login.bnm.gov.my
Open in
urlscan Pro
211.25.63.169
Malicious Activity!
Public Scan
Effective URL: https://login.bnm.gov.my/Account/Login?ReturnUrl=SPInitiated%3Fclient_id%3Dhttps%3A%2F%2Fbnm.remotexs.co%2Fsimplesaml%2Fm...
Submission: On March 04 via api from JP — Scanned from SG
Summary
TLS certificate: Issued by Entrust Certification Authority - L1K on November 8th 2022. Valid for: a year.
This is the only time login.bnm.gov.my was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Microsoft (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 30 | 13.215.211.93 13.215.211.93 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2606:4700::68... 2606:4700::6812:bcf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2404:6800:400... 2404:6800:4003:c05::5f | 15169 (GOOGLE) (GOOGLE) | |
1 1 | 2404:6800:400... 2404:6800:4003:c11::67 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2404:6800:400... 2404:6800:4003:c04::5e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2404:6800:400... 2404:6800:4003:c02::5f | 15169 (GOOGLE) (GOOGLE) | |
1 18 | 211.25.63.169 211.25.63.169 | 9930 (TTNET-MY ...) (TTNET-MY TIME dotCom Berhad No. 14) | |
51 | 7 |
ASN16509 (AMAZON-02, US)
PTR: bnm.remotexs.co
novel-coronavirus.onlinelibrary.wiley.com.bnm.remotexs.co | |
bnm.remotexs.co |
ASN9930 (TTNET-MY TIME dotCom Berhad No. 14, Jalan Majistret U126 Hicom Glenmarie Industrial Park 40150 Shah Alam Selangor, Malaysia, MY)
login.bnm.gov.my |
Apex Domain Subdomains |
Transfer | |
---|---|---|
30 |
remotexs.co
1 redirects
novel-coronavirus.onlinelibrary.wiley.com.bnm.remotexs.co bnm.remotexs.co |
924 KB |
18 |
bnm.gov.my
1 redirects
login.bnm.gov.my |
2 MB |
3 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 306 fonts.googleapis.com — Cisco Umbrella Rank: 36 |
94 KB |
1 |
gstatic.com
www.gstatic.com |
19 KB |
1 |
google.com
1 redirects
www.google.com — Cisco Umbrella Rank: 2 |
232 B |
1 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 788 |
5 KB |
51 | 6 |
Domain | Requested by | |
---|---|---|
29 | bnm.remotexs.co |
1 redirects
bnm.remotexs.co
|
18 | login.bnm.gov.my |
1 redirects
bnm.remotexs.co
login.bnm.gov.my |
2 | ajax.googleapis.com |
bnm.remotexs.co
|
1 | fonts.googleapis.com |
bnm.remotexs.co
|
1 | www.gstatic.com |
bnm.remotexs.co
|
1 | www.google.com | 1 redirects |
1 | maxcdn.bootstrapcdn.com |
bnm.remotexs.co
|
1 | novel-coronavirus.onlinelibrary.wiley.com.bnm.remotexs.co | |
51 | 8 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.bnm.remotexs.co R3 |
2023-01-24 - 2023-04-24 |
3 months | crt.sh |
*.remotexs.co Thawte RSA CA 2018 |
2022-06-23 - 2023-06-25 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-12-30 - 2023-12-30 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-02-08 - 2023-05-03 |
3 months | crt.sh |
login.bnm.gov.my Entrust Certification Authority - L1K |
2022-11-08 - 2023-12-03 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.bnm.gov.my/Account/Login?ReturnUrl=SPInitiated%3Fclient_id%3Dhttps%3A%2F%2Fbnm.remotexs.co%2Fsimplesaml%2Fmodule.php%2Fsaml%2Fsp%2Fmetadata.php%2Fbnm-sp%26SAML_id%3D_1a85f377ddad40e2e081b91962eb3a89b3c7e506f6
Frame ID: 245FC78417377A0421A201F22F8D260D
Requests: 52 HTTP requests in this frame
Screenshot
Page Title
Falaina Sign inPage URL History Show full URLs
- https://novel-coronavirus.onlinelibrary.wiley.com.bnm.remotexs.co/ Page URL
- https://bnm.remotexs.co/user/login?dest=https://novel-coronavirus.onlinelibrary.wiley.com.bnm.remote... Page URL
-
https://bnm.remotexs.co/sso_login?ReturnTo=https%25253A%25252F%25252Fbnm.remotexs.co%25252Fuser%2525...
