urlscan.io logo urlscan.io
SecurityTrails logo

www.belfood.com.my Open in urlscan Pro
103.18.247.248  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://www.belfood.com.my/wp-content/themes/regions/verify.html
Submission: On July 31 via automatic, source openphish
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 14 HTTP transactions. The main IP is 103.18.247.248, located in Malaysia and belongs to EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd., MY. The main domain is www.belfood.com.my.
TLS certificate: Issued by cPanel, Inc. Certification Authority on April 28th 2018. Valid for: 3 months.
This is the only time www.belfood.com.my was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Regions Bank (Banking)

Domain & IP information

IP Address AS Autonomous System
3 103.18.247.248 46015 (EXABYTES-...)
8 8 205.255.102.31 10801 (REGIONS-A...)
8 17 205.255.203.100 10801 (REGIONS-A...)
1 3 31.186.231.25 15570 (Internap ...)
14 3
3    103.18.247.248 (Malaysia)

ASN46015 (EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd., MY)
PTR: server.clickpro.my
www.belfood.com.my
8    205.255.102.31 (Birmingham, United States)

ASN10801 (REGIONS-ASN-1 - REGIONS FINANCIAL CORPORATION, US)
securebank.regions.com
17    205.255.203.100 (Birmingham, United States)

ASN10801 (REGIONS-ASN-1 - REGIONS FINANCIAL CORPORATION, US)
PTR: images.regions.com
www.regions.com
3    31.186.231.25 (United Kingdom)

ASN15570 (Internap European Autonomous System, GB)
PTR: statse.webtrendslive.com
statse.webtrendslive.com
Apex Domain
Subdomains		 Transfer
25 regions.com
securebank.regions.com
www.regions.com
39 KB
3 webtrendslive.com
statse.webtrendslive.com
2 KB
3 belfood.com.my
www.belfood.com.my
48 KB
14 3
Domain Requested by
17 www.regions.com 8 redirects www.belfood.com.my
8 securebank.regions.com 8 redirects
3 statse.webtrendslive.com 1 redirects www.regions.com
www.belfood.com.my
3 www.belfood.com.my www.belfood.com.my
14 4

This site contains links to these domains. Also see Links.

Domain
securebank.regions.com
Subject Issuer Validity Valid
belfood.com.my
cPanel, Inc. Certification Authority		 2018-04-28 -
2018-07-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.belfood.com.my/wp-content/themes/regions/verify.html
Frame ID: 421EB613E136C35621889B2587373624
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • meta generator /Microsoft FrontPage(?:\s((?:Express )?[\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Page Statistics

