urlscan.io logo urlscan.io
SecurityTrails logo

mailingtool.iwink.nl Open in urlscan Pro
2a01:1b0:7999:706::1337:1002  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://mailingtool.iwink.nl/permalink/a04c89/175570646
Effective URL: https://mailingtool.iwink.nl/webapp.php?rh=permalink&hash=a04c89&mid=175570646
Submission: On June 14 via api from AT — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 7 HTTP transactions. The main IP is 2a01:1b0:7999:706::1337:1002, located in Netherlands and belongs to DUOCAST-AS, NL. The main domain is mailingtool.iwink.nl.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 25th 2023. Valid for: a year.
This is the only time mailingtool.iwink.nl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 2a01:1b0:7999... 31477 (DUOCAST-AS)
2 2a01:7c8:e001... 20857 (TRANSIP-A...)
7 2
Apex Domain
Subdomains		 Transfer
6 iwink.nl
mailingtool.iwink.nl
8 KB
2 gasunietransportservices.nl
www.gasunietransportservices.nl
8 KB
7 2
Domain Requested by
6 mailingtool.iwink.nl 1 redirects mailingtool.iwink.nl
2 www.gasunietransportservices.nl mailingtool.iwink.nl
7 2

This site contains no links.

Subject Issuer Validity Valid
*.iwink.nl
Sectigo RSA Domain Validation Secure Server CA		 2023-04-25 -
2024-05-25		 a year crt.sh
www.gasunietransportservices.nl
Sectigo RSA Extended Validation Secure Server CA		 2023-04-26 -
2024-05-12		 a year crt.sh

This page contains 1 frames:

Primary Page: https://mailingtool.iwink.nl/webapp.php?rh=permalink&hash=a04c89&mid=175570646
Frame ID: DFC12AC230E83FEB218D0EE00D1397B2
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Phishing mail sent on behalf of Gasunie Transport Services - Gasunie Transport Services B.V. <customerdesk@gastransport.nl>

Page URL History Show full URLs

  1. https://mailingtool.iwink.nl/permalink/a04c89/175570646 HTTP 301
    https://mailingtool.iwink.nl/webapp.php?rh=permalink&hash=a04c89&mid=175570646 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • (?:_base/js/base|wink).*\.js

Page Statistics

7
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

16 kB
Transfer

35 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mailingtool.iwink.nl/permalink/a04c89/175570646 HTTP 301
    https://mailingtool.iwink.nl/webapp.php?rh=permalink&hash=a04c89&mid=175570646 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request webapp.php
mailingtool.iwink.nl/
Redirect Chain
  • https://mailingtool.iwink.nl/permalink/a04c89/175570646
  • https://mailingtool.iwink.nl/webapp.php?rh=permalink&hash=a04c89&mid=175570646
23 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mailingtool.iwink.nl/webapp.php?rh=permalink&hash=a04c89&mid=175570646
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:1b0:7999:706::1337:1002 , Netherlands, ASN31477 (DUOCAST-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
22fa53d73a867c20fca460a0c7bc1e542c3fbe6eb8be0fe025d60d9c935c27f0
Security Headers
Name Value
Strict-Transport-Security max-age=2678400 max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
0
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 14 Jun 2023 04:45:22 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=2678400 max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-ua-compatible
IE=9
x-xss-protection
1; mode=block

