r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 93f633ce30c038eb581544323c5a971e
2f60526cb750c6babccc207f75fb5a8ae6f7598b
0ff6df80a892199848fb943af78541b66efc09a7ab70d4b169906fdbac1eabf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FF6DF80A892199848FB943AF78541B66EFC09A7AB70D4B169906FDBAC1EABF8"
Last-Modified: Mon, 27 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16366
Expires: Wed, 29 Mar 2023 08:22:17 GMT
Date: Wed, 29 Mar 2023 03:49:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c83d39f350161ed2f5d20dcd68e47c92
2695a888e652cb314f8094cc6073c3364336d272
62e5cc6aea61c3c32acd964d4bbe143806416008181eebc4451a8f035b69a0bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62E5CC6AEA61C3C32ACD964D4BBE143806416008181EEBC4451A8F035B69A0BC"
Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4230
Expires: Wed, 29 Mar 2023 05:00:01 GMT
Date: Wed, 29 Mar 2023 03:49:31 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ed282214b024a7895d90e229e92bb1cc
1f447aa59287ce2b45860a1a909d005a41305f77
a35ae9f89cbc77ed5fe849acdc2701592799c335f2674776d69c25bca0a00c2e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Backoff, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 29 Mar 2023 03:15:54 GMT
content-type: application/json
age: 2017
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5ad3eec59bebbf969f175627757507c1
b176af3a70db378c9e1f219bab24d9d446070d6f
704fa284035b4c9aa487331b516f5f11c324e204756ae2503bad2606ed34f25e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "704FA284035B4C9AA487331B516F5F11C324E204756AE2503BAD2606ED34F25E"
Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3358
Expires: Wed, 29 Mar 2023 04:45:29 GMT
Date: Wed, 29 Mar 2023 03:49:31 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: BnYzFLmjo6Ngp+ZxnFbh/T2MVoWzmxMcj094CeysXRT6TLOxzJZfVDjUhpnnuivFSV4PUI5Vtjg=
x-amz-request-id: 1Z1KA4GSY78TSZBR
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 29 Mar 2023 03:02:18 GMT
age: 2833
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 03:49:31 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
mobilekey.sc.hk.20-6-106-2.cprapid.com/sc.hk_mobile_key/login.php
20.6.106.2200 OK 57 kB URL HTTP/1.1 mobilekey.sc.hk.20-6-106-2.cprapid.com/sc.hk_mobile_key/login.php
IP 20.6.106.2:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6975), with CRLF line terminators
Hash 99817d5f791e2420afa7a13f839327e8
ff951209a3ed8c103075e1b3b7e994ac7d676656
558df123cd2b68b71f7deb7de27b3b39a6167047c298fe913d0457f39ccece67
Analyzer Verdict Alert quad9 Sinkholed
NIDS Severity Alert suricata medium ET PHISHING Possible Phish - Saved Website Comment Observed
GET /sc.hk_mobile_key/login.php HTTP/1.1
Host: mobilekey.sc.hk.20-6-106-2.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 03:49:31 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, ETag, Expires, Alert, Pragma, Content-Type, Retry-After, Last-Modified, Content-Length, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 29 Mar 2023 03:17:26 GMT
age: 1925
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
mobilekey.sc.hk.20-6-106-2.cprapid.com/sc.hk_mobile_key/Straight2bankLogin_files/997.38abb4054922b21d2b51.css
20.6.106.2200 OK 22 kB URL HTTP/1.1 mobilekey.sc.hk.20-6-106-2.cprapid.com/sc.hk_mobile_key/Straight2bankLogin_files/997.38abb4054922b21d2b51.css
IP 20.6.106.2:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash ed40ec2bc5273616b8d23cefbc40e58e
1d0b21cb1ae4615c6d990bb78d9049897ae1ecc9
5eb051ecd1bd043258bf627269f5308500d2d3014e5c5fb258e8b8e0164bd252
Analyzer Verdict Alert quad9 Sinkholed
GET /sc.hk_mobile_key/Straight2bankLogin_files/997.38abb4054922b21d2b51.css HTTP/1.1
Host: mobilekey.sc.hk.20-6-106-2.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 03:49:31 GMT
