{"report_id":"634d84b1-6c3a-4a02-aa56-e84740301696","version":6,"status":"done","tags":["microsoft","phishing"],"date":"2023-11-28T17:40:05Z","url":{"schema":"http","addr":"superhub.hk/CookieAuth.dll?GetLogon?curl=Z2Fowa\u0026reason=0\u0026formdir=3","fqdn":"superhub.hk","domain":"superhub.hk","tld":"hk"},"ip":{"addr":"202.134.63.144","port":0,"asn":38802,"as":"Azurance Limited","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"https","addr":"superhub.hk/CookieAuth.dll?GetLogon?curl=Z2Fowa\u0026reason=0\u0026formdir=3","fqdn":"superhub.hk","domain":"superhub.hk","tld":"hk"},"title":"Outlook Web App"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-26T10:14:49Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"superhub.hk","ip":{"addr":"202.134.63.144","port":443,"asn":38802,"as":"Azurance Limited","country":"Hong Kong","country_code":"HK"},"domain_registered":"2009-02-02","domain_rank":0,"first_seen":"2016-03-02 17:24:42","last_seen":"2023-09-26 08:23:26","alert_count":14,"request_count":14,"received_data":48636,"sent_data":7245,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"superhub.hk/CookieAuth.dll?GetPic?formdir=3\u0026image=flogon.js","fqdn":"superhub.hk","domain":"superhub.hk","tld":"hk"},"ip":{"addr":"202.134.63.144","port":443,"asn":38802,"as":"Azurance Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"f26366035bb6bcd3d966bc497df05d8c","sha1":"4536c3e8ffd066f3c7cc57095285dccd9b1785f9","sha256":"d87ecfce8a144ca47d88ccf59b11da2cc8813e1aaa2e8d3c79150cbfe4dcd053","sha512":"bc31aae6c13d934e629e810bd10c051fede5cf03ac7d5be3ff180ac4fd807ee94021609001b075c5d707cdd5da29e2d7e2f1ce0f99552eec92bf7bd5bf9bbafa","ssdeep":"384:sirp/qibi1JJpi2piZi2imibijRoRpwmIkrdqdQKLg93lTd8UFuDT0dNJ8G+ZtXg:s0p/T+jJw2wgH3+NoRum1caL31d8EuUZ","tlshash":"437218657d17edfd02b23a149efe0274ec204607189156a5788ff3744f32b626da28eb","size":17405,"data":"","first_seen":"2023-03-07T13:12:32Z","last_seen":"2026-03-20T08:51:46.702929Z","times_seen":274,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"superhub.hk/CookieAuth.dll?GetLogon?curl=Z2Fowa\u0026reason=0\u0026formdir=3","fqdn":"superhub.hk","domain":"superhub.hk","tld":"hk"},"ip":{"addr":"202.134.63.144","port":443,"asn":38802,"as":"Azurance Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"c70b1fd16daf4535e1c4ab0fcec832e1","sha1":"149c457f2182400601fe428f9caf3c53ac45c463","sha256":"2742d10a8b4b670a85f87dd11eabfa3e0045c9e87eb12b8cc672c0bfed3caeae","sha512":"eb8f60a5a63eaadd20b2c50069c93a04e7111e4c406c77ed7ceb7af76b73229a1d2f286f547e24071bbbddee7c1aada842eaed95c5acccfcd80ed1e27787583d","ssdeep":"","tlshash":"37f02753f35e2a142a5b146e5a272bc92534408b24018d403f7ec0716f7edd62eab6ad","size":512,"data":"","first_seen":"2023-03-07T01:19:42Z","last_seen":"2026-03-20T08:51:46.704376Z","times_seen":501,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eventHandler","is_inline":false,"md5":"054e877d2edf41b70598e6376d4f66d8","sha1":"b8bacd603f7a40260d6755e5ef7d873f65a452bd","sha256":"ac05721c88cde9f5041a4722d1f86b6971985645817b1d4a05444c4e78036e0f","sha512":"b2a998d4911ed2f3cf393b8b4fa8a5853b612ad614d63e48c1467f301fe288a091d6c6874541a2e9519f9a66b5fa734c2e45923aa6b40cb075f5af19580d8918","ssdeep":"","tlshash":"36700080328ae000222022a8028a2228ba0a00aa800aa080888000c0b83028bc2b0080","size":23,"data":"","first_seen":"2023-04-19T02:35:45Z","last_seen":"2026-03-27T03:53:18.096389Z","times_seen":830,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"superhub.hk/CookieAuth.dll?GetLogon?curl=Z2Fowa\u0026reason=0\u0026formdir=3","fqdn":"superhub.hk","domain":"superhub.hk","tld":"hk"},"ip":{"addr":"202.134.63.144","port":443,"asn":38802,"as":"Azurance Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-11-28T17:39:51.532Z","timestamp":1701193191532,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_RSA_WITH_AES_128_CBC_SHA","key_group_name":"none","signature_name":"none","protocol":"TLSv1.2","cert":{"subject":{"commonName":"superhub.hk","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 23 Mar 2023 00:00:00 GMT","end":"Thu, 28 Mar 2024 23:59:59 GMT"},"fingerprint":{"sha1":"FA:62:8E:60:9B:B4:18:3D:4F:33:05:96:E9:3B:8E:16:CC:93:C4:07","sha256":"D8:59:6A:7D:C6:5E:5A:72:91:BA:60:CF:AB:0A:62:A3:1A:23:C5:C6:9B:DF:87:77:5B:9C:46:CA:72:53:A6:9A"}}},"request":{"raw":"GET /CookieAuth.dll?GetLogon?curl=Z2Fowa\u0026reason=0\u0026formdir=3 HTTP/1.1\r\nHost: superhub.hk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nConnection: close\r\nContent-Type: text/html\r\nPragma: no-cache\r\nCache-control: no-cache,max-age=0,must-revalidate\r\nTransfer-Encoding: chunked\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10647,"size_decoded":0,"mime_type":"text/html","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document text\\012- exported SGML document, ASCII text, with very long lines (470), with CRLF line terminators","md5":"f78deeb5a8e22dd5165a4b513802e2e6","sha1":"7a833225990d22a6a2ba50a80423051687334e53","sha256":"1670a138a801b15fb08430b0f78ff6db85de95ad001ddf65766baaa4bf496875","sha512":"a18886f57d8dffc638ad4e8efcd76b45fe0b0e670ae6add09c16650d988c7a7edc437cc6cf4a20bbbeb0ba1b93f52a2d1a1cafde68ce8c8be914fb21b504b4dd","ssdeep":"192:5T6FDxihipiHp768a7m7fVIaVTjFIcDsDNLt7O5JhAxVPGGLrxiqKRrC:5T4xihipiH+qZIMTjFIYsDNLtqtBGLrz","tlshash":"1222da2537cce636457360a3c1b55f81eeeb983793010854b87f167b3f3ad109a17aa5","first_seen":"2023-11-28T18:40:06Z","last_seen":"2026-03-20T08:51:46.699377Z","times_seen":7,"resource_available":true,"data":null}},"time_used":2724,"timings":{"blocked":1084,"dns":256,"connect":274,"send":0,"wait":280,"receive":276,"ssl":551},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"superhub.hk/CookieAuth.dll?GetPic?formdir=3\u0026image=logon_style.css","fqdn":"superhub.hk","domain":"superhub.hk","tld":"hk"},"ip":{"addr":"202.134.63.144","port":443,"asn":38802,"as":"Azurance Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://superhub.hk/CookieAuth.dll?GetLogon?curl=Z2Fowa\u0026reason=0\u0026formdir=3","date":"2023-11-28T17:39:53.374Z","timestamp":1701193193374,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_RSA_WITH_AES_128_CBC_SHA","key_group_name":"none","signature_name":"none","protocol":"TLSv1.2","cert":{"subject":{"commonName":"superhub.hk","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 23 Mar 2023 00:00:00 GMT","end":"Thu, 28 Mar 2024 23:59:59 GMT"},"fingerprint":{"sha1":"FA:62:8E:60:9B:B4:18:3D:4F:33:05:96:E9:3B:8E:16:CC:93:C4:07","sha256":"D8:59:6A:7D:C6:5E:5A:72:91:BA:60:CF:AB:0A:62:A3:1A:23:C5:C6:9B:DF:87:77:5B:9C:46:CA:72:53:A6:9A"}}},"request":{"raw":"GET /CookieAuth.dll?GetPic?formdir=3\u0026image=logon_style.css HTTP/1.1\r\nHost: superhub.hk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://superhub.hk/CookieAuth.dll?GetLogon?curl=Z2Fowa\u0026reason=0\u0026formdir=3\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nConnection: close\r\nContent-Type: text/css\r\nCache-control: max-age=604800\r\nTransfer-Encoding: chunked\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3746,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"c82f1f45d1eb991466c09d82db767080","sha1":"0ff802868a826cdc8b35b64d75c08eb3fc77d856","sha256":"78d0171f0ba4518be6de48dd834f1453b03186b789116373c812250e7b583007","sha512":"7114c1cd08b0e609c06a35eed0791c00a654994ae54da927156acc3a7c8b0f8a44977e82f62735fda46f348492512540ea01206c9cb0bc432727acd851637673","ssdeep":"","tlshash":"a071139fdac0e0be733778b5fb7255c99f6c01528e9faf2570b11264a1520fd31a2588","first_seen":"2023-11-28T18:40:06Z","last_seen":"2026-03-20T08:51:46.701443Z","times_seen":13,"resource_available":false,"data":null}},"time_used":279,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":278,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"superhub.hk/CookieAuth.dll?GetPic?formdir=3\u0026image=owafont.css","fqdn":"superhub.hk","domain":"superhub.hk","tld":"hk"},"ip":{"addr":"202.134.63.144","port":443,"asn":38802,"as":"Azurance Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://superhub.hk/CookieAuth.dll?GetLogon?curl=Z2Fowa\u0026reason=0\u0026formdir=3","date":"2023-11-28T17:39:53.377Z","timestamp":1701193193377,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_RSA_WITH_AES_128_CBC_SHA","key_group_name":"none","signature_name":"none","protocol":"TLSv1.2","cert":{"subject":{"commonName":"superhub.hk","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 23 Mar 2023 00:00:00 GMT","end":"Thu, 28 Mar 2024 23:59:59 GMT"},"fingerprint":{"sha1":"FA:62:8E:60:9B:B4:18:3D:4F:33:05:96:E9:3B:8E:16:CC:93:C4:07","sha256":"D8:59:6A:7D:C6:5E:5A:72:91:BA:60:CF:AB:0A:62:A3:1A:23:C5:C6:9B:DF:87:77:5B:9C:46:CA:72:53:A6:9A"}}},"request":{"raw":"GET /CookieAuth.dll?GetPic?formdir=3\u0026image=owafont.css HTTP/1.1\r\nHost: superhub.hk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://superhub.hk/CookieAuth.dll?GetLogon?curl=Z2Fowa\u0026reason=0\u0026formdir=3\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nConnection: close\r\nContent-Type: text/css\r\nCache-control: max-age=604800\r\nTransfer-Encoding: chunked\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5252,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"9f2219d5b0220a73402c9f4495990900","sha1":"49716d120f59965e095545a45eb7b4505b36097a","sha256":"159f4b224ba13a8c9425965294caa598a874e980582c4c3f3f56a4bf0bea294d","sha512":"6b4c7767a8849e244f8fd69971b4864bb0580da19ac309f2dfbd8b8d13b40c77d2d802b27fb7aefbbc44ab64cdf709bf600f6d3476952d9e4a82def56c20b9d2","ssdeep":"96:N4VYNf3ofxRJdRwfq+SALS+yi66W/7nFg0:aVkAJvdR1K+Fx","tlshash":"fcb152db6d4db677137b0d02f3716ea4fc1e42128a6269b438b4fb0cacc14b94365309","first_seen":"2023-04-19T02:35:45Z","last_seen":"2026-03-20T08:51:46.69539Z","times_seen":440,"resource_available":false,"data":null}},"time_used":2376,"timings":{"blocked":1043,"dns":263,"connect":265,"send":0,"wait":270,"receive":1,"ssl":532},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"superhub.hk/CookieAuth.dll?GetPic?formdir=3\u0026image=flogon.js","fqdn":"superhub.hk","domain":"superhub.hk","tld":"hk"},"ip":{"addr":"202.134.63.144","port":443,"asn":38802,"as":"Azurance Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://superhub.hk/CookieAuth.dll?GetLogon?curl=Z2Fowa\u0026reason=0\u0026formdir=3","date":"2023-11-28T17:39:53.378Z","timestamp":1701193193378,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_RSA_WITH_AES_128_CBC_SHA","key_group_name":"none","signature_name":"none","protocol":"TLSv1.2","cert":{"subject":{"commonName":"superhub.hk","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 23 Mar 2023 00:00:00 GMT","end":"Thu, 28 Mar 2024 23:59:59 GMT"},"fingerprint":{"sha1":"FA:62:8E:60:9B:B4:18:3D:4F:33:05:96:E9:3B:8E:16:CC:93:C4:07","sha256":"D8:59:6A:7D:C6:5E:5A:72:91:BA:60:CF:AB:0A:62:A3:1A:23:C5:C6:9B:DF:87:77:5B:9C:46:CA:72:53:A6:9A"}}},"request":{"raw":"GET /CookieAuth.dll?GetPic?formdir=3\u0026image=flogon.js HTTP/1.1\r\nHost: superhub.hk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://superhub.hk/CookieAuth.dll?GetLogon?curl=Z2Fowa\u0026reason=0\u0026formdir=3\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nConnection: close\r\nContent-Type: application/x-javascript\r\nCache-control: max-age=604800\r\nContent-Encoding: gzip\r\nVary: Accept-Encoding\r\nTransfer-Encoding: chunked\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8205,"size_decoded":0,"mime_type":"application/x-javascript","magic":"ASCII text, with CRLF line terminators","md5":"f26366035bb6bcd3d966bc497df05d8c","sha1":"4536c3e8ffd066f3c7cc57095285dccd9b1785f9","sha256":"d87ecfce8a144ca47d88ccf59b11da2cc8813e1aaa2e8d3c79150cbfe4dcd053","sha512":"bc31aae6c13d934e629e810bd10c051fede5cf03ac7d5be3ff180ac4fd807ee94021609001b075c5d707cdd5da29e2d7e2f1ce0f99552eec92bf7bd5bf9bbafa","ssdeep":"384:sirp/qibi1JJpi2piZi2imibijRoRpwmIkrdqdQKLg93lTd8UFuDT0dNJ8G+ZtXg:s0p/T+jJw2wgH3+NoRum1caL31d8EuUZ","tlshash":"437218657d17edfd02b23a149efe0274ec204607189156a5788ff3744f32b626da28eb","first_seen":"2023-03-07T13:12:32Z","last_seen":"2026-03-20T08:51:46.702929Z","times_seen":274,"resource_available":true,"data":null}},"time_used":2690,"timings":{"blocked":1061,"dns":262,"connect":271,"send":0,"wait":275,"receive":274,"ssl":544},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"superhub.hk/CookieAuth.dll?GetPic?formdir=3\u0026image=lgntopr.gif","fqdn":"superhub.hk","domain":"superhub.hk","tld":"hk"},"ip":{"addr":"202.134.63.144","port":443,"asn":38802,"as":"Azurance Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://superhub.hk/CookieAuth.dll?GetLogon?curl=Z2Fowa\u0026reason=0\u0026formdir=3","date":"2023-11-28T17:39:53.380Z","timestamp":1701193193380,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_RSA_WITH_AES_128_CBC_SHA","key_group_name":"none","signature_name":"none","protocol":"TLSv1.2","cert":{"subject":{"commonName":"superhub.hk","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 23 Mar 2023 00:00:00 GMT","end":"Thu, 28 Mar 2024 23:59:59 