mexicohealthtravel.com Open in urlscan Pro
207.180.254.86 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://mexicohealthtravel.com/wp-admin/user/11820/M2ULogin.html
Submission: On December 21 via automatic, source phishtank (December 21st 2020, 6:04:18 am UTC)

Summary HTTP 23 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 23 HTTP transactions. The main IP is 207.180.254.86, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is mexicohealthtravel.com.

This is the only time mexicohealthtravel.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Maybank2u (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1	207.180.254.86 207.180.254.86	51167 (CONTABO) (CONTABO)
5 27	184.86.251.20 184.86.251.20	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
23	2

1 207.180.254.86 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: oro.zuperdns.net

mexicohealthtravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 184.86.251.20 (United States) 5 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-86-251-20.deploy.static.akamaitechnologies.com

www.maybank2u.com.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	maybank2u.com.my 5 redirects www.maybank2u.com.my	73 KB
1	mexicohealthtravel.com mexicohealthtravel.com	17 KB
23	2

	Domain	Requested by
27	www.maybank2u.com.my	5 redirects mexicohealthtravel.com www.maybank2u.com.my
1	mexicohealthtravel.com
23	2

This site contains links to these domains. Also see Links.

Domain
www.maybank2u.com.my
ost.maybank2u.com.my
cert.webtrust.org

Subject Issuer	Validity	Valid
www.maybank2u.com.my DigiCert ECC Extended Validation Server CA	`2020-07-28` - `2022-04-09`	2 years	crt.sh

This page contains 1 frames:

Primary Page: http://mexicohealthtravel.com/wp-admin/user/11820/M2ULogin.html
Frame ID: 0E27AA9D1419419A0C94F68F4D643A0B
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

23
Requests

96 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

82 kB
Transfer

94 kB
Size

0
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: http://www.maybank2u.com.my/

Search URL Search Domain Scan URL

URL: http://www.maybank2u.com.my/mbb/m2u/common/mbbViewTerms.do?BV_SessionID=@@@@0294738450.1294977166@@@@&BV_EngineID=ccilademhmgifkicflgcehfdfkgdgml.0

Search URL Search Domain Scan URL

URL: https://ost.maybank2u.com.my/MBBWecos/MBB_Login.aspx
Title: Click here to login

Search URL Search Domain Scan URL

URL: https://cert.webtrust.org/ViewSeal?id=740

Search URL Search Domain Scan URL

URL: http://www.maybank2u.com.my/mbb_info/m2u/public/customerService.do?programId=CS-CustService&chCatId=/mbb/Personal
Title: Help

Search URL Search Domain Scan URL

URL: http://www.maybank2u.com.my/mbb_info/m2u/public/personalDetail04.do?cntTypeId=0&cntKey=TNC01&chCatId=/mbb/Personal&programId=FO-Footer
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: http://www.maybank2u.com.my/mbb_info/m2u/public/personalDetail04.do?cntTypeId=0&cntKey=SEC01&chCatId=/mbb/Personal&programId=FO-Footer
Title: Security, Privacy & Client Charter

Search URL Search Domain Scan URL

URL: http://www.maybank2u.com.my/mbb_info/m2u/public/custServiceFAQChannel.do?channelId=&faqChPath=/mbb/FAQs/03-Online%20Banking/FOB-OnlineBanking&cs=1&programId=CS-CustService&chCatId=/mbb/Personal&faqChId=FOB-OnlineBanking
Title: FAQ

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.maybank2u.com.my/maybank_css/screen.css HTTP 302
https://www.maybank2u.com.my/maybank_css/screen.css

Request Chain 1

http://www.maybank2u.com.my/js/scripts.js HTTP 302
https://www.maybank2u.com.my/js/scripts.js

Request Chain 2

http://www.maybank2u.com.my/js/popup.js HTTP 302
https://www.maybank2u.com.my/js/popup.js

Request Chain 3

http://www.maybank2u.com.my/js/common.js HTTP 302
https://www.maybank2u.com.my/js/common.js

Request Chain 4

http://www.maybank2u.com.my/js/ajax.js HTTP 302
https://www.maybank2u.com.my/js/ajax.js

Request Chain 5

http://www.maybank2u.com.my/maybank_gif/m2u_logo.gif HTTP 307
https://www.maybank2u.com.my/maybank_gif/m2u_logo.gif

Request Chain 6

http://www.maybank2u.com.my/maybank_gif/loading.gif HTTP 307
https://www.maybank2u.com.my/maybank_gif/loading.gif

Request Chain 7

http://www.maybank2u.com.my/maybank_css/print.css HTTP 307
https://www.maybank2u.com.my/maybank_css/print.css

Request Chain 8

http://www.maybank2u.com.my/maybank_css/handheld.css HTTP 307
https://www.maybank2u.com.my/maybank_css/handheld.css

Request Chain 9

http://www.maybank2u.com.my/maybank_gif/login/forgotpw_btn.jpg HTTP 307
https://www.maybank2u.com.my/maybank_gif/login/forgotpw_btn.jpg

Request Chain 10

http://www.maybank2u.com.my/maybank_gif/login/firstlog_btn.jpg HTTP 307
https://www.maybank2u.com.my/maybank_gif/login/firstlog_btn.jpg

Request Chain 11

http://www.maybank2u.com.my/maybank_gif/login/onstock_icn.jpg HTTP 307
https://www.maybank2u.com.my/maybank_gif/login/onstock_icn.jpg

Request Chain 12

http://www.maybank2u.com.my/maybank_gif/login/ssafe_icn.jpg HTTP 307
https://www.maybank2u.com.my/maybank_gif/login/ssafe_icn.jpg

Request Chain 13

http://www.maybank2u.com.my/maybank_gif/s_images/spacer.gif HTTP 307
https://www.maybank2u.com.my/maybank_gif/s_images/spacer.gif

Request Chain 14

http://www.maybank2u.com.my/maybank_gif/image/seal2.gif HTTP 307
https://www.maybank2u.com.my/maybank_gif/image/seal2.gif

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request M2ULogin.html Show response
mexicohealthtravel.com/wp-admin/user/11820/ 17 KB
17 KB 71ms
52ms Document
text/html 207.180.254.86
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://mexicohealthtravel.com/wp-admin/user/11820/M2ULogin.html
Protocol: HTTP/1.1
Server: 207.180.254.86 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: oro.zuperdns.net
Software: Apache /
Resource Hash: 05c47a87dbd45bc2213220b2caf968ef51b8c6f22c8299d8f65b8b203732fc63

Request headers

Host: mexicohealthtravel.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 21 Dec 2020 06:04:01 GMT
Server: Apache
Last-Modified: Fri, 14 Jan 2011 20:18:58 GMT
Accept-Ranges: bytes
Content-Length: 17371
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

GET
H2

200

screen.css
www.maybank2u.com.my/maybank_css/
Redirect Chain

http://www.maybank2u.com.my/maybank_css/screen.css
https://www.maybank2u.com.my/maybank_css/screen.css

35 KB
8 KB

25ms
25ms

Stylesheet
text/css

184.86.251.20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.maybank2u.com.my/maybank_css/screen.css

Requested by

Host: mexicohealthtravel.com
URL: http://mexicohealthtravel.com/wp-admin/user/11820/M2ULogin.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.251.20 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-251-20.deploy.static.akamaitechnologies.com

Software

none /

Resource Hash

ecc416a479d908d29c18774125cd7f73dbe8259e19baf7b231e950dfb9dd7547

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .maybank2u.com.my .google-analytics.com .googlesyndication.com .doubleclick.net .useinsider.com https://perfectsencollector.com .google.com https://analytics.google.com .googleapis.com .googletagmanager.com; object-src .maybank2u.com.my; style-src 'self' 'unsafe-inline' .googleapis.com .google.com; style-src-elem 'self' 'unsafe-inline' .googleapis.com .google.com .gstatic.com; font-src .gstatic.com .maybank2u.com.my .google.com; script-src 'self' .maybank2u.com.my .google-analytics.com .googletagmanager.com .googlesyndication.com .googleapis.com 'unsafe-inline' 'unsafe-eval' .doubleclick.net .mbww.com .useinsider.com https://connect.facebook.net .googleadservices.com .google.com .gstatic.com; frame-src 'self' .maybank2u.com.my .useinsider.com https://unity.cadreon.com .doubleclick.net .youtube.com .google.com; img-src 'self' data: blob: .maybank2u.com.my https://emerchant.maybank2u.com.my:8443 .google-analytics.com .googlesyndication.com .doubleclick.net https://www.google.com https://www.google.com.my https://www.google.com.sg https://www.google.co.in https://www.google.co.id https://www.facebook.com/tr/ .useinsider.com www.maybank.com .gstatic.com .googleapis.com http://dbv47yu57n5vf.cloudfront.net https://perfectsencollector.com .amazonaws.com .oto.my .googletagmanager.com .youtube.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; MODE=BLOCK

Request headers

Referer: http://mexicohealthtravel.com/wp-admin/user/11820/M2ULogin.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 06:04:02 GMT
content-encoding: gzip
x-content-type-options: NOSNIFF
last-modified: Wed, 07 Oct 2020 07:43:34 GMT
server: none
etag: W/"8c14-5f7d71a6"
x-frame-options: SAMEORIGIN
content-type: text/css
content-security-policy: default-src 'self' *.maybank2u.com.my *.google-analytics.com *.googlesyndication.com *.doubleclick.net *.useinsider.com https://perfectsencollector.com *.google.com https://analytics.google.com *.googleapis.com *.googletagmanager.com; object-src *.maybank2u.com.my; style-src 'self' 'unsafe-inline' *.googleapis.com *.google.com; style-src-elem 'self' 'unsafe-inline' *.googleapis.com *.google.com *.gstatic.com; font-src *.gstatic.com *.maybank2u.com.my *.google.com; script-src 'self' *.maybank2u.com.my *.google-analytics.com *.googletagmanager.com *.googlesyndication.com *.googleapis.com 'unsafe-inline' 'unsafe-eval' *.doubleclick.net *.mbww.com *.useinsider.com https://connect.facebook.net *.googleadservices.com *.google.com *.gstatic.com; frame-src 'self' *.maybank2u.com.my *.useinsider.com https://unity.cadreon.com *.doubleclick.net *.youtube.com *.google.com; img-src 'self' data: blob: *.maybank2u.com.my https://emerchant.maybank2u.com.my:8443 *.google-analytics.com *.googlesyndication.com *.doubleclick.net https://www.google.com https://www.google.com.my https://www.google.com.sg https://www.google.co.in https://www.google.co.id https://www.facebook.com/tr/ *.useinsider.com www.maybank.com *.gstatic.com *.googleapis.com http://dbv47yu57n5vf.cloudfront.net https://perfectsencollector.com *.amazonaws.com *.oto.my *.googletagmanager.com *.youtube.com
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
content-length: 6840
x-xss-protection: 1; MODE=BLOCK

Redirect headers

Location: https://www.maybank2u.com.my/maybank_css/screen.css
Date: Mon, 21 Dec 2020 06:04:02 GMT
Content-Security-Policy: default-src 'self' *.maybank2u.com.my *.google-analytics.com *.googlesyndication.com *.doubleclick.net *.useinsider.com https://perfectsencollector.com *.google.com https://analytics.google.com *.googleapis.com *.googletagmanager.com; object-src *.maybank2u.com.my; style-src 'self' 'unsafe-inline' *.googleapis.com *.google.com; style-src-elem 'self' 'unsafe-inline' *.googleapis.com *.google.com *.gstatic.com; font-src *.gstatic.com *.maybank2u.com.my *.google.com; script-src 'self' *.maybank2u.com.my *.google-analytics.com *.googletagmanager.com *.googlesyndication.com *.googleapis.com 'unsafe-inline' 'unsafe-eval' *.doubleclick.net *.mbww.com *.useinsider.com https://connect.facebook.net *.googleadservices.com *.google.com *.gstatic.com; frame-src 'self' *.maybank2u.com.my *.useinsider.com https://unity.cadreon.com *.doubleclick.net *.youtube.com *.google.com; img-src 'self' data: blob: *.maybank2u.com.my https://emerchant.maybank2u.com.my:8443 *.google-analytics.com *.googlesyndication.com *.doubleclick.net https://www.google.com https://www.google.com.my https://www.google.com.sg https://www.google.co.in https://www.google.co.id https://www.facebook.com/tr/ *.useinsider.com www.maybank.com *.gstatic.com *.googleapis.com http://dbv47yu57n5vf.cloudfront.net https://perfectsencollector.com *.amazonaws.com *.oto.my *.googletagmanager.com *.youtube.com
Connection: keep-alive
Content-Length: 0

GET
H2

200

scripts.js Show response
www.maybank2u.com.my/js/
Redirect Chain

http://www.maybank2u.com.my/js/scripts.js
https://www.maybank2u.com.my/js/scripts.js

595 B
2 KB

97ms
32ms

Script
application/x-javascript

184.86.251.20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.maybank2u.com.my/js/scripts.js

Requested by

Host: mexicohealthtravel.com
URL: http://mexicohealthtravel.com/wp-admin/user/11820/M2ULogin.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.251.20 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-251-20.deploy.static.akamaitechnologies.com

