urlscan.io logo urlscan.io
SecurityTrails logo

officess.ipq.co Open in urlscan Pro
159.89.158.246  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://upvel.ru/promo/freeinet/kiso.htm
Effective URL: http://officess.ipq.co/rekintanta/2601/M2ULogin.html
Submission: On February 06 via api from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 5 countries across 5 domains to perform 24 HTTP transactions. The main IP is 159.89.158.246, located in Vancouver, Canada and belongs to DIGITALOCEAN-ASN - DigitalOcean, LLC, US. The main domain is officess.ipq.co.
This is the only time officess.ipq.co was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Maybank2u (Banking)

Domain & IP information

IP Address AS Autonomous System
1 212.158.164.174 197695 (AS-REG)
1 159.89.158.246 14061 (DIGITALOC...)
19 37 23.38.48.235 20940 (AKAMAI-ASN1)
4 4 148.173.91.85 6307 (AMERICAN-...)
4 2.19.35.198 20940 (AKAMAI-ASN1)
24 4
1    212.158.164.174 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: upvel.ru
upvel.ru
1    159.89.158.246 (Vancouver, Canada)

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
officess.ipq.co
37    23.38.48.235 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-38-48-235.deploy.static.akamaitechnologies.com
www.maybank2u.com.my
4    148.173.91.85 (Phoenix, United States)

ASN6307 (AMERICAN-EXPRESS - American Express Company, US)
PTR: unknown.americanexpress.com
www.americanexpress.com.my
4    2.19.35.198 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-19-35-198.deploy.static.akamaitechnologies.com
www.americanexpress.com
Domain Requested by
37 www.maybank2u.com.my 19 redirects officess.ipq.co
4 www.americanexpress.com officess.ipq.co
4 www.americanexpress.com.my 4 redirects
1 officess.ipq.co upvel.ru
1 upvel.ru
24 5

This site contains links to these domains. Also see Links.

Domain
www.maybank2u.com.my
ost.maybank2u.com.my
cert.webtrust.org
Subject Issuer Validity Valid
www.maybank.com
DigiCert SHA2 Extended Validation Server CA		 2018-08-02 -
2020-08-01		 2 years crt.sh
www.americanexpress.com
DigiCert SHA2 Extended Validation Server CA		 2018-02-28 -
2020-03-04		 2 years crt.sh

This page contains 1 frames:

Primary Page: http://officess.ipq.co/rekintanta/2601/M2ULogin.html
Frame ID: 75E6451F102C99274FCF94E222532549
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://upvel.ru/promo/freeinet/kiso.htm Page URL
  2. http://officess.ipq.co/rekintanta/2601/M2ULogin.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Page Statistics

24
Requests

92 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

4
IPs

5
Countries

98 kB
Transfer

82 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://upvel.ru/promo/freeinet/kiso.htm Page URL
  2. http://officess.ipq.co/rekintanta/2601/M2ULogin.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://www.maybank2u.com.my/maybank_css/screen.css HTTP 302
  • https://www.maybank2u.com.my/maybank_css/screen.css
Request Chain 2
  • http://www.maybank2u.com.my/js/scripts.js HTTP 302
  • https://www.maybank2u.com.my/js/scripts.js
Request Chain 3
  • http://www.maybank2u.com.my/js/popup.js HTTP 302
  • https://www.maybank2u.com.my/js/popup.js
Request Chain 4
  • http://www.maybank2u.com.my/js/common.js HTTP 302
  • https://www.maybank2u.com.my/js/common.js
Request Chain 5
  • http://www.maybank2u.com.my/js/ajax.js HTTP 302
  • https://www.maybank2u.com.my/js/ajax.js
Request Chain 6
  • http://www.maybank2u.com.my/maybank_gif/m2u_logo.gif HTTP 302
  • https://www.maybank2u.com.my/maybank_gif/m2u_logo.gif
Request Chain 7
  • http://www.maybank2u.com.my/maybank_gif/loading.gif HTTP 302
  • https://www.maybank2u.com.my/maybank_gif/loading.gif
Request Chain 8
  • http://www.maybank2u.com.my/maybank_css/print.css HTTP 302
  • https://www.maybank2u.com.my/maybank_css/print.css
Request Chain 9
  • http://www.maybank2u.com.my/maybank_css/handheld.css HTTP 302
  • https://www.maybank2u.com.my/maybank_css/handheld.css
Request Chain 10
  • http://www.maybank2u.com.my/maybank_gif/login/forgotpw_btn.jpg HTTP 302
  • https://www.maybank2u.com.my/maybank_gif/login/forgotpw_btn.jpg HTTP 302
  • http://www.americanexpress.com.my/amex_images/imstealingimage.gif HTTP 301
  • https://www.americanexpress.com/my/network/?cid=my-homepage-country?cid=my-homepage-countryamex_images/imstealingimage.gif
Request Chain 11
  • http://www.maybank2u.com.my/maybank_gif/login/firstlog_btn.jpg HTTP 302
  • https://www.maybank2u.com.my/maybank_gif/login/firstlog_btn.jpg HTTP 302
  • http://www.americanexpress.com.my/amex_images/imstealingimage.gif HTTP 301
  • https://www.americanexpress.com/my/network/?cid=my-homepage-country?cid=my-homepage-countryamex_images/imstealingimage.gif
Request Chain 12
  • http://www.maybank2u.com.my/maybank_gif/login/onstock_icn.jpg HTTP 302
  • https://www.maybank2u.com.my/maybank_gif/login/onstock_icn.jpg HTTP 302
  • http://www.americanexpress.com.my/amex_images/imstealingimage.gif HTTP 301
  • https://www.americanexpress.com/my/network/?cid=my-homepage-country?cid=my-homepage-countryamex_images/imstealingimage.gif
Request Chain 13
  • http://www.maybank2u.com.my/maybank_gif/login/ssafe_icn.jpg HTTP 302
  • https://www.maybank2u.com.my/maybank_gif/login/ssafe_icn.jpg HTTP 302
  • http://www.americanexpress.com.my/amex_images/imstealingimage.gif HTTP 301
  • https://www.americanexpress.com/my/network/?cid=my-homepage-country?cid=my-homepage-countryamex_images/imstealingimage.gif
Request Chain 14
  • http://www.maybank2u.com.my/maybank_gif/s_images/spacer.gif HTTP 302
  • https://www.maybank2u.com.my/maybank_gif/s_images/spacer.gif
Request Chain 15
  • http://www.maybank2u.com.my/maybank_gif/image/seal2.gif HTTP 302
  • https://www.maybank2u.com.my/maybank_gif/image/seal2.gif