GMT"},"fingerprint":{"sha1":"FA:62:8E:60:9B:B4:18:3D:4F:33:05:96:E9:3B:8E:16:CC:93:C4:07","sha256":"D8:59:6A:7D:C6:5E:5A:72:91:BA:60:CF:AB:0A:62:A3:1A:23:C5:C6:9B:DF:87:77:5B:9C:46:CA:72:53:A6:9A"}}},"request":{"raw":"GET /CookieAuth.dll?GetPic?formdir=3\u0026image=lgntopr.gif HTTP/1.1\r\nHost: superhub.hk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://superhub.hk/CookieAuth.dll?GetLogon?curl=Z2Fowa\u0026reason=0\u0026formdir=3\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nConnection: close\r\nContent-Type: image/gif\r\nCache-control: max-age=604800\r\nContent-Encoding: gzip\r\nVary: Accept-Encoding\r\nTransfer-Encoding: chunked\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":551,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 45 x 115\\012- data","md5":"031bed6f568fbddddf550a97400b273f","sha1":"69342ba98b1a924ea4f984f5ef6b244ba0177cb3","sha256":"f27d451896ac6a8b768361e3f07c2adf1ee7ae6bcb92ac6d0bda7fb5cf915301","sha512":"3e9fc83ee9c13080ad9c7ecd18f9ee3b5590a595ddfb7826cf9886a6a4101c926bffe033e64e35d1c12c5a0b0578a916b2458312959b18a59026c42f92a2d7e3","ssdeep":"","tlshash":"cbf00ecfd1655450dbb92a7c0312035a3b2c20232b385c8018b6a1a29e85be9b7f82e8","first_seen":"2023-05-07T21:07:33Z","last_seen":"2026-03-30T01:11:55.923451Z","times_seen":608,"resource_available":false,"data":null}},"time_used":3525,"timings":{"blocked":1608,"dns":263,"connect":265,"send":0,"wait":285,"receive":1,"ssl":555},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"superhub.hk/CookieAuth.dll?GetPic?formdir=3\u0026image=lgntopl.gif","fqdn":"superhub.hk","domain":"superhub.hk","tld":"hk"},"ip":{"addr":"202.134.63.144","port":443,"asn":38802,"as":"Azurance Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://superhub.hk/CookieAuth.dll?GetLogon?curl=Z2Fowa\u0026reason=0\u0026formdir=3","date":"2023-11-28T17:39:53.379Z","timestamp":1701193193379,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_RSA_WITH_AES_128_CBC_SHA","key_group_name":"none","signature_name":"none","protocol":"TLSv1.2","cert":{"subject":{"commonName":"superhub.hk","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 23 Mar 2023 00:00:00 GMT","end":"Thu, 28 Mar 2024 23:59:59 GMT"},"fingerprint":{"sha1":"FA:62:8E:60:9B:B4:18:3D:4F:33:05:96:E9:3B:8E:16:CC:93:C4:07","sha256":"D8:59:6A:7D:C6:5E:5A:72:91:BA:60:CF:AB:0A:62:A3:1A:23:C5:C6:9B:DF:87:77:5B:9C:46:CA:72:53:A6:9A"}}},"request":{"raw":"GET /CookieAuth.dll?GetPic?formdir=3\u0026image=lgntopl.gif HTTP/1.1\r\nHost: superhub.hk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://superhub.hk/CookieAuth.dll?GetLogon?curl=Z2Fowa\u0026reason=0\u0026formdir=3\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nConnection: close\r\nContent-Type: image/gif\r\nCache-control: max-age=604800\r\nContent-Encoding: gzip\r\nVary: Accept-Encoding\r\nTransfer-Encoding: chunked\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4452,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 456 x 115\\012- data","md5":"6ae33a65d15f6bb5113e066fca7fa73a","sha1":"fa8477f0eaed3ade4a217e91133ba37242be0c19","sha256":"b478b93f8f9a262321211d8ce812cdd6accdfb4ede6e0230ccf44e77ad161f97","sha512":"87fcce06e4e00c1e6923eb3779cfef209f3ce5365aa252e60946253c9cccd9858bf7c665f176182df8159a2ea11619d2e6a983ccf83dfcd2d14d4dfed73bbd5c","ssdeep":"96:x3alqCwBcFGzp8ejekqd2bMEqwJTVILf+1DvBGvkg3aq1PXPeDe:Ul2BcF+pfJK2YEPJTVO+1Dvssg3ttXGC","tlshash":"a4917c8e66d003f931553dbace4bdd781586b4c05ff27b155cbb896f2199740746c4c0","first_seen":"2023-05-07T21:07:33Z","last_seen":"2026-03-30T01:11:55.925586Z","times_seen":453,"resource_available":false,"data":null}},"time_used":3514,"timings":{"blocked":1609,"dns":248,"connect":273,"send":0,"wait":288,"receive":2,"ssl":546},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"superhub.hk/CookieAuth.dll?GetPic?formdir=3\u0026image=lgnbotr.gif","fqdn":"superhub.hk","domain":"superhub.hk","tld":"hk"},"ip":{"addr":"202.134.63.144","port":443,"asn":38802,"as":"Azurance Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://superhub.hk/CookieAuth.dll?GetLogon?curl=Z2Fowa\u0026reason=0\u0026formdir=3","date":"2023-11-28T17:39:53.383Z","timestamp":1701193193383,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_RSA_WITH_AES_128_CBC_SHA","key_group_name":"none","signature_name":"none","protocol":"TLSv1.2","cert":{"subject":{"commonName":"superhub.hk","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 