HTTP 302
https://login.bnm.gov.my/Saml2/?SAMLRequest=nZJNT8MwDIb%2FSpV7m7b7jrZJgwkxacDEBgcuKG29LVI%2BSuwO%2BPd... HTTP 302
https://login.bnm.gov.my/Account/Login?ReturnUrl=SPInitiated%3Fclient_id%3Dhttps%3A%2F%2Fbnm.remotexs... Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Modernizr (JavaScript Libraries) Expand
Detected patterns
- ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery UI (JavaScript Libraries) Expand
Detected patterns
- ([\d.]+)/jquery-ui(?:\.min)?\.js
- jquery-ui.*\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://novel-coronavirus.onlinelibrary.wiley.com.bnm.remotexs.co/ Page URL
- https://bnm.remotexs.co/user/login?dest=https://novel-coronavirus.onlinelibrary.wiley.com.bnm.remotexs.co/ Page URL
-
https://bnm.remotexs.co/sso_login?ReturnTo=https%25253A%25252F%25252Fbnm.remotexs.co%25252Fuser%25252Flogin%25253Fdest%25253Dhttps%25253A%25252F%25252Fnovel-coronavirus.onlinelibrary.wiley.com.bnm.remotexs.co%25252F
HTTP 302
https://login.bnm.gov.my/Saml2/?SAMLRequest=nZJNT8MwDIb%2FSpV7m7b7jrZJgwkxacDEBgcuKG29LVI%2BSuwO%2BPdkHYhx2QEpUhTHj%2F36lccoja7FrKG9fYS3BpCiD6MtivZjwhpvhZOoUFhpAAWVYj27W4o8SUXtHbnSaXaGXCYkInhSzrJoMZ%2Bw10wOe9vOYFBVsuqmkEM6zIpRNurnUHTkcFR0ygH00v62z6Jn8BjICQuFAo7YwMIiSUshlOadOA2nu8kykQ5Et%2FfConmYRllJLbUnqlFwrt1O2aSwJtm5Q2I%2B%2BTqozjmLZj%2Farp3FxoBfgz%2BoEp4el7%2F0kfNgHMEHJqXjqEyt4Tg4N65qNCT1vubtG093HssS22hgY6xZtPq27UrZStndZceKUxKK281mFa8e1hs2HR%2FritYBP%2F2fMgMkK0nyTNiYn5cdnxbjPghazFdOq%2FIzunHeSLqs9xhRVbxtUwV5aVGBpWCv1u792oMkmDDyDTA%2BPbX8u37TLw%3D%3D&RelayState=https%3A%2F%2Fbnm.remotexs.co%2Fsso_login%3FReturnTo%3Dhttps%2525253A%2525252F%2525252Fbnm.remotexs.co%2525252Fuser%2525252Flogin%2525253Fdest%2525253Dhttps%2525253A%2525252F%2525252Fnovel-coronavirus.onlinelibrary.wiley.com.bnm.remotexs.co%2525252F HTTP 302
https://login.bnm.gov.my/Account/Login?ReturnUrl=SPInitiated%3Fclient_id%3Dhttps%3A%2F%2Fbnm.remotexs.co%2Fsimplesaml%2Fmodule.php%2Fsaml%2Fsp%2Fmetadata.php%2Fbnm-sp%26SAML_id%3D_1a85f377ddad40e2e081b91962eb3a89b3c7e506f6 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 18- https://www.google.com/jsapi HTTP 301
- https://www.gstatic.com/charts/loader.js
51 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
novel-coronavirus.onlinelibrary.wiley.com.bnm.remotexs.co/ |
190 B 955 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login
bnm.remotexs.co/user/ |
25 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
modernizr.min.js
bnm.remotexs.co/sites/all/libraries/modernizr/ |
52 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css_kShW4RPmRstZ3SpIC-ZvVGNFVAi0WEMuCnI0ZkYIaFw.css
bnm.remotexs.co/sites/default/files/css/ |
6 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css_qVXhu19N2q5K4hmGU72rze7bBZ0b9xwiyaz4Vb0m1P0.css
bnm.remotexs.co/sites/default/files/css/ |
23 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css_ym68a3P3jVcPbw08e5TH1Bzp_SHP0PP6b2hYnguSNHk.css
bnm.remotexs.co/sites/default/files/css/ |
35 KB 35 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css_4-etq-niqwJf-fBchw1IF-CAMgm4VRsq3kOctqWBE_c.css
bnm.remotexs.co/sites/default/files/css/ |
19 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.1.0/css/ |
20 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css_nJc3lJtCaXFaoRkc6xoiVJsyJBPpsjVeKqYq-FZiXts.css
bnm.remotexs.co/sites/default/files/css/ |
21 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
custom.css
bnm.remotexs.co/sites/all/themes/remotexs_kala/css/ |
0 404 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css_ioA8zkvvEHIQ0UttLsemWyBOGRSH0EMDMRGNIQCVQHs.css
bnm.remotexs.co/sites/default/files/css/ |
12 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css_uAWn6U-N3qWjUtHyuEkFRSdQTxFmS_hm-cvgV2uoMbE.css
bnm.remotexs.co/sites/default/files/css/ |
284 KB 285 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css_PxsPpITToy8ZnO0bJDA1TEC6bbFpGTfSWr2ZP8LuFYo.css
bnm.remotexs.co/sites/default/files/css/ |
1 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.2/ |
91 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js_Hfha9RCTNm8mqMDLXriIsKGMaghzs4ZaqJPLj2esi7s.js
bnm.remotexs.co/sites/default/files/js/ |
39 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.10.2/ |
223 KB 59 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js_BdxsQCNLFTYUy6d26LJGz-4IHNWIhZ2_H3wPFkOuHq8.js
bnm.remotexs.co/sites/default/files/js/ |
41 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js_2m12yTMUI_mN0_vcSbrz-815aLUoFomWvNZTgCylXl8.js
bnm.remotexs.co/sites/default/files/js/ |
19 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loader.js
www.gstatic.com/charts/ Redirect Chain
|
61 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js_HVUZWCdX-iiYIstuiaHWN7_AcxHNZv5kLQ1NAcvNUp8.js
bnm.remotexs.co/sites/default/files/js/ |
91 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js_mpxDBthWdgKbbwYz3hvPPInrRD8m59TEvCtCY9nj2kk.js
bnm.remotexs.co/sites/default/files/js/ |
34 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js_WO9zax4aisbX7OstQvs6Du09PWWJRJ9GNdLCSxqsl5A.js
bnm.remotexs.co/sites/default/files/js/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js_injector_2.js
bnm.remotexs.co/sites/default/files/js_injector/ |
169 B 630 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js_injector_4.js
bnm.remotexs.co/sites/default/files/js_injector/ |
200 B 597 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js_injector_5.js
bnm.remotexs.co/sites/default/files/js_injector/ |
142 B 604 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js_injector_6.js
bnm.remotexs.co/sites/default/files/js_injector/ |
299 B 682 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-1.png
bnm.remotexs.co/sites/default/files/ |
31 KB 31 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
remotexs.png
bnm.remotexs.co/sites/default/files/styles/panopoly_image_original/public/ |
168 KB 168 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js_ujDw-aHyoHOaAQ5bhzQ9qO_VMvBtqEiSsoAy2nDfHHI.js
bnm.remotexs.co/sites/default/files/js/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js_injector_11.js
bnm.remotexs.co/sites/default/files/js_injector/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
10 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Preloader_81.gif
bnm.remotexs.co/sites/all/themes/remotexs_kala/images/ |
24 KB 25 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
Login
login.bnm.gov.my/Account/ Redirect Chain
|
60 KB 62 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
background-img.jpg
bnm.remotexs.co/sites/default/files/styles/panopoly_image_original/public/ |
52 KB 52 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login_bg_bnm.jpg
bnm.remotexs.co/sites/default/files/styles/panopoly_image_original/public/ |
141 KB 142 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
login.bnm.gov.my/css/ |
156 KB 157 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Login.css
login.bnm.gov.my/css/ |
17 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
MFAStylesheet.css
login.bnm.gov.my/css/ |
4 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.6.0.js
login.bnm.gov.my/js/ |
292 KB 293 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.6.0.min.js
login.bnm.gov.my/js/ |
87 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js
login.bnm.gov.my/js/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
MFAScript.js
login.bnm.gov.my/js/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cancel.png
login.bnm.gov.my/images/alerts/ |
250 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fabric.min.css
login.bnm.gov.my/css/ |
434 KB 435 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
FluentSystemIcons-Regular.css
login.bnm.gov.my/css/ |
209 KB 210 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
10 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1.svg
login.bnm.gov.my/images/background/ |
2 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
FluentSystemIcons-Regular.ttf
login.bnm.gov.my/Fluent-Font/ |
717 KB 718 KB |
Font
application/x-font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
_Layout
login.bnm.gov.my/ |
2 KB 3 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
InfoIcon.svg
login.bnm.gov.my/images/ |
2 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
CloseIcon.svg
login.bnm.gov.my/images/ |
1 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2.jpg
login.bnm.gov.my/images/Background/ |
82 KB 82 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Microsoft (Consumer)9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless function| $ function| jQuery function| ShowMFA function| HideMFA function| receiveMessage function| hideLoader function| toggleSection function| CloseannocementDiv6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.bnm.remotexs.co/ | Name: remotexs Value: s%3A_SMEJ31Hsic1OCF5J04o_iv5Hhh3Bx7q.vH9TBUcFoACevWdbUe0tehHfuzCPlRQfERRuUW1lvyg |
|
bnm.remotexs.co/ | Name: SimpleSAMLSessionID Value: 162d39ae1cfed8cd6412d20478a93f0c |
|
bnm.remotexs.co/ | Name: simplesamlphp_auth_returnto Value: https%253A%252F%252Fbnm.remotexs.co%252Fuser%252Flogin%253Fdest%253Dhttps%253A%252F%252Fnovel-coronavirus.onlinelibrary.wiley.com.bnm.remotexs.co%252F |
|
login.bnm.gov.my/ | Name: .AspNetCore.Session Value: CfDJ8E16R3KPjG9Bp4XormXVY2BFjOIlJc5DcSUBXDY95x%2FqEq%2FhgzRR0jkakg8mX682Mm9QKd39O5SPqqLwvxmfpJOlQlWtC%2FGY2fQu0xsd0fwohD1JQsPckorEtH%2BNekSGG0dus6KNNfhOeOLx6r6PLSAhPaAlVJGR%2FzEVwIsN3yS8 |
|
login.bnm.gov.my/ | Name: .AspNetCore.Antiforgery.0bZsA4U5JO8 Value: CfDJ8E16R3KPjG9Bp4XormXVY2A2GZojqcL0PLdI33OfucT39_aFC805IATJWRi_PtXhkBL6TTwWpDbyOAkldrNv3prR-C4ghcDSXhnojmlagEiSk1o4c5np7Wq92AD3QAgnOdUOqkvEa-As8y53sqQLS8g |
|
login.bnm.gov.my/ | Name: TS01e6b05a Value: 012be42521363d4a7a0d84f33b8b0848c51d05467a6f925a02bb93e918e13662686ffb97db64e8daf12e362e928068dd5a99159a7b535a0ee507c0ff54767398cdd4758157be433ca59332269e23da01a5ab1874202df5ece007808d2035b3f0578e26e5cf |
6 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
bnm.remotexs.co
fonts.googleapis.com
login.bnm.gov.my
maxcdn.bootstrapcdn.com
novel-coronavirus.onlinelibrary.wiley.com.bnm.remotexs.co
www.google.com
www.gstatic.com
13.215.211.93
211.25.63.169
2404:6800:4003:c02::5f
2404:6800:4003:c04::5e
2404:6800:4003:c05::5f
2404:6800:4003:c11::67
2606:4700::6812:bcf
05dc6c40234b153614cba776e8b246cfee081cd588859dbf1f7c0f1643ae1eaf
0e1abccbcf7b3f257e8731481750fa7364db62bfcc6096a940c4be4ce1e58d47
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
15ddd944792c0a8f51ec51214352bae44a3d3188d1babefd378b050d1ab7ea2f
16089a42741acc5fd00ab17da92be9458e8f0029fd645f159e582a7ea0f52ec1
18e9019fa46664172211701701bb181f0e037ffcf36bc871bfacc409b8f5103f
1b98105b1e68d798c045698d0055dac42244697af519c0174f4d740158534bf5
1d13a491e2fca7b4d438f4706c954cefc10afb18e3dd03359aa8be1e1714c4cb
1d5519582757fa289822cb6e89a1d637bfc07311cd66fe642d0d4d01cbcd529f
1df85af51093366f26a8c0cb5eb888b0a18c6a0873b3865aa893cb8f67ac8bbb
29223fdf1c42ac27b10aea5dcd02513f507a22a83ed8d03e5f6bb7f1c41daaaf
31268c5e83a3d6528dfc18561208e25f45f168b37d23c5f06804dfa680f34fef
356d3547c6b8f14b4b0b8276d7743a6cbf9da5a7a6cab412d6cf42d249735f12
3f1b0fa484d3a32f199ced1b2430354c40ba6db1691937d25abd993fc2ee158a
4bfb856ee6001372783b0e287035a3435eb6f8abecb40671b0c6a98b07f0f6b0
50059439fc4a64709ae27c63f72560d1093a6ba3262fec514027cce1f6eab808
56b721b389b9aaf7690b542af43b8801aa1d441fa39b13d9d10b6ec14e0e9225
58ef736b1e1a8ac6d7eceb2d42fb3a0eed3d3d6589449f4635d2c24b1aac9790
5ca338e84b32ebb8ffeb0a80cbbc27fa9822a15960955a2885b1ea2d82ad4654
7d58bbdbda9bf785d1edd79a97187a75e8e818a9b49ba0842c91982360d34064
8525e9d52cdd4c70a96dbf0ee2ffc4c152a247b96e3b6e606a23d6a57c92e3a0
886a604f1134c23d588176ae30066ae72222a59ed0f90230f0f284c0b5ff3684
8a803cce4bef107210d14b6d2ec7a65b204e191487d0430331118d210095407b
8b554659be6339b6927037e9023cebbcf952415d6db0f9bb617bc954eb318a71
912856e113e646cb59dd2a480be66f5463455408b458432e0a7234664608685c
93393996efa54b82376a5f7d35adbb265d6fccd020c9d978e45d22b572daf2e5
94f2d65c29680e0e94f04aa9a2a9e1877786edaf8013029bf260217a0a5ee2ca
9a9c4306d85676029b6f0633de1bcf3c89eb443f26e7d4c4bc2b4263d9e3da49
9c9737949b4269715aa1191ceb1a22549b322413e9b2355e2aa62af856625edb
a076e95c8509732c32f56083feea0e9eaa8a0056ca7dc0b7b166f809bc5c124a
a955e1bb5f4ddaae4ae2198653bdabcdeedb059d1bf71c22c9acf855bd26d4fd
b0245c90fcbcb1a2e3d0b934e92679aa34e642ff9e70d5514bdb90c57ea7a6e4
b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0
b805a7e94f8ddea5a352d1f2b849054527504f11664bf866f9cbe0576ba831b1
ba30f0f9a1f2a0739a010e5b87343da8efd532f06da84892b28032da70df1c72
bdbd4c1bb636ecb132f33f6afce36a052875c378bbbfda57c736901bbdb8cef2
ca6ebc6b73f78d570f6f0d3c7b94c7d41ce9fd21cfd0f3fa6f68589e0b923479
ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b
ceff472dc4ecc57b6569ac9d6c59df573b920a5e20de48f215fee976f6d40b80
d0a0dd018b0efeca3998915ef167a70e557491eaaf8f73ea3725dbd9a52a5051
d32753a8f2fbf579df840cc24699bd3439c7c00d1ae1cc5d1222f3733ed92732
d9c89feb07a2583e27ce1ecd9eb89271f88d1a6a87982abe6cd2e9e9905868da
da6d76c9331423f98dd3fbdc49baf3fbcd7968b528168996bcd653802ca55e5f
df1d051cc7c83b3ed2a635b1e1c8abe35c5c64ef2c69ac4e9def90e006f60961
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e7adabe9e2ab025ff9f05c870d4817e0803209b8551b2ade439cb6a58113f7
f2532cb8aab616fd3cbf115501536fcdbce309f6c5a90ff28731376f94303ec1
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729