Known malicious kithighphishing
mailNNN.com Credits Scam — pages-login-login.js
family: mail-credits-scam
Login page chunk for the mailNNN.com fake-credits Vue SPA. Renders the credential-harvesting form.
Fingerprint anchors
Provenance
Added by: analyst
Added: 2026-05-26 13:35
Anchor #2 of 3. Strongest behavioural signal — the login chunk itself, 2,217 nodes.
Sightings (5)
| Host | Scan | Script | Match | When |
|---|---|---|---|---|
| mail238.com | 269ee6c7… | https://mail238.com/static/js/pages-login-login.fffed63e.js | byte | 2026-05-23 23:34 |
| mail279.com | 4ae65998… | https://mail279.com/static/js/pages-login-login.fffed63e.js | byte | 2026-05-23 23:28 |
| mail799.com | 34f4e927… | https://mail799.com/static/js/pages-login-login.fffed63e.js | byte | 2026-05-23 23:22 |
| mail799.com | 99a68785… | https://mail799.com/static/js/pages-login-login.fffed63e.js | byte | 2026-05-23 21:54 |
| mail279.com | 36a59f71… | https://mail279.com/static/js/pages-login-login.fffed63e.js | byte | 2026-05-23 21:54 |