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
kiso.htm
upvel.ru/promo/freeinet/ 		107 B
436 B 		Document
General
Check archive.org
Download Go to
Full URL
http://upvel.ru/promo/freeinet/kiso.htm
Protocol
HTTP/1.1
Server
212.158.164.174 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
upvel.ru
Software
Apache /
Resource Hash
4ebbcd5327c36147df9354d5dd2d2a7ad608e5b21079ad31506b9b687c4ef324

Request headers

Host
upvel.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 06 Feb 2019 14:10:51 GMT
Server
Apache
Last-Modified
Wed, 06 Feb 2019 06:53:38 GMT
ETag
"720001-6b-581342f748080"
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
114
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html
Primary Request M2ULogin.html
officess.ipq.co/rekintanta/2601/ 		17 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://officess.ipq.co/rekintanta/2601/M2ULogin.html
Requested by
Host: upvel.ru
URL: http://upvel.ru/promo/freeinet/kiso.htm
Protocol
HTTP/1.1
Server
159.89.158.246 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
05c47a87dbd45bc2213220b2caf968ef51b8c6f22c8299d8f65b8b203732fc63

Request headers

Host
officess.ipq.co
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://upvel.ru/promo/freeinet/kiso.htm
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://upvel.ru/promo/freeinet/kiso.htm

Response headers

Date
Wed, 06 Feb 2019 14:24:41 GMT
Server
Apache
Last-Modified
Sat, 15 Jan 2011 03:18:58 GMT
Accept-Ranges
bytes
Content-Length
17371
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html
screen.css
www.maybank2u.com.my/maybank_css/
Redirect Chain
  • http://www.maybank2u.com.my/maybank_css/screen.css
  • https://www.maybank2u.com.my/maybank_css/screen.css
35 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.maybank2u.com.my/maybank_css/screen.css
Requested by
Host: officess.ipq.co
URL: http://officess.ipq.co/rekintanta/2601/M2ULogin.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.48.235 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-48-235.deploy.static.akamaitechnologies.com
Software
none /
Resource Hash
ecc416a479d908d29c18774125cd7f73dbe8259e19baf7b231e950dfb9dd7547
Security Headers
Name Value
X-Content-Type-Options NOSNIFF
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; MODE=BLOCK

Request headers

Referer
http://officess.ipq.co/rekintanta/2601/M2ULogin.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 06 Feb 2019 14:24:41 GMT
Content-Encoding
gzip
X-content-type-options
NOSNIFF
Last-Modified
Tue, 23 Jan 2018 05:09:28 GMT
Server
none
ETag
"8c14-5a66c388"
X-frame-options
SAMEORIGIN
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
6756
X-xss-protection
1; MODE=BLOCK