14
Requests

0 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

3
IPs

3
Countries

86 kB
Transfer

61 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://securebank.regions.com/styles/styles.Regions.css HTTP 301
  • https://www.regions.com/ HTTP 301
  • https://www.regions.com/personal-banking
Request Chain 1
  • https://securebank.regions.com/script/amsouth.js HTTP 301
  • https://www.regions.com/ HTTP 301
  • https://www.regions.com/personal-banking
Request Chain 3
  • https://securebank.regions.com/VAM/2_0_2/VAM.js HTTP 301
  • https://www.regions.com/ HTTP 301
  • https://www.regions.com/personal-banking
Request Chain 4
  • https://securebank.regions.com/VAM/2_0_2/VAM_DTTB.js HTTP 301
  • https://www.regions.com/ HTTP 301
  • https://www.regions.com/personal-banking
Request Chain 5
  • https://securebank.regions.com/VAM/2_0_2/VAM_XVF.js HTTP 301
  • https://www.regions.com/ HTTP 301
  • https://www.regions.com/personal-banking
Request Chain 7
  • https://securebank.regions.com/styles/stylesprint.css HTTP 301
  • https://www.regions.com/ HTTP 301
  • https://www.regions.com/personal-banking
Request Chain 8
  • https://securebank.regions.com/images/spacer.gif HTTP 301
  • https://www.regions.com/ HTTP 301
  • https://www.regions.com/personal-banking
Request Chain 9
  • https://securebank.regions.com/images/red_arrow.gif HTTP 301
  • https://www.regions.com/ HTTP 301
  • https://www.regions.com/personal-banking
Request Chain 12
  • https://statse.webtrendslive.com/dcs4b71fc10000gs8u88h5t1k_6n2i/dcs.gif?&dcsdat=1533065757572&dcssip=www.belfood.com.my&dcsuri=/wp-content/themes/regions/verify.html&WT.co_f=2e0a9181bfed56b06c31533044157575&WT.vt_sid=2e0a9181bfed56b06c31533044157575.1533065757575&WT.vt_f_tlv=0&WT.tz=0&WT.bh=19&WT.ul=en-US&WT.cd=24&WT.sr=1600x1200&WT.jo=No&WT.ti=Regions%20Online%20Banking%20-%20Answer%20Security%20Questions&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1600x1200&WT.fi=No&WT.tv=8.0.3&WT.sp=@@SPLITVALUE@@&WT.vt_f_tlh=0&WT.vt_f_d=1&WT.vt_f_s=1&WT.vt_f_a=1&WT.vt_f=1 HTTP 303
  • https://statse.webtrendslive.com/dcs4b71fc10000gs8u88h5t1k_6n2i/dcs.gif?dcsredirect=126&dcstlh=0&dcstlv=0&dcsdat=1533065757572&dcssip=www.belfood.com.my&dcsuri=/wp-content/themes/regions/verify.html&WT.co_f=2e0a9181bfed56b06c31533044157575&WT.vt_sid=2e0a9181bfed56b06c31533044157575.1533065757575&WT.vt_f_tlv=0&WT.tz=0&WT.bh=19&WT.ul=en-US&WT.cd=24&WT.sr=1600x1200&WT.jo=No&WT.ti=Regions%20Online%20Banking%20-%20Answer%20Security%20Questions&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1600x1200&WT.fi=No&WT.tv=8.0.3&WT.sp=@@SPLITVALUE@@&WT.vt_f_tlh=0&WT.vt_f_d=1&WT.vt_f_s=1&WT.vt_f_a=1&WT.vt_f=1

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request verify.html
www.belfood.com.my/wp-content/themes/regions/ 		40 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.belfood.com.my/wp-content/themes/regions/verify.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.18.247.248 , Malaysia, ASN46015 (EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd., MY),
Reverse DNS
server.clickpro.my
Software
Apache /
Resource Hash
d8a9e666ac856db617ad6a17f8eb8c79e4623360b05e3775eae52c7ff69e8888

Request headers

Host
www.belfood.com.my
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
421EB613E136C35621889B2587373624

Response headers

Date
Tue, 31 Jul 2018 19:35:55 GMT
Server
Apache
Last-Modified
Tue, 31 Jul 2018 16:09:14 GMT
Accept-Ranges
bytes
Content-Length
40559
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html
personal-banking
www.regions.com/
Redirect Chain
  • https://securebank.regions.com/styles/styles.Regions.css
  • https://www.regions.com/
  • https://www.regions.com/personal-banking
0
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.regions.com/personal-banking
Requested by
Host: www.belfood.com.my
URL: https://www.belfood.com.my/wp-content/themes/regions/verify.html
Protocol
HTTP/1.1
Server
205.255.203.100 Birmingham, United States, ASN10801 (REGIONS-ASN-1 - REGIONS FINANCIAL CORPORATION, US),
Reverse DNS
images.regions.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.belfood.com.my/wp-content/themes/regions/verify.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8

Redirect headers

Location
https://www.regions.com/personal-banking
Pragma
no-cache
Cache-Control
no-cache
Connection
close
personal-banking
www.regions.com/
Redirect Chain
  • https://securebank.regions.com/script/amsouth.js
  • https://www.regions.com/
  • https://www.regions.com/personal-banking
0
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.regions.com/personal-banking
Requested by
Host: www.belfood.com.my
URL: https://www.belfood.com.my/wp-content/themes/regions/verify.html
Protocol
HTTP/1.1
Server
205.255.203.100 Birmingham, United States, ASN10801 (REGIONS-ASN-1 - REGIONS FINANCIAL CORPORATION, US),
Reverse DNS
images.regions.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.belfood.com.my/wp-content/themes/regions/verify.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8

Redirect headers

Location
https://www.regions.com/personal-banking
Pragma
no-cache
Cache-Control
no-cache
Connection
close
wtbase.js
www.regions.com/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.regions.com/js/wtbase.js
Requested by
Host: www.belfood.com.my
URL: https://www.belfood.com.my/wp-content/themes/regions/verify.html
Protocol
HTTP/1.1
Server
205.255.203.100 Birmingham, United States, ASN10801 (REGIONS-ASN-1 - REGIONS FINANCIAL CORPORATION, US),
Reverse DNS
images.regions.com
Software
Microsoft-IIS/8.0 /
Resource Hash
a8f8dd5e3f950efb979b95f74e9a174967c5b1e8b9207c1b48cfc84793739b22
Security Headers
Name Value
Strict-Transport-Security max-age=157680000