23 Mar 2023 00:00:00 GMT","end":"Thu, 28 Mar 2024 23:59:59 GMT"},"fingerprint":{"sha1":"FA:62:8E:60:9B:B4:18:3D:4F:33:05:96:E9:3B:8E:16:CC:93:C4:07","sha256":"D8:59:6A:7D:C6:5E:5A:72:91:BA:60:CF:AB:0A:62:A3:1A:23:C5:C6:9B:DF:87:77:5B:9C:46:CA:72:53:A6:9A"}}},"request":{"raw":"GET /CookieAuth.dll?GetPic?formdir=3\u0026image=lgnbotr.gif HTTP/1.1\r\nHost: superhub.hk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://superhub.hk/CookieAuth.dll?GetLogon?curl=Z2Fowa\u0026reason=0\u0026formdir=3\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nConnection: close\r\nContent-Type: image/gif\r\nCache-control: max-age=604800\r\nContent-Encoding: gzip\r\nVary: Accept-Encoding\r\nTransfer-Encoding: chunked\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2367,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 45 x 54\\012- data","md5":"43b7c46b32691aa778c5e49d139db8f5","sha1":"e72b87c696eed81b71b853ce245a30377dce205e","sha256":"97305ffb8ff74176df42bcd213e7cdfd7679630e19911a2db7b399c7960aec3e","sha512":"59ef8bc459d0606f9b9872faa8f5aeae6ab44be21cc2b524653c11e2b1db3069ad948a7ffc6b5b439a48502ba6fdefb75cdbe32f60967c0e9e24afdb609bea20","ssdeep":"","tlshash":"924108c0d11fec4e8c140ffc8965227df17935d8c64e92ccb6aa38987fa1c79b892485","first_seen":"2023-05-07T21:07:33Z","last_seen":"2026-03-30T01:11:55.926946Z","times_seen":608,"resource_available":false,"data":null}},"time_used":3513,"timings":{"blocked":1605,"dns":248,"connect":277,"send":0,"wait":292,"receive":1,"ssl":552},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"superhub.hk/CookieAuth.dll?GetPic?formdir=3\u0026image=lgnexlogo.gif","fqdn":"superhub.hk","domain":"superhub.hk","tld":"hk"},"ip":{"addr":"202.134.63.144","port":443,"asn":38802,"as":"Azurance Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://superhub.hk/CookieAuth.dll?GetLogon?curl=Z2Fowa\u0026reason=0\u0026formdir=3","date":"2023-11-28T17:39:53.381Z","timestamp":1701193193381,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_RSA_WITH_AES_128_CBC_SHA","key_group_name":"none","signature_name":"none","protocol":"TLSv1.2","cert":{"subject":{"commonName":"superhub.hk","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 23 Mar 2023 00:00:00 GMT","end":"Thu, 28 Mar 2024 23:59:59 GMT"},"fingerprint":{"sha1":"FA:62:8E:60:9B:B4:18:3D:4F:33:05:96:E9:3B:8E:16:CC:93:C4:07","sha256":"D8:59:6A:7D:C6:5E:5A:72:91:BA:60:CF:AB:0A:62:A3:1A:23:C5:C6:9B:DF:87:77:5B:9C:46:CA:72:53:A6:9A"}}},"request":{"raw":"GET /CookieAuth.dll?GetPic?formdir=3\u0026image=lgnexlogo.gif HTTP/1.1\r\nHost: superhub.hk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://superhub.hk/CookieAuth.dll?GetLogon?curl=Z2Fowa\u0026reason=0\u0026formdir=3\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nConnection: close\r\nContent-Type: image/gif\r\nCache-control: max-age=604800\r\nContent-Encoding: gzip\r\nVary: Accept-Encoding\r\nTransfer-Encoding: chunked\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":77,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 22 x 22\\012- data","md5":"873c522598fb6da9f70d5dde7ccf6213","sha1":"c09fdcf5e3933b8efdae4505825e786462cdad51","sha256":"b125c5f621a199d89bc496740d7dac72f1a8462465a1b61e331727f5d369b2f4","sha512":"050d95f8d5292eeaa7d9c02f9c7baf719a5aec17a57b34e201f3b01ab3f601e7967d6831b835c3c2ed891cff7babd0c4d4dd928916a48c2b3b8ef046fe9a6ec8","ssdeep":"","tlshash":"b2a002a5e440f645dd4448310848b941541d5a6a4d64350a35a94747bc697d22253141","first_seen":"2023-05-07T21:07:33Z","last_seen":"2026-03-30T01:11:55.926054Z","times_seen":607,"resource_available":false,"data":null}},"time_used":3533,"timings":{"blocked":1607,"dns":262,"connect":271,"send":0,"wait":295,"receive":1,"ssl":552},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"superhub.hk/CookieAuth.dll?GetPic?formdir=3\u0026image=lgnbotl.gif","fqdn":"superhub.hk","domain":"superhub.hk","tld":"hk"},"ip":{"addr":"202.134.63.144","port":443,"asn":38802,"as":"Azurance Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://superhub.hk/CookieAuth.dll?GetLogon?curl=Z2Fowa\u0026reason=0\u0026formdir=3","date":"2023-11-28T17:39:53.382Z","timestamp":1701193193382,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_RSA_WITH_AES_128_CBC_SHA","key_group_name":"none","signature_name":"none","protocol":"TLSv1.2","cert":{"subject":{"commonName":"superhub.hk","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 