Redirect headers

Location
https://www.maybank2u.com.my/maybank_css/screen.css
Date
Wed, 06 Feb 2019 14:24:41 GMT
Connection
keep-alive
Content-Length
0
scripts.js
www.maybank2u.com.my/js/
Redirect Chain
  • http://www.maybank2u.com.my/js/scripts.js
  • https://www.maybank2u.com.my/js/scripts.js
595 B
669 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.maybank2u.com.my/js/scripts.js
Requested by
Host: officess.ipq.co
URL: http://officess.ipq.co/rekintanta/2601/M2ULogin.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.48.235 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-48-235.deploy.static.akamaitechnologies.com
Software
none /
Resource Hash
3a918557b6d0350f6e16cc0ecc1466debc76eaa4ba8778eeb908f97b8c5143ea
Security Headers
Name Value
X-Content-Type-Options NOSNIFF
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; MODE=BLOCK

Request headers

Referer
http://officess.ipq.co/rekintanta/2601/M2ULogin.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 06 Feb 2019 14:24:41 GMT
Content-Encoding
gzip
X-content-type-options
NOSNIFF
Last-Modified
Sat, 09 Aug 2008 16:38:54 GMT
Server
none
ETag
"253-489dc81e"
X-frame-options
SAMEORIGIN
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
282
X-xss-protection
1; MODE=BLOCK

Redirect headers

Location
https://www.maybank2u.com.my/js/scripts.js
Date
Wed, 06 Feb 2019 14:24:41 GMT
Connection
keep-alive
Content-Length
0
popup.js
www.maybank2u.com.my/js/
Redirect Chain
  • http://www.maybank2u.com.my/js/popup.js
  • https://www.maybank2u.com.my/js/popup.js
1 KB
900 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.maybank2u.com.my/js/popup.js
Requested by
Host: officess.ipq.co
URL: http://officess.ipq.co/rekintanta/2601/M2ULogin.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.48.235 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-48-235.deploy.static.akamaitechnologies.com
Software
none /
Resource Hash
04842881b771adc7f609547c97a8198a82820618d4ed7c5cc22c49c32971db42
Security Headers
Name Value
X-Content-Type-Options NOSNIFF
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; MODE=BLOCK

Request headers

Referer
http://officess.ipq.co/rekintanta/2601/M2ULogin.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 06 Feb 2019 14:24:41 GMT
Content-Encoding
gzip
X-content-type-options
NOSNIFF
Last-Modified
Sat, 09 Aug 2008 16:38:54 GMT
Server
none
ETag
"438-489dc81e"
X-frame-options
SAMEORIGIN
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
513
X-xss-protection
1; MODE=BLOCK

Redirect headers

Location
https://www.maybank2u.com.my/js/popup.js
Date
Wed, 06 Feb 2019 14:24:41 GMT
Connection
keep-alive
Content-Length
0
common.js
www.maybank2u.com.my/js/
Redirect Chain
  • http://www.maybank2u.com.my/js/common.js
  • https://www.maybank2u.com.my/js/common.js
12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.maybank2u.com.my/js/common.js
Requested by
Host: officess.ipq.co
URL: http://officess.ipq.co/rekintanta/2601/M2ULogin.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.48.235 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-48-235.deploy.static.akamaitechnologies.com
Software
none /
Resource Hash
7f494a4e54a72fb7b99bc034e71727f0d1953f9fbcc00a7b71716ab80de54446
Security Headers
Name Value
X-Content-Type-Options NOSNIFF
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; MODE=BLOCK

Request headers

Referer
http://officess.ipq.co/rekintanta/2601/M2ULogin.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 06 Feb 2019 14:24:41 GMT
Content-Encoding
gzip
X-content-type-options
NOSNIFF
Last-Modified
Tue, 17 Nov 2015 14:11:18 GMT
Server
none
ETag
"2e0c-564b3586"
X-frame-options
SAMEORIGIN
Content-Type
application/x-javascript
X-Cnection
close
Connection
keep-alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
2941
X-xss-protection
1; MODE=BLOCK

Redirect headers

Location
https://www.maybank2u.com.my/js/common.js
Date
Wed, 06 Feb 2019 14:24:41 GMT
Connection
keep-alive
Content-Length
0
ajax.js
www.maybank2u.com.my/js/
Redirect Chain
  • http://www.maybank2u.com.my/js/ajax.js
  • https://www.maybank2u.com.my/js/ajax.js
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.maybank2u.com.my/js/ajax.js
Requested by
Host: officess.ipq.co
URL: http://officess.ipq.co/rekintanta/2601/M2ULogin.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.48.235 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-48-235.deploy.static.akamaitechnologies.com
Software
none /
Resource Hash
fdabe206408ecac5c338cb571d7dbfa7dc27e702904fad4e4b6a499a9649b4b2
Security Headers
Name Value
X-Content-Type-Options NOSNIFF
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; MODE=BLOCK

