mijn.belastngdienst.pitaescuela.org
Open in
urlscan Pro
77.221.153.43
Malicious Activity!
Public Scan
Submission: On October 17 via manual from NL — Scanned from DE
Summary
TLS certificate: Issued by R11 on October 17th 2024. Valid for: 3 months.
This is the only time mijn.belastngdienst.pitaescuela.org was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Community Verdicts: Malicious — 1 votes Show Verdicts
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 3 | 77.221.153.43 77.221.153.43 | 210644 (AEZA-AS) (AEZA-AS) | |
| 3 | 1 |
ASN210644 (AEZA-AS, GB)
PTR: frightened-kick.aeza.network
| mijn.belastngdienst.pitaescuela.org |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 3 |
pitaescuela.org
mijn.belastngdienst.pitaescuela.org |
35 KB |
| 3 | 1 |
| Domain | Requested by | |
|---|---|---|
| 3 | mijn.belastngdienst.pitaescuela.org |
mijn.belastngdienst.pitaescuela.org
|
| 3 | 1 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| mijn.belastngdienst.pitaescuela.org R11 |
2024-10-17 - 2025-01-15 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://mijn.belastngdienst.pitaescuela.org/informatie/formulier_pagina.php
Frame ID: CBD388FD33510EF8712B60954AAD4FDD
Requests: 3 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
3 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
formulier_pagina.php
mijn.belastngdienst.pitaescuela.org/informatie/ |
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
styles.css
mijn.belastngdienst.pitaescuela.org/informatie/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
belastingdienst-logo.jpg
mijn.belastngdienst.pitaescuela.org/informatie/ |
32 KB 33 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Malicious
page.url
Submitted on
October 17th 2024, 10:50:06 am
UTC —
From Netherlands
Threats:
Brand Impersonation
Phishing
Brands:
NL Government
NL
Comment: Phishing form, harvest for bankfraud. Not Dutch Tax and Customs.
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
mijn.belastngdienst.pitaescuela.org
77.221.153.43
78d92621456b08a120227fcf2b4a874e3db9d1111dd3b21418d6372b4a83234e
842bef2b7089ba81d5124f5ef2f8c7fed3e1a4d4a92d02f8ae98b3bfe58115b5
a18289801ccf7da4a2536cda3ad79aec17364b370789b71244ea406fdb5af925