mexicohealthtravel.com
Open in
urlscan Pro
207.180.254.86
Malicious Activity!
Public Scan
Submission: On December 21 via automatic, source phishtank
Summary
This is the only time mexicohealthtravel.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Maybank2u (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 207.180.254.86 207.180.254.86 | 51167 (CONTABO) (CONTABO) | |
5 27 | 184.86.251.20 184.86.251.20 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
23 | 2 |
ASN51167 (CONTABO, DE)
PTR: oro.zuperdns.net
mexicohealthtravel.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-86-251-20.deploy.static.akamaitechnologies.com
www.maybank2u.com.my |
Apex Domain Subdomains |
Transfer | |
---|---|---|
27 |
maybank2u.com.my
5 redirects
www.maybank2u.com.my |
73 KB |
1 |
mexicohealthtravel.com
mexicohealthtravel.com |
17 KB |
23 | 2 |
Domain | Requested by | |
---|---|---|
27 | www.maybank2u.com.my |
5 redirects
mexicohealthtravel.com
www.maybank2u.com.my |
1 | mexicohealthtravel.com | |
23 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.maybank2u.com.my |
ost.maybank2u.com.my |
cert.webtrust.org |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.maybank2u.com.my DigiCert ECC Extended Validation Server CA |
2020-07-28 - 2022-04-09 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
http://mexicohealthtravel.com/wp-admin/user/11820/M2ULogin.html
Frame ID: 0E27AA9D1419419A0C94F68F4D643A0B
Requests: 23 HTTP requests in this frame
8 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Click here to login
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Help
Search URL Search Domain Scan URL
Title: Terms & Conditions
Search URL Search Domain Scan URL
Title: Security, Privacy & Client Charter
Search URL Search Domain Scan URL
Title: FAQ
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://www.maybank2u.com.my/maybank_css/screen.css HTTP 302
- https://www.maybank2u.com.my/maybank_css/screen.css
- http://www.maybank2u.com.my/js/scripts.js HTTP 302
- https://www.maybank2u.com.my/js/scripts.js
- http://www.maybank2u.com.my/js/popup.js HTTP 302
- https://www.maybank2u.com.my/js/popup.js
- http://www.maybank2u.com.my/js/common.js HTTP 302
- https://www.maybank2u.com.my/js/common.js
- http://www.maybank2u.com.my/js/ajax.js HTTP 302
- https://www.maybank2u.com.my/js/ajax.js
- http://www.maybank2u.com.my/maybank_gif/m2u_logo.gif HTTP 307
- https://www.maybank2u.com.my/maybank_gif/m2u_logo.gif
- http://www.maybank2u.com.my/maybank_gif/loading.gif HTTP 307
- https://www.maybank2u.com.my/maybank_gif/loading.gif
- http://www.maybank2u.com.my/maybank_css/print.css HTTP 307
- https://www.maybank2u.com.my/maybank_css/print.css
- http://www.maybank2u.com.my/maybank_css/handheld.css HTTP 307
- https://www.maybank2u.com.my/maybank_css/handheld.css
- http://www.maybank2u.com.my/maybank_gif/login/forgotpw_btn.jpg HTTP 307
- https://www.maybank2u.com.my/maybank_gif/login/forgotpw_btn.jpg
- http://www.maybank2u.com.my/maybank_gif/login/firstlog_btn.jpg HTTP 307
- https://www.maybank2u.com.my/maybank_gif/login/firstlog_btn.jpg
- http://www.maybank2u.com.my/maybank_gif/login/onstock_icn.jpg HTTP 307
- https://www.maybank2u.com.my/maybank_gif/login/onstock_icn.jpg
- http://www.maybank2u.com.my/maybank_gif/login/ssafe_icn.jpg HTTP 307
- https://www.maybank2u.com.my/maybank_gif/login/ssafe_icn.jpg
- http://www.maybank2u.com.my/maybank_gif/s_images/spacer.gif HTTP 307
- https://www.maybank2u.com.my/maybank_gif/s_images/spacer.gif
- http://www.maybank2u.com.my/maybank_gif/image/seal2.gif HTTP 307
- https://www.maybank2u.com.my/maybank_gif/image/seal2.gif
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
M2ULogin.html
mexicohealthtravel.com/wp-admin/user/11820/ |
17 KB 17 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
screen.css
www.maybank2u.com.my/maybank_css/ Redirect Chain
|
35 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scripts.js
www.maybank2u.com.my/js/ Redirect Chain
|
595 B 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popup.js
www.maybank2u.com.my/js/ Redirect Chain
|
1 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.js
www.maybank2u.com.my/js/ Redirect Chain
|
11 KB 4 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ajax.js
www.maybank2u.com.my/js/ Redirect Chain
|
2 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m2u_logo.gif
www.maybank2u.com.my/maybank_gif/ Redirect Chain
|
1 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loading.gif
www.maybank2u.com.my/maybank_gif/ Redirect Chain
|
3 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
print.css
www.maybank2u.com.my/maybank_css/ Redirect Chain
|
257 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
handheld.css
www.maybank2u.com.my/maybank_css/ Redirect Chain
|
25 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
forgotpw_btn.jpg
www.maybank2u.com.my/maybank_gif/login/ Redirect Chain
|
6 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
firstlog_btn.jpg
www.maybank2u.com.my/maybank_gif/login/ Redirect Chain
|
6 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
onstock_icn.jpg
www.maybank2u.com.my/maybank_gif/login/ Redirect Chain
|
611 B 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ssafe_icn.jpg
www.maybank2u.com.my/maybank_gif/login/ Redirect Chain
|
781 B 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spacer.gif
www.maybank2u.com.my/maybank_gif/s_images/ Redirect Chain
|
67 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
seal2.gif
www.maybank2u.com.my/maybank_gif/image/ Redirect Chain
|
5 KB 6 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
body.gif
www.maybank2u.com.my/maybank_gif/ |
114 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wrap.gif
www.maybank2u.com.my/maybank_gif/ |
117 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
content.gif
www.maybank2u.com.my/maybank_gif/ |
854 B 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg.gif
www.maybank2u.com.my/maybank_gif/login/ |
2 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
unamepw_btn.gif
www.maybank2u.com.my/maybank_gif/login/ |
451 B 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login_btn.jpg
www.maybank2u.com.my/maybank_gif/login/ |
1 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
footer.gif
www.maybank2u.com.my/maybank_gif/ |
261 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Maybank2u (Banking)57 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated function| toggleLayer function| addLoadEvent function| externalLinks function| popUp function| validateConditionalRequired function| trim function| errorMessageHandler function| clearErrorMessage function| clearAll function| visitReceiptPage function| printPage function| visitBillPaymentPopUp function| getPageSize function| overlay function| getPagePosition function| promptMessage function| promptMessagePopUp function| overlayCancel function| overlayPopUp function| overlayPopUpCancel function| hideOverlay function| clearInputDate function| validateInputDate function| reset_session_timer function| isNumberwithdecimal function| isNumber number| bustcachevar string| loadedobjects string| rootdomain string| bustcacheparameter function| ajaxpage function| loadpage function| loadobjs boolean| bCancel function| validateLoginForm function| alphaNumeric function| required function| minlength function| password function| validateAlphaNumeric function| validateRequired function| validateMinLength function| validatePassword boolean| NN4 boolean| IE4 number| timeoutLimit number| lastEvent function| check_for_timeout function| updateLastEvent function| go_to_logout object| divElement2 object| divElement0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
mexicohealthtravel.com
www.maybank2u.com.my
184.86.251.20
207.180.254.86
04842881b771adc7f609547c97a8198a82820618d4ed7c5cc22c49c32971db42
05c47a87dbd45bc2213220b2caf968ef51b8c6f22c8299d8f65b8b203732fc63
09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b
1b9be274b3b347afd5bcabd8fbd682917d85f60f3df049ef1d2394922474fe4c
3a918557b6d0350f6e16cc0ecc1466debc76eaa4ba8778eeb908f97b8c5143ea
40b470833a89aee964f94d2c3373a58821d23ec1475024b3edaffd467efc6af1
49d7b734beb5b97e02a0d135fe17196a738cf6370e9ca01e75fe2d0574f69e52
50b7ec80afd3ae69594805baba1872d337bdf84cf435f9c3d2fa6199aadad838
61b2b80fada5f2058e1486b6eae2640477cd3af3976eabefe7e4d9c278e48999
7085d7957d7a30c48f09b2bc381bfc509f929e7efa9fa49d2be94d5ac9acf84d
7e01ad8f2cbd21589b9acc40a94e1b4dcc9d614bfd4c71eeae20e1e46811530c
8e761aa75728a1a397d34bd5527c4f2cbffb0fcc358e2c4dd84bc0e4628ec7aa
946f140038a3cf0593f81190b2c43ace270f851858f6519af3f54c536d751437
98cd187ff6835d2ef5772757fcab2d9db7f92e570aa103609d1f1aa78808fc94
a566826c585cf026621630099be51c79a993271c848f722c295ae988602f59e8
aed483fcedb8c3fa65a1a06c40b47ddaf659478b1daf4ffd75f3ebfacbccad4f
ba426ff590960d0fd5952d41c8418eb209e727f847e7455593ea9da223285bf1
c29b839fae1156fd5604905452cc56100fcace335d6fc44427ba0bbd412e208a
c4956f83cf6f45546946bce1a72f295bc1e1ffca831d625e0394044181638a88
ddd17e9a51855dbcb75d1cedd680de0ba842c449dc869c19318697e42803d2f9
ecc416a479d908d29c18774125cd7f73dbe8259e19baf7b231e950dfb9dd7547
fc9d7106f922e72e7f85517b56f1ee39bd1726e786f44f26bba67bfef2526586
fdabe206408ecac5c338cb571d7dbfa7dc27e702904fad4e4b6a499a9649b4b2