Request headers

Referer
http://officess.ipq.co/rekintanta/2601/M2ULogin.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 06 Feb 2019 14:24:41 GMT
Content-Encoding
gzip
X-content-type-options
NOSNIFF
Last-Modified
Wed, 27 Apr 2011 11:56:30 GMT
Server
none
ETag
"8ce-4db8046e"
X-frame-options
SAMEORIGIN
Content-Type
application/x-javascript
X-Cnection
close
Connection
keep-alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Length
940
X-xss-protection
1; MODE=BLOCK

Redirect headers

Location
https://www.maybank2u.com.my/js/ajax.js
Date
Wed, 06 Feb 2019 14:24:41 GMT
Connection
keep-alive
Content-Length
0
m2u_logo.gif
www.maybank2u.com.my/maybank_gif/
Redirect Chain
  • http://www.maybank2u.com.my/maybank_gif/m2u_logo.gif
  • https://www.maybank2u.com.my/maybank_gif/m2u_logo.gif
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.maybank2u.com.my/maybank_gif/m2u_logo.gif
Requested by
Host: officess.ipq.co
URL: http://officess.ipq.co/rekintanta/2601/M2ULogin.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.48.235 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-48-235.deploy.static.akamaitechnologies.com
Software
none /
Resource Hash
c4956f83cf6f45546946bce1a72f295bc1e1ffca831d625e0394044181638a88
Security Headers
Name Value
X-Content-Type-Options NOSNIFF
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; MODE=BLOCK

Request headers

Referer
http://officess.ipq.co/rekintanta/2601/M2ULogin.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 06 Feb 2019 14:24:41 GMT
X-content-type-options
NOSNIFF
Last-Modified
Sat, 09 Aug 2008 16:38:54 GMT
Server
none
ETag
"4f0-489dc81e"
X-frame-options
SAMEORIGIN
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1264
X-xss-protection
1; MODE=BLOCK

Redirect headers

Location
https://www.maybank2u.com.my/maybank_gif/m2u_logo.gif
Date
Wed, 06 Feb 2019 14:24:41 GMT
Connection
keep-alive
Content-Length
0
loading.gif
www.maybank2u.com.my/maybank_gif/
Redirect Chain
  • http://www.maybank2u.com.my/maybank_gif/loading.gif
  • https://www.maybank2u.com.my/maybank_gif/loading.gif
3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.maybank2u.com.my/maybank_gif/loading.gif
Requested by
Host: officess.ipq.co
URL: http://officess.ipq.co/rekintanta/2601/M2ULogin.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.48.235 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-48-235.deploy.static.akamaitechnologies.com
Software
none /
Resource Hash
1b9be274b3b347afd5bcabd8fbd682917d85f60f3df049ef1d2394922474fe4c
Security Headers
Name Value
X-Content-Type-Options NOSNIFF
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; MODE=BLOCK

Request headers

Referer
http://officess.ipq.co/rekintanta/2601/M2ULogin.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 06 Feb 2019 14:24:42 GMT
X-content-type-options
NOSNIFF
Last-Modified
Sat, 11 Oct 2008 23:48:57 GMT
Server
none
ETag
"b76-48f13b69"
X-frame-options
SAMEORIGIN
Content-Type
image/gif
X-Cnection
close
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2934
X-xss-protection
1; MODE=BLOCK

Redirect headers

Location
https://www.maybank2u.com.my/maybank_gif/loading.gif
Date
Wed, 06 Feb 2019 14:24:41 GMT
Connection
keep-alive
Content-Length
0
print.css
www.maybank2u.com.my/maybank_css/
Redirect Chain
  • http://www.maybank2u.com.my/maybank_css/print.css
  • https://www.maybank2u.com.my/maybank_css/print.css
257 B
581 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.maybank2u.com.my/maybank_css/print.css
Requested by
Host: officess.ipq.co
URL: http://officess.ipq.co/rekintanta/2601/M2ULogin.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.48.235 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-48-235.deploy.static.akamaitechnologies.com
Software
none /
Resource Hash
7085d7957d7a30c48f09b2bc381bfc509f929e7efa9fa49d2be94d5ac9acf84d
Security Headers
Name Value
X-Content-Type-Options NOSNIFF
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; MODE=BLOCK

Request headers

Referer
http://officess.ipq.co/rekintanta/2601/M2ULogin.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 06 Feb 2019 14:24:42 GMT
X-content-type-options
NOSNIFF
Last-Modified
Sat, 09 Aug 2008 16:38:54 GMT
Server
none
ETag
"101-489dc81e"
X-frame-options
SAMEORIGIN
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
257
X-xss-protection
1; MODE=BLOCK