Request headers

Referer
https://www.belfood.com.my/wp-content/themes/regions/verify.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Cteonnt-Length
13718
Date
Tue, 31 Jul 2018 19:35:56 GMT
Via
NS-CACHE:
Last-Modified
Mon, 30 Sep 2013 21:19:38 GMT
Server
Microsoft-IIS/8.0
Age
2
ETag
"011c9c422bece1:0"
Strict-Transport-Security
max-age=157680000
Content-Type
application/javascript
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
4453
personal-banking
www.regions.com/
Redirect Chain
  • https://securebank.regions.com/VAM/2_0_2/VAM.js
  • https://www.regions.com/
  • https://www.regions.com/personal-banking
0
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.regions.com/personal-banking
Requested by
Host: www.belfood.com.my
URL: https://www.belfood.com.my/wp-content/themes/regions/verify.html
Protocol
HTTP/1.1
Server
205.255.203.100 Birmingham, United States, ASN10801 (REGIONS-ASN-1 - REGIONS FINANCIAL CORPORATION, US),
Reverse DNS
images.regions.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.belfood.com.my/wp-content/themes/regions/verify.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8

Redirect headers

Location
https://www.regions.com/personal-banking
Pragma
no-cache
Cache-Control
no-cache
Connection
close
personal-banking
www.regions.com/
Redirect Chain
  • https://securebank.regions.com/VAM/2_0_2/VAM_DTTB.js
  • https://www.regions.com/
  • https://www.regions.com/personal-banking
0
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.regions.com/personal-banking
Requested by
Host: www.belfood.com.my
URL: https://www.belfood.com.my/wp-content/themes/regions/verify.html
Protocol
HTTP/1.1
Server
205.255.203.100 Birmingham, United States, ASN10801 (REGIONS-ASN-1 - REGIONS FINANCIAL CORPORATION, US),
Reverse DNS
images.regions.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.belfood.com.my/wp-content/themes/regions/verify.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8

Redirect headers

Location
https://www.regions.com/personal-banking
Pragma
no-cache
Cache-Control
no-cache
Connection
close
personal-banking
www.regions.com/
Redirect Chain
  • https://securebank.regions.com/VAM/2_0_2/VAM_XVF.js
  • https://www.regions.com/
  • https://www.regions.com/personal-banking
0
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.regions.com/personal-banking
Requested by
Host: www.belfood.com.my
URL: https://www.belfood.com.my/wp-content/themes/regions/verify.html
Protocol
HTTP/1.1
Server
205.255.203.100 Birmingham, United States, ASN10801 (REGIONS-ASN-1 - REGIONS FINANCIAL CORPORATION, US),
Reverse DNS
images.regions.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.belfood.com.my/wp-content/themes/regions/verify.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8

Redirect headers

Location
https://www.regions.com/personal-banking
Pragma
no-cache
Cache-Control
no-cache
Connection
close
RegionsLogo.png
www.belfood.com.my/wp-content/themes/regions/image/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.belfood.com.my/wp-content/themes/regions/image/RegionsLogo.png
Requested by
Host: www.belfood.com.my
URL: https://www.belfood.com.my/wp-content/themes/regions/verify.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.18.247.248 , Malaysia, ASN46015 (EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd., MY),
Reverse DNS
server.clickpro.my
Software
Apache /
Resource Hash
dcb30b831a47bda7f00394175393dac5785c92527787c28250107c43ead81035

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.belfood.com.my
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.belfood.com.my/wp-content/themes/regions/verify.html
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.belfood.com.my/wp-content/themes/regions/verify.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 31 Jul 2018 19:35:56 GMT
Last-Modified
Tue, 31 Jul 2018 16:09:14 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
7933
personal-banking
www.regions.com/
Redirect Chain
  • https://securebank.regions.com/styles/stylesprint.css
  • https://www.regions.com/
  • https://www.regions.com/personal-banking
0
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.regions.com/personal-banking
Requested by
Host: www.belfood.com.my
URL: https://www.belfood.com.my/wp-content/themes/regions/verify.html
Protocol
HTTP/1.1
Server
205.255.203.100 Birmingham, United States, ASN10801 (REGIONS-ASN-1 - REGIONS FINANCIAL CORPORATION, US),
Reverse DNS
images.regions.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.belfood.com.my/wp-content/themes/regions/verify.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8

