www.belfood.com.my Open in urlscan Pro
103.18.247.248 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.belfood.com.my/wp-content/themes/regions/
Submission: On July 31 via automatic, source openphish (July 31st 2018, 7:36:14 pm UTC)

Summary HTTP 19 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 19 HTTP transactions. The main IP is 103.18.247.248, located in Malaysia and belongs to EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd., MY. The main domain is www.belfood.com.my.
TLS certificate: Issued by cPanel, Inc. Certification Authority on April 28th 2018. Valid for: 3 months.

This is the only time www.belfood.com.my was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Regions Bank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
17	103.18.247.248 103.18.247.248	46015 (EXABYTES-...) (EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd.)
1 3	31.186.231.25 31.186.231.25	11944 (WEBTRENDS...) (WEBTRENDS-CORP - Webtrends Corporation)
19	2

17 103.18.247.248 (Malaysia)

ASN46015 (EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd., MY)
PTR: server.clickpro.my

www.belfood.com.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.186.231.25 (United Kingdom) 1 redirects

ASN11944 (WEBTRENDS-CORP - Webtrends Corporation, US)
PTR: statse.webtrendslive.com

statse.webtrendslive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	belfood.com.my www.belfood.com.my	482 KB
3	webtrendslive.com 1 redirects statse.webtrendslive.com	2 KB
19	2

	Domain	Requested by
17	www.belfood.com.my	www.belfood.com.my
3	statse.webtrendslive.com	1 redirects www.belfood.com.my
19	2

This site contains links to these domains. Also see Links.

Domain
login.regions.com
onlinebanking.regions.com

Subject Issuer	Validity	Valid
belfood.com.my cPanel, Inc. Certification Authority	`2018-04-28` - `2018-07-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.belfood.com.my/wp-content/themes/regions/
Frame ID: 74ED135B6F92039A0775721B18834F1D
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Webtrends (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^(?:WTOptimize|WebTrends)/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js/i
env /^jQuery$/i
script /jquery-ui.*\.js/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery-ui.*\.js/i

Page Statistics

19
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

483 kB
Transfer

479 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://login.regions.com/ForgotOnlineId
Title: Forgot Online ID?

Search URL Search Domain Scan URL

URL: https://onlinebanking.regions.com/customerservice/forgottenpassword
Title: Forgot Password?

Search URL Search Domain Scan URL

URL: https://onlinebanking.regions.com/enrollment/home
Title: Enroll

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://statse.webtrendslive.com/dcs4b71fc10000gs8u88h5t1k_6n2i/dcs.gif?&dcsdat=1533065762291&dcssip=www.belfood.com.my&dcsuri=/wp-content/themes/regions/&WT.tz=0&WT.bh=19&WT.ul=en-US&WT.cd=24&WT.sr=1600x1200&WT.jo=No&WT.ti=Regions%2520Online%2520Banking%2520-%2520Sign%2520In&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1600x1200&WT.fv=Not%2520enabled&WT.slv=Not%2520enabled&WT.le=UTF-8&WT.tv=10.4.1&WT.dl=0&WT.ssl=1&WT.es=www.belfood.com.my%252Fwp-content%252Fthemes%252Fregions%252F&WT.ce=2&WT.vt_f_a=2&WT.vt_f=2 HTTP 303
https://statse.webtrendslive.com/dcs4b71fc10000gs8u88h5t1k_6n2i/dcs.gif?dcsredirect=126&dcstlh=0&dcstlv=0&dcsdat=1533065762291&dcssip=www.belfood.com.my&dcsuri=/wp-content/themes/regions/&WT.tz=0&WT.bh=19&WT.ul=en-US&WT.cd=24&WT.sr=1600x1200&WT.jo=No&WT.ti=Regions%2520Online%2520Banking%2520-%2520Sign%2520In&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1600x1200&WT.fv=Not%2520enabled&WT.slv=Not%2520enabled&WT.le=UTF-8&WT.tv=10.4.1&WT.dl=0&WT.ssl=1&WT.es=www.belfood.com.my%252Fwp-content%252Fthemes%252Fregions%252F&WT.ce=2&WT.vt_f_a=2&WT.vt_f=2