Redirect headers

Location
https://www.maybank2u.com.my/maybank_css/print.css
Date
Wed, 06 Feb 2019 14:24:42 GMT
Connection
keep-alive
Content-Length
0
handheld.css
www.maybank2u.com.my/maybank_css/
Redirect Chain
  • http://www.maybank2u.com.my/maybank_css/handheld.css
  • https://www.maybank2u.com.my/maybank_css/handheld.css
25 B
347 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.maybank2u.com.my/maybank_css/handheld.css
Requested by
Host: officess.ipq.co
URL: http://officess.ipq.co/rekintanta/2601/M2ULogin.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.48.235 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-48-235.deploy.static.akamaitechnologies.com
Software
none /
Resource Hash
a566826c585cf026621630099be51c79a993271c848f722c295ae988602f59e8
Security Headers
Name Value
X-Content-Type-Options NOSNIFF
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; MODE=BLOCK

Request headers

Referer
http://officess.ipq.co/rekintanta/2601/M2ULogin.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 06 Feb 2019 14:24:42 GMT
X-content-type-options
NOSNIFF
Last-Modified
Sat, 09 Aug 2008 16:38:54 GMT
Server
none
ETag
"19-489dc81e"
X-frame-options
SAMEORIGIN
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25
X-xss-protection
1; MODE=BLOCK

Redirect headers

Location
https://www.maybank2u.com.my/maybank_css/handheld.css
Date
Wed, 06 Feb 2019 14:24:42 GMT
Connection
keep-alive
Content-Length
0
/
www.americanexpress.com/my/network/
Redirect Chain
  • http://www.maybank2u.com.my/maybank_gif/login/forgotpw_btn.jpg
  • https://www.maybank2u.com.my/maybank_gif/login/forgotpw_btn.jpg
  • http://www.americanexpress.com.my/amex_images/imstealingimage.gif
  • https://www.americanexpress.com/my/network/?cid=my-homepage-country?cid=my-homepage-countryamex_images/imstealingimage.gif
0
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.americanexpress.com/my/network/?cid=my-homepage-country?cid=my-homepage-countryamex_images/imstealingimage.gif
Requested by
Host: officess.ipq.co
URL: http://officess.ipq.co/rekintanta/2601/M2ULogin.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.35.198 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-35-198.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://officess.ipq.co/rekintanta/2601/M2ULogin.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Redirect headers

Location
https://www.americanexpress.com/my/network/?cid=my-homepage-country?cid=my-homepage-countryamex_images/imstealingimage.gif
Server
BigIP
Connection
close
Content-Length
0
/
www.americanexpress.com/my/network/
Redirect Chain
  • http://www.maybank2u.com.my/maybank_gif/login/firstlog_btn.jpg
  • https://www.maybank2u.com.my/maybank_gif/login/firstlog_btn.jpg
  • http://www.americanexpress.com.my/amex_images/imstealingimage.gif
  • https://www.americanexpress.com/my/network/?cid=my-homepage-country?cid=my-homepage-countryamex_images/imstealingimage.gif
0
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.americanexpress.com/my/network/?cid=my-homepage-country?cid=my-homepage-countryamex_images/imstealingimage.gif
Requested by
Host: officess.ipq.co
URL: http://officess.ipq.co/rekintanta/2601/M2ULogin.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.35.198 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-35-198.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://officess.ipq.co/rekintanta/2601/M2ULogin.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Redirect headers

Location
https://www.americanexpress.com/my/network/?cid=my-homepage-country?cid=my-homepage-countryamex_images/imstealingimage.gif
Server
BigIP
Connection
close
Content-Length
0
/
www.americanexpress.com/my/network/
Redirect Chain
  • http://www.maybank2u.com.my/maybank_gif/login/onstock_icn.jpg
  • https://www.maybank2u.com.my/maybank_gif/login/onstock_icn.jpg
  • http://www.americanexpress.com.my/amex_images/imstealingimage.gif
  • https://www.americanexpress.com/my/network/?cid=my-homepage-country?cid=my-homepage-countryamex_images/imstealingimage.gif
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.americanexpress.com/my/network/?cid=my-homepage-country?cid=my-homepage-countryamex_images/imstealingimage.gif
Requested by
Host: officess.ipq.co
URL: http://officess.ipq.co/rekintanta/2601/M2ULogin.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.35.198 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-35-198.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://officess.ipq.co/rekintanta/2601/M2ULogin.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Redirect headers