23 Mar 2023 00:00:00 GMT","end":"Thu, 28 Mar 2024 23:59:59 GMT"},"fingerprint":{"sha1":"FA:62:8E:60:9B:B4:18:3D:4F:33:05:96:E9:3B:8E:16:CC:93:C4:07","sha256":"D8:59:6A:7D:C6:5E:5A:72:91:BA:60:CF:AB:0A:62:A3:1A:23:C5:C6:9B:DF:87:77:5B:9C:46:CA:72:53:A6:9A"}}},"request":{"raw":"GET /CookieAuth.dll?GetPic?formdir=3\u0026image=lgnbotl.gif HTTP/1.1\r\nHost: superhub.hk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://superhub.hk/CookieAuth.dll?GetLogon?curl=Z2Fowa\u0026reason=0\u0026formdir=3\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nConnection: close\r\nContent-Type: image/gif\r\nCache-control: max-age=604800\r\nContent-Encoding: gzip\r\nVary: Accept-Encoding\r\nTransfer-Encoding: chunked\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9306,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 456 x 54\\012- data","md5":"e0a2c263c6745f251720fe0876d140c4","sha1":"51b2196c6b10b8c6443e4f91b4c6281134755f33","sha256":"0e2cda541bf24815df2facd5729d44b70ef4e4bdd160169295944aefc9e51b0b","sha512":"942edee6d9ab26c192fae76346536e9f367cb562140eded27c2bb8102cd6c0fd9248634f22a9748dff3a47fbf23118132d49ae7048cba181dc0eb119e325578e","ssdeep":"192:6P2TK64yloOeY+Gbf4wgiBycnzHTAE6FyNXGosKPr/QzNzP:6eTK4SGcwRBycnrTlAyAHgrIzNzP","tlshash":"ae129f8d49f2f528bc164b2914e92135a1d159e2b32ccbbf554bed30b1faeb0e4d3911","first_seen":"2023-05-07T21:07:33Z","last_seen":"2026-03-30T01:11:55.923899Z","times_seen":607,"resource_available":false,"data":null}},"time_used":3797,"timings":{"blocked":1606,"dns":262,"connect":273,"send":0,"wait":286,"receive":276,"ssl":547},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"superhub.hk/CookieAuth.dll?GetPic?formdir=3\u0026image=lgnleft.gif","fqdn":"superhub.hk","domain":"superhub.hk","tld":"hk"},"ip":{"addr":"202.134.63.144","port":443,"asn":38802,"as":"Azurance Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://superhub.hk/CookieAuth.dll?GetLogon?curl=Z2Fowa\u0026reason=0\u0026formdir=3","date":"2023-11-28T17:39:55.015Z","timestamp":1701193195015,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_RSA_WITH_AES_128_CBC_SHA","key_group_name":"none","signature_name":"none","protocol":"TLSv1.2","cert":{"subject":{"commonName":"superhub.hk","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 23 Mar 2023 00:00:00 GMT","end":"Thu, 28 Mar 2024 23:59:59 GMT"},"fingerprint":{"sha1":"FA:62:8E:60:9B:B4:18:3D:4F:33:05:96:E9:3B:8E:16:CC:93:C4:07","sha256":"D8:59:6A:7D:C6:5E:5A:72:91:BA:60:CF:AB:0A:62:A3:1A:23:C5:C6:9B:DF:87:77:5B:9C:46:CA:72:53:A6:9A"}}},"request":{"raw":"GET /CookieAuth.dll?GetPic?formdir=3\u0026image=lgnleft.gif HTTP/1.1\r\nHost: superhub.hk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://superhub.hk/CookieAuth.dll?GetPic?formdir=3\u0026image=logon_style.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nConnection: close\r\nContent-Type: image/gif\r\nCache-control: max-age=604800\r\nContent-Encoding: gzip\r\nVary: Accept-Encoding\r\nTransfer-Encoding: chunked\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":313,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 15 x 200\\012- data","md5":"baf34665612f4d59f7cfc06ea82da21d","sha1":"2c8cf5f76499e66d609ddaac026720ef28078421","sha256":"96a4b86c4a5ff1f1aa67c52287be64ebd51598d32cbd1249351e462cae549185","sha512":"6a53727cba1670c26fb098f7f90ce4bd57c6d244927fb6e1b810c66c04bfc23a9b436beec24ac68be4a38306fc84f3627f997d21f6f40d1415f320f243da9261","ssdeep":"","tlshash":"04d0eb03ceaee282c3488971597d99a0002eba03030121ee70bc6840a7e9bf31ef0440","first_seen":"2023-05-07T21:07:33Z","last_seen":"2026-03-30T01:11:55.924341Z","times_seen":605,"resource_available":false,"data":null}},"time_used":1356,"timings":{"blocked":260,"dns":0,"connect":271,"send":0,"wait":276,"receive":1,"ssl":547},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"superhub.hk/CookieAuth.dll?GetPic?formdir=3\u0026image=lgnright.gif","fqdn":"superhub.hk","domain":"superhub.hk","tld":"hk"},"ip":{"addr":"202.134.63.144","port":443,"asn":38802,"as":"Azurance Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://superhub.hk/CookieAuth.dll?GetLogon?curl=Z2Fowa\u0026reason=0\u0026formdir=3","date":"2023-11-28T17:39:55.019Z","timestamp":1701193195019,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_RSA_WITH_AES_128_CBC_SHA","key_group_name":"none","signature_name":"none","protocol":"TLSv1.2","cert":{"subject":{"commonName":"superhub.hk","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 