Redirect headers

age
0
content-length
294
content-type
text/html; charset=iso-8859-1
date
Wed, 14 Jun 2023 04:45:22 GMT
location
https://mailingtool.iwink.nl/webapp.php?rh=permalink&hash=a04c89&mid=175570646
server
nginx
strict-transport-security
max-age=31536000
permalink.css
mailingtool.iwink.nl/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mailingtool.iwink.nl/css/permalink.css?ver=1
Requested by
Host: mailingtool.iwink.nl
URL: https://mailingtool.iwink.nl/webapp.php?rh=permalink&hash=a04c89&mid=175570646
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:1b0:7999:706::1337:1002 , Netherlands, ASN31477 (DUOCAST-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
af2704b7933da4e2dba65c6e5dd9d1948c53d1ee1010539064c3e383f3f59fb3
Security Headers
Name Value
Strict-Transport-Security max-age=2678400, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mailingtool.iwink.nl/webapp.php?rh=permalink&hash=a04c89&mid=175570646
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 04:45:22 GMT
strict-transport-security
max-age=2678400, max-age=31536000
x-content-type-options
nosniff
last-modified
Tue, 03 May 2022 20:19:32 GMT
server
nginx
age
253391
vary
Accept-Encoding, X-Forwarded-Proto
x-frame-options
SAMEORIGIN
content-type
text/css
content-encoding
gzip
cache-control
public, max-age=604800
x-xss-protection
1; mode=block
x-ua-compatible
IE=9
tellafriend.js
mailingtool.iwink.nl/js/ 		475 B
638 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mailingtool.iwink.nl/js/tellafriend.js
Requested by
Host: mailingtool.iwink.nl
URL: https://mailingtool.iwink.nl/webapp.php?rh=permalink&hash=a04c89&mid=175570646
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:1b0:7999:706::1337:1002 , Netherlands, ASN31477 (DUOCAST-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
38383d6829a6bce3b8fe6729c7a5fc0377191ec2915e37931a45a6edb2400948
Security Headers
Name Value
Strict-Transport-Security max-age=2678400, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mailingtool.iwink.nl/webapp.php?rh=permalink&hash=a04c89&mid=175570646
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 04:45:22 GMT
strict-transport-security
max-age=2678400, max-age=31536000
x-content-type-options
nosniff
last-modified
Tue, 16 Nov 2021 21:46:05 GMT
server
nginx
content-encoding
gzip
age
253391
x-frame-options
SAMEORIGIN
vary
X-Forwarded-Proto, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
276
x-xss-protection
1; mode=block
x-ua-compatible
IE=9
gts-logo.png
www.gasunietransportservices.nl/public/mailing/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gasunietransportservices.nl/public/mailing/img/gts-logo.png
Requested by
Host: mailingtool.iwink.nl
URL: https://mailingtool.iwink.nl/webapp.php?rh=permalink&hash=a04c89&mid=175570646
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7c8:e001:128::3915 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
263ee44130c4f160409750b4faf3e5015d626bf7f118a4a65b57cdb071ee2536
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mailingtool.iwink.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 04:45:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Mon, 21 Nov 2016 08:14:53 GMT
server
nginx
age
256696
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
7203
x-ua-compatible
IE=edge
permalinkprint.css
mailingtool.iwink.nl/css/ 		235 B
489 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mailingtool.iwink.nl/css/permalinkprint.css
Requested by
Host: mailingtool.iwink.nl
URL: https://mailingtool.iwink.nl/webapp.php?rh=permalink&hash=a04c89&mid=175570646
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:1b0:7999:706::1337:1002 , Netherlands, ASN31477 (DUOCAST-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
b0dbe43faf82915e219426839cdca7c97494643d6c7e6dfcc68ad53f7485f859
Security Headers
Name Value
Strict-Transport-Security max-age=2678400, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mailingtool.iwink.nl/webapp.php?rh=permalink&hash=a04c89&mid=175570646
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 04:45:22 GMT
strict-transport-security
max-age=2678400, max-age=31536000
x-content-type-options
nosniff
last-modified
Tue, 03 May 2022 20:19:32 GMT
server
nginx
age
253391
vary
Accept-Encoding, X-Forwarded-Proto
x-frame-options
SAMEORIGIN
content-type
text/css
content-encoding
gzip
cache-control
public, max-age=604800
x-xss-protection
1; mode=block
x-ua-compatible
IE=9
printer.png
mailingtool.iwink.nl/images/icons/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mailingtool.iwink.nl/images/icons/printer.png
Requested by
Host: mailingtool.iwink.nl
URL: https://mailingtool.iwink.nl/css/permalink.css?ver=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:1b0:7999:706::1337:1002 , Netherlands, ASN31477 (DUOCAST-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
bc5689b8b68fefa50718eba8556cf23c2224c513290ebff51cfaafbd60b50434
Security Headers
Name Value
Strict-Transport-Security max-age=2678400, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mailingtool.iwink.nl/css/permalink.css?ver=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 04:45:22 GMT
strict-transport-security
max-age=2678400, max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 28 Sep 2016 11:39:38 GMT
server
nginx
content-encoding
gzip
age
253391
x-frame-options
SAMEORIGIN
vary
X-Forwarded-Proto, Accept-Encoding
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1106
x-xss-protection
1; mode=block
x-ua-compatible
IE=9
bgdots.png
www.gasunietransportservices.nl/public/mailing/img/ 		123 B
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gasunietransportservices.nl/public/mailing/img/bgdots.png
Requested by
Host: mailingtool.iwink.nl
URL: https://mailingtool.iwink.nl/webapp.php?rh=permalink&hash=a04c89&mid=175570646
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7c8:e001:128::3915 , Netherlands, ASN20857 (TRANSIP-AS Amsterdam, the Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
f723eb02382bd1b435fad712cd7816a003d76a02d433ea25876cc11e633b1708
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mailingtool.iwink.nl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 04:45:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
last-modified
Mon, 21 Nov 2016 08:14:53 GMT
server
nginx
age
256696
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
137
x-ua-compatible
IE=edge

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend undefined| yPos undefined| xPos function| showInformation function| hideInformation function| updatePos

1 Cookies

Domain/Path Name / Value
mailingtool.iwink.nl/ Name: secureiMailingtool
Value: 9dqc059grrkcbn25dgkquji9ik

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2678400 max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block