Software

none /

Resource Hash

3a918557b6d0350f6e16cc0ecc1466debc76eaa4ba8778eeb908f97b8c5143ea

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .maybank2u.com.my .google-analytics.com .googlesyndication.com .doubleclick.net .useinsider.com https://perfectsencollector.com .google.com https://analytics.google.com .googleapis.com .googletagmanager.com; object-src .maybank2u.com.my; style-src 'self' 'unsafe-inline' .googleapis.com .google.com; style-src-elem 'self' 'unsafe-inline' .googleapis.com .google.com .gstatic.com; font-src .gstatic.com .maybank2u.com.my .google.com; script-src 'self' .maybank2u.com.my .google-analytics.com .googletagmanager.com .googlesyndication.com .googleapis.com 'unsafe-inline' 'unsafe-eval' .doubleclick.net .mbww.com .useinsider.com https://connect.facebook.net .googleadservices.com .google.com .gstatic.com; frame-src 'self' .maybank2u.com.my .useinsider.com https://unity.cadreon.com .doubleclick.net .youtube.com .google.com; img-src 'self' data: blob: .maybank2u.com.my https://emerchant.maybank2u.com.my:8443 .google-analytics.com .googlesyndication.com .doubleclick.net https://www.google.com https://www.google.com.my https://www.google.com.sg https://www.google.co.in https://www.google.co.id https://www.facebook.com/tr/ .useinsider.com www.maybank.com .gstatic.com .googleapis.com http://dbv47yu57n5vf.cloudfront.net https://perfectsencollector.com .amazonaws.com .oto.my .googletagmanager.com .youtube.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; MODE=BLOCK

Request headers

Referer: http://mexicohealthtravel.com/wp-admin/user/11820/M2ULogin.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 06:04:02 GMT
content-encoding: gzip
x-content-type-options: NOSNIFF
last-modified: Tue, 18 Jun 2019 07:47:23 GMT
server: none
etag: "253-5d08970b"
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
x-cnection: close
content-security-policy: default-src 'self' *.maybank2u.com.my *.google-analytics.com *.googlesyndication.com *.doubleclick.net *.useinsider.com https://perfectsencollector.com *.google.com https://analytics.google.com *.googleapis.com *.googletagmanager.com; object-src *.maybank2u.com.my; style-src 'self' 'unsafe-inline' *.googleapis.com *.google.com; style-src-elem 'self' 'unsafe-inline' *.googleapis.com *.google.com *.gstatic.com; font-src *.gstatic.com *.maybank2u.com.my *.google.com; script-src 'self' *.maybank2u.com.my *.google-analytics.com *.googletagmanager.com *.googlesyndication.com *.googleapis.com 'unsafe-inline' 'unsafe-eval' *.doubleclick.net *.mbww.com *.useinsider.com https://connect.facebook.net *.googleadservices.com *.google.com *.gstatic.com; frame-src 'self' *.maybank2u.com.my *.useinsider.com https://unity.cadreon.com *.doubleclick.net *.youtube.com *.google.com; img-src 'self' data: blob: *.maybank2u.com.my https://emerchant.maybank2u.com.my:8443 *.google-analytics.com *.googlesyndication.com *.doubleclick.net https://www.google.com https://www.google.com.my https://www.google.com.sg https://www.google.co.in https://www.google.co.id https://www.facebook.com/tr/ *.useinsider.com www.maybank.com *.gstatic.com *.googleapis.com http://dbv47yu57n5vf.cloudfront.net https://perfectsencollector.com *.amazonaws.com *.oto.my *.googletagmanager.com *.youtube.com
strict-transport-security: max-age=31536000 ; includeSubDomains
accept-ranges: bytes
vary: Accept-Encoding
content-length: 282
x-xss-protection: 1; MODE=BLOCK

Redirect headers

Location: https://www.maybank2u.com.my/js/scripts.js
Date: Mon, 21 Dec 2020 06:04:02 GMT
Content-Security-Policy: default-src 'self' *.maybank2u.com.my *.google-analytics.com *.googlesyndication.com *.doubleclick.net *.useinsider.com https://perfectsencollector.com *.google.com https://analytics.google.com *.googleapis.com *.googletagmanager.com; object-src *.maybank2u.com.my; style-src 'self' 'unsafe-inline' *.googleapis.com *.google.com; style-src-elem 'self' 'unsafe-inline' *.googleapis.com *.google.com *.gstatic.com; font-src *.gstatic.com *.maybank2u.com.my *.google.com; script-src 'self' *.maybank2u.com.my *.google-analytics.com *.googletagmanager.com *.googlesyndication.com *.googleapis.com 'unsafe-inline' 'unsafe-eval' *.doubleclick.net *.mbww.com *.useinsider.com https://connect.facebook.net *.googleadservices.com *.google.com *.gstatic.com; frame-src 'self' *.maybank2u.com.my *.useinsider.com https://unity.cadreon.com *.doubleclick.net *.youtube.com *.google.com; img-src 'self' data: blob: *.maybank2u.com.my https://emerchant.maybank2u.com.my:8443 *.google-analytics.com *.googlesyndication.com *.doubleclick.net https://www.google.com https://www.google.com.my https://www.google.com.sg https://www.google.co.in https://www.google.co.id https://www.facebook.com/tr/ *.useinsider.com www.maybank.com *.gstatic.com *.googleapis.com http://dbv47yu57n5vf.cloudfront.net https://perfectsencollector.com *.amazonaws.com *.oto.my *.googletagmanager.com *.youtube.com
Connection: keep-alive
Content-Length: 0

GET
H2

200

popup.js Show response
www.maybank2u.com.my/js/
Redirect Chain

http://www.maybank2u.com.my/js/popup.js
https://www.maybank2u.com.my/js/popup.js

1 KB
2 KB

117ms
30ms

Script
application/x-javascript

184.86.251.20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.maybank2u.com.my/js/popup.js

Requested by

Host: mexicohealthtravel.com
URL: http://mexicohealthtravel.com/wp-admin/user/11820/M2ULogin.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.251.20 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-251-20.deploy.static.akamaitechnologies.com

Software

none /

Resource Hash

04842881b771adc7f609547c97a8198a82820618d4ed7c5cc22c49c32971db42

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .maybank2u.com.my .google-analytics.com .googlesyndication.com .doubleclick.net .useinsider.com https://perfectsencollector.com .google.com https://analytics.google.com .googleapis.com .googletagmanager.com; object-src .maybank2u.com.my; style-src 'self' 'unsafe-inline' .googleapis.com .google.com; style-src-elem 'self' 'unsafe-inline' .googleapis.com .google.com .gstatic.com; font-src .gstatic.com .maybank2u.com.my .google.com; script-src 'self' .maybank2u.com.my .google-analytics.com .googletagmanager.com .googlesyndication.com .googleapis.com 'unsafe-inline' 'unsafe-eval' .doubleclick.net .mbww.com .useinsider.com https://connect.facebook.net .googleadservices.com .google.com .gstatic.com; frame-src 'self' .maybank2u.com.my .useinsider.com https://unity.cadreon.com .doubleclick.net .youtube.com .google.com; img-src 'self' data: blob: .maybank2u.com.my https://emerchant.maybank2u.com.my:8443 .google-analytics.com .googlesyndication.com .doubleclick.net https://www.google.com https://www.google.com.my https://www.google.com.sg https://www.google.co.in https://www.google.co.id https://www.facebook.com/tr/ .useinsider.com www.maybank.com .gstatic.com .googleapis.com http://dbv47yu57n5vf.cloudfront.net https://perfectsencollector.com .amazonaws.com .oto.my .googletagmanager.com .youtube.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; MODE=BLOCK

Request headers

Referer: http://mexicohealthtravel.com/wp-admin/user/11820/M2ULogin.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 06:04:02 GMT
content-encoding: gzip
x-content-type-options: NOSNIFF
last-modified: Tue, 18 Jun 2019 07:47:23 GMT
server: none
etag: "438-5d08970b"
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
x-cnection: close
content-security-policy: default-src 'self' *.maybank2u.com.my *.google-analytics.com *.googlesyndication.com *.doubleclick.net *.useinsider.com https://perfectsencollector.com *.google.com https://analytics.google.com *.googleapis.com *.googletagmanager.com; object-src *.maybank2u.com.my; style-src 'self' 'unsafe-inline' *.googleapis.com *.google.com; style-src-elem 'self' 'unsafe-inline' *.googleapis.com *.google.com *.gstatic.com; font-src *.gstatic.com *.maybank2u.com.my *.google.com; script-src 'self' *.maybank2u.com.my *.google-analytics.com *.googletagmanager.com *.googlesyndication.com *.googleapis.com 'unsafe-inline' 'unsafe-eval' *.doubleclick.net *.mbww.com *.useinsider.com https://connect.facebook.net *.googleadservices.com *.google.com *.gstatic.com; frame-src 'self' *.maybank2u.com.my *.useinsider.com https://unity.cadreon.com *.doubleclick.net *.youtube.com *.google.com; img-src 'self' data: blob: *.maybank2u.com.my https://emerchant.maybank2u.com.my:8443 *.google-analytics.com *.googlesyndication.com *.doubleclick.net https://www.google.com https://www.google.com.my https://www.google.com.sg https://www.google.co.in https://www.google.co.id https://www.facebook.com/tr/ *.useinsider.com www.maybank.com *.gstatic.com *.googleapis.com http://dbv47yu57n5vf.cloudfront.net https://perfectsencollector.com *.amazonaws.com *.oto.my *.googletagmanager.com *.youtube.com
strict-transport-security: max-age=31536000 ; includeSubDomains
accept-ranges: bytes
vary: Accept-Encoding
content-length: 513
x-xss-protection: 1; MODE=BLOCK

Redirect headers

Location: https://www.maybank2u.com.my/js/popup.js
Date: Mon, 21 Dec 2020 06:04:02 GMT
Content-Security-Policy: default-src 'self' *.maybank2u.com.my *.google-analytics.com *.googlesyndication.com *.doubleclick.net *.useinsider.com https://perfectsencollector.com *.google.com https://analytics.google.com *.googleapis.com *.googletagmanager.com; object-src *.maybank2u.com.my; style-src 'self' 'unsafe-inline' *.googleapis.com *.google.com; style-src-elem 'self' 'unsafe-inline' *.googleapis.com *.google.com *.gstatic.com; font-src *.gstatic.com *.maybank2u.com.my *.google.com; script-src 'self' *.maybank2u.com.my *.google-analytics.com *.googletagmanager.com *.googlesyndication.com *.googleapis.com 'unsafe-inline' 'unsafe-eval' *.doubleclick.net *.mbww.com *.useinsider.com https://connect.facebook.net *.googleadservices.com *.google.com *.gstatic.com; frame-src 'self' *.maybank2u.com.my *.useinsider.com https://unity.cadreon.com *.doubleclick.net *.youtube.com *.google.com; img-src 'self' data: blob: *.maybank2u.com.my https://emerchant.maybank2u.com.my:8443 *.google-analytics.com *.googlesyndication.com *.doubleclick.net https://www.google.com https://www.google.com.my https://www.google.com.sg https://www.google.co.in https://www.google.co.id https://www.facebook.com/tr/ *.useinsider.com www.maybank.com *.gstatic.com *.googleapis.com http://dbv47yu57n5vf.cloudfront.net https://perfectsencollector.com *.amazonaws.com *.oto.my *.googletagmanager.com *.youtube.com
Connection: keep-alive
Content-Length: 0

GET
H2

200

common.js Show response
www.maybank2u.com.my/js/
Redirect Chain

http://www.maybank2u.com.my/js/common.js
https://www.maybank2u.com.my/js/common.js

11 KB
4 KB

26ms
26ms

Script
application/x-javascript

184.86.251.20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.maybank2u.com.my/js/common.js

Requested by

Host: mexicohealthtravel.com
URL: http://mexicohealthtravel.com/wp-admin/user/11820/M2ULogin.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.251.20 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-251-20.deploy.static.akamaitechnologies.com

Software

none /

Resource Hash

7e01ad8f2cbd21589b9acc40a94e1b4dcc9d614bfd4c71eeae20e1e46811530c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .maybank2u.com.my .google-analytics.com .googlesyndication.com .doubleclick.net .useinsider.com https://perfectsencollector.com .google.com https://analytics.google.com .googleapis.com .googletagmanager.com; object-src .maybank2u.com.my; style-src 'self' 'unsafe-inline' .googleapis.com .google.com; style-src-elem 'self' 'unsafe-inline' .googleapis.com .google.com .gstatic.com; font-src .gstatic.com .maybank2u.com.my .google.com; script-src 'self' .maybank2u.com.my .google-analytics.com .googletagmanager.com .googlesyndication.com .googleapis.com 'unsafe-inline' 'unsafe-eval' .doubleclick.net .mbww.com .useinsider.com https://connect.facebook.net .googleadservices.com .google.com .gstatic.com; frame-src 'self' .maybank2u.com.my .useinsider.com https://unity.cadreon.com .doubleclick.net .youtube.com .google.com; img-src 'self' data: blob: .maybank2u.com.my https://emerchant.maybank2u.com.my:8443 .google-analytics.com .googlesyndication.com .doubleclick.net https://www.google.com https://www.google.com.my https://www.google.com.sg https://www.google.co.in https://www.google.co.id https://www.facebook.com/tr/ .useinsider.com www.maybank.com .gstatic.com .googleapis.com http://dbv47yu57n5vf.cloudfront.net https://perfectsencollector.com .amazonaws.com .oto.my .googletagmanager.com .youtube.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; MODE=BLOCK

Request headers

Referer: http://mexicohealthtravel.com/wp-admin/user/11820/M2ULogin.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 06:04:02 GMT
content-encoding: gzip
x-content-type-options: NOSNIFF
last-modified: Wed, 07 Oct 2020 07:53:17 GMT
server: none
etag: "2d14-5f7d73ed"
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
x-cnection: close
content-security-policy: default-src 'self' *.maybank2u.com.my *.google-analytics.com *.googlesyndication.com *.doubleclick.net *.useinsider.com https://perfectsencollector.com *.google.com https://analytics.google.com *.googleapis.com *.googletagmanager.com; object-src *.maybank2u.com.my; style-src 'self' 'unsafe-inline' *.googleapis.com *.google.com; style-src-elem 'self' 'unsafe-inline' *.googleapis.com *.google.com *.gstatic.com; font-src *.gstatic.com *.maybank2u.com.my *.google.com; script-src 'self' *.maybank2u.com.my *.google-analytics.com *.googletagmanager.com *.googlesyndication.com *.googleapis.com 'unsafe-inline' 'unsafe-eval' *.doubleclick.net *.mbww.com *.useinsider.com https://connect.facebook.net *.googleadservices.com *.google.com *.gstatic.com; frame-src 'self' *.maybank2u.com.my *.useinsider.com https://unity.cadreon.com *.doubleclick.net *.youtube.com *.google.com; img-src 'self' data: blob: *.maybank2u.com.my https://emerchant.maybank2u.com.my:8443 *.google-analytics.com *.googlesyndication.com *.doubleclick.net https://www.google.com https://www.google.com.my https://www.google.com.sg https://www.google.co.in https://www.google.co.id https://www.facebook.com/tr/ *.useinsider.com www.maybank.com *.gstatic.com *.googleapis.com http://dbv47yu57n5vf.cloudfront.net https://perfectsencollector.com *.amazonaws.com *.oto.my *.googletagmanager.com *.youtube.com
strict-transport-security: max-age=31536000 ; includeSubDomains
accept-ranges: bytes
vary: Accept-Encoding
content-length: 2799
x-xss-protection: 1; MODE=BLOCK

