Report - statled.hk/

Report Overview

Submitted URL
statled.hk/
IP
137.74.37.16
ASN
#16276 OVH SAS
Submitted
2023-01-06 19:00:26
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
14

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
statled.hk	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	11 kB	6.8 MB	137.74.37.16
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	23.36.76.226
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	337 B	1.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	467 B	21 kB	142.250.74.35
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	797 B	93.184.220.29
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	49 kB	34.120.237.76
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.1 kB	216.58.211.3
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	34.213.121.129
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	387 B	1.7 kB	142.250.74.74

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-06	medium	statled.hk/	Phishing
2023-01-06	medium	statled.hk/js/jquery.mousewheel-min.js	Phishing
2023-01-06	medium	statled.hk/js/jquery-1.7.2.min.js	Phishing
2023-01-06	medium	statled.hk/	Phishing
2023-01-06	medium	statled.hk/js/jquery.cycle2.min.js	Phishing
2023-01-06	medium	statled.hk/js/jquery.js	Phishing
2023-01-06	medium	statled.hk/js/init-min.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (6)

	URL	Size	First Seen	Last Seen
	statled.hk/js/init-min.js	5.3 kB	2023-03-07	2023-03-12
Pretty URL statled.hk/js/init-min.js IP 137.74.37.16 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:22:34 Last Seen2023-03-12 16:16:17 Times Seen1 Hash 94e261f24b9ffc154387ea1a7f971e9b 230f7687f99bcdbcaaffd6a3f2e7cdff9214622d 06f6288220fe0df7c767c38665309126db72f416442b51218636f952c4ec0e79 Loading...

	statled.hk/js/jquery.cycle2.min.js	22 kB	2023-03-07	2023-12-01
Pretty URL statled.hk/js/jquery.cycle2.min.js IP 137.74.37.16 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:22:34 Last Seen2023-12-01 15:14:41 Times Seen3 Hash d2abf3efc91f6b6d75e0389a53da6d27 c797875c33cbf8a5f1635a4fac8d1d5eeb3e8a42 2e8659caa5e74b467ccf225762df61cfcc41daf4c8d8e00e0998fe5d770de3f9 Loading...

	statled.hk/js/jquery.mousewheel-min.js	1.8 kB	2023-03-07	2023-03-12
Pretty URL statled.hk/js/jquery.mousewheel-min.js IP 137.74.37.16 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:22:34 Last Seen2023-03-12 16:16:17 Times Seen1 Hash 6068ea29c9f6cc390616e0d697e972ed e6c76a6f29ae2f2199cc0539ff73f271b3ceb68a 8483e174f73f92018483a42eaa1697fe79ca3ef592911a256ce707ddd280cfa7 Loading...

	statled.hk/js/jquery-1.7.2.min.js	95 kB	2023-03-07	2024-04-19
Pretty URL statled.hk/js/jquery-1.7.2.min.js IP 137.74.37.16 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:23 Last Seen2024-04-19 17:28:11 Times Seen13706 Hash b8d64d0bc142b3f670cc0611b0aebcae abcd2ba13348f178b17141b445bc99f1917d47af 47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4 Loading...

	statled.hk/js/jquery.easing.1.3.js	8.1 kB	2023-03-07	2024-04-19
Pretty URL statled.hk/js/jquery.easing.1.3.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:03 Last Seen2024-04-19 17:50:59 Times Seen7058 Hash 6516449ed5089677ed3d7e2f11fc8942 82e40d060bc269a6dde20c3990ca5a4fea6ca754 0757f7ff6e5f6a581922a5e2d42c5e0cf7475d880885a9802e8bdd5e4188dd34 Loading...

	statled.hk/js/jquery.js	93 kB	2023-03-07	2024-04-19
Pretty URL statled.hk/js/jquery.js IP 137.74.37.16 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-19 15:06:18 Times Seen23218 Hash 397754ba49e9e0cf4e7c190da78dda05 ae49e56999d82802727455f0ba83b63acd90a22b c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4 Loading...

HTTP Transactions (52)

URL IP Response Size

statled.hk/

137.74.37.16

301 Moved Permanently

227 B

URL HTTP/1.1
statled.hk/
IP
137.74.37.16:0
ASN
#16276 OVH SAS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
227 B (227 bytes)
Hash
13db22bc1b52d6a6f15d7e7d781e166a
3b02607df5d72f45ccc269dae0ecf00957f5e6e4
8f38fde2badc29b9cfbd20c62879272225507239b3b859ee5a18b5a8855690c8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: statled.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 06 Jan 2023 19:00:13 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 227
Connection: keep-alive
Location: https://statled.hk/
X-Powered-By: PleskLin

