campaignmay2u.com
Open in
urlscan Pro
83.150.213.33
Malicious Activity!
Public Scan
Effective URL: https://campaignmay2u.com/home/m2u/common/login.do
Submission: On January 31 via manual from MY
Summary
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on January 28th 2021. Valid for: 3 months.
This is the only time campaignmay2u.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Maybank2u (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 26 | 83.150.213.33 83.150.213.33 | 203576 (INTERNETB...) (INTERNETBILISIM) | |
1 | 184.86.251.20 184.86.251.20 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
26 | 2 |
ASN203576 (INTERNETBILISIM, TR)
PTR: ist3.internetbilisim.net
campaignmay2u.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-86-251-20.deploy.static.akamaitechnologies.com
www.maybank2u.com.my |
Apex Domain Subdomains |
Transfer | |
---|---|---|
26 |
campaignmay2u.com
1 redirects
campaignmay2u.com |
405 KB |
1 |
maybank2u.com.my
www.maybank2u.com.my |
196 KB |
26 | 2 |
Domain | Requested by | |
---|---|---|
26 | campaignmay2u.com |
1 redirects
campaignmay2u.com
|
1 | www.maybank2u.com.my |
campaignmay2u.com
|
26 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.maybank2u.com.my |
Subject Issuer | Validity | Valid | |
---|---|---|---|
campaignmay2u.com ZeroSSL RSA Domain Secure Site CA |
2021-01-28 - 2021-04-28 |
3 months | crt.sh |
www.maybank2u.com.my DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2020-12-02 - 2021-11-21 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://campaignmay2u.com/home/m2u/common/login.do
Frame ID: D50668B0D2F5CC8C78D1F5A9BCDFD7CC
Requests: 26 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://campaignmay2u.com/ Page URL
-
https://campaignmay2u.com/home/m2u/common/
HTTP 302
https://campaignmay2u.com/home/m2u/common/login.do Page URL
Detected technologies
LiteSpeed (Web Servers) ExpandDetected patterns
- headers server /^LiteSpeed$/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: BUSINESS
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://campaignmay2u.com/ Page URL
-
https://campaignmay2u.com/home/m2u/common/
HTTP 302
https://campaignmay2u.com/home/m2u/common/login.do Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
26 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
campaignmay2u.com/ |
116 B 356 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
Primary Request
login.do
campaignmay2u.com/home/m2u/common/ Redirect Chain
|
1 MB 128 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
32.js.indir
campaignmay2u.com/home/m2u/common/index_files/ |
25 KB 25 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
7.js.indir
campaignmay2u.com/home/m2u/common/index_files/ |
26 KB 26 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
Login.js.indir
campaignmay2u.com/home/m2u/common/index_files/ |
180 KB 180 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
logo_60_white.png
campaignmay2u.com/home/m2u/common/index_files/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
icon.png
campaignmay2u.com/home/m2u/common/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
coklu.png
campaignmay2u.com/home/m2u/common/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
profile.svg
campaignmay2u.com/home/m2u/common/index_files/ |
3 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
lock.svg
campaignmay2u.com/home/m2u/common/index_files/ |
4 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
cubuk.png
campaignmay2u.com/home/m2u/common/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
c19_b_ico.svg
campaignmay2u.com/home/m2u/common/index_files/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
branch_b_ico.svg
campaignmay2u.com/home/m2u/common/index_files/ |
2 KB 826 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
m2u_marketplace.svg
campaignmay2u.com/home/m2u/common/index_files/ |
124 KB 21 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
m2u_open_account.svg
campaignmay2u.com/home/m2u/common/index_files/ |
2 KB 919 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
weather.svg
campaignmay2u.com/home/m2u/common/index_files/ |
3 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
two_credit_cards.svg
campaignmay2u.com/home/m2u/common/index_files/ |
6 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
my_house.svg
campaignmay2u.com/home/m2u/common/index_files/ |
7 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
online_stock.svg
campaignmay2u.com/home/m2u/common/index_files/ |
7 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mainBackground.jpg
www.maybank2u.com.my/static/img/ |
194 KB 196 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
back_desktop.png
campaignmay2u.com/static/img/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
Lato-Bold.woff
campaignmay2u.com/static/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
Lato-Regular.woff
campaignmay2u.com/static/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
icomoon.woff
campaignmay2u.com/static/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
Lato-Bold.ttf
campaignmay2u.com/static/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
Lato-Regular.ttf
campaignmay2u.com/static/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Maybank2u (Banking)11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| webpackJsonp function| validation0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
campaignmay2u.com
www.maybank2u.com.my
184.86.251.20
83.150.213.33
14c923f681186bed53d6b088d86e2fded0803e85614ecb5be1c1583f26651d75
158a36676b2035dc6d53ce058a0b42668126453640dc54b088a110072d74b2d8
1d83a9bbeb4fcca4b5a1df9078739db83063f1351396e556ba7d41f07ea38420
49f1ba13dad638a54483c35288f032cbb2bfe9b9a95fffaacf2086a3889b1406
4a57a1a9235baccb202c95ee1b77009e5f4cd1fc1372769e7379a6b751238ac6
54be779540dd7f09b735feedf7e9423b26cdab632d703f4a8f0ef42b046e2983
661fbf7d1c0b8901db8ed1c7f84f63a01e94cba332bacb1be2459b61e700575f
6d7a12faff00480b08f4dd9c19fc0d8ec55123215864127439115f82648dc931
79ce4e2bbf25c4a4d91458d191d6ef268b4592169ae6586ba52242f412670b5d
81326d45868534ef2e93feec2330254bff8dc159c46b0dede4916f408d8584ba
9c3e51d3cfde5c0ff7619e20770930230c8e58e9475791a7d94a4d172391c8d5
9cb9b7b059ee293c7baa5a642e28bd04408dcc96759467b4e1f4a72c01bc6a2f
add819766979ebabb90c9576e10fad0d8bfcb4bc97b24babab7070d92a7eaa8f
b1a4ba3f12ae5a24efb7bd9d7ed8a97c249271bc54ae6bf878ba96019b25d406
b49f2f18e5f0f1f6ce88032d6f4658ab65e3fdb0f3ae3d57fe9b55e66397e661
bb863453d52e9da5381a53d82ec8b1694330f668a8a843788d35e474217682cc
cd390e59eac0d2cb9a0e7a1e97ab5ad7e5ac5019895553879f7886f7fce75f82
d59c7902f477096683c97962556817ab1bc25eda48fcc8adf926d73b3ea2271e
d7bdd5f2c61b0035aa869dab72b9feb3a10e832e58a1a01233e2a86b3949473c
e9aad18b8478751554d1fc00218a0f7712f4f37175f86428503e9cdc5c410983
fe3e6dcd99631429a7d84b05c5f5ad3ce3bc938f09e6de4905ea738aa6c65877