Server: Apache
Last-Modified: Tue, 28 Mar 2023 02:14:14 GMT
Accept-Ranges: bytes
Content-Length: 21716
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash da5340ee69a1000f751686df9e716663
a5da880a61ed119790a7990bbdcc0c97eecf04f2
d1ff10bfe40f290935abe1feeb975a6af8cf310f9ce9d45bbf482a604da73560
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D1FF10BFE40F290935ABE1FEEB975A6AF8CF310F9CE9D45BBF482A604DA73560"
Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4595
Expires: Wed, 29 Mar 2023 05:06:07 GMT
Date: Wed, 29 Mar 2023 03:49:32 GMT
Connection: keep-alive
mobilekey.sc.hk.20-6-106-2.cprapid.com/sc.hk_mobile_key/Straight2bankLogin_files/js
20.6.106.2200 OK 227 kB URL HTTP/1.1 mobilekey.sc.hk.20-6-106-2.cprapid.com/sc.hk_mobile_key/Straight2bankLogin_files/js
IP 20.6.106.2:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (22137)
Size 227 kB (226961 bytes)
Hash 40bd345a8351118bdee872f708ba2c68
e6243b82ff319cf2c96ac790773f32f06a5d2a0c
08ef18fb0a9bee5d132398f579e4dd0c1002e1cd6596da73170c82eb072b99e1
Analyzer Verdict Alert quad9 Sinkholed
GET /sc.hk_mobile_key/Straight2bankLogin_files/js HTTP/1.1
Host: mobilekey.sc.hk.20-6-106-2.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 03:49:31 GMT
Server: Apache
Last-Modified: Tue, 28 Mar 2023 02:09:40 GMT
Accept-Ranges: bytes
Content-Length: 226961
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
push.services.mozilla.com/
54.184.253.181101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.184.253.181:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: zHCPTJfl0FVhx0gP069WwA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: snhTI7O7h13HUT6pfAGjdgyRRDY=
mobilekey.sc.hk.20-6-106-2.cprapid.com/sc.hk_mobile_key/Straight2bankLogin_files/analytics.js.download
20.6.106.2200 OK 50 kB URL HTTP/1.1 mobilekey.sc.hk.20-6-106-2.cprapid.com/sc.hk_mobile_key/Straight2bankLogin_files/analytics.js.download
IP 20.6.106.2:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (1490)
Hash 54e51056211dda674100cc5b323a58ad
26dc5034cb6c7f3bbe061edd37c7fc6006cb835b
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Analyzer Verdict Alert quad9 Sinkholed
GET /sc.hk_mobile_key/Straight2bankLogin_files/analytics.js.download HTTP/1.1
Host: mobilekey.sc.hk.20-6-106-2.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 03:49:31 GMT
Server: Apache
Last-Modified: Tue, 28 Mar 2023 02:09:40 GMT
Accept-Ranges: bytes
Content-Length: 50234
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
mobilekey.sc.hk.20-6-106-2.cprapid.com/sc.hk_mobile_key/Straight2bankLogin_files/runtime.8d78c7f686200df459e1.js.download
20.6.106.2200 OK 10 kB URL HTTP/1.1 mobilekey.sc.hk.20-6-106-2.cprapid.com/sc.hk_mobile_key/Straight2bankLogin_files/runtime.8d78c7f686200df459e1.js.download
IP 20.6.106.2:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (10424), with no line terminators
Hash c8f5f93756da3178571d3a9f1efb24b0
c977b3f0b4a993fe4c5b984cd27f78ecca849c6d
0dcbf1c1bc9aa0ef646827c32459dad509ed38e6bd5c8e31168205e7997d9a34
Analyzer Verdict Alert quad9 Sinkholed
GET /sc.hk_mobile_key/Straight2bankLogin_files/runtime.8d78c7f686200df459e1.js.download HTTP/1.1
Host: mobilekey.sc.hk.20-6-106-2.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 03:49:32 GMT
Server: Apache
Last-Modified: Tue, 28 Mar 2023 02:09:40 GMT
Accept-Ranges: bytes
Content-Length: 10424
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
mobilekey.sc.hk.20-6-106-2.cprapid.com/sc.hk_mobile_key/partials/js/jquery.js
20.6.106.2200 OK 272 kB URL HTTP/1.1 mobilekey.sc.hk.20-6-106-2.cprapid.com/sc.hk_mobile_key/partials/js/jquery.js
IP 20.6.106.2:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Size 272 kB (272155 bytes)
Hash 3f24e8505d471bd934a5a68b86971580