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
326898eb925368408f6f42ee173b9d89
b8b20ee34b7e7b139e7729b8e46a54ea25f54ac8
96c2c75f700ab55649882111713ca3cfb2eaf08e404c2bc245a641dc12ae168a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96C2C75F700AB55649882111713CA3CFB2EAF08E404C2BC245A641DC12AE168A"
Last-Modified: Wed, 04 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5080
Expires: Fri, 06 Jan 2023 20:24:54 GMT
Date: Fri, 06 Jan 2023 19:00:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b5997a492d3d161c9009d95add566733
9db765ae549ebe4aa859ca27abe365cf7f62dc4d
1ec0de25b0afd3b402c728b9c6b47c4fcf25fb989052427886841a3f52510a0e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1EC0DE25B0AFD3B402C728B9C6B47C4FCF25FB989052427886841A3F52510A0E"
Last-Modified: Wed, 04 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4027
Expires: Fri, 06 Jan 2023 20:07:21 GMT
Date: Fri, 06 Jan 2023 19:00:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
da484f5e9c6805745e063b236fb81473
ae454bf4a7ae0e96935afc81ee0f89c049097b15
068d0da23acbe7f6b600c4e7dbe9c81d3ad78c8afd122255bbf3550e8a290686

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "068D0DA23ACBE7F6B600C4E7DBE9C81D3AD78C8AFD122255BBF3550E8A290686"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5782
Expires: Fri, 06 Jan 2023 20:36:36 GMT
Date: Fri, 06 Jan 2023 19:00:14 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 06 Jan 2023 18:41:22 GMT
content-type: application/json
age: 1132
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: i3bO0zWCsBQRwo0QwvGf3ak4ATPnC7k2y+QDjxF5Dt8F0oWIPgN34+AE2kcF71Ug/7JWoUyOKck=
x-amz-request-id: VQ9PPZ8PEMRWZJ73
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 06 Jan 2023 19:00:06 GMT
age: 8
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 06 Jan 2023 19:00:14 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a0e92b4dcfdd5a4af5995f9032b5f886
2505a4124d15dec908c3ea859491ba38502bf4a8
37ae8c40ee3ae936b2bb96b1ede5374122669af7bea126c8f5c0b2d33a303bff

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "37AE8C40EE3AE936B2BB96B1EDE5374122669AF7BEA126C8F5C0B2D33A303BFF"
Last-Modified: Thu, 05 Jan 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 07 Jan 2023 01:00:14 GMT
Date: Fri, 06 Jan 2023 19:00:14 GMT
Connection: keep-alive

statled.hk/images/logo.png

137.74.37.16

200 OK

7.4 kB

URL HTTP/2
statled.hk/images/logo.png
IP
137.74.37.16:0
ASN
#16276 OVH SAS

File type
PNG image data, 318 x 96, 8-bit/color RGBA, non-interlaced\012- data
Size
7.4 kB (7430 bytes)
Hash
28d6fd69042c6111507ebb426c7de2fc
7c38f9278770dbde437253d45cc2da1f556ee3dd
e71f3eb58248bee5c0d478fdfb1b0a57c5d095112f32f2c9e4c4bdd292effbc2

HTTP Headers

GET /images/logo.png HTTP/1.1
Host: statled.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://statled.hk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 06 Jan 2023 19:00:14 GMT
content-type: image/png
content-length: 7430
last-modified: Tue, 13 Jul 2021 03:53:22 GMT
etag: "60ed0e32-1d06"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

statled.hk/images/br.png

137.74.37.16

200 OK

3.5 kB

URL HTTP/2
statled.hk/images/br.png
IP
137.74.37.16:0
ASN
#16276 OVH SAS

File type
PNG image data, 24 x 12, 8-bit/color RGBA, non-interlaced\012- data
Size
3.5 kB (3517 bytes)
Hash
f0e024b3376869b05889e50887d9cc04
4a3a41992d7d2665997bb2a5aebfc6a6cf4bf5a7
c284fe8a77665a32914d4c1d2e44d38679ce3516a788f66ffb355ca699cfd653

HTTP Headers

GET /images/br.png HTTP/1.1
Host: statled.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://statled.hk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 06 Jan 2023 19:00:14 GMT
content-type: image/png
content-length: 3517
last-modified: Tue, 13 Jul 2021 03:53:26 GMT
etag: "60ed0e36-dbd"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e5782ef491c4bb5e1dc5245aed1640b7
2a34a0380e837befa2d6f2ba794c58fca083302a
88fa0e25126e72bd99d8333a8093ad8fa9d2ada9f2012bc64af23c5a7dd143a3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 19:00:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

statled.hk/images/uk.png

137.74.37.16

200 OK

3.0 kB

URL HTTP/2
statled.hk/images/uk.png
IP
137.74.37.16:0
ASN
#16276 OVH SAS

File type
PNG image data, 23 x 12, 8-bit/color RGBA, non-interlaced\012- data
Size
3.0 kB (3043 bytes)
Hash
ed721bc0d95a5009e8abddb881a2f0e2
ed4cdded4e0159839b77972106d762963bcc7c64
aecab8cbf674f624b689cd89e6dd086fc607428bda8e10f423a9d2990e57a844