23 Mar 2023 00:00:00 GMT","end":"Thu, 28 Mar 2024 23:59:59 GMT"},"fingerprint":{"sha1":"FA:62:8E:60:9B:B4:18:3D:4F:33:05:96:E9:3B:8E:16:CC:93:C4:07","sha256":"D8:59:6A:7D:C6:5E:5A:72:91:BA:60:CF:AB:0A:62:A3:1A:23:C5:C6:9B:DF:87:77:5B:9C:46:CA:72:53:A6:9A"}}},"request":{"raw":"GET /CookieAuth.dll?GetPic?formdir=3\u0026image=lgnright.gif HTTP/1.1\r\nHost: superhub.hk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://superhub.hk/CookieAuth.dll?GetPic?formdir=3\u0026image=logon_style.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nConnection: close\r\nContent-Type: image/gif\r\nCache-control: max-age=604800\r\nContent-Encoding: gzip\r\nVary: Accept-Encoding\r\nTransfer-Encoding: chunked\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":329,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 15 x 200\\012- data","md5":"391603f1faee60db855bd11650dbbf72","sha1":"9728452459447efcc7c453c2150139839fa174bc","sha256":"a9626d4f60b20f2da50f763f20d891a70625dde0dba68116896026c400b8b775","sha512":"ba7fbc8b9cd0edc0e36c4461b314d2ee6a11f18b22cfdf9ebc8b04fe887fd180b0e27cbecbf7eb1dde6c0b2a23867df262781d3f43ad721c327350dd66b448bb","ssdeep":"","tlshash":"0de0ebd7d8c1e0ba810984b8b6a4a92a486262538375dbad3e9f071d8016a5c4a7f04f","first_seen":"2023-05-07T21:07:33Z","last_seen":"2026-03-30T01:11:55.927421Z","times_seen":605,"resource_available":false,"data":null}},"time_used":1374,"timings":{"blocked":259,"dns":0,"connect":283,"send":0,"wait":281,"receive":1,"ssl":556},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"superhub.hk/CookieAuth.dll?GetPic?formdir=3\u0026image=lgnbotm.gif","fqdn":"superhub.hk","domain":"superhub.hk","tld":"hk"},"ip":{"addr":"202.134.63.144","port":443,"asn":38802,"as":"Azurance Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://superhub.hk/CookieAuth.dll?GetLogon?curl=Z2Fowa\u0026reason=0\u0026formdir=3","date":"2023-11-28T17:39:55.021Z","timestamp":1701193195021,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_RSA_WITH_AES_128_CBC_SHA","key_group_name":"none","signature_name":"none","protocol":"TLSv1.2","cert":{"subject":{"commonName":"superhub.hk","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 23 Mar 2023 00:00:00 GMT","end":"Thu, 28 Mar 2024 23:59:59 GMT"},"fingerprint":{"sha1":"FA:62:8E:60:9B:B4:18:3D:4F:33:05:96:E9:3B:8E:16:CC:93:C4:07","sha256":"D8:59:6A:7D:C6:5E:5A:72:91:BA:60:CF:AB:0A:62:A3:1A:23:C5:C6:9B:DF:87:77:5B:9C:46:CA:72:53:A6:9A"}}},"request":{"raw":"GET /CookieAuth.dll?GetPic?formdir=3\u0026image=lgnbotm.gif HTTP/1.1\r\nHost: superhub.hk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://superhub.hk/CookieAuth.dll?GetPic?formdir=3\u0026image=logon_style.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nConnection: close\r\nContent-Type: image/gif\r\nCache-control: max-age=604800\r\nContent-Encoding: gzip\r\nVary: Accept-Encoding\r\nTransfer-Encoding: chunked\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":249,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 54\\012- data","md5":"704330b6d293ce2d32780739218696b9","sha1":"6ebd408ff617f5317595121191a92bd9ba69a01f","sha256":"6097839fd066f359bbe21fb228714cd33385a6995a060eaa504ee190e3c1178a","sha512":"6b79238f2bb7968ef7c11edf11da7077aee33b9a732d8fae02334485e5ca3e525a9c829cffb4d92dce18cab43e734c9cf68f63cbf19ce440903f6f25e9d6781c","ssdeep":"","tlshash":"37d0a76786b297c9e4a8a93c1e99c6b0243119511625da16d5517d5075a5800074514e","first_seen":"2023-05-07T21:07:33Z","last_seen":"2026-03-30T01:11:55.926488Z","times_seen":603,"resource_available":false,"data":null}},"time_used":1974,"timings":{"blocked":1113,"dns":0,"connect":0,"send":0,"wait":292,"receive":0,"ssl":569},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"superhub.hk/CookieAuth.dll?GetPic?formdir=3\u0026image=lgntopm.gif","fqdn":"superhub.hk","domain":"superhub.hk","tld":"hk"},"ip":{"addr":"202.134.63.144","port":443,"asn":38802,"as":"Azurance Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://superhub.hk/CookieAuth.dll?GetLogon?curl=Z2Fowa\u0026reason=0\u0026formdir=3","date":"2023-11-28T17:39:55.012Z","timestamp":1701193195012,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_RSA_WITH_AES_128_CBC_SHA","key_group_name":"none","signature_name":"none","protocol":"TLSv1.2","cert":{"subject":{"commonName":"superhub.hk","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 