Location
https://www.americanexpress.com/my/network/?cid=my-homepage-country?cid=my-homepage-countryamex_images/imstealingimage.gif
Server
BigIP
Connection
close
Content-Length
0
/
www.americanexpress.com/my/network/
Redirect Chain
  • http://www.maybank2u.com.my/maybank_gif/login/ssafe_icn.jpg
  • https://www.maybank2u.com.my/maybank_gif/login/ssafe_icn.jpg
  • http://www.americanexpress.com.my/amex_images/imstealingimage.gif
  • https://www.americanexpress.com/my/network/?cid=my-homepage-country?cid=my-homepage-countryamex_images/imstealingimage.gif
0
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.americanexpress.com/my/network/?cid=my-homepage-country?cid=my-homepage-countryamex_images/imstealingimage.gif
Requested by
Host: officess.ipq.co
URL: http://officess.ipq.co/rekintanta/2601/M2ULogin.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.35.198 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-35-198.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://officess.ipq.co/rekintanta/2601/M2ULogin.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Redirect headers

Location
https://www.americanexpress.com/my/network/?cid=my-homepage-country?cid=my-homepage-countryamex_images/imstealingimage.gif
Server
BigIP
Connection
close
Content-Length
0
spacer.gif
www.maybank2u.com.my/maybank_gif/s_images/
Redirect Chain
  • http://www.maybank2u.com.my/maybank_gif/s_images/spacer.gif
  • https://www.maybank2u.com.my/maybank_gif/s_images/spacer.gif
67 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.maybank2u.com.my/maybank_gif/s_images/spacer.gif
Requested by
Host: officess.ipq.co
URL: http://officess.ipq.co/rekintanta/2601/M2ULogin.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.48.235 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-48-235.deploy.static.akamaitechnologies.com
Software
none /
Resource Hash
09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b
Security Headers
Name Value
X-Content-Type-Options NOSNIFF
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; MODE=BLOCK

Request headers

Referer
http://officess.ipq.co/rekintanta/2601/M2ULogin.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 06 Feb 2019 14:24:42 GMT
X-content-type-options
NOSNIFF
Last-Modified
Thu, 05 Jul 2001 16:13:20 GMT
Server
none
ETag
"43-3b449220"
X-frame-options
SAMEORIGIN
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
67
X-xss-protection
1; MODE=BLOCK

Redirect headers

Location
https://www.maybank2u.com.my/maybank_gif/s_images/spacer.gif
Date
Wed, 06 Feb 2019 14:24:42 GMT
Connection
keep-alive
Content-Length
0
seal2.gif
www.maybank2u.com.my/maybank_gif/image/
Redirect Chain
  • http://www.maybank2u.com.my/maybank_gif/image/seal2.gif
  • https://www.maybank2u.com.my/maybank_gif/image/seal2.gif
5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.maybank2u.com.my/maybank_gif/image/seal2.gif
Requested by
Host: officess.ipq.co
URL: http://officess.ipq.co/rekintanta/2601/M2ULogin.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.48.235 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-48-235.deploy.static.akamaitechnologies.com
Software
none /
Resource Hash
fc9d7106f922e72e7f85517b56f1ee39bd1726e786f44f26bba67bfef2526586
Security Headers
Name Value
X-Content-Type-Options NOSNIFF
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; MODE=BLOCK

Request headers

Referer
http://officess.ipq.co/rekintanta/2601/M2ULogin.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 06 Feb 2019 14:24:42 GMT
X-content-type-options
NOSNIFF
Last-Modified
Wed, 27 Feb 2013 10:01:49 GMT
Server
none
ETag
"143c-512dd98d"
X-frame-options
SAMEORIGIN
Content-Type
image/gif
X-Cnection
close
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5180
X-xss-protection
1; MODE=BLOCK

Redirect headers

Location
https://www.maybank2u.com.my/maybank_gif/image/seal2.gif
Date
Wed, 06 Feb 2019 14:24:42 GMT
X-N
S
Connection
keep-alive
Content-Length
0
body.gif
www.maybank2u.com.my/maybank_gif/ 		115 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.maybank2u.com.my/maybank_gif/body.gif
Requested by
Host: officess.ipq.co
URL: http://officess.ipq.co/rekintanta/2601/M2ULogin.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.48.235 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-48-235.deploy.static.akamaitechnologies.com
Software
none /
Resource Hash
bc167f1ac73358896d3c82bdd6465d5a40d051ce023a0c9bdfe288c5632174ee
Security Headers
Name Value
X-Content-Type-Options NOSNIFF
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; MODE=BLOCK

Request headers

Referer
https://www.maybank2u.com.my/maybank_css/screen.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 06 Feb 2019 14:24:41 GMT
X-content-type-options
NOSNIFF
Last-Modified
Mon, 03 Aug 2015 09:47:55 GMT
Server
none
ETag
"73-55bf38cb"
X-frame-options
SAMEORIGIN
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
115
X-xss-protection
1; MODE=BLOCK
wrap.gif
www.maybank2u.com.my/maybank_gif/ 		117 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.maybank2u.com.my/maybank_gif/wrap.gif
Requested by
Host: officess.ipq.co
URL: http://officess.ipq.co/rekintanta/2601/M2ULogin.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.48.235 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-48-235.deploy.static.akamaitechnologies.com
Software
none /
Resource Hash
946f140038a3cf0593f81190b2c43ace270f851858f6519af3f54c536d751437
Security Headers
Name Value
X-Content-Type-Options NOSNIFF
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; MODE=BLOCK

Request headers

Referer
https://www.maybank2u.com.my/maybank_css/screen.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 06 Feb 2019 14:24:42 GMT
X-content-type-options
NOSNIFF
Last-Modified
Mon, 03 Aug 2015 09:47:54 GMT
Server
none
ETag
"75-55bf38ca"
X-frame-options
SAMEORIGIN
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
117
X-xss-protection
1; MODE=BLOCK
content.gif
www.maybank2u.com.my/maybank_gif/ 		854 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.maybank2u.com.my/maybank_gif/content.gif
Requested by
Host: officess.ipq.co
URL: http://officess.ipq.co/rekintanta/2601/M2ULogin.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.48.235 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-48-235.deploy.static.akamaitechnologies.com
Software
none /
Resource Hash
ba426ff590960d0fd5952d41c8418eb209e727f847e7455593ea9da223285bf1
Security Headers
Name Value
X-Content-Type-Options NOSNIFF
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; MODE=BLOCK

Request headers

Referer
https://www.maybank2u.com.my/maybank_css/screen.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 06 Feb 2019 14:24:42 GMT
X-content-type-options
NOSNIFF
Last-Modified
Mon, 03 Aug 2015 09:47:55 GMT
Server
none
ETag
"356-55bf38cb"
X-frame-options
SAMEORIGIN
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
854
X-xss-protection
1; MODE=BLOCK
bg.gif
www.maybank2u.com.my/maybank_gif/login/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.maybank2u.com.my/maybank_gif/login/bg.gif
Requested by
Host: officess.ipq.co
URL: http://officess.ipq.co/rekintanta/2601/M2ULogin.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.48.235 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-48-235.deploy.static.akamaitechnologies.com
Software
none /
Resource Hash
98cd187ff6835d2ef5772757fcab2d9db7f92e570aa103609d1f1aa78808fc94
Security Headers
Name Value
X-Content-Type-Options NOSNIFF
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; MODE=BLOCK

Request headers

Referer
https://www.maybank2u.com.my/maybank_css/screen.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 06 Feb 2019 14:24:42 GMT
X-content-type-options
NOSNIFF
Last-Modified
Thu, 13 Jan 2011 12:19:35 GMT
Server
none
ETag
"622-4d2eedd7"
X-frame-options
SAMEORIGIN
Content-Type
image/gif
X-Cnection
close
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1570
X-xss-protection
1; MODE=BLOCK
unamepw_btn.gif
www.maybank2u.com.my/maybank_gif/login/ 		451 B
776 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.maybank2u.com.my/maybank_gif/login/unamepw_btn.gif
Requested by
Host: officess.ipq.co
URL: http://officess.ipq.co/rekintanta/2601/M2ULogin.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.48.235 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-48-235.deploy.static.akamaitechnologies.com
Software
none /
Resource Hash
c29b839fae1156fd5604905452cc56100fcace335d6fc44427ba0bbd412e208a
Security Headers
Name Value
X-Content-Type-Options NOSNIFF
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; MODE=BLOCK

Request headers

Referer
https://www.maybank2u.com.my/maybank_css/screen.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 06 Feb 2019 14:24:41 GMT
X-content-type-options
NOSNIFF
Last-Modified
Thu, 13 Jan 2011 12:19:35 GMT
Server
none
ETag
"1c3-4d2eedd7"
X-frame-options
SAMEORIGIN
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
451
X-xss-protection
1; MODE=BLOCK
login_btn.jpg
www.maybank2u.com.my/maybank_gif/login/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.maybank2u.com.my/maybank_gif/login/login_btn.jpg
Requested by
Host: officess.ipq.co
URL: http://officess.ipq.co/rekintanta/2601/M2ULogin.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.48.235 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-48-235.deploy.static.akamaitechnologies.com
Software
none /
Resource Hash
aed483fcedb8c3fa65a1a06c40b47ddaf659478b1daf4ffd75f3ebfacbccad4f
Security Headers
Name Value
X-Content-Type-Options NOSNIFF
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; MODE=BLOCK