HTTP Headers

GET /images/uk.png HTTP/1.1
Host: statled.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://statled.hk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 06 Jan 2023 19:00:14 GMT
content-type: image/png
content-length: 3043
last-modified: Tue, 13 Jul 2021 03:53:27 GMT
etag: "60ed0e37-be3"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e5782ef491c4bb5e1dc5245aed1640b7
2a34a0380e837befa2d6f2ba794c58fca083302a
88fa0e25126e72bd99d8333a8093ad8fa9d2ada9f2012bc64af23c5a7dd143a3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 19:00:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

statled.hk/images/emergencia.png

137.74.37.16

200 OK

17 kB

URL HTTP/2
statled.hk/images/emergencia.png
IP
137.74.37.16:0
ASN
#16276 OVH SAS

File type
PNG image data, 976 x 86, 8-bit/color RGBA, non-interlaced\012- data
Size
17 kB (17284 bytes)
Hash
60d98646a29fe2432ef5414cd7612f37
ded3cf272ec642fa23494204efcdef9af2861027
7ca0f69ddfb4ba3a05c69d4a300b1d576f1b47634b1b9a5fb6e2e0a794235845

HTTP Headers

GET /images/emergencia.png HTTP/1.1
Host: statled.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://statled.hk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 06 Jan 2023 19:00:14 GMT
content-type: image/png
content-length: 17284
last-modified: Tue, 13 Jul 2021 03:53:24 GMT
etag: "60ed0e34-4384"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

statled.hk/images/cn.png

137.74.37.16

200 OK

1.6 kB

URL HTTP/2
statled.hk/images/cn.png
IP
137.74.37.16:0
ASN
#16276 OVH SAS

File type
PNG image data, 275 x 183, 8-bit colormap, non-interlaced\012- data
Size
1.6 kB (1555 bytes)
Hash
b7805f909480b700fdf86099fe84d144
5742451e8753a08099eec0dfe418146cd18cce68
601389fb885613558ceef863967f9b025e5f8d989fb2f06ae16ef754e796982d

HTTP Headers

GET /images/cn.png HTTP/1.1
Host: statled.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://statled.hk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 06 Jan 2023 19:00:14 GMT
content-type: image/png
content-length: 1555
last-modified: Tue, 13 Jul 2021 04:07:07 GMT
etag: "60ed116b-613"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

statled.hk/images/grupo.gif

137.74.37.16

200 OK

47 kB

URL HTTP/2
statled.hk/images/grupo.gif
IP
137.74.37.16:0
ASN
#16276 OVH SAS

File type
GIF image data, version 89a, 150 x 70\012- data
Size
47 kB (47137 bytes)
Hash
6aa0224f5fee4fe7f178ee16c5c8477b
8f070d134de7ee70f4518c07b13f9c01fe9bad16
c22f38b59e7189626800807e1bdfec136325eccb189b04e33edfc7d08b1a088e

HTTP Headers

GET /images/grupo.gif HTTP/1.1
Host: statled.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://statled.hk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 06 Jan 2023 19:00:14 GMT
content-type: image/gif
content-length: 47137
last-modified: Tue, 13 Jul 2021 03:53:25 GMT
etag: "60ed0e35-b821"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

statled.hk/images/endosso.gif

137.74.37.16

200 OK

35 kB

URL HTTP/2
statled.hk/images/endosso.gif
IP
137.74.37.16:0
ASN
#16276 OVH SAS

File type
GIF image data, version 89a, 104 x 55\012- data
Size
35 kB (34791 bytes)
Hash
a9201b68fe20c8f2b3b612c3f2d2b022
d2a600a96e7f17b30cb3a1bd9d78499171b5f637
6692275324d899fa5ddc89543c94ae8cfd9f1d6b88e18da30857d903db0710bc

HTTP Headers

GET /images/endosso.gif HTTP/1.1
Host: statled.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://statled.hk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 06 Jan 2023 19:00:14 GMT
content-type: image/gif
content-length: 34791
last-modified: Tue, 13 Jul 2021 03:53:26 GMT
etag: "60ed0e36-87e7"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

statled.hk/images/chamada_home3.jpg

137.74.37.16

200 OK

102 kB

URL HTTP/2
statled.hk/images/chamada_home3.jpg
IP
137.74.37.16:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=127, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=230], baseline, precision 8, 400x220, components 3\012- data
Size
102 kB (102462 bytes)
Hash
937d0c62062de98fae37fa9ebe4a3c6f
9e9cea84d42dff90bda163d5c257016cff513db0
7f486bd7529ed096fd515c744bae21013f323cdb81eebaf741ba13f03b1a565d