876bd436d3b3c1436a8ac17a654e38d062acf45e
4ef5f864f89db7feaaaa5332c0a99d76076af49fef488806541ca2561e4cb379
Analyzer Verdict Alert quad9 Sinkholed
GET /sc.hk_mobile_key/partials/js/jquery.js HTTP/1.1
Host: mobilekey.sc.hk.20-6-106-2.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 03:49:31 GMT
Server: Apache
Last-Modified: Fri, 05 Feb 2021 11:11:28 GMT
Accept-Ranges: bytes
Content-Length: 272155
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
mobilekey.sc.hk.20-6-106-2.cprapid.com/sc.hk_mobile_key/Straight2bankLogin_files/vendor.7ee2b706b66d0c60d6e7.js.download
20.6.106.2200 OK 187 B URL HTTP/1.1 mobilekey.sc.hk.20-6-106-2.cprapid.com/sc.hk_mobile_key/Straight2bankLogin_files/vendor.7ee2b706b66d0c60d6e7.js.download
IP 20.6.106.2:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with no line terminators
Hash 9f08aa469ac9f554ae1ee2f205cc8c37
64f095f1d53a52d0648e6d0fd1b653b1691fd151
60863b14d5506ab862bcff39d7ea7cb5d722bc0de74e26e780c7649c2ef47f7e
Analyzer Verdict Alert quad9 Sinkholed
GET /sc.hk_mobile_key/Straight2bankLogin_files/vendor.7ee2b706b66d0c60d6e7.js.download HTTP/1.1
Host: mobilekey.sc.hk.20-6-106-2.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 03:49:32 GMT
Server: Apache
Last-Modified: Tue, 28 Mar 2023 02:09:42 GMT
Accept-Ranges: bytes
Content-Length: 187
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
mobilekey.sc.hk.20-6-106-2.cprapid.com/sc.hk_mobile_key/Straight2bankLogin_files/unifiedLogin.ce2c4f4869274bcaf506.js.download
20.6.106.2200 OK 938 B URL HTTP/1.1 mobilekey.sc.hk.20-6-106-2.cprapid.com/sc.hk_mobile_key/Straight2bankLogin_files/unifiedLogin.ce2c4f4869274bcaf506.js.download
IP 20.6.106.2:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (938), with no line terminators
Hash 7f4d13ebb86b4311c40a3f032954d04f
aa489494c7bdfe5bf199c62d8cbf4559b30e26f9
10e9f88e7b5db30d2d7d9d98c8e2d635de14f14c1e24cd867fc8887883b34228
Analyzer Verdict Alert quad9 Sinkholed
GET /sc.hk_mobile_key/Straight2bankLogin_files/unifiedLogin.ce2c4f4869274bcaf506.js.download HTTP/1.1
Host: mobilekey.sc.hk.20-6-106-2.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 03:49:32 GMT
Server: Apache
Last-Modified: Tue, 28 Mar 2023 02:09:44 GMT
Accept-Ranges: bytes
Content-Length: 938
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
mobilekey.sc.hk.20-6-106-2.cprapid.com/sc.hk_mobile_key/Straight2bankLogin_files/jquery-3.5.1.min.js.download
20.6.106.2200 OK 90 kB URL HTTP/1.1 mobilekey.sc.hk.20-6-106-2.cprapid.com/sc.hk_mobile_key/Straight2bankLogin_files/jquery-3.5.1.min.js.download
IP 20.6.106.2:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (65451)
Hash dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Analyzer Verdict Alert quad9 Sinkholed
GET /sc.hk_mobile_key/Straight2bankLogin_files/jquery-3.5.1.min.js.download HTTP/1.1
Host: mobilekey.sc.hk.20-6-106-2.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 03:49:32 GMT
Server: Apache
Last-Modified: Tue, 28 Mar 2023 02:09:44 GMT
Accept-Ranges: bytes
Content-Length: 89476
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
mobilekey.sc.hk.20-6-106-2.cprapid.com/sc.hk_mobile_key/Straight2bankLogin_files/gtm.js(1).download
20.6.106.2200 OK 405 kB URL HTTP/1.1 mobilekey.sc.hk.20-6-106-2.cprapid.com/sc.hk_mobile_key/Straight2bankLogin_files/gtm.js(1).download
IP 20.6.106.2:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (65324)
Size 405 kB (405077 bytes)
Hash f77529735b0ec30b52dd6b5b624057a0
8b0a1cbd5c0276e693f47ea18592667d74620b93
c245978cc413f26ec883daf27e45bc37c40257f7df20b3126db3732cfc5847ae
Analyzer Verdict Alert quad9 Sinkholed
GET /sc.hk_mobile_key/Straight2bankLogin_files/gtm.js(1).download HTTP/1.1
Host: mobilekey.sc.hk.20-6-106-2.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 03:49:31 GMT
