fems.com.my
Open in
urlscan Pro
103.233.0.82
Malicious Activity!
Public Scan
Effective URL: https://fems.com.my/raiffiensen/direktnet/adc6d151d7008920c46dd54b20c71aba/
Submission: On September 17 via manual from HU
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on August 2nd 2020. Valid for: 3 months.
This is the only time fems.com.my was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Raiffeisen Bank (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 23.228.86.254 23.228.86.254 | 46573 (LAYER-HOST) (LAYER-HOST) | |
2 3 | 103.233.0.82 103.233.0.82 | 46015 (EXABYTES-...) (EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd.) | |
20 | 91.220.172.3 91.220.172.3 | 41694 (RB-HU-AS) (RB-HU-AS) | |
22 | 3 |
ASN46015 (EXABYTES-AS-AP Exa Bytes Network Sdn.Bhd., MY)
PTR: vps.fems.com.my
fems.com.my |
ASN41694 (RB-HU-AS, HU)
PTR: direktnet.raiffeisen.hu
direktnet.raiffeisen.hu |
Apex Domain Subdomains |
Transfer | |
---|---|---|
20 |
raiffeisen.hu
direktnet.raiffeisen.hu |
264 KB |
3 |
fems.com.my
2 redirects
fems.com.my |
7 KB |
1 |
oodda.com
www.oodda.com |
348 B |
22 | 3 |
Domain | Requested by | |
---|---|---|
20 | direktnet.raiffeisen.hu |
fems.com.my
direktnet.raiffeisen.hu |
3 | fems.com.my |
2 redirects
www.oodda.com
|
1 | www.oodda.com | |
22 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.raiffeisen.hu |
Subject Issuer | Validity | Valid | |
---|---|---|---|
oodda.com COMODO RSA Domain Validation Secure Server CA |
2018-01-02 - 2021-01-01 |
3 years | crt.sh |
fems.com.my cPanel, Inc. Certification Authority |
2020-08-02 - 2020-10-31 |
3 months | crt.sh |
direktnet.raiffeisen.hu GeoTrust EV RSA CA 2018 |
2019-07-05 - 2021-07-04 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://fems.com.my/raiffiensen/direktnet/adc6d151d7008920c46dd54b20c71aba/
Frame ID: 3AD5C10D108442EF8E9A7B85DB96B0AF
Requests: 22 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://www.oodda.com/raiff/readme.htm Page URL
-
https://fems.com.my/raiffiensen/direktnet/index.php
HTTP 302
https://fems.com.my/raiffiensen/direktnet/adc6d151d7008920c46dd54b20c71aba HTTP 301
https://fems.com.my/raiffiensen/direktnet/adc6d151d7008920c46dd54b20c71aba/ Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
SWFObject (Miscellaneous) Expand
Detected patterns
- script /swfobject.*\.js/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
12 Outgoing links
These are links going to different origins than the main page.
Title: Ilyen egy jó kapcsolat
Search URL Search Domain Scan URL
Title: Kapcsolat
Search URL Search Domain Scan URL
Title: Segítségben
Search URL Search Domain Scan URL
Title: igénylőlapunk
Search URL Search Domain Scan URL
Title: DirektNet biztonsági tudnivalók
Search URL Search Domain Scan URL
Title: Mobil-token hitelesítési mód
Search URL Search Domain Scan URL
Title: Felhasználói kézikönyv
Search URL Search Domain Scan URL
Title: Gyakori kérdések, válaszok
Search URL Search Domain Scan URL
Title: Bankoljon bárhonnan Mobil Alkalmazással!
Search URL Search Domain Scan URL
Title: linkre
Search URL Search Domain Scan URL
Title: Általános üzleti feltételek
Search URL Search Domain Scan URL
Title: Jogi nyilatkozatok
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://www.oodda.com/raiff/readme.htm Page URL
-
https://fems.com.my/raiffiensen/direktnet/index.php
HTTP 302
https://fems.com.my/raiffiensen/direktnet/adc6d151d7008920c46dd54b20c71aba HTTP 301
https://fems.com.my/raiffiensen/direktnet/adc6d151d7008920c46dd54b20c71aba/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
readme.htm
www.oodda.com/raiff/ |
106 B 348 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
fems.com.my/raiffiensen/direktnet/adc6d151d7008920c46dd54b20c71aba/ Redirect Chain
|
23 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
direktnet.raiffeisen.hu/raiportal2009d/css_ver2/ |
64 KB 64 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common.css
direktnet.raiffeisen.hu/raiportal2009d/css_ver2/ |
16 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
direktnet.raiffeisen.hu/direktnet/js/lib/ |
56 KB 56 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
extensions.js
direktnet.raiffeisen.hu/direktnet/js/lib/ |
22 KB 23 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
swfobject.js
direktnet.raiffeisen.hu/direktnet/js/lib/ |
7 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
site.class.js
direktnet.raiffeisen.hu/direktnet/js/ |
17 KB 18 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
browsercheck.js
direktnet.raiffeisen.hu/direktnet/js/ |
2 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
slogan_original_velunk_konnyebb.jpg
direktnet.raiffeisen.hu/raiportal2009d/i/ |
2 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sample_660x150_1.jpg
direktnet.raiffeisen.hu/raiportal2009d/i/sample/ |
18 KB 19 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
util_hu.js
direktnet.raiffeisen.hu/direktnet/js/ |
17 KB 17 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
intruderCheck.js
direktnet.raiffeisen.hu/direktnet/js/ |
68 B 321 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login.js
direktnet.raiffeisen.hu/direktnet/js/ |
676 B 930 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg_body_new.png
direktnet.raiffeisen.hu/raiportal2009d/i/bg/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
head_logo.jpg
direktnet.raiffeisen.hu/raiportal2009d/i/bg/ |
6 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
title_direktnet.gif
direktnet.raiffeisen.hu/raiportal2009d/i/bg/ |
1 KB 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg_nav_separator_yellow.png
direktnet.raiffeisen.hu/raiportal2009d/i/bg/ |
139 B 378 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dnet_internetbank_login_660x150px.jpg
direktnet.raiffeisen.hu/raiportal2009d/i/ |
23 KB 24 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sprite_general.gif
direktnet.raiffeisen.hu/raiportal2009d/i/bg/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
menu_effect_yellow_large.gif
direktnet.raiffeisen.hu/raiportal2009d/i/bg/ |
83 B 321 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dots_gray.gif
direktnet.raiffeisen.hu/raiportal2009d/i/bg/ |
43 B 281 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Raiffeisen Bank (Banking)115 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes function| $ function| jQuery function| array_unique function| in_range function| clone function| agent object| deconcept function| getQueryParamValue function| FlashObject function| SWFObject function| max function| getRandomInt object| flashVars object| flashParams object| Promos object| Site boolean| msie6 function| raiffMenu object| TextSizer undefined| major undefined| minor undefined| ns undefined| ns6 undefined| ns4 undefined| ie undefined| ie6 undefined| ie5 undefined| ie4 undefined| ie9 undefined| ie10 undefined| opera undefined| o721 undefined| communicator undefined| pdas function| isAllowedBrowser function| onloadneeded function| changeDT function| getkey function| checkChar function| validateActiForm function| checkBrowser function| show function| hide function| clearActivationErrors function| clearLoginErrors function| demo function| direktNet function| closeDemo function| closeDirektNet function| demoLogin string| ACTIVE_TAB_BEFORE_THE_TABCHANGE function| newOnload function| changeLanguage function| onkp string| indentInfo object| bw object| oldOnLoad function| loginmouseover object| liList number| decorSpanWidth number| lii function| getUrlParam string| languageCode number| anoInicial number| anoFinal undefined| ano undefined| mes undefined| dia undefined| mai_ev undefined| mai_ho undefined| mai_nap undefined| qsxdatum undefined| campoDeRetorno undefined| titulo function| ablak_bezar function| diasDelMes function| crearSelectorMes function| crearSelectorAno function| crearTablaDias function| dibujarMes function| anoHoy function| mesHoy function| diaHoy function| datum_lov function| escribirFecha function| isDate function| _isInteger function| _getInt function| getDateFromFormat function| LTrim function| RTrim function| Trim function| isNull function| isBlank object| dim object| ten object| one function| n2t_convertthree function| numberToText object| MONTH_NAMES function| checkIntruder object| ourForm object| scripts boolean| ret string| scriptSrc string| ic function| individuals function| corporates function| validateLoginForm function| validateForm function| animStripeOn function| animStripeOff function| animMenuOn function| animMenuOff0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
direktnet.raiffeisen.hu
fems.com.my
www.oodda.com
103.233.0.82
23.228.86.254
91.220.172.3
0ecd659e66d5209b15e7da88348b911f17f522cafcdc619eda0f2920cdd28e2f
176f2efb5e43318b6e0febe553adb74369111671e11ca4044b9b1680faf09b4f
207e49999e8b8ac86f1a567c780e52193aa6e5213653f0bc38195e247ee920bc
46f9edbb2752e2b8ec3b69bf7c85fcb062ae6b431e5df60446845cddabbe6f82
7926e8e9f6496b7ee15e621134a3eb0054cd06e73d8ffa5b3f91e763bb64cba1
83742e0c5a5df8fae93651f821a25258ba394fecab17e21d5484a4e4885cbe60
8931b8eef9497af7cfe4c94f2e81dc6f64fc7671232f1e7122e55c46444aeb1f
9a346a74be59a713fe885e19c5d0703974313cc403675ed5e2fa0af890803c5e
9ffb2f88d6f0c4633ab2a2ae4732842c9287e9fbb7052ffc764d144b46d88c62
a815a036e3afdbd86a8c8ff7ebd612bcf53046c8631f913f2a02e196f49a34ee
b4cc9f6ecc39a519b19b79c4e2e5942312055fa39ccff5c9b158f597d2ee4265
b59356b81b669fead6b524f9d2fefacd966f56b931ff6552b8b579533acd8acc
b7886c730301d5237641f867233ebbec06356f760999c7888d9cb8551e49fb63
be6fd18e358a777d1117efe35b6c75b97beca0728e70c2aad8abf6fba2cacd0a
c8370a2d050359e9d505acc411e6f457a49b21360a21e6cbc9229bad3a767899
c907431a209001eff4279374dbabbaabef23403d1d5476d25f7d80e4afc2ecae
cc4b8b4d3893c78c28da53bc2e71ce54064550b1292aeba4650a2c4fcf8c882c
d7e94d97cff219eb768a5e3cba3c7f8992bf3be1278fc5f6d4643f7c68ea605f
df8ee9a183aea1b31b73781f46e97e1c3fee866ba4600689fddc3358004d86e3
e31a1ac05d3218dc94e1b5c41fb1e321ab4e6053c856910443386b04a5447214
eaef6740e47317a8a1810cd53e36a8b8375567d15b2bbbd91881382f33e37f6f
f2172868bc46d74ad32f2715bc25a8716e07a784b2ecb24d9d077d2125c6c993