HTTP Headers

GET /images/chamada_home3.jpg HTTP/1.1
Host: statled.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://statled.hk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 06 Jan 2023 19:00:14 GMT
content-type: image/jpeg
content-length: 102462
last-modified: Tue, 13 Jul 2021 03:53:24 GMT
etag: "60ed0e34-1903e"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

statled.hk/images/chamada_home4.jpg

137.74.37.16

200 OK

97 kB

URL HTTP/2
statled.hk/images/chamada_home4.jpg
IP
137.74.37.16:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=127, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=230], baseline, precision 8, 400x220, components 3\012- data
Size
97 kB (97126 bytes)
Hash
de395e62a75be4363762bc7eef64ddda
fa973357e7211d83745b2e7acf75bcfd8a2cc62a
53334809c5e35fae4d2570f243a1cbcd2aa8dc4a551b8d78a4a19fa96a8a6d6f

HTTP Headers

GET /images/chamada_home4.jpg HTTP/1.1
Host: statled.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://statled.hk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 06 Jan 2023 19:00:14 GMT
content-type: image/jpeg
content-length: 97126
last-modified: Tue, 13 Jul 2021 03:53:24 GMT
etag: "60ed0e34-17b66"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

statled.hk/images/chamada_home1.jpg

137.74.37.16

200 OK

117 kB

URL HTTP/2
statled.hk/images/chamada_home1.jpg
IP
137.74.37.16:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=127, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=230], baseline, precision 8, 400x220, components 3\012- data
Size
117 kB (117099 bytes)
Hash
59bff42bd4d7855f0b8d5f813cbd8bb5
cf5ccc49b1528b745cd3549d3a0ffdf00d9d7935
4aeaf92c8cb9c98baad3e2240d38fe0b0becfe32254385595390db056a1fc631

HTTP Headers

GET /images/chamada_home1.jpg HTTP/1.1
Host: statled.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://statled.hk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 06 Jan 2023 19:00:14 GMT
content-type: image/jpeg
content-length: 117099
last-modified: Tue, 13 Jul 2021 03:53:24 GMT
etag: "60ed0e34-1c96b"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

statled.hk/images/chamada_home2.jpg

137.74.37.16

200 OK

109 kB

URL HTTP/2
statled.hk/images/chamada_home2.jpg
IP
137.74.37.16:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=127, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=230], baseline, precision 8, 400x220, components 3\012- data
Size
109 kB (109322 bytes)
Hash
fe1c7d4b828b04ef83ceb3e78757e47c
5c61457901ed7b3af5444f520b1e1cc6ac27bfc3
f0642c091b95adda343bc886ca495ea83019796dd52a8fbd3e658442ac0de915

HTTP Headers

GET /images/chamada_home2.jpg HTTP/1.1
Host: statled.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://statled.hk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 06 Jan 2023 19:00:14 GMT
content-type: image/jpeg
content-length: 109322
last-modified: Tue, 13 Jul 2021 03:53:22 GMT
etag: "60ed0e32-1ab0a"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

statled.hk/images/canais.jpg

137.74.37.16

200 OK

300 kB

URL HTTP/2
statled.hk/images/canais.jpg
IP
137.74.37.16:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Macintosh, datetime=2020:12:30 15:02:55], baseline, precision 8, 539x629, components 3\012- data
Size
300 kB (300341 bytes)
Hash
1b34a15e057aed4942595d4ac950d82b
ba1eb56c77ac4fb77e644dfa63cfcbaf49edb83b
c7212534aecae31f26dd767a9e6b629900c449185229a6142785f7e08237305b

HTTP Headers

GET /images/canais.jpg HTTP/1.1
Host: statled.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://statled.hk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 06 Jan 2023 19:00:14 GMT
content-type: image/jpeg
content-length: 300341
last-modified: Tue, 13 Jul 2021 03:53:23 GMT
etag: "60ed0e33-49535"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

statled.hk/css/estilos.css

137.74.37.16

200 OK

3.9 kB

URL HTTP/2
statled.hk/css/estilos.css
IP
137.74.37.16:0
ASN
#16276 OVH SAS

File type
ASCII text
Size
3.9 kB (3928 bytes)
Hash
766369f39482476f5270bcee2f799378
9097761485649cb0559cadc6f9f580d33c63688f
da5bac54d4b711e1183387ce96d88a4e56feee8e9ee009a1aa0ca55b881c1483

HTTP Headers

GET /css/estilos.css HTTP/1.1
Host: statled.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://statled.hk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 06 Jan 2023 19:00:14 GMT
content-type: text/css
last-modified: Tue, 13 Jul 2021 04:07:43 GMT
etag: W/"60ed118f-4cc2"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

statled.hk/js/jquery.mousewheel-min.js

137.74.37.16

200 OK

1.3 kB

URL HTTP/2
statled.hk/js/jquery.mousewheel-min.js
IP
137.74.37.16:0
ASN
#16276 OVH SAS