Request headers

Referer
https://www.maybank2u.com.my/maybank_css/screen.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 06 Feb 2019 14:24:41 GMT
X-content-type-options
NOSNIFF
Last-Modified
Thu, 13 Jan 2011 12:19:35 GMT
Server
none
ETag
"56b-4d2eedd7"
X-frame-options
SAMEORIGIN
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1387
X-xss-protection
1; MODE=BLOCK
footer.gif
www.maybank2u.com.my/maybank_gif/ 		261 B
586 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.maybank2u.com.my/maybank_gif/footer.gif
Requested by
Host: officess.ipq.co
URL: http://officess.ipq.co/rekintanta/2601/M2ULogin.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.38.48.235 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-38-48-235.deploy.static.akamaitechnologies.com
Software
none /
Resource Hash
ddd17e9a51855dbcb75d1cedd680de0ba842c449dc869c19318697e42803d2f9
Security Headers
Name Value
X-Content-Type-Options NOSNIFF
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; MODE=BLOCK

Request headers

Referer
https://www.maybank2u.com.my/maybank_css/screen.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 06 Feb 2019 14:24:42 GMT
X-content-type-options
NOSNIFF
Last-Modified
Sat, 09 Aug 2008 16:38:54 GMT
Server
none
ETag
"105-489dc81e"
X-frame-options
SAMEORIGIN
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
261
X-xss-protection
1; MODE=BLOCK

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Maybank2u (Banking)

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| toggleLayer function| addLoadEvent function| externalLinks function| popUp function| validateConditionalRequired function| trim function| errorMessageHandler function| clearErrorMessage function| clearAll function| visitReceiptPage function| printPage function| visitBillPaymentPopUp function| getPageSize function| overlay function| getPagePosition function| promptMessage function| promptMessagePopUp function| overlayCancel function| overlayPopUp function| overlayPopUpCancel function| hideOverlay function| clearInputDate function| validateInputDate function| reset_session_timer function| isNumberwithdecimal function| isNumber number| bustcachevar string| loadedobjects string| rootdomain string| bustcacheparameter function| ajaxpage function| loadpage function| loadobjs boolean| bCancel function| validateLoginForm function| alphaNumeric function| required function| minlength function| password function| validateAlphaNumeric function| validateRequired function| validateMinLength function| validatePassword boolean| NN4 boolean| IE4 number| timeoutLimit number| lastEvent function| check_for_timeout function| updateLastEvent function| go_to_logout object| divElement2 object| divElement

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

officess.ipq.co
upvel.ru
www.americanexpress.com
www.americanexpress.com.my
www.maybank2u.com.my
148.173.91.85
159.89.158.246
2.19.35.198
212.158.164.174
23.38.48.235
04842881b771adc7f609547c97a8198a82820618d4ed7c5cc22c49c32971db42
05c47a87dbd45bc2213220b2caf968ef51b8c6f22c8299d8f65b8b203732fc63
09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b
1b9be274b3b347afd5bcabd8fbd682917d85f60f3df049ef1d2394922474fe4c
3a918557b6d0350f6e16cc0ecc1466debc76eaa4ba8778eeb908f97b8c5143ea
4ebbcd5327c36147df9354d5dd2d2a7ad608e5b21079ad31506b9b687c4ef324
7085d7957d7a30c48f09b2bc381bfc509f929e7efa9fa49d2be94d5ac9acf84d
7f494a4e54a72fb7b99bc034e71727f0d1953f9fbcc00a7b71716ab80de54446
946f140038a3cf0593f81190b2c43ace270f851858f6519af3f54c536d751437
98cd187ff6835d2ef5772757fcab2d9db7f92e570aa103609d1f1aa78808fc94
a566826c585cf026621630099be51c79a993271c848f722c295ae988602f59e8
aed483fcedb8c3fa65a1a06c40b47ddaf659478b1daf4ffd75f3ebfacbccad4f
ba426ff590960d0fd5952d41c8418eb209e727f847e7455593ea9da223285bf1
bc167f1ac73358896d3c82bdd6465d5a40d051ce023a0c9bdfe288c5632174ee
c29b839fae1156fd5604905452cc56100fcace335d6fc44427ba0bbd412e208a
c4956f83cf6f45546946bce1a72f295bc1e1ffca831d625e0394044181638a88
ddd17e9a51855dbcb75d1cedd680de0ba842c449dc869c19318697e42803d2f9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecc416a479d908d29c18774125cd7f73dbe8259e19baf7b231e950dfb9dd7547
fc9d7106f922e72e7f85517b56f1ee39bd1726e786f44f26bba67bfef2526586
fdabe206408ecac5c338cb571d7dbfa7dc27e702904fad4e4b6a499a9649b4b2