23 Mar 2023 00:00:00 GMT","end":"Thu, 28 Mar 2024 23:59:59 GMT"},"fingerprint":{"sha1":"FA:62:8E:60:9B:B4:18:3D:4F:33:05:96:E9:3B:8E:16:CC:93:C4:07","sha256":"D8:59:6A:7D:C6:5E:5A:72:91:BA:60:CF:AB:0A:62:A3:1A:23:C5:C6:9B:DF:87:77:5B:9C:46:CA:72:53:A6:9A"}}},"request":{"raw":"GET /CookieAuth.dll?GetPic?formdir=3\u0026image=lgntopm.gif HTTP/1.1\r\nHost: superhub.hk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://superhub.hk/CookieAuth.dll?GetPic?formdir=3\u0026image=logon_style.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nConnection: close\r\nContent-Type: image/gif\r\nCache-control: max-age=604800\r\nContent-Encoding: gzip\r\nVary: Accept-Encoding\r\nTransfer-Encoding: chunked\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":74,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 115\\012- data","md5":"0615717b3645a8573f07347cdb74d69f","sha1":"b707c5a9ede57d3232138ed7ccdb0b4ee9e56043","sha256":"9d894a6800fd18d20423c66066097b9653be9eb3796f6a0e216dca220c45d6d6","sha512":"def37e8e823da3881b5c1be631162cdfc0c8403e166a4b36bfeb032f039cadb102b1b9c510995b86fac613f8ab247e304ef6794eb2be4b9c390b7aebd6ad4386","ssdeep":"","tlshash":"3aa022c0e080e3c8c200ac300800e2308030a2000a00c0cb20088e8abc0c02002b3000","first_seen":"2023-05-07T21:07:33Z","last_seen":"2026-03-30T01:11:55.921157Z","times_seen":604,"resource_available":false,"data":null}},"time_used":2893,"timings":{"blocked":1311,"dns":263,"connect":277,"send":0,"wait":270,"receive":0,"ssl":532},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}},{"url":{"schema":"https","addr":"superhub.hk/CookieAuth.dll?GetPic?formdir=3\u0026image=favicon.ico","fqdn":"superhub.hk","domain":"superhub.hk","tld":"hk"},"ip":{"addr":"202.134.63.144","port":443,"asn":38802,"as":"Azurance Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://superhub.hk/CookieAuth.dll?GetLogon?curl=Z2Fowa\u0026reason=0\u0026formdir=3","date":"2023-11-28T17:39:55.954Z","timestamp":1701193195954,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_RSA_WITH_AES_128_CBC_SHA","key_group_name":"none","signature_name":"none","protocol":"TLSv1.2","cert":{"subject":{"commonName":"superhub.hk","organization":""},"issuer":{"commonName":"RapidSSL TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 23 Mar 2023 00:00:00 GMT","end":"Thu, 28 Mar 2024 23:59:59 GMT"},"fingerprint":{"sha1":"FA:62:8E:60:9B:B4:18:3D:4F:33:05:96:E9:3B:8E:16:CC:93:C4:07","sha256":"D8:59:6A:7D:C6:5E:5A:72:91:BA:60:CF:AB:0A:62:A3:1A:23:C5:C6:9B:DF:87:77:5B:9C:46:CA:72:53:A6:9A"}}},"request":{"raw":"GET /CookieAuth.dll?GetPic?formdir=3\u0026image=favicon.ico HTTP/1.1\r\nHost: superhub.hk\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://superhub.hk/CookieAuth.dll?GetLogon?curl=Z2Fowa\u0026reason=0\u0026formdir=3\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nConnection: close\r\nContent-Type: image/x-icon\r\nCache-control: max-age=604800\r\nContent-Encoding: gzip\r\nVary: Accept-Encoding\r\nTransfer-Encoding: chunked\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":817,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\\012- data","md5":"738c26ac73a5817089c30ef2da9a707e","sha1":"8832d1f0830554f33c62df6f52814410ef950f88","sha256":"ee6a7f6889908066f36944f85661471d18eb93fa8577e7a719f3ad4b867cf381","sha512":"65c4a96a477fe8b1b16fd6d068a40bd64fe7083f2a3451bf020bf81b0ddd3483bf76b58bcfb2c9466adaec80b61379735045e63e00244da2a664aef18d97ee9c","ssdeep":"","tlshash":"a32165c7a8b44b51ee7d9f3113c28aba54bbddb0278e6cdd28c1f64228722d60056107","first_seen":"2023-08-07T14:37:14Z","last_seen":"2026-03-20T08:51:46.682624Z","times_seen":494,"resource_available":false,"data":null}},"time_used":667,"timings":{"blocked":391,"dns":0,"connect":0,"send":0,"wait":275,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Phishing - Microsoft","verdict":"phishing","severity":"medium","comment":"Asset commenly seen with Microsoft phishing","tags":["microsoft","phishing"],"meta":null}]}}]}