File type
ASCII text, with very long lines (1423)
Size
1.3 kB (1276 bytes)
Hash
396b4acf5d024a5d43400d40fd4f516d
9af4aa6fe83e585efb7a020e2b549aecbcebdd1e
5ba01099a9a0ff35c48494349e6f683e6b3d8eeee7daf7cff87e6f8213402120

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/jquery.mousewheel-min.js HTTP/1.1
Host: statled.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://statled.hk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 06 Jan 2023 19:00:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Jul 2021 03:53:29 GMT
etag: W/"60ed0e39-6fd"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

fonts.gstatic.com/s/exo/v20/4UaOrEtFpBISc36j.woff2

142.250.74.35

200 OK

20 kB

URL HTTP/2
fonts.gstatic.com/s/exo/v20/4UaOrEtFpBISc36j.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 20364, version 1.0\012- data
Size
20 kB (20364 bytes)
Hash
0de6b557071176e7a82239a7ee11306b
b85c796676d5d08baa1bcc0957a80b5e3a3ddf47
3e9d07ebb7ea3f8e5c5568fa3b4e81d5b93aacfd93cc05192a30c0438039d349

HTTP Headers

GET /s/exo/v20/4UaOrEtFpBISc36j.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://statled.hk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20364
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 01 Jan 2023 01:52:58 GMT
expires: Mon, 01 Jan 2024 01:52:58 GMT
cache-control: public, max-age=31536000
age: 493636
last-modified: Mon, 11 Jul 2022 19:24:29 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

statled.hk/js/jquery-1.7.2.min.js

137.74.37.16

200 OK

32 kB

URL HTTP/2
statled.hk/js/jquery-1.7.2.min.js
IP
137.74.37.16:0
ASN
#16276 OVH SAS

File type
HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Size
32 kB (32548 bytes)
Hash
037b0c446dba8b1d4aa61fec76688375
bd23ad957858f1a1f6dd733bc45e392b272bd6ba
50b6a4ece9ba708b44d31270746536131d4466929ea68e3c380f6c8107fc1d79

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/jquery-1.7.2.min.js HTTP/1.1
Host: statled.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://statled.hk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 06 Jan 2023 19:00:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Jul 2021 03:53:29 GMT
etag: W/"60ed0e39-17278"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

statled.hk/images/home3.jpg

137.74.37.16

200 OK

718 kB

URL HTTP/2
statled.hk/images/home3.jpg
IP
137.74.37.16:0
ASN
#16276 OVH SAS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=2573, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=4924], baseline, precision 8, 1792x882, components 3\012- data
Size
718 kB (718417 bytes)
Hash
34405a65b31925ec9c2d38a148ff4d04
470e6897628bad3ab479029fc84fe06bac52bf58
d258529e72257d8882b7e89c490d7ac20910518c327271461eb5c4686beace26

HTTP Headers

GET /images/home3.jpg HTTP/1.1
Host: statled.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://statled.hk/css/estilos.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 06 Jan 2023 19:00:14 GMT
content-type: image/jpeg
content-length: 718417
last-modified: Tue, 13 Jul 2021 04:04:20 GMT
etag: "60ed10c4-af651"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
75cfc8b3d7a22c317465a354b950897b
272651a02a8fa17067d9e4e9ff4878d2c1af75af
40dc9698f6d97aeada27973d1b096a149bb5bb299c38a6ed87e853e6d724d26b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 19:00:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

statled.hk/images/home2.jpg

137.74.37.16

200 OK

1.3 MB

URL HTTP/2
statled.hk/images/home2.jpg
IP
137.74.37.16:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=16, height=3648, bps=206, PhotometricIntepretation=RGB, manufacturer=Canon, model=Canon EOS 6D, orientation=upper-left, width=5472], baseline, precision 8, 1800x1000, components 3\012- data
Size
1.3 MB (1265297 bytes)
Hash
3c9638ac605d3683ba80cf7ac3430c5e
0ad73d3bfb40b498f3497660651b7fd23083bf23
75169406cb4f4b30c233ac69bc7a64299b8ebb538adcf10def5ae750c794f78d

HTTP Headers

GET /images/home2.jpg HTTP/1.1
Host: statled.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://statled.hk/css/estilos.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 06 Jan 2023 19:00:14 GMT
content-type: image/jpeg
content-length: 1265297
last-modified: Tue, 13 Jul 2021 03:53:26 GMT
etag: "60ed0e36-134e91"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

statled.hk/images/home4.jpg

137.74.37.16

200 OK

624 kB

URL HTTP/2
statled.hk/images/home4.jpg
IP
137.74.37.16:0
ASN
#16276 OVH SAS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 2000x1028, components 3\012- data
Size
624 kB (623883 bytes)
Hash
163f9fc0c4ca06e8956e8498bbd98706
e50d4d2279f2e972059f81050013539823d7589c
4a11c2159d44941ff83e8eb41adc945b82a5c6c0089cd7c9efbe1d0ea76f30f6