19 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response www.belfood.com.my/wp-content/themes/regions/	10 KB 10 KB	847ms 177ms	Document text/html	103.18.247.248 EXABYTES-AS-AP Ex...
General Check archive.org Show headers Download Go to Full URL https://www.belfood.com.my/wp-content/themes/regions/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.18.247.248 , Malaysia, ASN46015 (EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd., MY), Reverse DNS server.clickpro.my Software Apache / Resource Hash `6a3f153c72360f0d3bda433755eb555ab960c826399ebce4415e6b873179dafa` Request headers Host www.belfood.com.my Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id 74ED135B6F92039A0775721B18834F1D Response headers Date Tue, 31 Jul 2018 19:35:59 GMT Server Apache Last-Modified Tue, 31 Jul 2018 16:09:14 GMT Accept-Ranges bytes Content-Length 10116 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html
GET H/1.1	200 OK	jquery-ui.css www.belfood.com.my/wp-content/themes/regions/image/	4 KB 5 KB	168ms 166ms	Stylesheet text/css	103.18.247.248 EXABYTES-AS-AP Ex...
General Check archive.org Show headers Download Go to Full URL https://www.belfood.com.my/wp-content/themes/regions/image/jquery-ui.css Requested by Host: www.belfood.com.my URL: https://www.belfood.com.my/wp-content/themes/regions/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.18.247.248 , Malaysia, ASN46015 (EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd., MY), Reverse DNS server.clickpro.my Software Apache / Resource Hash `05c4574031518f9d4e5046c73417489d6fe57924c59b34aad5179cf2cf5ec249` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.belfood.com.my User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,/;q=0.1 Referer https://www.belfood.com.my/wp-content/themes/regions/ Connection keep-alive Cache-Control no-cache Referer https://www.belfood.com.my/wp-content/themes/regions/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 31 Jul 2018 19:35:59 GMT Last-Modified Tue, 31 Jul 2018 16:09:14 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 4568
GET H/1.1	200 OK	regions.css www.belfood.com.my/wp-content/themes/regions/image/	11 KB 11 KB	334ms 166ms	Stylesheet text/css	103.18.247.248 EXABYTES-AS-AP Ex...
General Check archive.org Show headers Download Go to Full URL https://www.belfood.com.my/wp-content/themes/regions/image/regions.css Requested by Host: www.belfood.com.my URL: https://www.belfood.com.my/wp-content/themes/regions/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.18.247.248 , Malaysia, ASN46015 (EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd., MY), Reverse DNS server.clickpro.my Software Apache / Resource Hash `995ea63f71d734b949dcbe4900fe1cdb653ccdade2ce8c0a17ffe269269c34ba` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.belfood.com.my User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,/;q=0.1 Referer https://www.belfood.com.my/wp-content/themes/regions/ Connection keep-alive Cache-Control no-cache Referer https://www.belfood.com.my/wp-content/themes/regions/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 31 Jul 2018 19:36:00 GMT Last-Modified Tue, 31 Jul 2018 16:09:14 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 11149
GET H/1.1	200 OK	jquery_002.js Show response www.belfood.com.my/wp-content/themes/regions/image/	94 KB 94 KB	912ms 183ms	Script application/javascript	103.18.247.248 EXABYTES-AS-AP Ex...
General Check archive.org Show headers Download Go to Full URL https://www.belfood.com.my/wp-content/themes/regions/image/jquery_002.js Requested by Host: www.belfood.com.my URL: https://www.belfood.com.my/wp-content/themes/regions/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.18.247.248 , Malaysia, ASN46015 (EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd., MY), Reverse DNS server.clickpro.my Software Apache / Resource Hash `74019407c8e851a26d0496dbc3035284bbb6d97bfdc993cfe078cbb425f8da46` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.belfood.com.my User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer https://www.belfood.com.my/wp-content/themes/regions/ Connection keep-alive Cache-Control no-cache Referer https://www.belfood.com.my/wp-content/themes/regions/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 31 Jul 2018 19:36:00 GMT Last-Modified Tue, 31 Jul 2018 16:09:14 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 96379