Server: Apache
Last-Modified: Tue, 28 Mar 2023 02:09:40 GMT
Accept-Ranges: bytes
Content-Length: 405077
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
mobilekey.sc.hk.20-6-106-2.cprapid.com/sc.hk_mobile_key/Straight2bankLogin_files/RnE
20.6.106.2200 OK 217 kB URL HTTP/1.1 mobilekey.sc.hk.20-6-106-2.cprapid.com/sc.hk_mobile_key/Straight2bankLogin_files/RnE
IP 20.6.106.2:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Size 217 kB (216773 bytes)
Hash e6fec4efbe545e3aa2b75f9d1dd81733
43666726cc6f5c5600077cc94551e9fc1b215943
a606a4b52257c68ea8ca4bf4d3668b7964596f986dd44b276e0a617024f9f342
Analyzer Verdict Alert quad9 Sinkholed
GET /sc.hk_mobile_key/Straight2bankLogin_files/RnE HTTP/1.1
Host: mobilekey.sc.hk.20-6-106-2.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 03:49:32 GMT
Server: Apache
Last-Modified: Tue, 28 Mar 2023 02:09:44 GMT
Accept-Ranges: bytes
Content-Length: 216773
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
mobilekey.sc.hk.20-6-106-2.cprapid.com/sc.hk_mobile_key/css.css
20.6.106.2200 OK 686 kB URL HTTP/1.1 mobilekey.sc.hk.20-6-106-2.cprapid.com/sc.hk_mobile_key/css.css
IP 20.6.106.2:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (32033), with CRLF line terminators
Size 686 kB (685574 bytes)
Hash 082d7812baf0ab0045ba5f2ea1b94a5c
ababff2ed620dd5eb4a21443508cc3943c5732c0
3298377112c60996ab1c1ce50ceaa665168463d6774c126224196bf26a569cac
Analyzer Verdict Alert quad9 Sinkholed
GET /sc.hk_mobile_key/css.css HTTP/1.1
Host: mobilekey.sc.hk.20-6-106-2.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 03:49:31 GMT
Server: Apache
Last-Modified: Tue, 28 Mar 2023 03:16:32 GMT
Accept-Ranges: bytes
Content-Length: 685574
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
mobilekey.sc.hk.20-6-106-2.cprapid.com/_bm/get_params?type=get-akid
20.6.106.2404 Not Found 10 kB URL HTTP/1.1 mobilekey.sc.hk.20-6-106-2.cprapid.com/_bm/get_params?type=get-akid
IP 20.6.106.2:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Hash 10168bcf9e5a2e7ec1a3fa5861f8f734
1d79170cf7f3fb0830b8b950f73244833ca23ff0
b60847d3049ac81128ecaf074477daf058186355da1836f88e062b55c302d521
Analyzer Verdict Alert quad9 Sinkholed
GET /_bm/get_params?type=get-akid HTTP/1.1
Host: mobilekey.sc.hk.20-6-106-2.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Wed, 29 Mar 2023 03:49:33 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10078
Expires: Wed, 29 Mar 2023 06:37:31 GMT
Date: Wed, 29 Mar 2023 03:49:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10078
Expires: Wed, 29 Mar 2023 06:37:31 GMT
Date: Wed, 29 Mar 2023 03:49:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10078
Expires: Wed, 29 Mar 2023 06:37:31 GMT
Date: Wed, 29 Mar 2023 03:49:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10078
Expires: Wed, 29 Mar 2023 06:37:31 GMT
Date: Wed, 29 Mar 2023 03:49:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10078
Expires: Wed, 29 Mar 2023 06:37:31 GMT
Date: Wed, 29 Mar 2023 03:49:33 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf3e4f0a-faba-451d-ad59-1fb691753e14.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf3e4f0a-faba-451d-ad59-1fb691753e14.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b6bd3d6c290e2be5effe451fddc92288
456c678dd0b64d84021c41383a534afeaa4d7af0
3d645c8b903b9f5593d068feb00b1c04cf8444ed78a292458e69d5c553cb1691
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf3e4f0a-faba-451d-ad59-1fb691753e14.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9781
x-amzn-requestid: 9a919196-e536-4ef7-a2b2-9637aa75abff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Ceq6FGAJIAMF7Zw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64228b73-769c33f459c985ab427ed47b;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 06:38:43 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: T7nlbpfpRe76MxUDe02iIQw32f05dmRdE66ywSmviU7fT7SPNu_T1A==