HTTP Headers

GET /images/home4.jpg HTTP/1.1
Host: statled.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://statled.hk/css/estilos.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 06 Jan 2023 19:00:14 GMT
content-type: image/jpeg
content-length: 623883
last-modified: Tue, 13 Jul 2021 04:04:24 GMT
etag: "60ed10c8-9850b"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
43c8442b7447debab97b0f6bc973e23a
38a5f1869cff7f6ddbfd3a24e57a3da7851ba3b0
4eb7adc914570287dde1317395d1d95b07271c8fe20b97a8928025c292c47dba

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2180
Cache-Control: max-age=139373
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 19:00:15 GMT
Etag: "63b7e4a8-1d7"
Expires: Sun, 08 Jan 2023 09:43:08 GMT
Last-Modified: Fri, 06 Jan 2023 09:06:48 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

statled.hk/images/home1.jpg

137.74.37.16

200 OK

1.6 MB

URL HTTP/2
statled.hk/images/home1.jpg
IP
137.74.37.16:0
ASN
#16276 OVH SAS

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=4016, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=6016], baseline, precision 8, 1800x1000, components 3\012- data
Size
1.6 MB (1610083 bytes)
Hash
d619ac824a0a4ccb585da4971f2efd18
49d505dbb8cc02e3a1022b97de8df47502db4351
a6a87af1d74ac81749273037902873c143bf37cec191b18aacbfe6519ad9d6bd

HTTP Headers

GET /images/home1.jpg HTTP/1.1
Host: statled.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://statled.hk/css/estilos.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 06 Jan 2023 19:00:14 GMT
content-type: image/jpeg
content-length: 1610083
last-modified: Tue, 13 Jul 2021 03:53:26 GMT
etag: "60ed0e36-189163"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

statled.hk/images/home7.jpg

137.74.37.16

200 OK

896 kB

URL HTTP/2
statled.hk/images/home7.jpg
IP
137.74.37.16:0
ASN
#16276 OVH SAS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 2000x1194, components 3\012- data
Size
896 kB (895817 bytes)
Hash
95999ad8f3669f700e614c6027bd8fc0
d0f8e553b230c7a05c84b9c391c26cd583127a0a
0d01cd187e65b93bf6c7f7c87c58345b3e6345fc04a3c206a27fa84cf2d29639

HTTP Headers

GET /images/home7.jpg HTTP/1.1
Host: statled.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://statled.hk/css/estilos.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 06 Jan 2023 19:00:14 GMT
content-type: image/jpeg
content-length: 895817
last-modified: Tue, 13 Jul 2021 04:04:30 GMT
etag: "60ed10ce-dab49"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

push.services.mozilla.com/

34.213.121.129

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.213.121.129:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: EzOJQErm5puZPrL/yP5nLQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tJ9xdwRfP6QraryLv3EYXYADtNM=

statled.hk/images/home6.jpg

137.74.37.16

200 OK

462 kB

URL HTTP/2
statled.hk/images/home6.jpg
IP
137.74.37.16:0
ASN
#16276 OVH SAS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 1980x916, components 3\012- data
Size
462 kB (462305 bytes)
Hash
e47e4c052406ff36b3ba941257f66089
f92592099fc30ce40c6cf25640b7b508be02a697
902d15abe40e109a0e91c83983dd7b77f252ace019de512346504759b225bf32

HTTP Headers

GET /images/home6.jpg HTTP/1.1
Host: statled.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://statled.hk/css/estilos.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 06 Jan 2023 19:00:14 GMT
content-type: image/jpeg
content-length: 462305
last-modified: Tue, 13 Jul 2021 04:04:28 GMT
etag: "60ed10cc-70de1"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

statled.hk/images/home5.jpg

137.74.37.16

200 OK

352 kB

URL HTTP/2
statled.hk/images/home5.jpg
IP
137.74.37.16:0
ASN
#16276 OVH SAS

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 1976x1044, components 3\012- data
Size
352 kB (352121 bytes)
Hash
c6f5fa69512e9dc8498745d1f3f42e6d
89fa791f5cac47ece99bfa15e4cc84b9d8bd99c4
45da71638e87d78c311c845c7551165390afa4122e3483d2ca579a3dca872915

HTTP Headers

GET /images/home5.jpg HTTP/1.1
Host: statled.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://statled.hk/css/estilos.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 06 Jan 2023 19:00:14 GMT
content-type: image/jpeg
content-length: 352121
last-modified: Tue, 13 Jul 2021 04:04:26 GMT
etag: "60ed10ca-55f79"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
872ad13c3966689cbd481bebca0b21f8
2a052c414b68b9e71b00fa3903995e8bdd22a81c
bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5353
Expires: Fri, 06 Jan 2023 20:29:29 GMT
Date: Fri, 06 Jan 2023 19:00:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
872ad13c3966689cbd481bebca0b21f8
2a052c414b68b9e71b00fa3903995e8bdd22a81c
bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5353
Expires: Fri, 06 Jan 2023 20:29:29 GMT
Date: Fri, 06 Jan 2023 19:00:16 GMT
Connection: keep-alive

fonts.googleapis.com/css?family=Exo:400,600

142.250.74.74

200 OK

906 B

URL HTTP/2
fonts.googleapis.com/css?family=Exo:400,600
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
data
Size
906 B (906 bytes)
Hash
93043f5fbee3c49bfad2258bf5c32dc3
e818dfea0c81a3f081434f3b9ffbf94b4c79e7ed
4b68f8cb9163f0bf4938e06019fae1d433768d7866462fca23c1f10d1cdedaf4

HTTP Headers

GET /css?family=Exo:400,600 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://statled.hk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 06 Jan 2023 19:00:14 GMT
date: Fri, 06 Jan 2023 19:00:14 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
872ad13c3966689cbd481bebca0b21f8
2a052c414b68b9e71b00fa3903995e8bdd22a81c
bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5353
Expires: Fri, 06 Jan 2023 20:29:29 GMT
Date: Fri, 06 Jan 2023 19:00:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
872ad13c3966689cbd481bebca0b21f8
2a052c414b68b9e71b00fa3903995e8bdd22a81c
bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5353
Expires: Fri, 06 Jan 2023 20:29:29 GMT
Date: Fri, 06 Jan 2023 19:00:16 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F727b2cef-2229-487d-9623-29ccec44ab1f.jpeg

34.120.237.76

200 OK

5.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F727b2cef-2229-487d-9623-29ccec44ab1f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.8 kB (5809 bytes)
Hash
d256d063b2698bb9d915589a2c79fbce
d7c083857e9512ad3ecb3bbaf285409926473ceb
d4e5f901f62fa98b525fc1ecbe187032fd2d0e112c6f1b9534b742b2d6c05b08

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F727b2cef-2229-487d-9623-29ccec44ab1f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5809
x-amzn-requestid: 16b4843e-ac69-402f-87e7-66c24984cecb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eSeJoHgwIAMFhdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b743d7-507b52112e0f1176182e5d99;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 21:40:39 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JGGMyfzW2uwEbY-V22ZCWjFegXRLY-wAlWxSjLCM6C1A5kjXa2DTGw==
via: 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 21:46:41 GMT
age: 76415
etag: "d7c083857e9512ad3ecb3bbaf285409926473ceb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0cc6987-cb45-42f9-8b7e-1ec781513572.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.3 kB (6268 bytes)
Hash
884498828be14529bda4485a38b033c3
9443f22559b64c5861bbc50d0980dad8da158352
c48b1203e6b6e9468dc9a07934709f5ec2ba064fb2c9dd97f6cdc0e452a7dd77

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0cc6987-cb45-42f9-8b7e-1ec781513572.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6268
x-amzn-requestid: 3674eb24-1902-4722-8ea0-63b5fb36b41e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eSdsIEtbIAMFYsw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b7431a-1e840ef57d3fa7ab2362f37c;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 21:37:30 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jSI7UFknz6hbv5lG44ZUvaRg2ekHMRdi4NaLtpDGbpNrolofHvqbAQ==
via: 1.1 b838ef1ff22a4a994af82d5178c30e1c.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 21:46:41 GMT
age: 76415
etag: "9443f22559b64c5861bbc50d0980dad8da158352"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb84dc300-436d-4ab6-93ff-5c34a5e8faa9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.5 kB (4473 bytes)
Hash
905c01ccaa57e0ea71e9a2f58bbb2ca4
6cf4b068623644dd0ca790dbc75e3533e7759f8b
4b579d86c6b957bf5c777b44b474c1c8fac699ffe695757d43f9752b079ef42a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb84dc300-436d-4ab6-93ff-5c34a5e8faa9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4473
x-amzn-requestid: 4732a7f2-382c-41a0-a96a-dbd073af76dc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eScwQG6hoAMFQaw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b7419b-4b3c3ebf3c06242b360e6421;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 21:31:07 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XRsEwpela3bYpgBLNQxwiFzDcHzfFiXWmAEAl1jvIb1ustFu2lJdaA==
via: 1.1 adc2002956acc4d61bfbf3b973fdf246.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 22:00:17 GMT
age: 75599
etag: "6cf4b068623644dd0ca790dbc75e3533e7759f8b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.6 kB (5578 bytes)
Hash
e832123ea0c92a446b5894e75efc86ae
bb438ca635b43819701067ef07a3d910ad29a0c7
e1b0c6cd873f304de15664f96af6b6914e13fbbfb3e2179ba43369e116446773

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5578
x-amzn-requestid: 93353c3e-1b26-424c-b4c6-0d113703edd6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eFvpBFGvIAMFobw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b22c9f-1d07cff31ae39320693642f0;Sampled=0
x-amzn-remapped-date: Mon, 02 Jan 2023 01:00:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: skIlgzeKmjJ2Wsx2QeubgMvO7chgpPNZYqW4E_xhRgkCtDEhAfBp4w==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 07:33:22 GMT
age: 41214
etag: "bb438ca635b43819701067ef07a3d910ad29a0c7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4210cd0d-e5ae-416b-b3b1-984a5c3f750c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11746 bytes)
Hash
7e96507584bce9f14a50123fb78a8102
c45249ddffb15b9e957af8f5203d7d06ddf32cf8
118f62631c92e42b135046647e828eb80a54405603f5b461320b483bce0c55ba

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4210cd0d-e5ae-416b-b3b1-984a5c3f750c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11746
x-amzn-requestid: dfac0548-1ee6-4eb6-8fb6-4be00f9cf601
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eRlO6Hc_IAMFT0g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b6e8c5-4459ff7b3622ddff7dc3e3ff;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 15:12:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: P31AbiVmWqCAQfjCxt7iXE3RtDtZHNiXtBXcjBWKR_u-U_sHT1ZvTg==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 15:17:05 GMT
age: 13391
etag: "c45249ddffb15b9e957af8f5203d7d06ddf32cf8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F426acd7d-b225-4d35-a3be-10ba23ba69c9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8693 bytes)
Hash
49cab8228badce0317f63284420a2a06
94abc863dc8ac54c9ab9e57a791b404a8a09729e
399c22a3adea805a2fa373f6a85d842f47798088593803b6b38034f942e092af

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F426acd7d-b225-4d35-a3be-10ba23ba69c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8693
x-amzn-requestid: ae2b861d-87b8-4913-853a-64c76f410bf4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eNLADE-ZoAMFttw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b52533-6e5412c92f70fbd12a893047;Sampled=0
x-amzn-remapped-date: Wed, 04 Jan 2023 07:05:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 78YflWiepSLgVw3s7rsefJd1FkwKcScpFt2tIHNaBjbpF3ZQmxT9Zw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 07:48:09 GMT
age: 40327
etag: "94abc863dc8ac54c9ab9e57a791b404a8a09729e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

statled.hk/

137.74.37.16

200 OK

0 B

URL HTTP/2
statled.hk/
IP
137.74.37.16:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: statled.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx
date: Fri, 06 Jan 2023 19:00:14 GMT
content-type: text/html
last-modified: Tue, 13 Jul 2021 04:39:55 GMT
etag: W/"60ed191b-2631"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

statled.hk/js/jquery.cycle2.min.js

137.74.37.16

200 OK

0 B

URL HTTP/2
statled.hk/js/jquery.cycle2.min.js
IP
137.74.37.16:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/jquery.cycle2.min.js HTTP/1.1
Host: statled.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://statled.hk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 06 Jan 2023 19:00:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Jul 2021 03:53:29 GMT
etag: W/"60ed0e39-5788"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

statled.hk/favicon.ico

137.74.37.16

404 Not Found

0 B

URL HTTP/2
statled.hk/favicon.ico
IP
137.74.37.16:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: statled.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://statled.hk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Fri, 06 Jan 2023 19:00:15 GMT
content-type: text/html
last-modified: Wed, 12 Sep 2018 23:26:27 GMT
etag: W/"328-575b4eb69ec0f"
content-encoding: br
X-Firefox-Spdy: h2

statled.hk/js/jquery.js

137.74.37.16

200 OK

0 B

URL HTTP/2
statled.hk/js/jquery.js
IP
137.74.37.16:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/jquery.js HTTP/1.1
Host: statled.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://statled.hk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 06 Jan 2023 19:00:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Jul 2021 03:53:29 GMT
etag: W/"60ed0e39-169d5"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

statled.hk/js/init-min.js

137.74.37.16

200 OK

0 B

URL HTTP/2
statled.hk/js/init-min.js
IP
137.74.37.16:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/init-min.js HTTP/1.1
Host: statled.hk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://statled.hk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 06 Jan 2023 19:00:14 GMT
content-type: application/javascript
last-modified: Tue, 13 Jul 2021 03:53:29 GMT
etag: W/"60ed0e39-1488"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (52)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL HTTP/1.1

IP

ASN

File type