mijn-inbox.online
Open in
urlscan Pro
5.230.72.72
Malicious Activity!
Public Scan
Submission: On August 05 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R10 on July 26th 2024. Valid for: 3 months.
This is the only time mijn-inbox.online was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: NL Government (Government)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
10 | 5.230.72.72 5.230.72.72 | 12586 (ASGHOSTNET) (ASGHOSTNET) | |
1 | 2a06:98c1:312... 2a06:98c1:3120::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 2606:4700:20:... 2606:4700:20::681a:88b | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 188.114.96.3 188.114.96.3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
21 | 5 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
mijn-inbox.online
mijn-inbox.online |
960 KB |
5 |
tawk.to
embed.tawk.to — Cisco Umbrella Rank: 12323 |
34 KB |
4 |
tidiochat.com
widget-v4.tidiochat.com — Cisco Umbrella Rank: 35486 |
365 KB |
21 | 3 |
Domain | Requested by | |
---|---|---|
10 | mijn-inbox.online |
mijn-inbox.online
|
5 | embed.tawk.to |
mijn-inbox.online
embed.tawk.to |
4 | widget-v4.tidiochat.com |
mijn-inbox.online
|
21 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
gemiste-aanmaning.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
mijn-inbox.online R10 |
2024-07-26 - 2024-10-24 |
3 months | crt.sh |
tawk.to WE1 |
2024-07-24 - 2024-10-22 |
3 months | crt.sh |
tidiochat.com WE1 |
2024-07-13 - 2024-10-11 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://mijn-inbox.online/BD7895429.php
Frame ID: B76D962CD4BB0F0FA85EA99843EE9002
Requests: 19 HTTP requests in this frame
Frame:
https://widget-v4.tidiochat.com/1_223_0/static/js/chunk-WidgetIframe-ab0ffde36be6aa7a153d.js
Frame ID: DFED82E986D89937C36B4A3AFC1AE797
Requests: 4 HTTP requests in this frame
Screenshot
Page Title
BelastingdienstDetected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Bootstrap (Web Frameworks) Expand
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Tawk.to (Live Chat) Expand
Detected patterns
- //embed\.tawk\.to
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
BD7895429.php
mijn-inbox.online/ |
10 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
mijn-inbox.online/Belastingdienst_files/ |
190 KB 27 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fonts.css
mijn-inbox.online/Belastingdienst_files/ |
1 MB 861 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
mijn-inbox.online/Belastingdienst_files/ |
51 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.7.1.min.js.download
mijn-inbox.online/Belastingdienst_files/ |
0 294 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js.download
mijn-inbox.online/Belastingdienst_files/ |
0 294 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lg00b2.png
mijn-inbox.online/Belastingdienst_files/ |
53 KB 54 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
chat-icon.png
mijn-inbox.online/Belastingdienst_files/ |
914 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
xkneoxybpb3q5mocpcehvz6pfpuugnl5.js.download
mijn-inbox.online/Belastingdienst_files/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1i3nl7dpd
embed.tawk.to/66a3aaee32dca6db2cb620e7/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
231 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
46 KB 46 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chunk-WidgetIframe-ab0ffde36be6aa7a153d.js
widget-v4.tidiochat.com/1_223_0/static/js/ Frame DFED |
477 KB 149 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mulish_SGhgqk3wotYKNnBQ.woff2
widget-v4.tidiochat.com/fonts/ Frame DFED |
27 KB 27 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tururu.mp3
widget-v4.tidiochat.com// Frame DFED |
7 KB 8 KB |
Media
audio/mpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget.ab0ffde36be6aa7a153d.js
widget-v4.tidiochat.com/1_223_0/static/js/ Frame DFED |
493 KB 182 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
twk-main.js
embed.tawk.to/_s/v4/app/66909c6d5c9/js/ |
121 B 649 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
twk-vendor.js
embed.tawk.to/_s/v4/app/66909c6d5c9/js/ |
81 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
twk-chunk-vendors.js
embed.tawk.to/_s/v4/app/66909c6d5c9/js/ |
35 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
twk-chunk-common.js
embed.tawk.to/_s/v4/app/66909c6d5c9/js/ |
18 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
twk-runtime.js
embed.tawk.to/_s/v4/app/66909c6d5c9/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
twk-app.js
embed.tawk.to/_s/v4/app/66909c6d5c9/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.png
mijn-inbox.online/BD7895429.php/assets/ |
10 KB 3 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- embed.tawk.to
- URL
- https://embed.tawk.to/_s/v4/app/66909c6d5c9/js/twk-runtime.js
- Domain
- embed.tawk.to
- URL
- https://embed.tawk.to/_s/v4/app/66909c6d5c9/js/twk-app.js
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: NL Government (Government)10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| Tawk_API object| Tawk_LoadStart function| scroll2block object| SENTRY_RELEASE object| tidioChatApi string| $_Tawk_AccountKey string| $_Tawk_WidgetId object| $_Tawk object| tawkJsonp0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
embed.tawk.to
mijn-inbox.online
widget-v4.tidiochat.com
embed.tawk.to
188.114.96.3
2606:4700:20::681a:88b
2a06:98c1:3120::3
5.230.72.72
0149f7a894e28f6971802b0f74b0254337ce6176709d8113baacc0f691f8e69a
0c423574c169bcda1bac06d877eb1d94e018b4f2f54c637eb632cd00ebc5d6f5
12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f
37ad62129480c164baeeff131ecc4798a76886390425c3d23e3646f45501b630
5262e3f73f35616febd13fbe6feee14613d076774ff644e48489f7cd6694a8dc
548669d6434f5204dca25b9a6f8a02f63301b8c1b58a717b91fec8b6c2918305
577db921a554af3596942d3c48b5c91feaac8c767e183d518a8de8de86e5c7d8
69db969f017b237bf909e05cfc9a8b5fac05a5363f17888651bafb818a7e651c
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
7dbee6c922a43fc292f1de4a5f098c8d2c533c27a60f4d4ce3b29bbfc8acdd7d
85aaedba3ffc66993ac3ebe1aca69526b9cb1611456444074cad41baa414d69f
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
8f78ad5da207cb591669db9a5497f9f01dcae196b3caec26bf77fc857b727bbf
ac299d85c8618f6b13a05095b4785ba5c65dcc51f898d4cb6f5bb761349678e1
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5d95d14910af85648443b6c5c45602ad1075b028950459e1ceaad8ef63578c0