GET H/1.1	200 OK	jquery-ui.js Show response www.belfood.com.my/wp-content/themes/regions/image/	97 KB 97 KB	831ms 169ms	Script application/javascript	103.18.247.248 EXABYTES-AS-AP Ex...
General Check archive.org Show headers Download Go to Full URL https://www.belfood.com.my/wp-content/themes/regions/image/jquery-ui.js Requested by Host: www.belfood.com.my URL: https://www.belfood.com.my/wp-content/themes/regions/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.18.247.248 , Malaysia, ASN46015 (EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd., MY), Reverse DNS server.clickpro.my Software Apache / Resource Hash `e46218d7883f42404931e61da2d322d0f9d6bfe27dcc6302abd4406a17d84ed2` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.belfood.com.my User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer https://www.belfood.com.my/wp-content/themes/regions/ Connection keep-alive Cache-Control no-cache Referer https://www.belfood.com.my/wp-content/themes/regions/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 31 Jul 2018 19:36:00 GMT Last-Modified Tue, 31 Jul 2018 16:09:14 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 99084
GET H/1.1	200 OK	jquery_003.js Show response www.belfood.com.my/wp-content/themes/regions/image/	21 KB 21 KB	501ms 166ms	Script application/javascript	103.18.247.248 EXABYTES-AS-AP Ex...
General Check archive.org Show headers Download Go to Full URL https://www.belfood.com.my/wp-content/themes/regions/image/jquery_003.js Requested by Host: www.belfood.com.my URL: https://www.belfood.com.my/wp-content/themes/regions/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.18.247.248 , Malaysia, ASN46015 (EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd., MY), Reverse DNS server.clickpro.my Software Apache / Resource Hash `a14e15e7ee0e0dd51135dcc631c66294ffdb51684782196e39390c3327cd348e` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.belfood.com.my User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer https://www.belfood.com.my/wp-content/themes/regions/ Connection keep-alive Cache-Control no-cache Referer https://www.belfood.com.my/wp-content/themes/regions/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 31 Jul 2018 19:36:00 GMT Last-Modified Tue, 31 Jul 2018 16:09:14 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 21035
GET H/1.1	200 OK	jquery.js Show response www.belfood.com.my/wp-content/themes/regions/image/	5 KB 5 KB	873ms 177ms	Script application/javascript	103.18.247.248 EXABYTES-AS-AP Ex...
General Check archive.org Show headers Download Go to Full URL https://www.belfood.com.my/wp-content/themes/regions/image/jquery.js Requested by Host: www.belfood.com.my URL: https://www.belfood.com.my/wp-content/themes/regions/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.18.247.248 , Malaysia, ASN46015 (EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd., MY), Reverse DNS server.clickpro.my Software Apache / Resource Hash `1c0704889bf70f5ed55b5c02f80cb008f0c1d3a3c3964374bcf3328ac1fa5893` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.belfood.com.my User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer https://www.belfood.com.my/wp-content/themes/regions/ Connection keep-alive Cache-Control no-cache Referer https://www.belfood.com.my/wp-content/themes/regions/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 31 Jul 2018 19:36:00 GMT Last-Modified Tue, 31 Jul 2018 16:09:14 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 5329
GET H/1.1	200 OK	main.js Show response www.belfood.com.my/wp-content/themes/regions/image/	2 KB 2 KB	880ms 184ms	Script application/javascript	103.18.247.248 EXABYTES-AS-AP Ex...
General Check archive.org Show headers Download Go to Full URL https://www.belfood.com.my/wp-content/themes/regions/image/main.js Requested by Host: www.belfood.com.my URL: https://www.belfood.com.my/wp-content/themes/regions/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.18.247.248 , Malaysia, ASN46015 (EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd., MY), Reverse DNS server.clickpro.my Software Apache / Resource Hash `c5bbe4da8bcc75082f74b7f1ae153bb9dec55ca54cb73b1055fbdeed8de93b9d` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.belfood.com.my User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer https://www.belfood.com.my/wp-content/themes/regions/ Connection keep-alive Cache-Control no-cache Referer https://www.belfood.com.my/wp-content/themes/regions/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 31 Jul 2018 19:36:00 GMT Last-Modified Tue, 31 Jul 2018 16:09:14 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 2300
GET H/1.1	200 OK	RegionsLogo.png www.belfood.com.my/wp-content/themes/regions/image/	8 KB 8 KB	183ms 183ms	Image image/png	103.18.247.248 EXABYTES-AS-AP Ex...
General Check archive.org Show headers Download Go to Show image Full URL https://www.belfood.com.my/wp-content/themes/regions/image/RegionsLogo.png Requested by Host: www.belfood.com.my URL: https://www.belfood.com.my/wp-content/themes/regions/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.18.247.248 , Malaysia, ASN46015 (EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd., MY), Reverse DNS server.clickpro.my Software Apache / Resource Hash `dcb30b831a47bda7f00394175393dac5785c92527787c28250107c43ead81035` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.belfood.com.my User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://www.belfood.com.my/wp-content/themes/regions/ Connection keep-alive Cache-Control no-cache Referer https://www.belfood.com.my/wp-content/themes/regions/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 31 Jul 2018 19:36:00 GMT Last-Modified Tue, 31 Jul 2018 16:09:14 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 7933
GET H/1.1	200 OK	EqualHousingLogo.gif www.belfood.com.my/wp-content/themes/regions/image/	282 B 523 B	183ms 183ms	Image image/gif	103.18.247.248 EXABYTES-AS-AP Ex...
General Check archive.org Show headers Download Go to Show image Full URL https://www.belfood.com.my/wp-content/themes/regions/image/EqualHousingLogo.gif Requested by Host: www.belfood.com.my URL: https://www.belfood.com.my/wp-content/themes/regions/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.18.247.248 , Malaysia, ASN46015 (EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd., MY), Reverse DNS server.clickpro.my Software Apache / Resource Hash `a567dcded7194ae950b3dbb18970dfcb6fd355fe3e3131ff30c1ca991d2412b6` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.belfood.com.my User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://www.belfood.com.my/wp-content/themes/regions/ Connection keep-alive Cache-Control no-cache Referer https://www.belfood.com.my/wp-content/themes/regions/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 31 Jul 2018 19:36:00 GMT Last-Modified Tue, 31 Jul 2018 16:09:14 GMT Server Apache Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 282
GET H/1.1	200 OK	webtrends.js Show response www.belfood.com.my/wp-content/themes/regions/image/	24 KB 24 KB	579ms 185ms	Script application/javascript	103.18.247.248 EXABYTES-AS-AP Ex...
General Check archive.org Show headers Download Go to Full URL https://www.belfood.com.my/wp-content/themes/regions/image/webtrends.js Requested by Host: www.belfood.com.my URL: https://www.belfood.com.my/wp-content/themes/regions/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.18.247.248 , Malaysia, ASN46015 (EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd., MY), Reverse DNS server.clickpro.my Software Apache / Resource Hash `3a23c2063f8c727468977c6b0febdacb3ba90e23ec1b674584baa49c0e4c846c` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.belfood.com.my User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer https://www.belfood.com.my/wp-content/themes/regions/ Connection keep-alive Cache-Control no-cache Referer https://www.belfood.com.my/wp-content/themes/regions/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 31 Jul 2018 19:36:00 GMT Last-Modified Tue, 31 Jul 2018 16:09:14 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 24171
GET H/1.1	200 OK	global-overlays.js Show response www.belfood.com.my/wp-content/themes/regions/image/	202 KB 202 KB	167ms 166ms	Script application/javascript	103.18.247.248 EXABYTES-AS-AP Ex...
General Check archive.org Show headers Download Go to Full URL https://www.belfood.com.my/wp-content/themes/regions/image/global-overlays.js Requested by Host: www.belfood.com.my URL: https://www.belfood.com.my/wp-content/themes/regions/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.18.247.248 , Malaysia, ASN46015 (EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd., MY), Reverse DNS server.clickpro.my Software Apache / Resource Hash `73f5c6e8a68369a89c522988cbd16e86d895ca0b2b2ab6467b353c775d632b2b` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.belfood.com.my User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer https://www.belfood.com.my/wp-content/themes/regions/ Connection keep-alive Cache-Control no-cache Referer https://www.belfood.com.my/wp-content/themes/regions/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 31 Jul 2018 19:36:00 GMT Last-Modified Tue, 31 Jul 2018 16:09:14 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 207022
GET H/1.1	404 Not Found	background-page-tile.png www.belfood.com.my/wp-content/themes/regions/image/	354 B 354 B	1365ms 1035ms	Image text/html	103.18.247.248 EXABYTES-AS-AP Ex...
General Check archive.org Show headers Download Go to Show image Full URL https://www.belfood.com.my/wp-content/themes/regions/image/background-page-tile.png Requested by Host: www.belfood.com.my URL: https://www.belfood.com.my/wp-content/themes/regions/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.18.247.248 , Malaysia, ASN46015 (EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd., MY), Reverse DNS server.clickpro.my Software Apache / PHP/5.4.45 Resource Hash `f4f46fb29c027602ea1e6266cd26a77f9ab6031144cc85737f2e7f799bf1a1fd` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.belfood.com.my User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://www.belfood.com.my/wp-content/themes/regions/image/regions.css Connection keep-alive Cache-Control no-cache Referer https://www.belfood.com.my/wp-content/themes/regions/image/regions.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 31 Jul 2018 19:36:00 GMT Server Apache X-Powered-By PHP/5.4.45 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 Cache-Control no-cache, must-revalidate, max-age=0 Connection Keep-Alive Link <https://www.belfood.com.my/wp-json/>; rel="https://api.w.org/" Keep-Alive timeout=5, max=96 Expires Wed, 11 Jan 1984 05:00:00 GMT
GET H/1.1	404 Not Found	arrow-gray-small.gif www.belfood.com.my/wp-content/themes/regions/image/	354 B 354 B	1422ms 1421ms	Image text/html	103.18.247.248 EXABYTES-AS-AP Ex...
General Check archive.org Show headers Download Go to Show image Full URL https://www.belfood.com.my/wp-content/themes/regions/image/arrow-gray-small.gif Requested by Host: www.belfood.com.my URL: https://www.belfood.com.my/wp-content/themes/regions/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.18.247.248 , Malaysia, ASN46015 (EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd., MY), Reverse DNS server.clickpro.my Software Apache / PHP/5.4.45 Resource Hash `f4f46fb29c027602ea1e6266cd26a77f9ab6031144cc85737f2e7f799bf1a1fd` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.belfood.com.my User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://www.belfood.com.my/wp-content/themes/regions/image/regions.css Connection keep-alive Cache-Control no-cache Referer https://www.belfood.com.my/wp-content/themes/regions/image/regions.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 31 Jul 2018 19:36:01 GMT Server Apache X-Powered-By PHP/5.4.45 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 Cache-Control no-cache, must-revalidate, max-age=0 Connection Keep-Alive Link <https://www.belfood.com.my/wp-json/>; rel="https://api.w.org/" Keep-Alive timeout=5, max=99 Expires Wed, 11 Jan 1984 05:00:00 GMT
GET H/1.1	404 Not Found	red-arrow.gif www.belfood.com.my/wp-content/themes/regions/image/	308 B 308 B	1631ms 1631ms	Image text/html	103.18.247.248 EXABYTES-AS-AP Ex...
General Check archive.org Show headers Download Go to Show image Full URL https://www.belfood.com.my/wp-content/themes/regions/image/red-arrow.gif Requested by Host: www.belfood.com.my URL: https://www.belfood.com.my/wp-content/themes/regions/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.18.247.248 , Malaysia, ASN46015 (EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd., MY), Reverse DNS server.clickpro.my Software Apache / PHP/5.4.45 Resource Hash `ba3bad68001a840e201bc8c8707a265f15ee5bc3c70e0c669734f655a1e07c4b` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.belfood.com.my User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://www.belfood.com.my/wp-content/themes/regions/image/regions.css Connection keep-alive Cache-Control no-cache Referer https://www.belfood.com.my/wp-content/themes/regions/image/regions.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 31 Jul 2018 19:36:01 GMT Server Apache X-Powered-By PHP/5.4.45 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 Cache-Control no-cache, must-revalidate, max-age=0 Connection Keep-Alive Link <https://www.belfood.com.my/wp-json/>; rel="https://api.w.org/" Keep-Alive timeout=5, max=99 Expires Wed, 11 Jan 1984 05:00:00 GMT
GET H/1.1	404 Not Found	openSansBold.woff www.belfood.com.my/wp-content/themes/regions/RegionsTheme/Fonts/	0 0	1321ms 1321ms	Font text/html	103.18.247.248 EXABYTES-AS-AP Ex...
General Check archive.org Show headers Download Go to Full URL https://www.belfood.com.my/wp-content/themes/regions/RegionsTheme/Fonts/openSansBold.woff Requested by Host: www.belfood.com.my URL: https://www.belfood.com.my/wp-content/themes/regions/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.18.247.248 , Malaysia, ASN46015 (EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd., MY), Reverse DNS server.clickpro.my Software Apache / PHP/5.4.45 Resource Hash Request headers Pragma no-cache Origin https://www.belfood.com.my Accept-Encoding gzip, deflate Host www.belfood.com.my User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer https://www.belfood.com.my/wp-content/themes/regions/image/regions.css Connection keep-alive Cache-Control no-cache User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://www.belfood.com.my/wp-content/themes/regions/image/regions.css Origin https://www.belfood.com.my Response headers Date Tue, 31 Jul 2018 19:36:01 GMT Server Apache X-Powered-By PHP/5.4.45 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 Cache-Control no-cache, must-revalidate, max-age=0 Connection Keep-Alive Link <https://www.belfood.com.my/wp-json/>; rel="https://api.w.org/" Keep-Alive timeout=5, max=97 Expires Wed, 11 Jan 1984 05:00:00 GMT
GET H/1.1	404 Not Found	openSans.woff www.belfood.com.my/wp-content/themes/regions/RegionsTheme/Fonts/	0 0	1712ms 1711ms	Font text/html	103.18.247.248 EXABYTES-AS-AP Ex...
General Check archive.org Show headers Download Go to Full URL https://www.belfood.com.my/wp-content/themes/regions/RegionsTheme/Fonts/openSans.woff Requested by Host: www.belfood.com.my URL: https://www.belfood.com.my/wp-content/themes/regions/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.18.247.248 , Malaysia, ASN46015 (EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd., MY), Reverse DNS server.clickpro.my Software Apache / PHP/5.4.45 Resource Hash Request headers Pragma no-cache Origin https://www.belfood.com.my Accept-Encoding gzip, deflate Host www.belfood.com.my User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer https://www.belfood.com.my/wp-content/themes/regions/image/regions.css Connection keep-alive Cache-Control no-cache User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://www.belfood.com.my/wp-content/themes/regions/image/regions.css Origin https://www.belfood.com.my Response headers Date Tue, 31 Jul 2018 19:36:01 GMT Server Apache X-Powered-By PHP/5.4.45 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 Cache-Control no-cache, must-revalidate, max-age=0 Connection Keep-Alive Link <https://www.belfood.com.my/wp-json/>; rel="https://api.w.org/" Keep-Alive timeout=5, max=99 Expires Wed, 11 Jan 1984 05:00:00 GMT
GET H/1.1	200 Ok	wtid.js Show response statse.webtrendslive.com/dcs4b71fc10000gs8u88h5t1k_6n2i/	201 B 443 B	63ms 18ms	Script application/x-javascript	31.186.231.25 Webtrends Corpora...
General Check archive.org Show headers Download Go to Full URL https://statse.webtrendslive.com/dcs4b71fc10000gs8u88h5t1k_6n2i/wtid.js?callback=Webtrends.dcss.dcsobj_0.dcsGetIdCallback Requested by Host: www.belfood.com.my URL: https://www.belfood.com.my/wp-content/themes/regions/image/webtrends.js Protocol HTTP/1.1 Server 31.186.231.25 , United Kingdom, ASN11944 (WEBTRENDS-CORP - Webtrends Corporation, US), Reverse DNS statse.webtrendslive.com Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `cc1b0f6ffc264278c6fc0e32f8f70edcf69fc1d6f5f0b9b534e147bb597ba402` Request headers Referer https://www.belfood.com.my/wp-content/themes/regions/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Pragma no-cache Date Tue, 31 Jul 2018 19:36:01 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET Content-Type application/x-javascript Cache-Control no-cache Connection close Content-Length 201 Expires -1
GET H/1.1	200 OK	dcs.gif statse.webtrendslive.com/dcs4b71fc10000gs8u88h5t1k_6n2i/ Redirect Chain https://statse.webtrendslive.com/dcs4b71fc10000gs8u88h5t1k_6n2i/dcs.gif?&dcsdat=1533065762291&dcssip=www.belfood.com.my&dcsuri=/wp-content/themes/regions/&WT.tz=0&WT.bh=19&WT.ul=en-US&WT.cd=24&WT.s... https://statse.webtrendslive.com/dcs4b71fc10000gs8u88h5t1k_6n2i/dcs.gif?dcsredirect=126&dcstlh=0&dcstlv=0&dcsdat=1533065762291&dcssip=www.belfood.com.my&dcsuri=/wp-content/themes/regions/&WT.tz=0&W...	67 B 551 B	41ms 13ms	Image image/gif	31.186.231.25 Webtrends Corpora...
General Check archive.org Show headers Download Go to Show image Full URL https://statse.webtrendslive.com/dcs4b71fc10000gs8u88h5t1k_6n2i/dcs.gif?dcsredirect=126&dcstlh=0&dcstlv=0&dcsdat=1533065762291&dcssip=www.belfood.com.my&dcsuri=/wp-content/themes/regions/&WT.tz=0&WT.bh=19&WT.ul=en-US&WT.cd=24&WT.sr=1600x1200&WT.jo=No&WT.ti=Regions%2520Online%2520Banking%2520-%2520Sign%2520In&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1600x1200&WT.fv=Not%2520enabled&WT.slv=Not%2520enabled&WT.le=UTF-8&WT.tv=10.4.1&WT.dl=0&WT.ssl=1&WT.es=www.belfood.com.my%252Fwp-content%252Fthemes%252Fregions%252F&WT.ce=2&WT.vt_f_a=2&WT.vt_f=2 Requested by Host: www.belfood.com.my URL: https://www.belfood.com.my/wp-content/themes/regions/ Protocol HTTP/1.1 Server 31.186.231.25 , United Kingdom, ASN11944 (WEBTRENDS-CORP - Webtrends Corporation, US), Reverse DNS statse.webtrendslive.com Software Microsoft-IIS/7.5 / ASP.NET Resource Hash `09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b` Request headers Referer https://www.belfood.com.my/wp-content/themes/regions/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Pragma no-cache Date Tue, 31 Jul 2018 19:36:01 GMT Server Microsoft-IIS/7.5 X-Powered-By ASP.NET P3P CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA" Cache-Control no-cache Connection close Content-Type image/gif Content-Length 67 Expires -1 Redirect headers Location /dcs4b71fc10000gs8u88h5t1k_6n2i/dcs.gif?dcsredirect=126&dcstlh=0&dcstlv=0&dcsdat=1533065762291&dcssip=www.belfood.com.my&dcsuri=/wp-content/themes/regions/&WT.tz=0&WT.bh=19&WT.ul=en-US&WT.cd=24&WT.sr=1600x1200&WT.jo=No&WT.ti=Regions%2520Online%2520Banking%2520-%2520Sign%2520In&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1600x1200&WT.fv=Not%2520enabled&WT.slv=Not%2520enabled&WT.le=UTF-8&WT.tv=10.4.1&WT.dl=0&WT.ssl=1&WT.es=www.belfood.com.my%252Fwp-content%252Fthemes%252Fregions%252F&WT.ce=2&WT.vt_f_a=2&WT.vt_f=2 Date Tue, 31 Jul 2018 19:36:01 GMT Server Microsoft-IIS/7.5 Connection close X-Powered-By ASP.NET Content-Length 0 P3P CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Regions Bank (Banking)

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

statse.webtrendslive.com
www.belfood.com.my
103.18.247.248
31.186.231.25
05c4574031518f9d4e5046c73417489d6fe57924c59b34aad5179cf2cf5ec249
09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b
1c0704889bf70f5ed55b5c02f80cb008f0c1d3a3c3964374bcf3328ac1fa5893
3a23c2063f8c727468977c6b0febdacb3ba90e23ec1b674584baa49c0e4c846c
6a3f153c72360f0d3bda433755eb555ab960c826399ebce4415e6b873179dafa
73f5c6e8a68369a89c522988cbd16e86d895ca0b2b2ab6467b353c775d632b2b
74019407c8e851a26d0496dbc3035284bbb6d97bfdc993cfe078cbb425f8da46
995ea63f71d734b949dcbe4900fe1cdb653ccdade2ce8c0a17ffe269269c34ba
a14e15e7ee0e0dd51135dcc631c66294ffdb51684782196e39390c3327cd348e
a567dcded7194ae950b3dbb18970dfcb6fd355fe3e3131ff30c1ca991d2412b6
ba3bad68001a840e201bc8c8707a265f15ee5bc3c70e0c669734f655a1e07c4b
c5bbe4da8bcc75082f74b7f1ae153bb9dec55ca54cb73b1055fbdeed8de93b9d
cc1b0f6ffc264278c6fc0e32f8f70edcf69fc1d6f5f0b9b534e147bb597ba402
dcb30b831a47bda7f00394175393dac5785c92527787c28250107c43ead81035
e46218d7883f42404931e61da2d322d0f9d6bfe27dcc6302abd4406a17d84ed2
f4f46fb29c027602ea1e6266cd26a77f9ab6031144cc85737f2e7f799bf1a1fd

www.belfood.com.my Open in urlscan Pro 103.18.247.248 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

19 Requests

0 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

483 kBTransfer

479 kBSize

0 Cookies

3 Outgoing links

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

12 JavaScript Global Variables

0 Cookies

Indicators

www.belfood.com.my Open in urlscan Pro
103.18.247.248 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

483 kB
Transfer

479 kB
Size

0
Cookies

19 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!