via: 1.1 1cbc126937aab64e42a05f9bf2f8daee.cloudfront.net (CloudFront), 1.1 b4085435efbe95a420f374958bd145be.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 15:04:28 GMT
age: 45905
etag: "456c678dd0b64d84021c41383a534afeaa4d7af0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d713593-a582-498a-b202-20cddce4f8c4.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d713593-a582-498a-b202-20cddce4f8c4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fd1bc71c7e9eed7c086d752ea8b4b992
02a74cf88501d65b3dfcceb5adc79fd93ce785ed
a9a423d347533322d4d3ba90ee5fca5ca32f8d540f744ea2621deeda46df89f3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d713593-a582-498a-b202-20cddce4f8c4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7605
x-amzn-requestid: b7628073-4eb3-4ef6-b7d0-0224e0a75601
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguY8GFPoAMFebQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235dd2-445041c74356c54053f772a1;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:36:18 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 2LLHDcPZsSP1XPxH7agC7FhVwQQXfrWq3CEOSz0mBTjGykXxNQIq9Q==
via: 1.1 ffc1e24c06bfbb135c0a4d240b382048.cloudfront.net (CloudFront), 1.1 536063cb28bfc05fcb7a78183dd89b72.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:56:00 GMT
age: 21213
etag: "02a74cf88501d65b3dfcceb5adc79fd93ce785ed"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F11872cd2-625f-4516-9957-6a061caffeaf.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F11872cd2-625f-4516-9957-6a061caffeaf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 07f8cdea68b9cc0574754fec41f74b81
6324f51339ed8cec15ffa0c2f827acb3bf668f2f
681735818d525d3d597a64f0430031089e5768eb77e86e26fa9c1ee120621b2c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F11872cd2-625f-4516-9957-6a061caffeaf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5430
x-amzn-requestid: 3e038453-6363-4ed3-adc8-f0ccbfb59720
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguI_G7AIAMFpQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235d6c-35f15a9358be6d6811c0989f;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:34:36 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: cRd5LukARyb8XokYjr4MLi7ML-RQARQv7CmfgQZDAlaLNGu3cCkxvw==
via: 1.1 50cc3f0b039433daebdf343a3f4489ae.cloudfront.net (CloudFront), 1.1 1f6e68152880a39d72e6bf2996cd6a60.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 22:03:36 GMT
age: 20757
etag: "6324f51339ed8cec15ffa0c2f827acb3bf668f2f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4e3c3bc-43f8-468d-b787-f16eff36fbce.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4e3c3bc-43f8-468d-b787-f16eff36fbce.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 55681b318ad65a83ce3b28438541f441
2682cc516dd93c5ed51cfc73391fe783c0e32242
298cba8ba116f9362b75a5a2f7c544ee3688beba6278ccd184e47e136a26e021
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4e3c3bc-43f8-468d-b787-f16eff36fbce.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7567
x-amzn-requestid: 91d9ed55-00c5-4644-a1e6-28e8e922328d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Ca6c8EFvoAMF2ZQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64210ab8-7d05e425248b4a5455f75527;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 03:17:12 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: nMoc-_RuUofEWh7aJ9pRLxPDPp4euJETaxd6TcCEDk_TNaLRpSTs7w==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 599f04a365a179d553682d476509c388.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 11:10:30 GMT
age: 59943
