ASCII text, with very long lines (6095), with no line terminators
Size
5.9 kB (5944 bytes)
Hash
c44ba4bf691585e23facbfda61ca4494
8391351ce81b9c375bbfb1a5c9ae84d391c7af48
aaa21a33f82c3463dcbbd97ce37b023577005bbfb8325dd4ca1495053e8a2d4d

HTTP Headers

GET /1_305_0/static/js/render.1a25e6864d7a4408e575.js HTTP/1.1
Host: widget-v4.tidiochat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://overheid-deurwaarders-schuld.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 28 Feb 2025 11:02:59 GMT
content-type: application/javascript
last-modified: Wed, 26 Feb 2025 09:33:51 GMT
vary: Accept-Encoding
etag: W/"67bedfff-1738"
content-encoding: gzip
cache-control: max-age=691200
cf-cache-status: HIT
age: 4929
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hFhQCQuIFBpWtfZLxslBaerSoUBdpdGVzpH6owPSqYuG%2FcMFBHas5Yqy5ORCpCGpsvqRzSgKgUMDWKz56ucMGWKVtjokzvpeI4mpOhtV1FNbLJRTZu8rmrfZOmG35c5g31arByh%2BTQhh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 918fecf07a55568f-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=4887&min_rtt=452&rtt_var=8831&sent=11&recv=14&lost=0&retrans=0&sent_bytes=4152&recv_bytes=1339&delivery_rate=7337837&cwnd=255&unsent_bytes=0&cid=79e19e5c895ada78&ts=243&x=0"
X-Firefox-Spdy: h2

GET overheid-deurwaarders-schuld.com/images/favicon.ico

104.21.80.1

404 Not Found

294 B

URL GET HTTP/3
overheid-deurwaarders-schuld.com/images/favicon.ico
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://overheid-deurwaarders-schuld.com/
Certificate
IssuerGoogle Trust Services
Subjectoverheid-deurwaarders-schuld.com
FingerprintEC:F0:0F:FD:F8:24:8D:98:8F:CD:4E:E5:CC:E9:A8:97:57:C9:49:FD
ValidityThu, 27 Feb 2025 19:17:43 GMT - Wed, 28 May 2025 20:13:41 GMT

File type
HTML document, ASCII text, with very long lines (305), with no line terminators
Size
294 B (294 bytes)
Hash
31330efa55ed6e9f7958198784dd00f6
8654f9eb34233f6dda4053c731bda7b2023541e0
d4d5d111438f06263eef6fc4603ea38869b0efacc220457440e2199a944cced9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/favicon.ico HTTP/1.1
Host: overheid-deurwaarders-schuld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://overheid-deurwaarders-schuld.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Fri, 28 Feb 2025 11:03:00 GMT
content-type: text/html; charset=iso-8859-1
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UAy3QjOolI3dtmXsFxnwCu1tFzfkk%2FjjHNN9HZvuh4JPYFLHeo9gdIHnzU4aZYTYZ9kECn2fYsd6V%2F03s%2BboefGOQ4LJh2rQTZTPK0XhXQF%2B6mGKWNh8L%2B2sbfrhMCuFf7b%2FsiBNA3%2BWYJw2IyM0NXieKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-cache-status: EXPIRED
content-encoding: br
cf-ray: 918fecf1ee7a56b7-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET overheid-deurwaarders-schuld.com/

104.21.80.1

200 OK

6.3 kB

URL User Request GET HTTP/2
overheid-deurwaarders-schuld.com/
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectoverheid-deurwaarders-schuld.com
FingerprintEC:F0:0F:FD:F8:24:8D:98:8F:CD:4E:E5:CC:E9:A8:97:57:C9:49:FD
ValidityThu, 27 Feb 2025 19:17:43 GMT - Wed, 28 May 2025 20:13:41 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (6695), with no line terminators
Size
6.3 kB (6334 bytes)
Hash
3d160d5fc12092ce46b9eebae9d164a0
253ddc63fe572d735aa311b09414a82b26cd59ce
5a3c1bd80df4fc0d3d1d593fdfa1d8ac5c01859e22b73d8dc57eb1150d02c718

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: overheid-deurwaarders-schuld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 28 Feb 2025 11:02:59 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sUK7wOLGlFMITe8zNxeS9hhDBOio6NM0%2FISzFCgYGeVcr0BaprtqkGzSviM1iQazdPHpEkJ8f%2FpURrfhaOr3vtzSOZxx6ygzVYj1q1iczGP%2FsCTDe7XHaG045aCFZmnKrOhS4UP%2F3GZ4118f8IX9SM0UUg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 918fece8f8350b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6222&min_rtt=466&rtt_var=11410&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3261&recv_bytes=1137&delivery_rate=7798922&cwnd=254&unsent_bytes=0&cid=ce303c8e12228476&ts=451&x=0"
X-Firefox-Spdy: h2

GET overheid-deurwaarders-schuld.com/nicepage.css

104.21.80.1

200 OK

1.5 MB

URL GET HTTP/2
overheid-deurwaarders-schuld.com/nicepage.css
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://overheid-deurwaarders-schuld.com/
Certificate
IssuerGoogle Trust Services
Subjectoverheid-deurwaarders-schuld.com
FingerprintEC:F0:0F:FD:F8:24:8D:98:8F:CD:4E:E5:CC:E9:A8:97:57:C9:49:FD
ValidityThu, 27 Feb 2025 19:17:43 GMT - Wed, 28 May 2025 20:13:41 GMT

File type

Size
1.5 MB (1514073 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /nicepage.css HTTP/1.1
Host: overheid-deurwaarders-schuld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://overheid-deurwaarders-schuld.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 28 Feb 2025 11:02:59 GMT
content-type: text/css
last-modified: Thu, 27 Feb 2025 12:13:37 GMT
etag: "171a59-62f1e9ea08689-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6DT9DtRs%2BP6cjyBs4LqcEvD16Tvvnmkc%2FABq3clVySrPB7l%2B%2BgJphPRmPAdrZrzDz9OD9sAyg6z2T9cwVdMdwhCwTsy%2BKih4uW%2FqwPUAscaUe8dHvkpEuG2o29aMOLWLi4GY79fQ3y7v%2B8UYzJL56mM9Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 918feced3fcd0b55-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=643&min_rtt=379&rtt_var=109&sent=90&recv=51&lost=0&retrans=0&sent_bytes=96912&recv_bytes=1641&delivery_rate=64932735&cwnd=257&unsent_bytes=0&cid=ce303c8e12228476&ts=847&x=0"
X-Firefox-Spdy: h2

GET socket.tidio.co/socket.io/?ppk=gnoddxbcwfxhbrac1ap3m8dtctmbwsew&device=desktop&cmv=2_0&EIO=4&transport=websocket

52.213.183.135

101 Switching Protocols

0 B

URL GET HTTP/1.1
socket.tidio.co/socket.io/?ppk=gnoddxbcwfxhbrac1ap3m8dtctmbwsew&device=desktop&cmv=2_0&EIO=4&transport=websocket
IP
52.213.183.135:443
ASN
#16509 AMAZON-02

Requested by
https://overheid-deurwaarders-schuld.com/
Certificate
IssuerAmazon
Subjecttidio.co
Fingerprint72:18:5F:30:9E:07:D9:62:08:23:05:18:81:2C:D2:1F:11:C9:B7:D3
ValidityMon, 20 Jan 2025 00:00:00 GMT - Thu, 19 Feb 2026 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /socket.io/?ppk=gnoddxbcwfxhbrac1ap3m8dtctmbwsew&device=desktop&cmv=2_0&EIO=4&transport=websocket HTTP/1.1
Host: socket.tidio.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://overheid-deurwaarders-schuld.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: fcH8h+r1pdHFGKwliEn74Q==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Fri, 28 Feb 2025 11:03:00 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: b97YFzyviGaRwqrsRRCE1pfF66Y=

GET widget-v4.tidiochat.com/1_305_0/static/js/chunk-WidgetIframe-1a25e6864d7a4408e575.js

172.67.71.3

200 OK

434 kB

URL GET HTTP/2
widget-v4.tidiochat.com/1_305_0/static/js/chunk-WidgetIframe-1a25e6864d7a4408e575.js
IP
172.67.71.3:443
ASN
#13335 CLOUDFLARENET

Requested by
https://overheid-deurwaarders-schuld.com/
Certificate
IssuerGoogle Trust Services
Subjecttidiochat.com
Fingerprint3E:79:22:6C:F5:1A:0C:47:5A:4E:99:53:35:34:7C:7E:7F:27:1D:AF
ValidityMon, 06 Jan 2025 06:13:03 GMT - Sun, 06 Apr 2025 07:12:50 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
434 kB (433967 bytes)
Hash
735068b03ce2920f03986ad8a346dcd2
98b2c29aead69138c19311b18d461d90a9741f54
a775ef69e143001149239e795d91cd2b660c2b4ea26c4b260fdb532bb5f98869

HTTP Headers

GET /1_305_0/static/js/chunk-WidgetIframe-1a25e6864d7a4408e575.js HTTP/1.1
Host: widget-v4.tidiochat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 28 Feb 2025 11:03:00 GMT
content-type: application/javascript
last-modified: Wed, 26 Feb 2025 09:33:51 GMT
vary: Accept-Encoding
etag: W/"67bedfff-69f2f"
content-encoding: gzip
cache-control: max-age=691200
cf-cache-status: HIT
age: 4901
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3tfm5c%2B1AQ7P8gwEkTxV2p0HlCiHHZ7Oymy8ESgBZBrUJwtA05cBvqMZdtybxtsPw0I3FwGWK%2FMEWeXTgQQpr3dfVyXPLCI%2FBivMikguohOqp0E53qvxUPb%2FkADiOGG4MTeXZoeesPqd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 918fecf1fd7e568f-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=3428&min_rtt=426&rtt_var=5923&sent=15&recv=20&lost=0&retrans=0&sent_bytes=7075&recv_bytes=1806&delivery_rate=8337811&cwnd=256&unsent_bytes=0&cid=79e19e5c895ada78&ts=490&x=0"
X-Firefox-Spdy: h2

GET widget-v4.tidiochat.com/1_305_0/static/js/chunk-WidgetIframe-1a25e6864d7a4408e575.js

172.67.71.3

200 OK

434 kB

URL GET HTTP/2
widget-v4.tidiochat.com/1_305_0/static/js/chunk-WidgetIframe-1a25e6864d7a4408e575.js
IP
172.67.71.3:443
ASN
#13335 CLOUDFLARENET

Requested by
https://overheid-deurwaarders-schuld.com/
Certificate
IssuerGoogle Trust Services
Subjecttidiochat.com
Fingerprint3E:79:22:6C:F5:1A:0C:47:5A:4E:99:53:35:34:7C:7E:7F:27:1D:AF
ValidityMon, 06 Jan 2025 06:13:03 GMT - Sun, 06 Apr 2025 07:12:50 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
434 kB (433967 bytes)
Hash
735068b03ce2920f03986ad8a346dcd2
98b2c29aead69138c19311b18d461d90a9741f54
a775ef69e143001149239e795d91cd2b660c2b4ea26c4b260fdb532bb5f98869

HTTP Headers

GET /1_305_0/static/js/chunk-WidgetIframe-1a25e6864d7a4408e575.js HTTP/1.1
Host: widget-v4.tidiochat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 28 Feb 2025 11:03:00 GMT
content-type: application/javascript
last-modified: Wed, 26 Feb 2025 09:33:51 GMT
vary: Accept-Encoding
etag: W/"67bedfff-69f2f"
content-encoding: gzip
cache-control: max-age=691200
cf-cache-status: HIT
age: 4901
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4JJUBinji87cXccSWYaYqQjirVCXNs5C0ERBD0eE4yBj3EgHd6UXfRNiBgpjJkrjT4eGdh%2B%2Fd97m4YaY8CBdDOVL3M7cDAj9KTlb%2FJAag2Go8GnzjSAiD1dTs4o%2FM34R73otc0%2BBjoV7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 918fecf59d9a568f-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=3150&min_rtt=420&rtt_var=4459&sent=292&recv=156&lost=0&retrans=0&sent_bytes=385726&recv_bytes=2090&delivery_rate=51075837&cwnd=186&unsent_bytes=0&cid=79e19e5c895ada78&ts=1065&x=0"
X-Firefox-Spdy: h2

GET overheid-deurwaarders-schuld.com/nicepage.js

104.21.80.1

200 OK

391 kB

URL GET HTTP/2
overheid-deurwaarders-schuld.com/nicepage.js
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://overheid-deurwaarders-schuld.com/
Certificate
IssuerGoogle Trust Services
Subjectoverheid-deurwaarders-schuld.com
FingerprintEC:F0:0F:FD:F8:24:8D:98:8F:CD:4E:E5:CC:E9:A8:97:57:C9:49:FD
ValidityThu, 27 Feb 2025 19:17:43 GMT - Wed, 28 May 2025 20:13:41 GMT

File type

Size
391 kB (391325 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /nicepage.js HTTP/1.1
Host: overheid-deurwaarders-schuld.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://overheid-deurwaarders-schuld.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 28 Feb 2025 11:02:59 GMT
content-type: text/javascript
last-modified: Thu, 27 Feb 2025 12:13:37 GMT
etag: "5f89d-62f1e9ea66a5b-gzip"
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y3odrYvzKQ%2B%2FEw6dLBt%2BwcsUV78Lqx46tP8bJMkfSIPB3NC5W6ygai1GTCp7SWbicE%2B3L3fZdsvCqW1XwRb5gJKtsNKWky2zyPZw5GyreQgzA%2Fzt%2FQ5v4LA48A%2F2jKci46QWkKUdH3tUxx3cOGDngsH1ow%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 918feced3fdd0b55-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=775&min_rtt=379&rtt_var=78&sent=113&recv=74&lost=0&retrans=0&sent_bytes=128335&recv_bytes=1641&delivery_rate=64932735&cwnd=257&unsent_bytes=0&cid=ce303c8e12228476&ts=853&x=0"
X-Firefox-Spdy: h2

GET code.tidio.co/gnoddxbcwfxhbrac1ap3m8dtctmbwsew.js

104.26.8.183

302 Found

5.9 kB

URL GET HTTP/2
code.tidio.co/gnoddxbcwfxhbrac1ap3m8dtctmbwsew.js
IP
104.26.8.183:443
ASN
#13335 CLOUDFLARENET

Requested by
https://overheid-deurwaarders-schuld.com/
Certificate
IssuerGoogle Trust Services
Subjecttidio.co
Fingerprint44:04:1D:6E:F3:83:ED:FB:EC:8C:9E:38:07:D8:CC:34:8B:21:29:17
ValidityMon, 06 Jan 2025 00:56:24 GMT - Sun, 06 Apr 2025 01:56:19 GMT

File type

Size
5.9 kB (5944 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /gnoddxbcwfxhbrac1ap3m8dtctmbwsew.js HTTP/1.1
Host: code.tidio.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://overheid-deurwaarders-schuld.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 28 Feb 2025 11:02:59 GMT
content-type: text/html; charset=UTF-8
location: https://widget-v4.tidiochat.com/gnoddxbcwfxhbrac1ap3m8dtctmbwsew.js
cache-control: public, s-maxage=300, max-age=0
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1o%2Bppq3lcl0ICjAncAQVTDMHuMCXWwTWut3nkm4mxUsAVZoqLg25rECvrllZHgJX7Ptln%2BSzmeZ0iE%2Fkm8A5BRNSY3UyZmMOhpfMVkF2VjVivInHYWUluKaG%2F47s%2FBk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 918feced9f5c56bf-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=5605&min_rtt=451&rtt_var=10295&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3188&recv_bytes=1095&delivery_rate=7502590&cwnd=254&unsent_bytes=0&cid=3c50f410d2acb24a&ts=205&x=0"
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (6)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (24)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash