fems.com.my
Open in
urlscan Pro
103.233.0.82
Malicious Activity!
Public Scan
Effective URL: https://fems.com.my/DirektNet/direktnet/50da9527e3bfab0266c8b3410b7804e7/
Submission: On September 18 via manual from HU
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on August 2nd 2020. Valid for: 3 months.
This is the only time fems.com.my was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Raiffeisen Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 23.228.86.254 23.228.86.254 | 46573 (LAYER-HOST) (LAYER-HOST) | |
2 3 | 103.233.0.82 103.233.0.82 | 46015 (EXABYTES-...) (EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd.) | |
20 | 91.220.172.3 91.220.172.3 | 41694 (RB-HU-AS) (RB-HU-AS) | |
22 | 3 |
ASN46015 (EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd., MY)
PTR: vps.fems.com.my
fems.com.my |
ASN41694 (RB-HU-AS, HU)
PTR: direktnet.raiffeisen.hu
direktnet.raiffeisen.hu |
Apex Domain Subdomains |
Transfer | |
---|---|---|
20 |
raiffeisen.hu
direktnet.raiffeisen.hu |
264 KB |
3 |
fems.com.my
2 redirects
fems.com.my |
7 KB |
1 |
oodda.com
www.oodda.com |
346 B |
22 | 3 |
Domain | Requested by | |
---|---|---|
20 | direktnet.raiffeisen.hu |
fems.com.my
direktnet.raiffeisen.hu |
3 | fems.com.my |
2 redirects
www.oodda.com
|
1 | www.oodda.com | |
22 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
oodda.com COMODO RSA Domain Validation Secure Server CA |
2018-01-02 - 2021-01-01 |
3 years | crt.sh |
fems.com.my cPanel, Inc. Certification Authority |
2020-08-02 - 2020-10-31 |
3 months | crt.sh |
direktnet.raiffeisen.hu GeoTrust EV RSA CA 2018 |
2019-07-05 - 2021-07-04 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://fems.com.my/DirektNet/direktnet/50da9527e3bfab0266c8b3410b7804e7/
Frame ID: 3A258D433F7D8F1A0361BDCCB04C2334
Requests: 22 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://www.oodda.com/raiff/readme.htm Page URL
-
https://fems.com.my/DirektNet/direktnet/index.php
HTTP 302
https://fems.com.my/DirektNet/direktnet/50da9527e3bfab0266c8b3410b7804e7 HTTP 301
https://fems.com.my/DirektNet/direktnet/50da9527e3bfab0266c8b3410b7804e7/ Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://www.oodda.com/raiff/readme.htm Page URL
-
https://fems.com.my/DirektNet/direktnet/index.php
HTTP 302
https://fems.com.my/DirektNet/direktnet/50da9527e3bfab0266c8b3410b7804e7 HTTP 301
https://fems.com.my/DirektNet/direktnet/50da9527e3bfab0266c8b3410b7804e7/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
readme.htm
www.oodda.com/raiff/ |
104 B 346 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
fems.com.my/DirektNet/direktnet/50da9527e3bfab0266c8b3410b7804e7/ Redirect Chain
|
23 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
direktnet.raiffeisen.hu/raiportal2009d/css_ver2/ |
64 KB 64 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common.css
direktnet.raiffeisen.hu/raiportal2009d/css_ver2/ |
16 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
direktnet.raiffeisen.hu/direktnet/js/lib/ |
56 KB 56 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
extensions.js
direktnet.raiffeisen.hu/direktnet/js/lib/ |
22 KB 23 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
swfobject.js
direktnet.raiffeisen.hu/direktnet/js/lib/ |
7 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
site.class.js
direktnet.raiffeisen.hu/direktnet/js/ |
17 KB 18 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
browsercheck.js
direktnet.raiffeisen.hu/direktnet/js/ |
2 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
slogan_original_velunk_konnyebb.jpg
direktnet.raiffeisen.hu/raiportal2009d/i/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sample_660x150_1.jpg
direktnet.raiffeisen.hu/raiportal2009d/i/sample/ |
18 KB 19 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
util_hu.js
direktnet.raiffeisen.hu/direktnet/js/ |
17 KB 17 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
intruderCheck.js
direktnet.raiffeisen.hu/direktnet/js/ |
68 B 321 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login.js
direktnet.raiffeisen.hu/direktnet/js/ |
676 B 930 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg_body_new.png
direktnet.raiffeisen.hu/raiportal2009d/i/bg/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
head_logo.jpg
direktnet.raiffeisen.hu/raiportal2009d/i/bg/ |
6 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
title_direktnet.gif
direktnet.raiffeisen.hu/raiportal2009d/i/bg/ |
1 KB 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg_nav_separator_yellow.png
direktnet.raiffeisen.hu/raiportal2009d/i/bg/ |
139 B 378 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dnet_internetbank_login_660x150px.jpg
direktnet.raiffeisen.hu/raiportal2009d/i/ |
23 KB 24 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sprite_general.gif
direktnet.raiffeisen.hu/raiportal2009d/i/bg/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
menu_effect_yellow_large.gif
direktnet.raiffeisen.hu/raiportal2009d/i/bg/ |
83 B 321 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dots_gray.gif
direktnet.raiffeisen.hu/raiportal2009d/i/bg/ |
43 B 281 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Raiffeisen Bank (Banking)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
direktnet.raiffeisen.hu
fems.com.my
www.oodda.com
103.233.0.82
23.228.86.254
91.220.172.3
0ecd659e66d5209b15e7da88348b911f17f522cafcdc619eda0f2920cdd28e2f
176f2efb5e43318b6e0febe553adb74369111671e11ca4044b9b1680faf09b4f
207e49999e8b8ac86f1a567c780e52193aa6e5213653f0bc38195e247ee920bc
46f9edbb2752e2b8ec3b69bf7c85fcb062ae6b431e5df60446845cddabbe6f82
6333e11d0f014d092b74f648e4c53fbb787f2f52e76f72b98bde34a9ad8baeb2
7926e8e9f6496b7ee15e621134a3eb0054cd06e73d8ffa5b3f91e763bb64cba1
83742e0c5a5df8fae93651f821a25258ba394fecab17e21d5484a4e4885cbe60
8931b8eef9497af7cfe4c94f2e81dc6f64fc7671232f1e7122e55c46444aeb1f
9a346a74be59a713fe885e19c5d0703974313cc403675ed5e2fa0af890803c5e
9ffb2f88d6f0c4633ab2a2ae4732842c9287e9fbb7052ffc764d144b46d88c62
a815a036e3afdbd86a8c8ff7ebd612bcf53046c8631f913f2a02e196f49a34ee
b4cc9f6ecc39a519b19b79c4e2e5942312055fa39ccff5c9b158f597d2ee4265
b7886c730301d5237641f867233ebbec06356f760999c7888d9cb8551e49fb63
be6fd18e358a777d1117efe35b6c75b97beca0728e70c2aad8abf6fba2cacd0a
c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899
c907431a209001eff4279374dbabbaabef23403d1d5476d25f7d80e4afc2ecae
cc4b8b4d3893c78c28da53bc2e71ce54064550b1292aeba4650a2c4fcf8c882c
d7e94d97cff219eb768a5e3cba3c7f8992bf3be1278fc5f6d4643f7c68ea605f
df8ee9a183aea1b31b73781f46e97e1c3fee866ba4600689fddc3358004d86e3
e31a1ac05d3218dc94e1b5c41fb1e321ab4e6053c856910443386b04a5447214
eaef6740e47317a8a1810cd53e36a8b8375567d15b2bbbd91881382f33e37f6f
f2172868bc46d74ad32f2715bc25a8716e07a784b2ecb24d9d077d2125c6c993