Redirect headers

Location
https://www.regions.com/personal-banking
Pragma
no-cache
Cache-Control
no-cache
Connection
close
personal-banking
www.regions.com/
Redirect Chain
  • https://securebank.regions.com/images/spacer.gif
  • https://www.regions.com/
  • https://www.regions.com/personal-banking
0
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.regions.com/personal-banking
Requested by
Host: www.belfood.com.my
URL: https://www.belfood.com.my/wp-content/themes/regions/verify.html
Protocol
HTTP/1.1
Server
205.255.203.100 Birmingham, United States, ASN10801 (REGIONS-ASN-1 - REGIONS FINANCIAL CORPORATION, US),
Reverse DNS
images.regions.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.belfood.com.my/wp-content/themes/regions/verify.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8

Redirect headers

Location
https://www.regions.com/personal-banking
Pragma
no-cache
Cache-Control
no-cache
Connection
close
personal-banking
www.regions.com/
Redirect Chain
  • https://securebank.regions.com/images/red_arrow.gif
  • https://www.regions.com/
  • https://www.regions.com/personal-banking
0
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.regions.com/personal-banking
Requested by
Host: www.belfood.com.my
URL: https://www.belfood.com.my/wp-content/themes/regions/verify.html
Protocol
HTTP/1.1
Server
205.255.203.100 Birmingham, United States, ASN10801 (REGIONS-ASN-1 - REGIONS FINANCIAL CORPORATION, US),
Reverse DNS
images.regions.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.belfood.com.my/wp-content/themes/regions/verify.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8

Redirect headers

Location
https://www.regions.com/personal-banking
Pragma
no-cache
Cache-Control
no-cache
Connection
close
EqualHousingLogo.gif
www.belfood.com.my/wp-content/themes/regions/image/ 		282 B
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.belfood.com.my/wp-content/themes/regions/image/EqualHousingLogo.gif
Requested by
Host: www.belfood.com.my
URL: https://www.belfood.com.my/wp-content/themes/regions/verify.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.18.247.248 , Malaysia, ASN46015 (EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd., MY),
Reverse DNS
server.clickpro.my
Software
Apache /
Resource Hash
a567dcded7194ae950b3dbb18970dfcb6fd355fe3e3131ff30c1ca991d2412b6

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.belfood.com.my
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.belfood.com.my/wp-content/themes/regions/verify.html
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.belfood.com.my/wp-content/themes/regions/verify.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 31 Jul 2018 19:35:56 GMT
Last-Modified
Tue, 31 Jul 2018 16:09:14 GMT
Server
Apache
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
282
wtid.js
statse.webtrendslive.com/dcs4b71fc10000gs8u88h5t1k_6n2i/ 		68 B
309 B 		Script
General
Check archive.org
Download Go to
Full URL
https://statse.webtrendslive.com/dcs4b71fc10000gs8u88h5t1k_6n2i/wtid.js
Requested by
Host: www.regions.com
URL: https://www.regions.com/js/wtbase.js
Protocol
HTTP/1.1
Server
31.186.231.25 , United Kingdom, ASN15570 (Internap European Autonomous System, GB),
Reverse DNS
statse.webtrendslive.com
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
afedd259c33e7c345045dc3ae8789f069741932415f58291e92b8e5fcfd53d40

Request headers

Referer
https://www.belfood.com.my/wp-content/themes/regions/verify.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Tue, 31 Jul 2018 19:35:57 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
Content-Type
application/x-javascript
Cache-Control
no-cache
Connection
close
Content-Length
68
Expires
-1
dcs.gif
statse.webtrendslive.com/dcs4b71fc10000gs8u88h5t1k_6n2i/
Redirect Chain
  • https://statse.webtrendslive.com/dcs4b71fc10000gs8u88h5t1k_6n2i/dcs.gif?&dcsdat=1533065757572&dcssip=www.belfood.com.my&dcsuri=/wp-content/themes/regions/verify.html&WT.co_f=2e0a9181bfed56b06c31533...
  • https://statse.webtrendslive.com/dcs4b71fc10000gs8u88h5t1k_6n2i/dcs.gif?dcsredirect=126&dcstlh=0&dcstlv=0&dcsdat=1533065757572&dcssip=www.belfood.com.my&dcsuri=/wp-content/themes/regions/verify.htm...
67 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statse.webtrendslive.com/dcs4b71fc10000gs8u88h5t1k_6n2i/dcs.gif?dcsredirect=126&dcstlh=0&dcstlv=0&dcsdat=1533065757572&dcssip=www.belfood.com.my&dcsuri=/wp-content/themes/regions/verify.html&WT.co_f=2e0a9181bfed56b06c31533044157575&WT.vt_sid=2e0a9181bfed56b06c31533044157575.1533065757575&WT.vt_f_tlv=0&WT.tz=0&WT.bh=19&WT.ul=en-US&WT.cd=24&WT.sr=1600x1200&WT.jo=No&WT.ti=Regions%20Online%20Banking%20-%20Answer%20Security%20Questions&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1600x1200&WT.fi=No&WT.tv=8.0.3&WT.sp=@@SPLITVALUE@@&WT.vt_f_tlh=0&WT.vt_f_d=1&WT.vt_f_s=1&WT.vt_f_a=1&WT.vt_f=1
Requested by
Host: www.belfood.com.my
URL: https://www.belfood.com.my/wp-content/themes/regions/verify.html
Protocol
HTTP/1.1
Server
31.186.231.25 , United Kingdom, ASN15570 (Internap European Autonomous System, GB),
Reverse DNS
statse.webtrendslive.com
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b

Request headers

Referer
https://www.belfood.com.my/wp-content/themes/regions/verify.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 31 Jul 2018 19:35:57 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
P3P
CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Cache-Control
no-cache
Connection
close
Content-Type
image/gif
Content-Length
67
Expires
-1

Redirect headers

Location
/dcs4b71fc10000gs8u88h5t1k_6n2i/dcs.gif?dcsredirect=126&dcstlh=0&dcstlv=0&dcsdat=1533065757572&dcssip=www.belfood.com.my&dcsuri=/wp-content/themes/regions/verify.html&WT.co_f=2e0a9181bfed56b06c31533044157575&WT.vt_sid=2e0a9181bfed56b06c31533044157575.1533065757575&WT.vt_f_tlv=0&WT.tz=0&WT.bh=19&WT.ul=en-US&WT.cd=24&WT.sr=1600x1200&WT.jo=No&WT.ti=Regions%20Online%20Banking%20-%20Answer%20Security%20Questions&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1600x1200&WT.fi=No&WT.tv=8.0.3&WT.sp=@@SPLITVALUE@@&WT.vt_f_tlh=0&WT.vt_f_d=1&WT.vt_f_s=1&WT.vt_f_a=1&WT.vt_f=1
Date
Tue, 31 Jul 2018 19:35:56 GMT
Server
Microsoft-IIS/7.5
Connection
close
X-Powered-By
ASP.NET
Content-Length
0
P3P
CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Regions Bank (Banking)

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| DcsInit boolean| gService number| gTimeZone function| dcsCookie function| dcsGetCookie function| dcsGetCrumb function| dcsGetIdCrumb function| dcsIsFpcSet function| dcsFPC string| gFpc boolean| gConvert function| dcsAdv string| gDomain string| gDcsId object| gImages number| gIndex object| DCS object| WT object| DCSext object| gQP boolean| gI18n object| RE undefined| EXRE function| dcsMultiTrack function| dcsVar function| dcsA function| dcsEscape function| dcsEncode function| dcsCreateImage function| dcsMeta function| dcsTag function| dcsJV function| dcsFunc string| gTempWtId object| gVAM_ValFlds boolean| gVAM_PostOnChange boolean| gVAM_PostOnSubmit boolean| gVAM_FocusOnSubmit boolean| gVAM_AlertOnSubmit string| gVAM_ErrCtlCss string| gVAM_TxtHFCss string| gVAM_NonTxtHFCss string| gVAM_AlertTemplate string| gVAM_AlertLeadText boolean| gVAM_AlertListStyle number| gVAMBlinkTime number| gVAMBlinkOnChange number| gVAMBlinkOnSubmit object| gVAMSubOrder undefined| gVAMActions function| popUp

0 Cookies