etag: "2682cc516dd93c5ed51cfc73391fe783c0e32242"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ef54a1ed997cc09495edb102ccdf6803
f5637efb37b5eecff77e60e6bcf5f599991f334f
fa76d7a82dc15baf02b207cea874d1332c20a0ebe1eea99929a6f2746608412c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8745
x-amzn-requestid: e1d8dab6-4c15-4752-b528-21854c93a11c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguJ5Hy5oAMFyAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235d72-4bd62c8472f7257a155b2a80;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:34:42 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: FHONNj6M7I5oVTKAKYspq0ZAJMYohURXs5ufSL-r--zCSdjuSvrpSA==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 49cdeca097624936e070b73619df7da8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:51:37 GMT
age: 21476
etag: "f5637efb37b5eecff77e60e6bcf5f599991f334f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a2aaf12-7288-4e10-bed8-65836cbed913.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a2aaf12-7288-4e10-bed8-65836cbed913.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2394b226089edf57c8c93fc84a8ff22a
2355df6a75778a70b2d02c7ee2d0a806ea853c9b
740427ed96cddadf8ae6ed0870fdb1539e9a0acddcfa23a3d2b380bf6d527e38
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a2aaf12-7288-4e10-bed8-65836cbed913.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8316
x-amzn-requestid: c02a3a05-292d-4701-ac94-419cb6da2ebf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CYJajHBcIAMF61g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641fef76-32315fd929fa695204e57f10;Sampled=0
x-amzn-remapped-date: Sun, 26 Mar 2023 07:08:38 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: lm7mxYmBVracuOiLZ1PaNhM3hLh5elZfI3ZDJR2kf8qP3Autep9cyw==
via: 1.1 ffc1e24c06bfbb135c0a4d240b382048.cloudfront.net (CloudFront), 1.1 42ef990e439ae115ff739f04e3945234.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 07:45:04 GMT
age: 72269
etag: "2355df6a75778a70b2d02c7ee2d0a806ea853c9b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mobilekey.sc.hk.20-6-106-2.cprapid.com/sc.hk_mobile_key/Straight2bankLogin_files/vendors.6d1cd0d39c7c14f10115.js.download
20.6.106.2200 OK 2.2 MB URL HTTP/1.1 mobilekey.sc.hk.20-6-106-2.cprapid.com/sc.hk_mobile_key/Straight2bankLogin_files/vendors.6d1cd0d39c7c14f10115.js.download
IP 20.6.106.2:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (65448)
Size 2.2 MB (2166645 bytes)
Hash 1d0bf49b61618ed65620ea208442e9cb
591bc779c7d5a2a0a46b03da854ea7344650d953
9113f175f2836f8fb1c42d19290b9bb405cc9b6cc825ad4523140f5f2491bcf3
Analyzer Verdict Alert quad9 Sinkholed
GET /sc.hk_mobile_key/Straight2bankLogin_files/vendors.6d1cd0d39c7c14f10115.js.download HTTP/1.1
Host: mobilekey.sc.hk.20-6-106-2.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 03:49:32 GMT
Server: Apache
Last-Modified: Tue, 28 Mar 2023 02:09:42 GMT
Accept-Ranges: bytes
Content-Length: 2166645
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
mobilekey.sc.hk.20-6-106-2.cprapid.com/sc.hk_mobile_key/Straight2bankLogin_files/RnE
20.6.106.2200 OK 217 kB URL HTTP/1.1 mobilekey.sc.hk.20-6-106-2.cprapid.com/sc.hk_mobile_key/Straight2bankLogin_files/RnE
IP 20.6.106.2:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Size 217 kB (216773 bytes)
Hash e6fec4efbe545e3aa2b75f9d1dd81733
43666726cc6f5c5600077cc94551e9fc1b215943
a606a4b52257c68ea8ca4bf4d3668b7964596f986dd44b276e0a617024f9f342
Analyzer Verdict Alert quad9 Sinkholed
POST /sc.hk_mobile_key/Straight2bankLogin_files/RnE HTTP/1.1
Host: mobilekey.sc.hk.20-6-106-2.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: text/plain;charset=UTF-8
Content-Length: 2640
Origin: http://mobilekey.sc.hk.20-6-106-2.cprapid.com
Connection: keep-alive