Redirect headers

Location: https://www.maybank2u.com.my/js/common.js
Date: Mon, 21 Dec 2020 06:04:02 GMT
Content-Security-Policy: default-src 'self' *.maybank2u.com.my *.google-analytics.com *.googlesyndication.com *.doubleclick.net *.useinsider.com https://perfectsencollector.com *.google.com https://analytics.google.com *.googleapis.com *.googletagmanager.com; object-src *.maybank2u.com.my; style-src 'self' 'unsafe-inline' *.googleapis.com *.google.com; style-src-elem 'self' 'unsafe-inline' *.googleapis.com *.google.com *.gstatic.com; font-src *.gstatic.com *.maybank2u.com.my *.google.com; script-src 'self' *.maybank2u.com.my *.google-analytics.com *.googletagmanager.com *.googlesyndication.com *.googleapis.com 'unsafe-inline' 'unsafe-eval' *.doubleclick.net *.mbww.com *.useinsider.com https://connect.facebook.net *.googleadservices.com *.google.com *.gstatic.com; frame-src 'self' *.maybank2u.com.my *.useinsider.com https://unity.cadreon.com *.doubleclick.net *.youtube.com *.google.com; img-src 'self' data: blob: *.maybank2u.com.my https://emerchant.maybank2u.com.my:8443 *.google-analytics.com *.googlesyndication.com *.doubleclick.net https://www.google.com https://www.google.com.my https://www.google.com.sg https://www.google.co.in https://www.google.co.id https://www.facebook.com/tr/ *.useinsider.com www.maybank.com *.gstatic.com *.googleapis.com http://dbv47yu57n5vf.cloudfront.net https://perfectsencollector.com *.amazonaws.com *.oto.my *.googletagmanager.com *.youtube.com
Connection: keep-alive
Content-Length: 0

GET
H2

200

ajax.js Show response
www.maybank2u.com.my/js/
Redirect Chain

http://www.maybank2u.com.my/js/ajax.js
https://www.maybank2u.com.my/js/ajax.js

2 KB
2 KB

95ms
34ms

Script
application/x-javascript

184.86.251.20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.maybank2u.com.my/js/ajax.js

Requested by

Host: mexicohealthtravel.com
URL: http://mexicohealthtravel.com/wp-admin/user/11820/M2ULogin.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.251.20 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-251-20.deploy.static.akamaitechnologies.com

Software

none /

Resource Hash

fdabe206408ecac5c338cb571d7dbfa7dc27e702904fad4e4b6a499a9649b4b2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .maybank2u.com.my .google-analytics.com .googlesyndication.com .doubleclick.net .useinsider.com https://perfectsencollector.com .google.com https://analytics.google.com .googleapis.com .googletagmanager.com; object-src .maybank2u.com.my; style-src 'self' 'unsafe-inline' .googleapis.com .google.com; style-src-elem 'self' 'unsafe-inline' .googleapis.com .google.com .gstatic.com; font-src .gstatic.com .maybank2u.com.my .google.com; script-src 'self' .maybank2u.com.my .google-analytics.com .googletagmanager.com .googlesyndication.com .googleapis.com 'unsafe-inline' 'unsafe-eval' .doubleclick.net .mbww.com .useinsider.com https://connect.facebook.net .googleadservices.com .google.com .gstatic.com; frame-src 'self' .maybank2u.com.my .useinsider.com https://unity.cadreon.com .doubleclick.net .youtube.com .google.com; img-src 'self' data: blob: .maybank2u.com.my https://emerchant.maybank2u.com.my:8443 .google-analytics.com .googlesyndication.com .doubleclick.net https://www.google.com https://www.google.com.my https://www.google.com.sg https://www.google.co.in https://www.google.co.id https://www.facebook.com/tr/ .useinsider.com www.maybank.com .gstatic.com .googleapis.com http://dbv47yu57n5vf.cloudfront.net https://perfectsencollector.com .amazonaws.com .oto.my .googletagmanager.com .youtube.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; MODE=BLOCK

Request headers

Referer: http://mexicohealthtravel.com/wp-admin/user/11820/M2ULogin.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 06:04:02 GMT
content-encoding: gzip
x-content-type-options: NOSNIFF
last-modified: Tue, 18 Jun 2019 07:47:23 GMT
server: none
etag: "8ce-5d08970b"
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
x-cnection: close
content-security-policy: default-src 'self' *.maybank2u.com.my *.google-analytics.com *.googlesyndication.com *.doubleclick.net *.useinsider.com https://perfectsencollector.com *.google.com https://analytics.google.com *.googleapis.com *.googletagmanager.com; object-src *.maybank2u.com.my; style-src 'self' 'unsafe-inline' *.googleapis.com *.google.com; style-src-elem 'self' 'unsafe-inline' *.googleapis.com *.google.com *.gstatic.com; font-src *.gstatic.com *.maybank2u.com.my *.google.com; script-src 'self' *.maybank2u.com.my *.google-analytics.com *.googletagmanager.com *.googlesyndication.com *.googleapis.com 'unsafe-inline' 'unsafe-eval' *.doubleclick.net *.mbww.com *.useinsider.com https://connect.facebook.net *.googleadservices.com *.google.com *.gstatic.com; frame-src 'self' *.maybank2u.com.my *.useinsider.com https://unity.cadreon.com *.doubleclick.net *.youtube.com *.google.com; img-src 'self' data: blob: *.maybank2u.com.my https://emerchant.maybank2u.com.my:8443 *.google-analytics.com *.googlesyndication.com *.doubleclick.net https://www.google.com https://www.google.com.my https://www.google.com.sg https://www.google.co.in https://www.google.co.id https://www.facebook.com/tr/ *.useinsider.com www.maybank.com *.gstatic.com *.googleapis.com http://dbv47yu57n5vf.cloudfront.net https://perfectsencollector.com *.amazonaws.com *.oto.my *.googletagmanager.com *.youtube.com
strict-transport-security: max-age=31536000 ; includeSubDomains
accept-ranges: bytes
vary: Accept-Encoding
content-length: 940
x-xss-protection: 1; MODE=BLOCK

Redirect headers

Location: https://www.maybank2u.com.my/js/ajax.js
Date: Mon, 21 Dec 2020 06:04:02 GMT
Content-Security-Policy: default-src 'self' *.maybank2u.com.my *.google-analytics.com *.googlesyndication.com *.doubleclick.net *.useinsider.com https://perfectsencollector.com *.google.com https://analytics.google.com *.googleapis.com *.googletagmanager.com; object-src *.maybank2u.com.my; style-src 'self' 'unsafe-inline' *.googleapis.com *.google.com; style-src-elem 'self' 'unsafe-inline' *.googleapis.com *.google.com *.gstatic.com; font-src *.gstatic.com *.maybank2u.com.my *.google.com; script-src 'self' *.maybank2u.com.my *.google-analytics.com *.googletagmanager.com *.googlesyndication.com *.googleapis.com 'unsafe-inline' 'unsafe-eval' *.doubleclick.net *.mbww.com *.useinsider.com https://connect.facebook.net *.googleadservices.com *.google.com *.gstatic.com; frame-src 'self' *.maybank2u.com.my *.useinsider.com https://unity.cadreon.com *.doubleclick.net *.youtube.com *.google.com; img-src 'self' data: blob: *.maybank2u.com.my https://emerchant.maybank2u.com.my:8443 *.google-analytics.com *.googlesyndication.com *.doubleclick.net https://www.google.com https://www.google.com.my https://www.google.com.sg https://www.google.co.in https://www.google.co.id https://www.facebook.com/tr/ *.useinsider.com www.maybank.com *.gstatic.com *.googleapis.com http://dbv47yu57n5vf.cloudfront.net https://perfectsencollector.com *.amazonaws.com *.oto.my *.googletagmanager.com *.youtube.com
Connection: keep-alive
Content-Length: 0

GET
H2

200

m2u_logo.gif
www.maybank2u.com.my/maybank_gif/
Redirect Chain

http://www.maybank2u.com.my/maybank_gif/m2u_logo.gif
https://www.maybank2u.com.my/maybank_gif/m2u_logo.gif

1 KB
2 KB

25ms
25ms

Image
image/gif

184.86.251.20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.maybank2u.com.my/maybank_gif/m2u_logo.gif

Requested by

Host: mexicohealthtravel.com
URL: http://mexicohealthtravel.com/wp-admin/user/11820/M2ULogin.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.251.20 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-251-20.deploy.static.akamaitechnologies.com

Software

none /

Resource Hash

c4956f83cf6f45546946bce1a72f295bc1e1ffca831d625e0394044181638a88

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .maybank2u.com.my .google-analytics.com .googlesyndication.com .doubleclick.net .useinsider.com https://perfectsencollector.com .google.com https://analytics.google.com .googleapis.com .googletagmanager.com; object-src .maybank2u.com.my; style-src 'self' 'unsafe-inline' .googleapis.com .google.com; style-src-elem 'self' 'unsafe-inline' .googleapis.com .google.com .gstatic.com; font-src .gstatic.com .maybank2u.com.my .google.com; script-src 'self' .maybank2u.com.my .google-analytics.com .googletagmanager.com .googlesyndication.com .googleapis.com 'unsafe-inline' 'unsafe-eval' .doubleclick.net .mbww.com .useinsider.com https://connect.facebook.net .googleadservices.com .google.com .gstatic.com; frame-src 'self' .maybank2u.com.my .useinsider.com https://unity.cadreon.com .doubleclick.net .youtube.com .google.com; img-src 'self' data: blob: .maybank2u.com.my https://emerchant.maybank2u.com.my:8443 .google-analytics.com .googlesyndication.com .doubleclick.net https://www.google.com https://www.google.com.my https://www.google.com.sg https://www.google.co.in https://www.google.co.id https://www.facebook.com/tr/ .useinsider.com www.maybank.com .gstatic.com .googleapis.com http://dbv47yu57n5vf.cloudfront.net https://perfectsencollector.com .amazonaws.com .oto.my .googletagmanager.com .youtube.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; MODE=BLOCK

Request headers

Referer: http://mexicohealthtravel.com/wp-admin/user/11820/M2ULogin.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 06:04:02 GMT
x-content-type-options: NOSNIFF
last-modified: Tue, 18 Jun 2019 07:42:31 GMT
server: none
etag: "4f0-5d0895e7"
x-frame-options: SAMEORIGIN
content-type: image/gif
x-cnection: close
content-security-policy: default-src 'self' *.maybank2u.com.my *.google-analytics.com *.googlesyndication.com *.doubleclick.net *.useinsider.com https://perfectsencollector.com *.google.com https://analytics.google.com *.googleapis.com *.googletagmanager.com; object-src *.maybank2u.com.my; style-src 'self' 'unsafe-inline' *.googleapis.com *.google.com; style-src-elem 'self' 'unsafe-inline' *.googleapis.com *.google.com *.gstatic.com; font-src *.gstatic.com *.maybank2u.com.my *.google.com; script-src 'self' *.maybank2u.com.my *.google-analytics.com *.googletagmanager.com *.googlesyndication.com *.googleapis.com 'unsafe-inline' 'unsafe-eval' *.doubleclick.net *.mbww.com *.useinsider.com https://connect.facebook.net *.googleadservices.com *.google.com *.gstatic.com; frame-src 'self' *.maybank2u.com.my *.useinsider.com https://unity.cadreon.com *.doubleclick.net *.youtube.com *.google.com; img-src 'self' data: blob: *.maybank2u.com.my https://emerchant.maybank2u.com.my:8443 *.google-analytics.com *.googlesyndication.com *.doubleclick.net https://www.google.com https://www.google.com.my https://www.google.com.sg https://www.google.co.in https://www.google.co.id https://www.facebook.com/tr/ *.useinsider.com www.maybank.com *.gstatic.com *.googleapis.com http://dbv47yu57n5vf.cloudfront.net https://perfectsencollector.com *.amazonaws.com *.oto.my *.googletagmanager.com *.youtube.com
strict-transport-security: max-age=31536000 ; includeSubDomains
accept-ranges: bytes
content-length: 1264
x-xss-protection: 1; MODE=BLOCK

Redirect headers

Location: https://www.maybank2u.com.my/maybank_gif/m2u_logo.gif
Non-Authoritative-Reason: HSTS

GET
H2

200

loading.gif
www.maybank2u.com.my/maybank_gif/
Redirect Chain

http://www.maybank2u.com.my/maybank_gif/loading.gif
https://www.maybank2u.com.my/maybank_gif/loading.gif

3 KB
4 KB

25ms
24ms

Image
image/gif

184.86.251.20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.maybank2u.com.my/maybank_gif/loading.gif

Requested by

Host: mexicohealthtravel.com
URL: http://mexicohealthtravel.com/wp-admin/user/11820/M2ULogin.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.251.20 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-251-20.deploy.static.akamaitechnologies.com

Software

none /

Resource Hash

1b9be274b3b347afd5bcabd8fbd682917d85f60f3df049ef1d2394922474fe4c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .maybank2u.com.my .google-analytics.com .googlesyndication.com .doubleclick.net .useinsider.com https://perfectsencollector.com .google.com https://analytics.google.com .googleapis.com .googletagmanager.com; object-src .maybank2u.com.my; style-src 'self' 'unsafe-inline' .googleapis.com .google.com; style-src-elem 'self' 'unsafe-inline' .googleapis.com .google.com .gstatic.com; font-src .gstatic.com .maybank2u.com.my .google.com; script-src 'self' .maybank2u.com.my .google-analytics.com .googletagmanager.com .googlesyndication.com .googleapis.com 'unsafe-inline' 'unsafe-eval' .doubleclick.net .mbww.com .useinsider.com https://connect.facebook.net .googleadservices.com .google.com .gstatic.com; frame-src 'self' .maybank2u.com.my .useinsider.com https://unity.cadreon.com .doubleclick.net .youtube.com .google.com; img-src 'self' data: blob: .maybank2u.com.my https://emerchant.maybank2u.com.my:8443 .google-analytics.com .googlesyndication.com .doubleclick.net https://www.google.com https://www.google.com.my https://www.google.com.sg https://www.google.co.in https://www.google.co.id https://www.facebook.com/tr/ .useinsider.com www.maybank.com .gstatic.com .googleapis.com http://dbv47yu57n5vf.cloudfront.net https://perfectsencollector.com .amazonaws.com .oto.my .googletagmanager.com .youtube.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; MODE=BLOCK

Request headers

Referer: http://mexicohealthtravel.com/wp-admin/user/11820/M2ULogin.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 06:04:02 GMT
x-content-type-options: NOSNIFF
last-modified: Tue, 18 Jun 2019 07:42:31 GMT
server: none
etag: "b76-5d0895e7"
x-frame-options: SAMEORIGIN
content-type: image/gif
x-cnection: close
content-security-policy: default-src 'self' *.maybank2u.com.my *.google-analytics.com *.googlesyndication.com *.doubleclick.net *.useinsider.com https://perfectsencollector.com *.google.com https://analytics.google.com *.googleapis.com *.googletagmanager.com; object-src *.maybank2u.com.my; style-src 'self' 'unsafe-inline' *.googleapis.com *.google.com; style-src-elem 'self' 'unsafe-inline' *.googleapis.com *.google.com *.gstatic.com; font-src *.gstatic.com *.maybank2u.com.my *.google.com; script-src 'self' *.maybank2u.com.my *.google-analytics.com *.googletagmanager.com *.googlesyndication.com *.googleapis.com 'unsafe-inline' 'unsafe-eval' *.doubleclick.net *.mbww.com *.useinsider.com https://connect.facebook.net *.googleadservices.com *.google.com *.gstatic.com; frame-src 'self' *.maybank2u.com.my *.useinsider.com https://unity.cadreon.com *.doubleclick.net *.youtube.com *.google.com; img-src 'self' data: blob: *.maybank2u.com.my https://emerchant.maybank2u.com.my:8443 *.google-analytics.com *.googlesyndication.com *.doubleclick.net https://www.google.com https://www.google.com.my https://www.google.com.sg https://www.google.co.in https://www.google.co.id https://www.facebook.com/tr/ *.useinsider.com www.maybank.com *.gstatic.com *.googleapis.com http://dbv47yu57n5vf.cloudfront.net https://perfectsencollector.com *.amazonaws.com *.oto.my *.googletagmanager.com *.youtube.com
strict-transport-security: max-age=31536000 ; includeSubDomains
accept-ranges: bytes
content-length: 2934
x-xss-protection: 1; MODE=BLOCK

Redirect headers

Location: https://www.maybank2u.com.my/maybank_gif/loading.gif
Non-Authoritative-Reason: HSTS

GET
H2

200

print.css
www.maybank2u.com.my/maybank_css/
Redirect Chain

http://www.maybank2u.com.my/maybank_css/print.css
https://www.maybank2u.com.my/maybank_css/print.css

257 B
1 KB

26ms
26ms

Stylesheet
text/css

184.86.251.20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.maybank2u.com.my/maybank_css/print.css

Requested by

Host: mexicohealthtravel.com
URL: http://mexicohealthtravel.com/wp-admin/user/11820/M2ULogin.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.251.20 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-251-20.deploy.static.akamaitechnologies.com

Software

none /

Resource Hash

7085d7957d7a30c48f09b2bc381bfc509f929e7efa9fa49d2be94d5ac9acf84d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .maybank2u.com.my .google-analytics.com .googlesyndication.com .doubleclick.net .useinsider.com https://perfectsencollector.com .google.com https://analytics.google.com .googleapis.com .googletagmanager.com; object-src .maybank2u.com.my; style-src 'self' 'unsafe-inline' .googleapis.com .google.com; style-src-elem 'self' 'unsafe-inline' .googleapis.com .google.com .gstatic.com; font-src .gstatic.com .maybank2u.com.my .google.com; script-src 'self' .maybank2u.com.my .google-analytics.com .googletagmanager.com .googlesyndication.com .googleapis.com 'unsafe-inline' 'unsafe-eval' .doubleclick.net .mbww.com .useinsider.com https://connect.facebook.net .googleadservices.com .google.com .gstatic.com; frame-src 'self' .maybank2u.com.my .useinsider.com https://unity.cadreon.com .doubleclick.net .youtube.com .google.com; img-src 'self' data: blob: .maybank2u.com.my https://emerchant.maybank2u.com.my:8443 .google-analytics.com .googlesyndication.com .doubleclick.net https://www.google.com https://www.google.com.my https://www.google.com.sg https://www.google.co.in https://www.google.co.id https://www.facebook.com/tr/ .useinsider.com www.maybank.com .gstatic.com .googleapis.com http://dbv47yu57n5vf.cloudfront.net https://perfectsencollector.com .amazonaws.com .oto.my .googletagmanager.com .youtube.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; MODE=BLOCK

Request headers

Referer: http://mexicohealthtravel.com/wp-admin/user/11820/M2ULogin.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 06:04:02 GMT
content-encoding: gzip
x-content-type-options: NOSNIFF
last-modified: Wed, 07 Oct 2020 07:43:34 GMT
server: none
etag: W/"101-5f7d71a6"
x-frame-options: SAMEORIGIN
content-type: text/css
content-security-policy: default-src 'self' *.maybank2u.com.my *.google-analytics.com *.googlesyndication.com *.doubleclick.net *.useinsider.com https://perfectsencollector.com *.google.com https://analytics.google.com *.googleapis.com *.googletagmanager.com; object-src *.maybank2u.com.my; style-src 'self' 'unsafe-inline' *.googleapis.com *.google.com; style-src-elem 'self' 'unsafe-inline' *.googleapis.com *.google.com *.gstatic.com; font-src *.gstatic.com *.maybank2u.com.my *.google.com; script-src 'self' *.maybank2u.com.my *.google-analytics.com *.googletagmanager.com *.googlesyndication.com *.googleapis.com 'unsafe-inline' 'unsafe-eval' *.doubleclick.net *.mbww.com *.useinsider.com https://connect.facebook.net *.googleadservices.com *.google.com *.gstatic.com; frame-src 'self' *.maybank2u.com.my *.useinsider.com https://unity.cadreon.com *.doubleclick.net *.youtube.com *.google.com; img-src 'self' data: blob: *.maybank2u.com.my https://emerchant.maybank2u.com.my:8443 *.google-analytics.com *.googlesyndication.com *.doubleclick.net https://www.google.com https://www.google.com.my https://www.google.com.sg https://www.google.co.in https://www.google.co.id https://www.facebook.com/tr/ *.useinsider.com www.maybank.com *.gstatic.com *.googleapis.com http://dbv47yu57n5vf.cloudfront.net https://perfectsencollector.com *.amazonaws.com *.oto.my *.googletagmanager.com *.youtube.com
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
content-length: 209
x-xss-protection: 1; MODE=BLOCK

Redirect headers

Location: https://www.maybank2u.com.my/maybank_css/print.css
Non-Authoritative-Reason: HSTS

GET
H2

200

handheld.css
www.maybank2u.com.my/maybank_css/
Redirect Chain

http://www.maybank2u.com.my/maybank_css/handheld.css
https://www.maybank2u.com.my/maybank_css/handheld.css

25 B
1 KB

26ms
25ms

Stylesheet
text/css

184.86.251.20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.maybank2u.com.my/maybank_css/handheld.css

Requested by

Host: mexicohealthtravel.com
URL: http://mexicohealthtravel.com/wp-admin/user/11820/M2ULogin.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.251.20 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-251-20.deploy.static.akamaitechnologies.com

Software

none /

Resource Hash

a566826c585cf026621630099be51c79a993271c848f722c295ae988602f59e8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .maybank2u.com.my .google-analytics.com .googlesyndication.com .doubleclick.net .useinsider.com https://perfectsencollector.com .google.com https://analytics.google.com .googleapis.com .googletagmanager.com; object-src .maybank2u.com.my; style-src 'self' 'unsafe-inline' .googleapis.com .google.com; style-src-elem 'self' 'unsafe-inline' .googleapis.com .google.com .gstatic.com; font-src .gstatic.com .maybank2u.com.my .google.com; script-src 'self' .maybank2u.com.my .google-analytics.com .googletagmanager.com .googlesyndication.com .googleapis.com 'unsafe-inline' 'unsafe-eval' .doubleclick.net .mbww.com .useinsider.com https://connect.facebook.net .googleadservices.com .google.com .gstatic.com; frame-src 'self' .maybank2u.com.my .useinsider.com https://unity.cadreon.com .doubleclick.net .youtube.com .google.com; img-src 'self' data: blob: .maybank2u.com.my https://emerchant.maybank2u.com.my:8443 .google-analytics.com .googlesyndication.com .doubleclick.net https://www.google.com https://www.google.com.my https://www.google.com.sg https://www.google.co.in https://www.google.co.id https://www.facebook.com/tr/ .useinsider.com www.maybank.com .gstatic.com .googleapis.com http://dbv47yu57n5vf.cloudfront.net https://perfectsencollector.com .amazonaws.com .oto.my .googletagmanager.com .youtube.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; MODE=BLOCK

Request headers

Referer: http://mexicohealthtravel.com/wp-admin/user/11820/M2ULogin.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 06:04:02 GMT
content-encoding: gzip
x-content-type-options: NOSNIFF
last-modified: Wed, 07 Oct 2020 07:43:33 GMT
server: none
etag: W/"19-5f7d71a5"
x-frame-options: SAMEORIGIN
content-type: text/css
content-security-policy: default-src 'self' *.maybank2u.com.my *.google-analytics.com *.googlesyndication.com *.doubleclick.net *.useinsider.com https://perfectsencollector.com *.google.com https://analytics.google.com *.googleapis.com *.googletagmanager.com; object-src *.maybank2u.com.my; style-src 'self' 'unsafe-inline' *.googleapis.com *.google.com; style-src-elem 'self' 'unsafe-inline' *.googleapis.com *.google.com *.gstatic.com; font-src *.gstatic.com *.maybank2u.com.my *.google.com; script-src 'self' *.maybank2u.com.my *.google-analytics.com *.googletagmanager.com *.googlesyndication.com *.googleapis.com 'unsafe-inline' 'unsafe-eval' *.doubleclick.net *.mbww.com *.useinsider.com https://connect.facebook.net *.googleadservices.com *.google.com *.gstatic.com; frame-src 'self' *.maybank2u.com.my *.useinsider.com https://unity.cadreon.com *.doubleclick.net *.youtube.com *.google.com; img-src 'self' data: blob: *.maybank2u.com.my https://emerchant.maybank2u.com.my:8443 *.google-analytics.com *.googlesyndication.com *.doubleclick.net https://www.google.com https://www.google.com.my https://www.google.com.sg https://www.google.co.in https://www.google.co.id https://www.facebook.com/tr/ *.useinsider.com www.maybank.com *.gstatic.com *.googleapis.com http://dbv47yu57n5vf.cloudfront.net https://perfectsencollector.com *.amazonaws.com *.oto.my *.googletagmanager.com *.youtube.com
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
content-length: 45
x-xss-protection: 1; MODE=BLOCK

Redirect headers

Location: https://www.maybank2u.com.my/maybank_css/handheld.css
Non-Authoritative-Reason: HSTS

GET
H2

200

forgotpw_btn.jpg
www.maybank2u.com.my/maybank_gif/login/
Redirect Chain

http://www.maybank2u.com.my/maybank_gif/login/forgotpw_btn.jpg
https://www.maybank2u.com.my/maybank_gif/login/forgotpw_btn.jpg

6 KB
7 KB

26ms
25ms

Image
image/jpeg

184.86.251.20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.maybank2u.com.my/maybank_gif/login/forgotpw_btn.jpg

Requested by

Host: mexicohealthtravel.com
URL: http://mexicohealthtravel.com/wp-admin/user/11820/M2ULogin.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.251.20 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-251-20.deploy.static.akamaitechnologies.com

Software

none /

Resource Hash

40b470833a89aee964f94d2c3373a58821d23ec1475024b3edaffd467efc6af1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .maybank2u.com.my .google-analytics.com .googlesyndication.com .doubleclick.net .useinsider.com https://perfectsencollector.com .google.com https://analytics.google.com .googleapis.com .googletagmanager.com; object-src .maybank2u.com.my; style-src 'self' 'unsafe-inline' .googleapis.com .google.com; style-src-elem 'self' 'unsafe-inline' .googleapis.com .google.com .gstatic.com; font-src .gstatic.com .maybank2u.com.my .google.com; script-src 'self' .maybank2u.com.my .google-analytics.com .googletagmanager.com .googlesyndication.com .googleapis.com 'unsafe-inline' 'unsafe-eval' .doubleclick.net .mbww.com .useinsider.com https://connect.facebook.net .googleadservices.com .google.com .gstatic.com; frame-src 'self' .maybank2u.com.my .useinsider.com https://unity.cadreon.com .doubleclick.net .youtube.com .google.com; img-src 'self' data: blob: .maybank2u.com.my https://emerchant.maybank2u.com.my:8443 .google-analytics.com .googlesyndication.com .doubleclick.net https://www.google.com https://www.google.com.my https://www.google.com.sg https://www.google.co.in https://www.google.co.id https://www.facebook.com/tr/ .useinsider.com www.maybank.com .gstatic.com .googleapis.com http://dbv47yu57n5vf.cloudfront.net https://perfectsencollector.com .amazonaws.com .oto.my .googletagmanager.com .youtube.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; MODE=BLOCK

Request headers

Referer: http://mexicohealthtravel.com/wp-admin/user/11820/M2ULogin.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 06:04:02 GMT
x-content-type-options: NOSNIFF
last-modified: Thu, 13 Jan 2011 12:19:35 GMT
server: none
etag: "1672-4d2eedd7"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
content-security-policy: default-src 'self' *.maybank2u.com.my *.google-analytics.com *.googlesyndication.com *.doubleclick.net *.useinsider.com https://perfectsencollector.com *.google.com https://analytics.google.com *.googleapis.com *.googletagmanager.com; object-src *.maybank2u.com.my; style-src 'self' 'unsafe-inline' *.googleapis.com *.google.com; style-src-elem 'self' 'unsafe-inline' *.googleapis.com *.google.com *.gstatic.com; font-src *.gstatic.com *.maybank2u.com.my *.google.com; script-src 'self' *.maybank2u.com.my *.google-analytics.com *.googletagmanager.com *.googlesyndication.com *.googleapis.com 'unsafe-inline' 'unsafe-eval' *.doubleclick.net *.mbww.com *.useinsider.com https://connect.facebook.net *.googleadservices.com *.google.com *.gstatic.com; frame-src 'self' *.maybank2u.com.my *.useinsider.com https://unity.cadreon.com *.doubleclick.net *.youtube.com *.google.com; img-src 'self' data: blob: *.maybank2u.com.my https://emerchant.maybank2u.com.my:8443 *.google-analytics.com *.googlesyndication.com *.doubleclick.net https://www.google.com https://www.google.com.my https://www.google.com.sg https://www.google.co.in https://www.google.co.id https://www.facebook.com/tr/ *.useinsider.com www.maybank.com *.gstatic.com *.googleapis.com http://dbv47yu57n5vf.cloudfront.net https://perfectsencollector.com *.amazonaws.com *.oto.my *.googletagmanager.com *.youtube.com
strict-transport-security: max-age=31536000 ; includeSubDomains
accept-ranges: bytes
content-length: 5746
x-xss-protection: 1; MODE=BLOCK

Redirect headers

Location: https://www.maybank2u.com.my/maybank_gif/login/forgotpw_btn.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

firstlog_btn.jpg
www.maybank2u.com.my/maybank_gif/login/
Redirect Chain

http://www.maybank2u.com.my/maybank_gif/login/firstlog_btn.jpg
https://www.maybank2u.com.my/maybank_gif/login/firstlog_btn.jpg

6 KB
7 KB

28ms
27ms

Image
image/jpeg

184.86.251.20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.maybank2u.com.my/maybank_gif/login/firstlog_btn.jpg

Requested by

Host: mexicohealthtravel.com
URL: http://mexicohealthtravel.com/wp-admin/user/11820/M2ULogin.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.251.20 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-251-20.deploy.static.akamaitechnologies.com

Software

none /

Resource Hash

8e761aa75728a1a397d34bd5527c4f2cbffb0fcc358e2c4dd84bc0e4628ec7aa

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .maybank2u.com.my .google-analytics.com .googlesyndication.com .doubleclick.net .useinsider.com https://perfectsencollector.com .google.com https://analytics.google.com .googleapis.com .googletagmanager.com; object-src .maybank2u.com.my; style-src 'self' 'unsafe-inline' .googleapis.com .google.com; style-src-elem 'self' 'unsafe-inline' .googleapis.com .google.com .gstatic.com; font-src .gstatic.com .maybank2u.com.my .google.com; script-src 'self' .maybank2u.com.my .google-analytics.com .googletagmanager.com .googlesyndication.com .googleapis.com 'unsafe-inline' 'unsafe-eval' .doubleclick.net .mbww.com .useinsider.com https://connect.facebook.net .googleadservices.com .google.com .gstatic.com; frame-src 'self' .maybank2u.com.my .useinsider.com https://unity.cadreon.com .doubleclick.net .youtube.com .google.com; img-src 'self' data: blob: .maybank2u.com.my https://emerchant.maybank2u.com.my:8443 .google-analytics.com .googlesyndication.com .doubleclick.net https://www.google.com https://www.google.com.my https://www.google.com.sg https://www.google.co.in https://www.google.co.id https://www.facebook.com/tr/ .useinsider.com www.maybank.com .gstatic.com .googleapis.com http://dbv47yu57n5vf.cloudfront.net https://perfectsencollector.com .amazonaws.com .oto.my .googletagmanager.com .youtube.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; MODE=BLOCK

Request headers

Referer: http://mexicohealthtravel.com/wp-admin/user/11820/M2ULogin.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 06:04:02 GMT
x-content-type-options: NOSNIFF
last-modified: Thu, 13 Jan 2011 12:19:35 GMT
server: none
etag: "1735-4d2eedd7"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
content-security-policy: default-src 'self' *.maybank2u.com.my *.google-analytics.com *.googlesyndication.com *.doubleclick.net *.useinsider.com https://perfectsencollector.com *.google.com https://analytics.google.com *.googleapis.com *.googletagmanager.com; object-src *.maybank2u.com.my; style-src 'self' 'unsafe-inline' *.googleapis.com *.google.com; style-src-elem 'self' 'unsafe-inline' *.googleapis.com *.google.com *.gstatic.com; font-src *.gstatic.com *.maybank2u.com.my *.google.com; script-src 'self' *.maybank2u.com.my *.google-analytics.com *.googletagmanager.com *.googlesyndication.com *.googleapis.com 'unsafe-inline' 'unsafe-eval' *.doubleclick.net *.mbww.com *.useinsider.com https://connect.facebook.net *.googleadservices.com *.google.com *.gstatic.com; frame-src 'self' *.maybank2u.com.my *.useinsider.com https://unity.cadreon.com *.doubleclick.net *.youtube.com *.google.com; img-src 'self' data: blob: *.maybank2u.com.my https://emerchant.maybank2u.com.my:8443 *.google-analytics.com *.googlesyndication.com *.doubleclick.net https://www.google.com https://www.google.com.my https://www.google.com.sg https://www.google.co.in https://www.google.co.id https://www.facebook.com/tr/ *.useinsider.com www.maybank.com *.gstatic.com *.googleapis.com http://dbv47yu57n5vf.cloudfront.net https://perfectsencollector.com *.amazonaws.com *.oto.my *.googletagmanager.com *.youtube.com
strict-transport-security: max-age=31536000 ; includeSubDomains
accept-ranges: bytes
content-length: 5941
x-xss-protection: 1; MODE=BLOCK

Redirect headers

Location: https://www.maybank2u.com.my/maybank_gif/login/firstlog_btn.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

onstock_icn.jpg
www.maybank2u.com.my/maybank_gif/login/
Redirect Chain

http://www.maybank2u.com.my/maybank_gif/login/onstock_icn.jpg
https://www.maybank2u.com.my/maybank_gif/login/onstock_icn.jpg

611 B
2 KB

32ms
32ms

Image
image/jpeg

184.86.251.20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.maybank2u.com.my/maybank_gif/login/onstock_icn.jpg

Requested by

Host: mexicohealthtravel.com
URL: http://mexicohealthtravel.com/wp-admin/user/11820/M2ULogin.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.251.20 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-251-20.deploy.static.akamaitechnologies.com

Software

none /

Resource Hash

49d7b734beb5b97e02a0d135fe17196a738cf6370e9ca01e75fe2d0574f69e52

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .maybank2u.com.my .google-analytics.com .googlesyndication.com .doubleclick.net .useinsider.com https://perfectsencollector.com .google.com https://analytics.google.com .googleapis.com .googletagmanager.com; object-src .maybank2u.com.my; style-src 'self' 'unsafe-inline' .googleapis.com .google.com; style-src-elem 'self' 'unsafe-inline' .googleapis.com .google.com .gstatic.com; font-src .gstatic.com .maybank2u.com.my .google.com; script-src 'self' .maybank2u.com.my .google-analytics.com .googletagmanager.com .googlesyndication.com .googleapis.com 'unsafe-inline' 'unsafe-eval' .doubleclick.net .mbww.com .useinsider.com https://connect.facebook.net .googleadservices.com .google.com .gstatic.com; frame-src 'self' .maybank2u.com.my .useinsider.com https://unity.cadreon.com .doubleclick.net .youtube.com .google.com; img-src 'self' data: blob: .maybank2u.com.my https://emerchant.maybank2u.com.my:8443 .google-analytics.com .googlesyndication.com .doubleclick.net https://www.google.com https://www.google.com.my https://www.google.com.sg https://www.google.co.in https://www.google.co.id https://www.facebook.com/tr/ .useinsider.com www.maybank.com .gstatic.com .googleapis.com http://dbv47yu57n5vf.cloudfront.net https://perfectsencollector.com .amazonaws.com .oto.my .googletagmanager.com .youtube.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; MODE=BLOCK

Request headers

Referer: http://mexicohealthtravel.com/wp-admin/user/11820/M2ULogin.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 06:04:02 GMT
x-content-type-options: NOSNIFF
last-modified: Thu, 13 Jan 2011 12:19:35 GMT
server: none
etag: "263-4d2eedd7"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
content-security-policy: default-src 'self' *.maybank2u.com.my *.google-analytics.com *.googlesyndication.com *.doubleclick.net *.useinsider.com https://perfectsencollector.com *.google.com https://analytics.google.com *.googleapis.com *.googletagmanager.com; object-src *.maybank2u.com.my; style-src 'self' 'unsafe-inline' *.googleapis.com *.google.com; style-src-elem 'self' 'unsafe-inline' *.googleapis.com *.google.com *.gstatic.com; font-src *.gstatic.com *.maybank2u.com.my *.google.com; script-src 'self' *.maybank2u.com.my *.google-analytics.com *.googletagmanager.com *.googlesyndication.com *.googleapis.com 'unsafe-inline' 'unsafe-eval' *.doubleclick.net *.mbww.com *.useinsider.com https://connect.facebook.net *.googleadservices.com *.google.com *.gstatic.com; frame-src 'self' *.maybank2u.com.my *.useinsider.com https://unity.cadreon.com *.doubleclick.net *.youtube.com *.google.com; img-src 'self' data: blob: *.maybank2u.com.my https://emerchant.maybank2u.com.my:8443 *.google-analytics.com *.googlesyndication.com *.doubleclick.net https://www.google.com https://www.google.com.my https://www.google.com.sg https://www.google.co.in https://www.google.co.id https://www.facebook.com/tr/ *.useinsider.com www.maybank.com *.gstatic.com *.googleapis.com http://dbv47yu57n5vf.cloudfront.net https://perfectsencollector.com *.amazonaws.com *.oto.my *.googletagmanager.com *.youtube.com
strict-transport-security: max-age=31536000 ; includeSubDomains
accept-ranges: bytes
content-length: 611
x-xss-protection: 1; MODE=BLOCK

Redirect headers

Location: https://www.maybank2u.com.my/maybank_gif/login/onstock_icn.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

ssafe_icn.jpg
www.maybank2u.com.my/maybank_gif/login/
Redirect Chain

http://www.maybank2u.com.my/maybank_gif/login/ssafe_icn.jpg
https://www.maybank2u.com.my/maybank_gif/login/ssafe_icn.jpg

781 B
2 KB

33ms
32ms

Image
image/jpeg

184.86.251.20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.maybank2u.com.my/maybank_gif/login/ssafe_icn.jpg

Requested by

Host: mexicohealthtravel.com
URL: http://mexicohealthtravel.com/wp-admin/user/11820/M2ULogin.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.251.20 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-251-20.deploy.static.akamaitechnologies.com

Software

none /

Resource Hash

61b2b80fada5f2058e1486b6eae2640477cd3af3976eabefe7e4d9c278e48999

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .maybank2u.com.my .google-analytics.com .googlesyndication.com .doubleclick.net .useinsider.com https://perfectsencollector.com .google.com https://analytics.google.com .googleapis.com .googletagmanager.com; object-src .maybank2u.com.my; style-src 'self' 'unsafe-inline' .googleapis.com .google.com; style-src-elem 'self' 'unsafe-inline' .googleapis.com .google.com .gstatic.com; font-src .gstatic.com .maybank2u.com.my .google.com; script-src 'self' .maybank2u.com.my .google-analytics.com .googletagmanager.com .googlesyndication.com .googleapis.com 'unsafe-inline' 'unsafe-eval' .doubleclick.net .mbww.com .useinsider.com https://connect.facebook.net .googleadservices.com .google.com .gstatic.com; frame-src 'self' .maybank2u.com.my .useinsider.com https://unity.cadreon.com .doubleclick.net .youtube.com .google.com; img-src 'self' data: blob: .maybank2u.com.my https://emerchant.maybank2u.com.my:8443 .google-analytics.com .googlesyndication.com .doubleclick.net https://www.google.com https://www.google.com.my https://www.google.com.sg https://www.google.co.in https://www.google.co.id https://www.facebook.com/tr/ .useinsider.com www.maybank.com .gstatic.com .googleapis.com http://dbv47yu57n5vf.cloudfront.net https://perfectsencollector.com .amazonaws.com .oto.my .googletagmanager.com .youtube.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; MODE=BLOCK

Request headers

Referer: http://mexicohealthtravel.com/wp-admin/user/11820/M2ULogin.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 06:04:02 GMT
x-content-type-options: NOSNIFF
last-modified: Fri, 02 Oct 2020 02:41:55 GMT
server: none
etag: "30d-5f769373"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-cnection: close
content-security-policy: default-src 'self' *.maybank2u.com.my *.google-analytics.com *.googlesyndication.com *.doubleclick.net *.useinsider.com https://perfectsencollector.com *.google.com https://analytics.google.com *.googleapis.com *.googletagmanager.com; object-src *.maybank2u.com.my; style-src 'self' 'unsafe-inline' *.googleapis.com *.google.com; style-src-elem 'self' 'unsafe-inline' *.googleapis.com *.google.com *.gstatic.com; font-src *.gstatic.com *.maybank2u.com.my *.google.com; script-src 'self' *.maybank2u.com.my *.google-analytics.com *.googletagmanager.com *.googlesyndication.com *.googleapis.com 'unsafe-inline' 'unsafe-eval' *.doubleclick.net *.mbww.com *.useinsider.com https://connect.facebook.net *.googleadservices.com *.google.com *.gstatic.com; frame-src 'self' *.maybank2u.com.my *.useinsider.com https://unity.cadreon.com *.doubleclick.net *.youtube.com *.google.com; img-src 'self' data: blob: *.maybank2u.com.my https://emerchant.maybank2u.com.my:8443 *.google-analytics.com *.googlesyndication.com *.doubleclick.net https://www.google.com https://www.google.com.my https://www.google.com.sg https://www.google.co.in https://www.google.co.id https://www.facebook.com/tr/ *.useinsider.com www.maybank.com *.gstatic.com *.googleapis.com http://dbv47yu57n5vf.cloudfront.net https://perfectsencollector.com *.amazonaws.com *.oto.my *.googletagmanager.com *.youtube.com
strict-transport-security: max-age=31536000 ; includeSubDomains
accept-ranges: bytes
content-length: 781
x-xss-protection: 1; MODE=BLOCK

Redirect headers

Location: https://www.maybank2u.com.my/maybank_gif/login/ssafe_icn.jpg
Non-Authoritative-Reason: HSTS

GET
H2

200

spacer.gif
www.maybank2u.com.my/maybank_gif/s_images/
Redirect Chain

http://www.maybank2u.com.my/maybank_gif/s_images/spacer.gif
https://www.maybank2u.com.my/maybank_gif/s_images/spacer.gif

67 B
1 KB

39ms
38ms

Image
image/gif

184.86.251.20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.maybank2u.com.my/maybank_gif/s_images/spacer.gif

Requested by

Host: mexicohealthtravel.com
URL: http://mexicohealthtravel.com/wp-admin/user/11820/M2ULogin.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.251.20 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-251-20.deploy.static.akamaitechnologies.com

Software

none /

Resource Hash

09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .maybank2u.com.my .google-analytics.com .googlesyndication.com .doubleclick.net .useinsider.com https://perfectsencollector.com .google.com https://analytics.google.com .googleapis.com .googletagmanager.com; object-src .maybank2u.com.my; style-src 'self' 'unsafe-inline' .googleapis.com .google.com; style-src-elem 'self' 'unsafe-inline' .googleapis.com .google.com .gstatic.com; font-src .gstatic.com .maybank2u.com.my .google.com; script-src 'self' .maybank2u.com.my .google-analytics.com .googletagmanager.com .googlesyndication.com .googleapis.com 'unsafe-inline' 'unsafe-eval' .doubleclick.net .mbww.com .useinsider.com https://connect.facebook.net .googleadservices.com .google.com .gstatic.com; frame-src 'self' .maybank2u.com.my .useinsider.com https://unity.cadreon.com .doubleclick.net .youtube.com .google.com; img-src 'self' data: blob: .maybank2u.com.my https://emerchant.maybank2u.com.my:8443 .google-analytics.com .googlesyndication.com .doubleclick.net https://www.google.com https://www.google.com.my https://www.google.com.sg https://www.google.co.in https://www.google.co.id https://www.facebook.com/tr/ .useinsider.com www.maybank.com .gstatic.com .googleapis.com http://dbv47yu57n5vf.cloudfront.net https://perfectsencollector.com .amazonaws.com .oto.my .googletagmanager.com .youtube.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; MODE=BLOCK

Request headers

Referer: http://mexicohealthtravel.com/wp-admin/user/11820/M2ULogin.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 06:04:02 GMT
x-content-type-options: NOSNIFF
last-modified: Tue, 18 Jun 2019 07:42:55 GMT
server: none
etag: "43-5d0895ff"
x-frame-options: SAMEORIGIN
content-type: image/gif
x-cnection: close
content-security-policy: default-src 'self' *.maybank2u.com.my *.google-analytics.com *.googlesyndication.com *.doubleclick.net *.useinsider.com https://perfectsencollector.com *.google.com https://analytics.google.com *.googleapis.com *.googletagmanager.com; object-src *.maybank2u.com.my; style-src 'self' 'unsafe-inline' *.googleapis.com *.google.com; style-src-elem 'self' 'unsafe-inline' *.googleapis.com *.google.com *.gstatic.com; font-src *.gstatic.com *.maybank2u.com.my *.google.com; script-src 'self' *.maybank2u.com.my *.google-analytics.com *.googletagmanager.com *.googlesyndication.com *.googleapis.com 'unsafe-inline' 'unsafe-eval' *.doubleclick.net *.mbww.com *.useinsider.com https://connect.facebook.net *.googleadservices.com *.google.com *.gstatic.com; frame-src 'self' *.maybank2u.com.my *.useinsider.com https://unity.cadreon.com *.doubleclick.net *.youtube.com *.google.com; img-src 'self' data: blob: *.maybank2u.com.my https://emerchant.maybank2u.com.my:8443 *.google-analytics.com *.googlesyndication.com *.doubleclick.net https://www.google.com https://www.google.com.my https://www.google.com.sg https://www.google.co.in https://www.google.co.id https://www.facebook.com/tr/ *.useinsider.com www.maybank.com *.gstatic.com *.googleapis.com http://dbv47yu57n5vf.cloudfront.net https://perfectsencollector.com *.amazonaws.com *.oto.my *.googletagmanager.com *.youtube.com
strict-transport-security: max-age=31536000 ; includeSubDomains
accept-ranges: bytes
content-length: 67
x-xss-protection: 1; MODE=BLOCK

Redirect headers

Location: https://www.maybank2u.com.my/maybank_gif/s_images/spacer.gif
Non-Authoritative-Reason: HSTS

GET
H2

200

seal2.gif
www.maybank2u.com.my/maybank_gif/image/
Redirect Chain

http://www.maybank2u.com.my/maybank_gif/image/seal2.gif
https://www.maybank2u.com.my/maybank_gif/image/seal2.gif

5 KB
6 KB

39ms
38ms

Image
image/gif

184.86.251.20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.maybank2u.com.my/maybank_gif/image/seal2.gif

Requested by

Host: mexicohealthtravel.com
URL: http://mexicohealthtravel.com/wp-admin/user/11820/M2ULogin.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.251.20 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-251-20.deploy.static.akamaitechnologies.com

Software

none /

Resource Hash

fc9d7106f922e72e7f85517b56f1ee39bd1726e786f44f26bba67bfef2526586

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .maybank2u.com.my .google-analytics.com .googlesyndication.com .doubleclick.net .useinsider.com https://perfectsencollector.com .google.com https://analytics.google.com .googleapis.com .googletagmanager.com; object-src .maybank2u.com.my; style-src 'self' 'unsafe-inline' .googleapis.com .google.com; style-src-elem 'self' 'unsafe-inline' .googleapis.com .google.com .gstatic.com; font-src .gstatic.com .maybank2u.com.my .google.com; script-src 'self' .maybank2u.com.my .google-analytics.com .googletagmanager.com .googlesyndication.com .googleapis.com 'unsafe-inline' 'unsafe-eval' .doubleclick.net .mbww.com .useinsider.com https://connect.facebook.net .googleadservices.com .google.com .gstatic.com; frame-src 'self' .maybank2u.com.my .useinsider.com https://unity.cadreon.com .doubleclick.net .youtube.com .google.com; img-src 'self' data: blob: .maybank2u.com.my https://emerchant.maybank2u.com.my:8443 .google-analytics.com .googlesyndication.com .doubleclick.net https://www.google.com https://www.google.com.my https://www.google.com.sg https://www.google.co.in https://www.google.co.id https://www.facebook.com/tr/ .useinsider.com www.maybank.com .gstatic.com .googleapis.com http://dbv47yu57n5vf.cloudfront.net https://perfectsencollector.com .amazonaws.com .oto.my .googletagmanager.com .youtube.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; MODE=BLOCK

Request headers

Referer: http://mexicohealthtravel.com/wp-admin/user/11820/M2ULogin.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 06:04:02 GMT
x-content-type-options: NOSNIFF
last-modified: Tue, 18 Jun 2019 07:42:36 GMT
server: none
etag: "143c-5d0895ec"
x-frame-options: SAMEORIGIN
content-type: image/gif
content-security-policy: default-src 'self' *.maybank2u.com.my *.google-analytics.com *.googlesyndication.com *.doubleclick.net *.useinsider.com https://perfectsencollector.com *.google.com https://analytics.google.com *.googleapis.com *.googletagmanager.com; object-src *.maybank2u.com.my; style-src 'self' 'unsafe-inline' *.googleapis.com *.google.com; style-src-elem 'self' 'unsafe-inline' *.googleapis.com *.google.com *.gstatic.com; font-src *.gstatic.com *.maybank2u.com.my *.google.com; script-src 'self' *.maybank2u.com.my *.google-analytics.com *.googletagmanager.com *.googlesyndication.com *.googleapis.com 'unsafe-inline' 'unsafe-eval' *.doubleclick.net *.mbww.com *.useinsider.com https://connect.facebook.net *.googleadservices.com *.google.com *.gstatic.com; frame-src 'self' *.maybank2u.com.my *.useinsider.com https://unity.cadreon.com *.doubleclick.net *.youtube.com *.google.com; img-src 'self' data: blob: *.maybank2u.com.my https://emerchant.maybank2u.com.my:8443 *.google-analytics.com *.googlesyndication.com *.doubleclick.net https://www.google.com https://www.google.com.my https://www.google.com.sg https://www.google.co.in https://www.google.co.id https://www.facebook.com/tr/ *.useinsider.com www.maybank.com *.gstatic.com *.googleapis.com http://dbv47yu57n5vf.cloudfront.net https://perfectsencollector.com *.amazonaws.com *.oto.my *.googletagmanager.com *.youtube.com
strict-transport-security: max-age=31536000 ; includeSubDomains
accept-ranges: bytes
content-length: 5180
x-xss-protection: 1; MODE=BLOCK

Redirect headers

Location: https://www.maybank2u.com.my/maybank_gif/image/seal2.gif
Non-Authoritative-Reason: HSTS

GET
H2 200 body.gif
www.maybank2u.com.my/maybank_gif/ 114 B
1 KB 31ms
27ms Image
image/gif 184.86.251.20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.maybank2u.com.my/maybank_gif/body.gif

Requested by

Host: www.maybank2u.com.my
URL: https://www.maybank2u.com.my/maybank_css/screen.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.251.20 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-251-20.deploy.static.akamaitechnologies.com

Software

none /

Resource Hash

50b7ec80afd3ae69594805baba1872d337bdf84cf435f9c3d2fa6199aadad838

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .maybank2u.com.my .google-analytics.com .googlesyndication.com .doubleclick.net .useinsider.com https://perfectsencollector.com .google.com https://analytics.google.com .googleapis.com .googletagmanager.com; object-src .maybank2u.com.my; style-src 'self' 'unsafe-inline' .googleapis.com .google.com; style-src-elem 'self' 'unsafe-inline' .googleapis.com .google.com .gstatic.com; font-src .gstatic.com .maybank2u.com.my .google.com; script-src 'self' .maybank2u.com.my .google-analytics.com .googletagmanager.com .googlesyndication.com .googleapis.com 'unsafe-inline' 'unsafe-eval' .doubleclick.net .mbww.com .useinsider.com https://connect.facebook.net .googleadservices.com .google.com .gstatic.com; frame-src 'self' .maybank2u.com.my .useinsider.com https://unity.cadreon.com .doubleclick.net .youtube.com .google.com; img-src 'self' data: blob: .maybank2u.com.my https://emerchant.maybank2u.com.my:8443 .google-analytics.com .googlesyndication.com .doubleclick.net https://www.google.com https://www.google.com.my https://www.google.com.sg https://www.google.co.in https://www.google.co.id https://www.facebook.com/tr/ .useinsider.com www.maybank.com .gstatic.com .googleapis.com http://dbv47yu57n5vf.cloudfront.net https://perfectsencollector.com .amazonaws.com .oto.my .googletagmanager.com .youtube.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; MODE=BLOCK

Request headers

Referer: https://www.maybank2u.com.my/maybank_css/screen.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 06:04:02 GMT
x-content-type-options: NOSNIFF
last-modified: Fri, 07 Feb 2020 09:51:09 GMT
server: none
etag: "72-5e3d330d"
x-frame-options: SAMEORIGIN
content-type: image/gif
x-cnection: close
content-security-policy: default-src 'self' *.maybank2u.com.my *.google-analytics.com *.googlesyndication.com *.doubleclick.net *.useinsider.com https://perfectsencollector.com *.google.com https://analytics.google.com *.googleapis.com *.googletagmanager.com; object-src *.maybank2u.com.my; style-src 'self' 'unsafe-inline' *.googleapis.com *.google.com; style-src-elem 'self' 'unsafe-inline' *.googleapis.com *.google.com *.gstatic.com; font-src *.gstatic.com *.maybank2u.com.my *.google.com; script-src 'self' *.maybank2u.com.my *.google-analytics.com *.googletagmanager.com *.googlesyndication.com *.googleapis.com 'unsafe-inline' 'unsafe-eval' *.doubleclick.net *.mbww.com *.useinsider.com https://connect.facebook.net *.googleadservices.com *.google.com *.gstatic.com; frame-src 'self' *.maybank2u.com.my *.useinsider.com https://unity.cadreon.com *.doubleclick.net *.youtube.com *.google.com; img-src 'self' data: blob: *.maybank2u.com.my https://emerchant.maybank2u.com.my:8443 *.google-analytics.com *.googlesyndication.com *.doubleclick.net https://www.google.com https://www.google.com.my https://www.google.com.sg https://www.google.co.in https://www.google.co.id https://www.facebook.com/tr/ *.useinsider.com www.maybank.com *.gstatic.com *.googleapis.com http://dbv47yu57n5vf.cloudfront.net https://perfectsencollector.com *.amazonaws.com *.oto.my *.googletagmanager.com *.youtube.com
strict-transport-security: max-age=31536000 ; includeSubDomains
accept-ranges: bytes
content-length: 114
x-xss-protection: 1; MODE=BLOCK

GET
H2 200 wrap.gif
www.maybank2u.com.my/maybank_gif/ 117 B
1 KB 31ms
27ms Image
image/gif 184.86.251.20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.maybank2u.com.my/maybank_gif/wrap.gif

Requested by

Host: www.maybank2u.com.my
URL: https://www.maybank2u.com.my/maybank_css/screen.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.251.20 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-251-20.deploy.static.akamaitechnologies.com

Software

none /

Resource Hash

946f140038a3cf0593f81190b2c43ace270f851858f6519af3f54c536d751437

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .maybank2u.com.my .google-analytics.com .googlesyndication.com .doubleclick.net .useinsider.com https://perfectsencollector.com .google.com https://analytics.google.com .googleapis.com .googletagmanager.com; object-src .maybank2u.com.my; style-src 'self' 'unsafe-inline' .googleapis.com .google.com; style-src-elem 'self' 'unsafe-inline' .googleapis.com .google.com .gstatic.com; font-src .gstatic.com .maybank2u.com.my .google.com; script-src 'self' .maybank2u.com.my .google-analytics.com .googletagmanager.com .googlesyndication.com .googleapis.com 'unsafe-inline' 'unsafe-eval' .doubleclick.net .mbww.com .useinsider.com https://connect.facebook.net .googleadservices.com .google.com .gstatic.com; frame-src 'self' .maybank2u.com.my .useinsider.com https://unity.cadreon.com .doubleclick.net .youtube.com .google.com; img-src 'self' data: blob: .maybank2u.com.my https://emerchant.maybank2u.com.my:8443 .google-analytics.com .googlesyndication.com .doubleclick.net https://www.google.com https://www.google.com.my https://www.google.com.sg https://www.google.co.in https://www.google.co.id https://www.facebook.com/tr/ .useinsider.com www.maybank.com .gstatic.com .googleapis.com http://dbv47yu57n5vf.cloudfront.net https://perfectsencollector.com .amazonaws.com .oto.my .googletagmanager.com .youtube.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; MODE=BLOCK

Request headers

Referer: https://www.maybank2u.com.my/maybank_css/screen.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 06:04:02 GMT
x-content-type-options: NOSNIFF
last-modified: Tue, 18 Jun 2019 07:42:31 GMT
server: none
etag: "75-5d0895e7"
x-frame-options: SAMEORIGIN
content-type: image/gif
content-security-policy: default-src 'self' *.maybank2u.com.my *.google-analytics.com *.googlesyndication.com *.doubleclick.net *.useinsider.com https://perfectsencollector.com *.google.com https://analytics.google.com *.googleapis.com *.googletagmanager.com; object-src *.maybank2u.com.my; style-src 'self' 'unsafe-inline' *.googleapis.com *.google.com; style-src-elem 'self' 'unsafe-inline' *.googleapis.com *.google.com *.gstatic.com; font-src *.gstatic.com *.maybank2u.com.my *.google.com; script-src 'self' *.maybank2u.com.my *.google-analytics.com *.googletagmanager.com *.googlesyndication.com *.googleapis.com 'unsafe-inline' 'unsafe-eval' *.doubleclick.net *.mbww.com *.useinsider.com https://connect.facebook.net *.googleadservices.com *.google.com *.gstatic.com; frame-src 'self' *.maybank2u.com.my *.useinsider.com https://unity.cadreon.com *.doubleclick.net *.youtube.com *.google.com; img-src 'self' data: blob: *.maybank2u.com.my https://emerchant.maybank2u.com.my:8443 *.google-analytics.com *.googlesyndication.com *.doubleclick.net https://www.google.com https://www.google.com.my https://www.google.com.sg https://www.google.co.in https://www.google.co.id https://www.facebook.com/tr/ *.useinsider.com www.maybank.com *.gstatic.com *.googleapis.com http://dbv47yu57n5vf.cloudfront.net https://perfectsencollector.com *.amazonaws.com *.oto.my *.googletagmanager.com *.youtube.com
strict-transport-security: max-age=31536000 ; includeSubDomains
accept-ranges: bytes
content-length: 117
x-xss-protection: 1; MODE=BLOCK

GET
H2 200 content.gif
www.maybank2u.com.my/maybank_gif/ 854 B
2 KB 35ms
33ms Image
image/gif 184.86.251.20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.maybank2u.com.my/maybank_gif/content.gif

Requested by

Host: www.maybank2u.com.my
URL: https://www.maybank2u.com.my/maybank_css/screen.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.251.20 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-251-20.deploy.static.akamaitechnologies.com

Software

none /

Resource Hash

ba426ff590960d0fd5952d41c8418eb209e727f847e7455593ea9da223285bf1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .maybank2u.com.my .google-analytics.com .googlesyndication.com .doubleclick.net .useinsider.com https://perfectsencollector.com .google.com https://analytics.google.com .googleapis.com .googletagmanager.com; object-src .maybank2u.com.my; style-src 'self' 'unsafe-inline' .googleapis.com .google.com; style-src-elem 'self' 'unsafe-inline' .googleapis.com .google.com .gstatic.com; font-src .gstatic.com .maybank2u.com.my .google.com; script-src 'self' .maybank2u.com.my .google-analytics.com .googletagmanager.com .googlesyndication.com .googleapis.com 'unsafe-inline' 'unsafe-eval' .doubleclick.net .mbww.com .useinsider.com https://connect.facebook.net .googleadservices.com .google.com .gstatic.com; frame-src 'self' .maybank2u.com.my .useinsider.com https://unity.cadreon.com .doubleclick.net .youtube.com .google.com; img-src 'self' data: blob: .maybank2u.com.my https://emerchant.maybank2u.com.my:8443 .google-analytics.com .googlesyndication.com .doubleclick.net https://www.google.com https://www.google.com.my https://www.google.com.sg https://www.google.co.in https://www.google.co.id https://www.facebook.com/tr/ .useinsider.com www.maybank.com .gstatic.com .googleapis.com http://dbv47yu57n5vf.cloudfront.net https://perfectsencollector.com .amazonaws.com .oto.my .googletagmanager.com .youtube.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; MODE=BLOCK

Request headers

Referer: https://www.maybank2u.com.my/maybank_css/screen.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 06:04:02 GMT
x-content-type-options: NOSNIFF
last-modified: Tue, 18 Jun 2019 07:42:31 GMT
server: none
etag: "356-5d0895e7"
x-frame-options: SAMEORIGIN
content-type: image/gif
x-cnection: close
content-security-policy: default-src 'self' *.maybank2u.com.my *.google-analytics.com *.googlesyndication.com *.doubleclick.net *.useinsider.com https://perfectsencollector.com *.google.com https://analytics.google.com *.googleapis.com *.googletagmanager.com; object-src *.maybank2u.com.my; style-src 'self' 'unsafe-inline' *.googleapis.com *.google.com; style-src-elem 'self' 'unsafe-inline' *.googleapis.com *.google.com *.gstatic.com; font-src *.gstatic.com *.maybank2u.com.my *.google.com; script-src 'self' *.maybank2u.com.my *.google-analytics.com *.googletagmanager.com *.googlesyndication.com *.googleapis.com 'unsafe-inline' 'unsafe-eval' *.doubleclick.net *.mbww.com *.useinsider.com https://connect.facebook.net *.googleadservices.com *.google.com *.gstatic.com; frame-src 'self' *.maybank2u.com.my *.useinsider.com https://unity.cadreon.com *.doubleclick.net *.youtube.com *.google.com; img-src 'self' data: blob: *.maybank2u.com.my https://emerchant.maybank2u.com.my:8443 *.google-analytics.com *.googlesyndication.com *.doubleclick.net https://www.google.com https://www.google.com.my https://www.google.com.sg https://www.google.co.in https://www.google.co.id https://www.facebook.com/tr/ *.useinsider.com www.maybank.com *.gstatic.com *.googleapis.com http://dbv47yu57n5vf.cloudfront.net https://perfectsencollector.com *.amazonaws.com *.oto.my *.googletagmanager.com *.youtube.com
strict-transport-security: max-age=31536000 ; includeSubDomains
accept-ranges: bytes
content-length: 854
x-xss-protection: 1; MODE=BLOCK

GET
H2 200 bg.gif
www.maybank2u.com.my/maybank_gif/login/ 2 KB
3 KB 35ms
33ms Image
image/gif 184.86.251.20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.maybank2u.com.my/maybank_gif/login/bg.gif

Requested by

Host: www.maybank2u.com.my
URL: https://www.maybank2u.com.my/maybank_css/screen.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.251.20 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-251-20.deploy.static.akamaitechnologies.com

Software

none /

Resource Hash

98cd187ff6835d2ef5772757fcab2d9db7f92e570aa103609d1f1aa78808fc94

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .maybank2u.com.my .google-analytics.com .googlesyndication.com .doubleclick.net .useinsider.com https://perfectsencollector.com .google.com https://analytics.google.com .googleapis.com .googletagmanager.com; object-src .maybank2u.com.my; style-src 'self' 'unsafe-inline' .googleapis.com .google.com; style-src-elem 'self' 'unsafe-inline' .googleapis.com .google.com .gstatic.com; font-src .gstatic.com .maybank2u.com.my .google.com; script-src 'self' .maybank2u.com.my .google-analytics.com .googletagmanager.com .googlesyndication.com .googleapis.com 'unsafe-inline' 'unsafe-eval' .doubleclick.net .mbww.com .useinsider.com https://connect.facebook.net .googleadservices.com .google.com .gstatic.com; frame-src 'self' .maybank2u.com.my .useinsider.com https://unity.cadreon.com .doubleclick.net .youtube.com .google.com; img-src 'self' data: blob: .maybank2u.com.my https://emerchant.maybank2u.com.my:8443 .google-analytics.com .googlesyndication.com .doubleclick.net https://www.google.com https://www.google.com.my https://www.google.com.sg https://www.google.co.in https://www.google.co.id https://www.facebook.com/tr/ .useinsider.com www.maybank.com .gstatic.com .googleapis.com http://dbv47yu57n5vf.cloudfront.net https://perfectsencollector.com .amazonaws.com .oto.my .googletagmanager.com .youtube.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; MODE=BLOCK

Request headers

Referer: https://www.maybank2u.com.my/maybank_css/screen.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 06:04:02 GMT
x-content-type-options: NOSNIFF
last-modified: Fri, 02 Oct 2020 02:41:42 GMT
server: none
etag: "622-5f769366"
x-frame-options: SAMEORIGIN
content-type: image/gif
x-cnection: close
content-security-policy: default-src 'self' *.maybank2u.com.my *.google-analytics.com *.googlesyndication.com *.doubleclick.net *.useinsider.com https://perfectsencollector.com *.google.com https://analytics.google.com *.googleapis.com *.googletagmanager.com; object-src *.maybank2u.com.my; style-src 'self' 'unsafe-inline' *.googleapis.com *.google.com; style-src-elem 'self' 'unsafe-inline' *.googleapis.com *.google.com *.gstatic.com; font-src *.gstatic.com *.maybank2u.com.my *.google.com; script-src 'self' *.maybank2u.com.my *.google-analytics.com *.googletagmanager.com *.googlesyndication.com *.googleapis.com 'unsafe-inline' 'unsafe-eval' *.doubleclick.net *.mbww.com *.useinsider.com https://connect.facebook.net *.googleadservices.com *.google.com *.gstatic.com; frame-src 'self' *.maybank2u.com.my *.useinsider.com https://unity.cadreon.com *.doubleclick.net *.youtube.com *.google.com; img-src 'self' data: blob: *.maybank2u.com.my https://emerchant.maybank2u.com.my:8443 *.google-analytics.com *.googlesyndication.com *.doubleclick.net https://www.google.com https://www.google.com.my https://www.google.com.sg https://www.google.co.in https://www.google.co.id https://www.facebook.com/tr/ *.useinsider.com www.maybank.com *.gstatic.com *.googleapis.com http://dbv47yu57n5vf.cloudfront.net https://perfectsencollector.com *.amazonaws.com *.oto.my *.googletagmanager.com *.youtube.com
strict-transport-security: max-age=31536000 ; includeSubDomains
accept-ranges: bytes
content-length: 1570
x-xss-protection: 1; MODE=BLOCK

GET
H2 200 unamepw_btn.gif
www.maybank2u.com.my/maybank_gif/login/ 451 B
2 KB 42ms
40ms Image
image/gif 184.86.251.20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.maybank2u.com.my/maybank_gif/login/unamepw_btn.gif

Requested by

Host: www.maybank2u.com.my
URL: https://www.maybank2u.com.my/maybank_css/screen.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.251.20 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-251-20.deploy.static.akamaitechnologies.com

Software

none /

Resource Hash

c29b839fae1156fd5604905452cc56100fcace335d6fc44427ba0bbd412e208a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .maybank2u.com.my .google-analytics.com .googlesyndication.com .doubleclick.net .useinsider.com https://perfectsencollector.com .google.com https://analytics.google.com .googleapis.com .googletagmanager.com; object-src .maybank2u.com.my; style-src 'self' 'unsafe-inline' .googleapis.com .google.com; style-src-elem 'self' 'unsafe-inline' .googleapis.com .google.com .gstatic.com; font-src .gstatic.com .maybank2u.com.my .google.com; script-src 'self' .maybank2u.com.my .google-analytics.com .googletagmanager.com .googlesyndication.com .googleapis.com 'unsafe-inline' 'unsafe-eval' .doubleclick.net .mbww.com .useinsider.com https://connect.facebook.net .googleadservices.com .google.com .gstatic.com; frame-src 'self' .maybank2u.com.my .useinsider.com https://unity.cadreon.com .doubleclick.net .youtube.com .google.com; img-src 'self' data: blob: .maybank2u.com.my https://emerchant.maybank2u.com.my:8443 .google-analytics.com .googlesyndication.com .doubleclick.net https://www.google.com https://www.google.com.my https://www.google.com.sg https://www.google.co.in https://www.google.co.id https://www.facebook.com/tr/ .useinsider.com www.maybank.com .gstatic.com .googleapis.com http://dbv47yu57n5vf.cloudfront.net https://perfectsencollector.com .amazonaws.com .oto.my .googletagmanager.com .youtube.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; MODE=BLOCK

Request headers

Referer: https://www.maybank2u.com.my/maybank_css/screen.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 06:04:02 GMT
x-content-type-options: NOSNIFF
last-modified: Fri, 02 Oct 2020 02:41:56 GMT
server: none
etag: "1c3-5f769374"
x-frame-options: SAMEORIGIN
content-type: image/gif
x-cnection: close
content-security-policy: default-src 'self' *.maybank2u.com.my *.google-analytics.com *.googlesyndication.com *.doubleclick.net *.useinsider.com https://perfectsencollector.com *.google.com https://analytics.google.com *.googleapis.com *.googletagmanager.com; object-src *.maybank2u.com.my; style-src 'self' 'unsafe-inline' *.googleapis.com *.google.com; style-src-elem 'self' 'unsafe-inline' *.googleapis.com *.google.com *.gstatic.com; font-src *.gstatic.com *.maybank2u.com.my *.google.com; script-src 'self' *.maybank2u.com.my *.google-analytics.com *.googletagmanager.com *.googlesyndication.com *.googleapis.com 'unsafe-inline' 'unsafe-eval' *.doubleclick.net *.mbww.com *.useinsider.com https://connect.facebook.net *.googleadservices.com *.google.com *.gstatic.com; frame-src 'self' *.maybank2u.com.my *.useinsider.com https://unity.cadreon.com *.doubleclick.net *.youtube.com *.google.com; img-src 'self' data: blob: *.maybank2u.com.my https://emerchant.maybank2u.com.my:8443 *.google-analytics.com *.googlesyndication.com *.doubleclick.net https://www.google.com https://www.google.com.my https://www.google.com.sg https://www.google.co.in https://www.google.co.id https://www.facebook.com/tr/ *.useinsider.com www.maybank.com *.gstatic.com *.googleapis.com http://dbv47yu57n5vf.cloudfront.net https://perfectsencollector.com *.amazonaws.com *.oto.my *.googletagmanager.com *.youtube.com
strict-transport-security: max-age=31536000 ; includeSubDomains
accept-ranges: bytes
content-length: 451
x-xss-protection: 1; MODE=BLOCK

GET
H2 200 login_btn.jpg
www.maybank2u.com.my/maybank_gif/login/ 1 KB
3 KB 41ms
40ms Image
image/jpeg 184.86.251.20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.maybank2u.com.my/maybank_gif/login/login_btn.jpg

Requested by

Host: www.maybank2u.com.my
URL: https://www.maybank2u.com.my/maybank_css/screen.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.251.20 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-251-20.deploy.static.akamaitechnologies.com

Software

none /

Resource Hash

aed483fcedb8c3fa65a1a06c40b47ddaf659478b1daf4ffd75f3ebfacbccad4f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .maybank2u.com.my .google-analytics.com .googlesyndication.com .doubleclick.net .useinsider.com https://perfectsencollector.com .google.com https://analytics.google.com .googleapis.com .googletagmanager.com; object-src .maybank2u.com.my; style-src 'self' 'unsafe-inline' .googleapis.com .google.com; style-src-elem 'self' 'unsafe-inline' .googleapis.com .google.com .gstatic.com; font-src .gstatic.com .maybank2u.com.my .google.com; script-src 'self' .maybank2u.com.my .google-analytics.com .googletagmanager.com .googlesyndication.com .googleapis.com 'unsafe-inline' 'unsafe-eval' .doubleclick.net .mbww.com .useinsider.com https://connect.facebook.net .googleadservices.com .google.com .gstatic.com; frame-src 'self' .maybank2u.com.my .useinsider.com https://unity.cadreon.com .doubleclick.net .youtube.com .google.com; img-src 'self' data: blob: .maybank2u.com.my https://emerchant.maybank2u.com.my:8443 .google-analytics.com .googlesyndication.com .doubleclick.net https://www.google.com https://www.google.com.my https://www.google.com.sg https://www.google.co.in https://www.google.co.id https://www.facebook.com/tr/ .useinsider.com www.maybank.com .gstatic.com .googleapis.com http://dbv47yu57n5vf.cloudfront.net https://perfectsencollector.com .amazonaws.com .oto.my .googletagmanager.com .youtube.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; MODE=BLOCK

Request headers

Referer: https://www.maybank2u.com.my/maybank_css/screen.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 06:04:02 GMT
x-content-type-options: NOSNIFF
last-modified: Fri, 02 Oct 2020 02:41:50 GMT
server: none
etag: "56b-5f76936e"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-cnection: close
content-security-policy: default-src 'self' *.maybank2u.com.my *.google-analytics.com *.googlesyndication.com *.doubleclick.net *.useinsider.com https://perfectsencollector.com *.google.com https://analytics.google.com *.googleapis.com *.googletagmanager.com; object-src *.maybank2u.com.my; style-src 'self' 'unsafe-inline' *.googleapis.com *.google.com; style-src-elem 'self' 'unsafe-inline' *.googleapis.com *.google.com *.gstatic.com; font-src *.gstatic.com *.maybank2u.com.my *.google.com; script-src 'self' *.maybank2u.com.my *.google-analytics.com *.googletagmanager.com *.googlesyndication.com *.googleapis.com 'unsafe-inline' 'unsafe-eval' *.doubleclick.net *.mbww.com *.useinsider.com https://connect.facebook.net *.googleadservices.com *.google.com *.gstatic.com; frame-src 'self' *.maybank2u.com.my *.useinsider.com https://unity.cadreon.com *.doubleclick.net *.youtube.com *.google.com; img-src 'self' data: blob: *.maybank2u.com.my https://emerchant.maybank2u.com.my:8443 *.google-analytics.com *.googlesyndication.com *.doubleclick.net https://www.google.com https://www.google.com.my https://www.google.com.sg https://www.google.co.in https://www.google.co.id https://www.facebook.com/tr/ *.useinsider.com www.maybank.com *.gstatic.com *.googleapis.com http://dbv47yu57n5vf.cloudfront.net https://perfectsencollector.com *.amazonaws.com *.oto.my *.googletagmanager.com *.youtube.com
strict-transport-security: max-age=31536000 ; includeSubDomains
accept-ranges: bytes
content-length: 1387
x-xss-protection: 1; MODE=BLOCK

GET
H2 200 footer.gif
www.maybank2u.com.my/maybank_gif/ 261 B
1 KB 42ms
41ms Image
image/gif 184.86.251.20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.maybank2u.com.my/maybank_gif/footer.gif

Requested by

Host: www.maybank2u.com.my
URL: https://www.maybank2u.com.my/maybank_css/screen.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.251.20 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-251-20.deploy.static.akamaitechnologies.com

Software

none /

Resource Hash

ddd17e9a51855dbcb75d1cedd680de0ba842c449dc869c19318697e42803d2f9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .maybank2u.com.my .google-analytics.com .googlesyndication.com .doubleclick.net .useinsider.com https://perfectsencollector.com .google.com https://analytics.google.com .googleapis.com .googletagmanager.com; object-src .maybank2u.com.my; style-src 'self' 'unsafe-inline' .googleapis.com .google.com; style-src-elem 'self' 'unsafe-inline' .googleapis.com .google.com .gstatic.com; font-src .gstatic.com .maybank2u.com.my .google.com; script-src 'self' .maybank2u.com.my .google-analytics.com .googletagmanager.com .googlesyndication.com .googleapis.com 'unsafe-inline' 'unsafe-eval' .doubleclick.net .mbww.com .useinsider.com https://connect.facebook.net .googleadservices.com .google.com .gstatic.com; frame-src 'self' .maybank2u.com.my .useinsider.com https://unity.cadreon.com .doubleclick.net .youtube.com .google.com; img-src 'self' data: blob: .maybank2u.com.my https://emerchant.maybank2u.com.my:8443 .google-analytics.com .googlesyndication.com .doubleclick.net https://www.google.com https://www.google.com.my https://www.google.com.sg https://www.google.co.in https://www.google.co.id https://www.facebook.com/tr/ .useinsider.com www.maybank.com .gstatic.com .googleapis.com http://dbv47yu57n5vf.cloudfront.net https://perfectsencollector.com .amazonaws.com .oto.my .googletagmanager.com .youtube.com
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	NOSNIFF
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; MODE=BLOCK

Request headers

Referer: https://www.maybank2u.com.my/maybank_css/screen.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Dec 2020 06:04:02 GMT
x-content-type-options: NOSNIFF
last-modified: Tue, 18 Jun 2019 07:42:31 GMT
server: none
etag: "105-5d0895e7"
x-frame-options: SAMEORIGIN
content-type: image/gif
x-cnection: close
content-security-policy: default-src 'self' *.maybank2u.com.my *.google-analytics.com *.googlesyndication.com *.doubleclick.net *.useinsider.com https://perfectsencollector.com *.google.com https://analytics.google.com *.googleapis.com *.googletagmanager.com; object-src *.maybank2u.com.my; style-src 'self' 'unsafe-inline' *.googleapis.com *.google.com; style-src-elem 'self' 'unsafe-inline' *.googleapis.com *.google.com *.gstatic.com; font-src *.gstatic.com *.maybank2u.com.my *.google.com; script-src 'self' *.maybank2u.com.my *.google-analytics.com *.googletagmanager.com *.googlesyndication.com *.googleapis.com 'unsafe-inline' 'unsafe-eval' *.doubleclick.net *.mbww.com *.useinsider.com https://connect.facebook.net *.googleadservices.com *.google.com *.gstatic.com; frame-src 'self' *.maybank2u.com.my *.useinsider.com https://unity.cadreon.com *.doubleclick.net *.youtube.com *.google.com; img-src 'self' data: blob: *.maybank2u.com.my https://emerchant.maybank2u.com.my:8443 *.google-analytics.com *.googlesyndication.com *.doubleclick.net https://www.google.com https://www.google.com.my https://www.google.com.sg https://www.google.co.in https://www.google.co.id https://www.facebook.com/tr/ *.useinsider.com www.maybank.com *.gstatic.com *.googleapis.com http://dbv47yu57n5vf.cloudfront.net https://perfectsencollector.com *.amazonaws.com *.oto.my *.googletagmanager.com *.youtube.com
strict-transport-security: max-age=31536000 ; includeSubDomains
accept-ranges: bytes
content-length: 261
x-xss-protection: 1; MODE=BLOCK

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Maybank2u (Banking)

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

mexicohealthtravel.com
www.maybank2u.com.my
184.86.251.20
207.180.254.86
04842881b771adc7f609547c97a8198a82820618d4ed7c5cc22c49c32971db42
05c47a87dbd45bc2213220b2caf968ef51b8c6f22c8299d8f65b8b203732fc63
09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b
1b9be274b3b347afd5bcabd8fbd682917d85f60f3df049ef1d2394922474fe4c
3a918557b6d0350f6e16cc0ecc1466debc76eaa4ba8778eeb908f97b8c5143ea
40b470833a89aee964f94d2c3373a58821d23ec1475024b3edaffd467efc6af1
49d7b734beb5b97e02a0d135fe17196a738cf6370e9ca01e75fe2d0574f69e52
50b7ec80afd3ae69594805baba1872d337bdf84cf435f9c3d2fa6199aadad838
61b2b80fada5f2058e1486b6eae2640477cd3af3976eabefe7e4d9c278e48999
7085d7957d7a30c48f09b2bc381bfc509f929e7efa9fa49d2be94d5ac9acf84d
7e01ad8f2cbd21589b9acc40a94e1b4dcc9d614bfd4c71eeae20e1e46811530c
8e761aa75728a1a397d34bd5527c4f2cbffb0fcc358e2c4dd84bc0e4628ec7aa
946f140038a3cf0593f81190b2c43ace270f851858f6519af3f54c536d751437
98cd187ff6835d2ef5772757fcab2d9db7f92e570aa103609d1f1aa78808fc94
a566826c585cf026621630099be51c79a993271c848f722c295ae988602f59e8
aed483fcedb8c3fa65a1a06c40b47ddaf659478b1daf4ffd75f3ebfacbccad4f
ba426ff590960d0fd5952d41c8418eb209e727f847e7455593ea9da223285bf1
c29b839fae1156fd5604905452cc56100fcace335d6fc44427ba0bbd412e208a
c4956f83cf6f45546946bce1a72f295bc1e1ffca831d625e0394044181638a88
ddd17e9a51855dbcb75d1cedd680de0ba842c449dc869c19318697e42803d2f9
ecc416a479d908d29c18774125cd7f73dbe8259e19baf7b231e950dfb9dd7547
fc9d7106f922e72e7f85517b56f1ee39bd1726e786f44f26bba67bfef2526586
fdabe206408ecac5c338cb571d7dbfa7dc27e702904fad4e4b6a499a9649b4b2

mexicohealthtravel.com Open in urlscan Pro 207.180.254.86 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

23 Requests

96 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

82 kBTransfer

94 kBSize

0 Cookies

8 Outgoing links

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

mexicohealthtravel.com Open in urlscan Pro
207.180.254.86 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

96 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

82 kB
Transfer

94 kB
Size

0
Cookies

23 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!