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 03:49:33 GMT
Server: Apache
Last-Modified: Tue, 28 Mar 2023 02:09:44 GMT
Accept-Ranges: bytes
Content-Length: 216773
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
mobilekey.sc.hk.20-6-106-2.cprapid.com/unifiedlogin/login/foundationIcon.3df142d2ed7d6b100e15.js
20.6.106.2404 Not Found 10 kB URL HTTP/1.1 mobilekey.sc.hk.20-6-106-2.cprapid.com/unifiedlogin/login/foundationIcon.3df142d2ed7d6b100e15.js
IP 20.6.106.2:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Hash e212273685c977bae716ff3a6d7ce449
15cf673ad21ac12a756a677b71a100e4491a4e41
3adf5e9f6ede6b154fea5f151d08f1356458080c4e2f2fa59a482073a5c1e918
Analyzer Verdict Alert quad9 Sinkholed
GET /unifiedlogin/login/foundationIcon.3df142d2ed7d6b100e15.js HTTP/1.1
Host: mobilekey.sc.hk.20-6-106-2.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Wed, 29 Mar 2023 03:49:33 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
mobilekey.sc.hk.20-6-106-2.cprapid.com/unifiedlogin/login/121.c002c736a58b1decdf66.js
20.6.106.2404 Not Found 10 kB URL HTTP/1.1 mobilekey.sc.hk.20-6-106-2.cprapid.com/unifiedlogin/login/121.c002c736a58b1decdf66.js
IP 20.6.106.2:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Hash 5ab0f9d8571ae1f1fa4178c5a878c7ce
96969e7a1e5ae0f111963226ed4c4ecec555a726
b28620fb173a8e2a59828fa6bfe718bae35dac67bcd6561b69adc4742eadf438
Analyzer Verdict Alert quad9 Sinkholed
GET /unifiedlogin/login/121.c002c736a58b1decdf66.js HTTP/1.1
Host: mobilekey.sc.hk.20-6-106-2.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Wed, 29 Mar 2023 03:49:33 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
mobilekey.sc.hk.20-6-106-2.cprapid.com/unifiedlogin/login/foundation.ed7fd76257ca75a143f3.js
20.6.106.2404 Not Found 10 kB URL HTTP/1.1 mobilekey.sc.hk.20-6-106-2.cprapid.com/unifiedlogin/login/foundation.ed7fd76257ca75a143f3.js
IP 20.6.106.2:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Hash f3dfb6e8a71983436a290341da4ab255
e4e5706a926751db4b6ff5b813edc978895175cb
f101a5983a8266611e63fbcdf52905a08704428934a7c3516d147a2e9b6a5663
Analyzer Verdict Alert quad9 Sinkholed
GET /unifiedlogin/login/foundation.ed7fd76257ca75a143f3.js HTTP/1.1
Host: mobilekey.sc.hk.20-6-106-2.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Wed, 29 Mar 2023 03:49:33 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
mobilekey.sc.hk.20-6-106-2.cprapid.com/unifiedlogin/remote/cib-ui-trade-trackit/remote-trade-trackit.js
20.6.106.2404 Not Found 10 kB URL HTTP/1.1 mobilekey.sc.hk.20-6-106-2.cprapid.com/unifiedlogin/remote/cib-ui-trade-trackit/remote-trade-trackit.js
IP 20.6.106.2:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Hash 4c92a3d678c1017dd753d9991846ce7d
0345b82b54bf2885904b263490cade5646fff2de
b18383d8c4ffa36c3e56983dde59d78cf4a4fcdff235664f9cac1b6559063fc8
Analyzer Verdict Alert quad9 Sinkholed
GET /unifiedlogin/remote/cib-ui-trade-trackit/remote-trade-trackit.js HTTP/1.1
Host: mobilekey.sc.hk.20-6-106-2.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Wed, 29 Mar 2023 03:49:33 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
mobilekey.sc.hk.20-6-106-2.cprapid.com/unifiedlogin/login/997.38abb4054922b21d2b51.css
20.6.106.2404 Not Found 10 kB URL HTTP/1.1 mobilekey.sc.hk.20-6-106-2.cprapid.com/unifiedlogin/login/997.38abb4054922b21d2b51.css
IP 20.6.106.2:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Hash 38c6ff3a42abfdaba15da132465fae75
3dfdfe726b8ac6c46f453fdbb3765694edca4de0
82bf7a3ef729f3cbb8057bee8ecbebdc8c8ce12339f1decf68fcb02ba7e72184
Analyzer Verdict Alert quad9 Sinkholed
GET /unifiedlogin/login/997.38abb4054922b21d2b51.css HTTP/1.1
Host: mobilekey.sc.hk.20-6-106-2.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Wed, 29 Mar 2023 03:49:33 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
mobilekey.sc.hk.20-6-106-2.cprapid.com/unifiedlogin/login/997.1cbd9aea2c578ce4450e.js
20.6.106.2404 Not Found 10 kB URL HTTP/1.1 mobilekey.sc.hk.20-6-106-2.cprapid.com/unifiedlogin/login/997.1cbd9aea2c578ce4450e.js
IP 20.6.106.2:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4070)
Hash 059ccb75304cd244ad5e8cbdf3b9fc6c
0edf3a1184a7ddfee089145435fe23301f829bce
32cec1b736cff83588f3f2eaeced9ccd76c8521aa9581e91b13ae2166a589105
Analyzer Verdict Alert quad9 Sinkholed
GET /unifiedlogin/login/997.1cbd9aea2c578ce4450e.js HTTP/1.1
Host: mobilekey.sc.hk.20-6-106-2.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 404 Not Found
Date: Wed, 29 Mar 2023 03:49:34 GMT
Server: Apache
Accept-Ranges: bytes
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
mobilekey.sc.hk.20-6-106-2.cprapid.com/sc.hk_mobile_key/Straight2bankLogin_files/RnE
20.6.106.2200 OK 217 kB URL HTTP/1.1 mobilekey.sc.hk.20-6-106-2.cprapid.com/sc.hk_mobile_key/Straight2bankLogin_files/RnE
IP 20.6.106.2:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Size 217 kB (216773 bytes)
Hash e6fec4efbe545e3aa2b75f9d1dd81733
43666726cc6f5c5600077cc94551e9fc1b215943
a606a4b52257c68ea8ca4bf4d3668b7964596f986dd44b276e0a617024f9f342
Analyzer Verdict Alert quad9 Sinkholed
POST /sc.hk_mobile_key/Straight2bankLogin_files/RnE HTTP/1.1
Host: mobilekey.sc.hk.20-6-106-2.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: text/plain;charset=UTF-8
Content-Length: 2785
Origin: http://mobilekey.sc.hk.20-6-106-2.cprapid.com
Connection: keep-alive
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 03:49:34 GMT
Server: Apache
Last-Modified: Tue, 28 Mar 2023 02:09:44 GMT
Accept-Ranges: bytes
Content-Length: 216773
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
s2b.standardchartered.com/unifiedlogin/login/favIcon.png
95.101.10.88200 OK 1.4 kB URL HTTP/2 s2b.standardchartered.com/unifiedlogin/login/favIcon.png
IP 95.101.10.88:0
ASN #20940 Akamai International B.V.
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 046787b8adbb66d5387aa1a94f31acb6
3e7679b9e1060fd9363b3ef7e69c28df653f5e98
4634c6441e032edc307db641393137f45fe9dd5dcc01c0415b0b55fab6e1557f
GET /unifiedlogin/login/favIcon.png HTTP/1.1
Host: s2b.standardchartered.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubdomains;
last-modified: Sat, 18 Mar 2023 14:33:17 GMT
accept-ranges: bytes
content-length: 1412
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'self';style-src-elem * 'unsafe-inline';script-src-elem * 'unsafe-inline';script-src * 'self' 'unsafe-eval' 'unsafe-inline';style-src * 'unsafe-inline';img-src * 'self' data: https:;font-src * 'self' data: application:;connect-src * 'unsafe-inline'; object-src 'none' , frame-ancestors *.standardchartered.com
access-control-allow-origin: *.standardchartered.com
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Content-Type,correlationId
cache-control: no-cache, no-store , must-revalidate
pragma: no-cache
content-type: image/png
date: Wed, 29 Mar 2023 03:49:34 GMT
X-Firefox-Spdy: h2
mobilekey.sc.hk.20-6-106-2.cprapid.com/sc.hk_mobile_key/Straight2bankLogin_files/gtm.js.download
20.6.106.2200 OK 0 B URL HTTP/1.1 mobilekey.sc.hk.20-6-106-2.cprapid.com/sc.hk_mobile_key/Straight2bankLogin_files/gtm.js.download
IP 20.6.106.2:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Analyzer Verdict Alert quad9 Sinkholed
GET /sc.hk_mobile_key/Straight2bankLogin_files/gtm.js.download HTTP/1.1
Host: mobilekey.sc.hk.20-6-106-2.cprapid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 03:49:31 GMT
Server: Apache
Last-Modified: Tue, 28 Mar 2023 02:09:40 GMT
Accept-Ranges: bytes
Content-Length: 254007
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript