summary.magicmoving.co.ke Open in urlscan Pro
67.225.192.145 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ixoraprime.in/t-v8by-x2han-r2mtr-x1-x2-v8m-x1hk
Effective URL:
https://summary.magicmoving.co.ke/aspx1.php
Submission: On October 05 via manual (October 5th 2021, 9:47:16 am UTC) from US — Scanned from DE

Summary HTTP 42 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 10 domains to perform 42 HTTP transactions. The main IP is 67.225.192.145, located in United States and belongs to LIQUIDWEB, US. The main domain is summary.magicmoving.co.ke.
TLS certificate: Issued by R3 on October 5th 2021. Valid for: 3 months.

This is the only time summary.magicmoving.co.ke was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Outlook Web Access (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	148.72.215.4 148.72.215.4	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
1 4	67.225.192.145 67.225.192.145	32244 (LIQUIDWEB) (LIQUIDWEB)
8	23.5.164.115 23.5.164.115	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	142.250.185.104 142.250.185.104	15169 (GOOGLE) (GOOGLE)
1	142.250.186.110 142.250.186.110	15169 (GOOGLE) (GOOGLE)
2	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	172.217.23.100 172.217.23.100	15169 (GOOGLE) (GOOGLE)
1	142.250.181.227 142.250.181.227	15169 (GOOGLE) (GOOGLE)
42	9

1 148.72.215.4 (Singapore, Singapore) 1 redirects

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-148-72-215-4.ip.secureserver.net

ixoraprime.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 67.225.192.145 (United States) 1 redirects

ASN32244 (LIQUIDWEB, US)
PTR: thirteen.deepafrica.com

summary.magicmoving.co.ke	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.5.164.115 (Schiphol, Netherlands)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-5-164-115.deploy.static.akamaitechnologies.com

www.mtr.com.hk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	mtr.com.hk www.mtr.com.hk	35 KB
4	magicmoving.co.ke 1 redirects summary.magicmoving.co.ke	28 KB
1	googlesyndication.com pagead2.googlesyndication.com
1	google.de www.google.de	569 B
1	google.com www.google.com	569 B
1	doubleclick.net googleads.g.doubleclick.net	2 KB
1	googleadservices.com www.googleadservices.com	15 KB
1	google-analytics.com www.google-analytics.com	20 KB
1	googletagmanager.com www.googletagmanager.com	46 KB
1	ixoraprime.in 1 redirects ixoraprime.in	292 B
42	10

	Domain	Requested by
8	www.mtr.com.hk	summary.magicmoving.co.ke www.mtr.com.hk
4	summary.magicmoving.co.ke	1 redirects summary.magicmoving.co.ke
1	pagead2.googlesyndication.com	www.mtr.com.hk
1	www.google.de	summary.magicmoving.co.ke
1	www.google.com	summary.magicmoving.co.ke
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	www.mtr.com.hk
1	ixoraprime.in	1 redirects
42	10

This site contains no links.

Subject Issuer	Validity	Valid
summary.magicmoving.co.ke R3	`2021-10-05` - `2022-01-03`	3 months	crt.sh
www.mtr.com.hk R3	`2021-09-10` - `2021-12-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.google.de GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh

This page contains 2 frames:

Primary Page: https://summary.magicmoving.co.ke/aspx1.php
Frame ID: E1AF06CC0D8387CAA85FB9C4576113B0
Requests: 7 HTTP requests in this frame

Frame: https://www.mtr.com.hk/en/customer/main/index.html
Frame ID: 2E467A717C5A33D487C81978FB840B84
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in to Mtr Security and Quarantine Center

Page URL History Show full URLs

https://ixoraprime.in/t-v8by-x2han-r2mtr-x1-x2-v8m-x1hk HTTP 302
https://summary.magicmoving.co.ke/?client-request-id=dG9ieWNoYW5AbXRyLmNvbS5oaw== HTTP 302
https://summary.magicmoving.co.ke/aspx1.php Page URL

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

42
Requests

43 %
HTTPS

0 %
IPv6

10
Domains

10
Subdomains

9
IPs

3
Countries

145 kB
Transfer

446 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ixoraprime.in/t-v8by-x2han-r2mtr-x1-x2-v8m-x1hk HTTP 302
https://summary.magicmoving.co.ke/?client-request-id=dG9ieWNoYW5AbXRyLmNvbS5oaw== HTTP 302
https://summary.magicmoving.co.ke/aspx1.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request aspx1.php Show response
summary.magicmoving.co.ke/
Redirect Chain

https://ixoraprime.in/t-v8by-x2han-r2mtr-x1-x2-v8m-x1hk
https://summary.magicmoving.co.ke/?client-request-id=dG9ieWNoYW5AbXRyLmNvbS5oaw==
https://summary.magicmoving.co.ke/aspx1.php

51 KB
20 KB

303ms
303ms

Document
text/html

67.225.192.145
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://summary.magicmoving.co.ke/aspx1.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.225.192.145 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: thirteen.deepafrica.com
Software: Apache /
Resource Hash: 034b1a987030cbb0a4ee3ea5b48dc0a1c87c9ef0849088339022aefc2de1d8aa

Request headers

:method: GET
:authority: summary.magicmoving.co.ke
:scheme: https
:path: /aspx1.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
cookie: PHPSESSID=9b06566c95ae1b4805e7535c56a148ff
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 05 Oct 2021 09:47:12 GMT
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 19971
content-type: text/html; charset=UTF-8

Redirect headers

date: Tue, 05 Oct 2021 09:47:12 GMT
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=9b06566c95ae1b4805e7535c56a148ff; path=/
location: aspx1.php
vary: User-Agent
content-length: 0
content-type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6710ee6e22d5e3e82f70554804806c37aac5789b110d944383ea393d93eb627a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 owa_logo.png
summary.magicmoving.co.ke/images/ 8 KB
8 KB 113ms
113ms Image
image/png 67.225.192.145
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://summary.magicmoving.co.ke/images/owa_logo.png
Requested by: Host: summary.magicmoving.co.ke
URL: https://summary.magicmoving.co.ke/aspx1.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.225.192.145 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: thirteen.deepafrica.com
Software: Apache /
Resource Hash: a7c14ee84d81a536a4cd54e3a144f388f2174a4a5c409ae118ea49f0da6b4aa6

Request headers

:path: /images/owa_logo.png
pragma: no-cache
cookie: PHPSESSID=9b06566c95ae1b4805e7535c56a148ff
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: summary.magicmoving.co.ke
referer: https://summary.magicmoving.co.ke/aspx1.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://summary.magicmoving.co.ke/aspx1.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 09:47:12 GMT
last-modified: Mon, 05 Jul 2021 07:35:12 GMT
server: Apache
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7746
expires: Thu, 04 Nov 2021 09:47:12 GMT

GET
H/1.1 200
OK Cookie set / Show response
www.mtr.com.hk/ Frame 2E46 927 B
911 B 1363ms
1257ms Document
text/html 23.5.164.115
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mtr.com.hk/
Requested by: Host: summary.magicmoving.co.ke
URL: https://summary.magicmoving.co.ke/aspx1.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.5.164.115 Schiphol, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-5-164-115.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ebcdd4eb5a216168bb125c78b4e2fc17561344999a122919f62903ab78f453e9

Request headers

Host: www.mtr.com.hk
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://summary.magicmoving.co.ke/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://summary.magicmoving.co.ke/

Response headers

Server: Apache
Content-Type: text/html
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 05 Oct 2021 09:47:13 GMT
Content-Length: 555
Connection: keep-alive
Set-Cookie: gTour=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ BIGipServerMWS_HTTPS=1467324874.47873.0000; path=/; Httponly; Secure

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d9ed6586942003696afe4e52b09f343f8342244b51a9e175b75162d7e615207b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4de8fc175826d9f78fce9f9f2b71a63fe832fc7507e0394125c823b0909fa54a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 07f38b8b8c1f96ed85ecd96988f0454a95d1f665427086a507c72e55ff3ce0e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 404 segoeui-regular.ttf
summary.magicmoving.co.ke/owa/auth/15.1.2242/themes/resources/ 0
0 113ms
113ms Font
text/html 67.225.192.145
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://summary.magicmoving.co.ke/owa/auth/15.1.2242/themes/resources/segoeui-regular.ttf
Requested by: Host: summary.magicmoving.co.ke
URL: https://summary.magicmoving.co.ke/aspx1.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.225.192.145 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: thirteen.deepafrica.com
Software: Apache /
Resource Hash

Request headers

sec-fetch-mode: cors
origin: https://summary.magicmoving.co.ke
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: PHPSESSID=9b06566c95ae1b4805e7535c56a148ff
:path: /owa/auth/15.1.2242/themes/resources/segoeui-regular.ttf
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: summary.magicmoving.co.ke
referer: https://summary.magicmoving.co.ke/aspx1.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://summary.magicmoving.co.ke/aspx1.php
Origin: https://summary.magicmoving.co.ke
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 09:47:12 GMT
server: Apache
content-length: 315
content-type: text/html; charset=iso-8859-1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 2E46 120 KB
46 KB 97ms
48ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KR5MZDK

Requested by

Host: www.mtr.com.hk
URL: https://www.mtr.com.hk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

2f9dd269f6bdf6ed5360a81f467aeceb34ed6071d15850826531f225d7a026e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mtr.com.hk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 09:47:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46315
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Oct 2021 09:47:13 GMT

GET
H/1.1 200
OK Cookie set index.html Show response
www.mtr.com.hk/en/customer/main/ Frame 2E46 30 KB
6 KB 1536ms
1536ms Document
text/html 23.5.164.115
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mtr.com.hk/en/customer/main/index.html
Requested by: Host: www.mtr.com.hk
URL: https://www.mtr.com.hk/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.5.164.115 Schiphol, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-5-164-115.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3b53627cfc4a6d437c0af7a6f12602eafcb11f6081bf36f0dbd699642679a950

Request headers

Host: www.mtr.com.hk
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.mtr.com.hk/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.mtr.com.hk/

Response headers

Server: Apache
Last-Modified: Thu, 02 Sep 2021 03:00:20 GMT
Accept-Ranges: bytes
Content-Type: text/html
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Tue, 05 Oct 2021 09:47:15 GMT
Content-Length: 5318
Connection: keep-alive
Set-Cookie: BIGipServerMWS_HTTPS=1450547658.47873.0000; path=/; Httponly; Secure

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 2E46 48 KB
20 KB 80ms
23ms Script
text/javascript 142.250.186.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR5MZDK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mtr.com.hk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 6368
date: Tue, 05 Oct 2021 08:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Tue, 05 Oct 2021 10:01:06 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 2E46 37 KB
15 KB 95ms
39ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR5MZDK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

9bedfd1d0c99bb5e2963a5079716c3f6a6faa003da79795ef89edfab425769ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mtr.com.hk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 09:47:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14410
x-xss-protection: 0
server: cafe
etag: 14408451014437220469
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 05 Oct 2021 09:47:14 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/685096388/ Frame 2E46 2 KB
2 KB 85ms
34ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/685096388/?random=1633427234142&cv=9&fst=1633427234142&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9r0&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fwww.mtr.com.hk%2F&ref=https%3A%2F%2Fsummary.magicmoving.co.ke%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

9800af4ecac9f443da94c45d291596b82c9f7e2fa9635028d4fc60224137575c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mtr.com.hk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 09:47:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1015
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/685096388/ Frame 2E46 42 B
569 B 68ms
27ms Image
image/gif 172.217.23.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/685096388/?random=1633427234142&cv=9&fst=1633424400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9r0&sendb=1&frm=2&url=https%3A%2F%2Fwww.mtr.com.hk%2F&ref=https%3A%2F%2Fsummary.magicmoving.co.ke%2F&async=1&fmt=3&is_vtc=1&random=3565233553&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: summary.magicmoving.co.ke
URL: https://summary.magicmoving.co.ke/aspx1.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mtr.com.hk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 09:47:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/685096388/ Frame 2E46 42 B
569 B 85ms
35ms Image
image/gif 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/685096388/?random=1633427234142&cv=9&fst=1633424400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9r0&sendb=1&frm=2&url=https%3A%2F%2Fwww.mtr.com.hk%2F&ref=https%3A%2F%2Fsummary.magicmoving.co.ke%2F&async=1&fmt=3&is_vtc=1&random=3565233553&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: summary.magicmoving.co.ke
URL: https://summary.magicmoving.co.ke/aspx1.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mtr.com.hk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Oct 2021 09:47:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 adsbygoogle.js
pagead2.googlesyndication.com/%20pagead/js/ Frame 2E46 0
0 79ms
24ms Script
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/%20pagead/js/adsbygoogle.js
Requested by: Host: www.mtr.com.hk
URL: https://www.mtr.com.hk/en/customer/main/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mtr.com.hk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H/1.1 200
OK master_grid.css
www.mtr.com.hk/en/customer/css/ Frame 2E46 3 KB
1 KB 901ms
900ms Stylesheet
text/css 23.5.164.115
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mtr.com.hk/en/customer/css/master_grid.css
Requested by: Host: www.mtr.com.hk
URL: https://www.mtr.com.hk/en/customer/main/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.5.164.115 Schiphol, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-5-164-115.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 25aaa724793440f24f085bc4a21123d191ec64f367016ee4ede35639ddf12494

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mtr.com.hk/en/customer/main/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 09:47:16 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Dec 2016 02:48:58 GMT
Server: Apache
ETag: "ace-543bd9c8e3a80"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 911

GET
H/1.1 200
OK common.css
www.mtr.com.hk/en/customer/css/ Frame 2E46 126 KB
23 KB 963ms
937ms Stylesheet
text/css 23.5.164.115
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mtr.com.hk/en/customer/css/common.css
Requested by: Host: www.mtr.com.hk
URL: https://www.mtr.com.hk/en/customer/main/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.5.164.115 Schiphol, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-5-164-115.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 17b24d4c7bf02ba559823d51ca140d1f3a9aeb772614423d4fb3e51fdc384cb1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mtr.com.hk/en/customer/main/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 09:47:16 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 10:59:29 GMT
Server: Apache
ETag: "1f79d-5b810fbf891d0"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23582

GET
H/1.1 200
OK desktop_index.css
www.mtr.com.hk/en/customer/css/ Frame 2E46 163 B
507 B 953ms
926ms Stylesheet
text/css 23.5.164.115
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mtr.com.hk/en/customer/css/desktop_index.css
Requested by: Host: www.mtr.com.hk
URL: https://www.mtr.com.hk/en/customer/main/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.5.164.115 Schiphol, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-5-164-115.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 2396108cf0ee5fb4e1deb2a9c2d8fca2e6b13cf8ea33460f90ad978e12e1dcd4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mtr.com.hk/en/customer/main/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 09:47:16 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 May 2015 17:38:51 GMT
Server: Apache
ETag: "a3-515e5f7b3c0c0"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 143

GET RYGfunc.js
www.mtr.com.hk/share/customer/js/ Frame 2E46 0
0

GET
H/1.1 200
OK servicestatus.css
www.mtr.com.hk/en/customer/css/ Frame 2E46 8 KB
2 KB 1015ms
976ms Stylesheet
text/css 23.5.164.115
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mtr.com.hk/en/customer/css/servicestatus.css
Requested by: Host: www.mtr.com.hk
URL: https://www.mtr.com.hk/en/customer/main/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.5.164.115 Schiphol, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-5-164-115.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c49a7b5a9d86162aaf177580ee0d548e9fcb37775e9fb972f5ff3127a005a341

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mtr.com.hk/en/customer/main/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 09:47:16 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Feb 2020 17:13:06 GMT
Server: Apache
ETag: "1edb-59e7833ceac80"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1371

GET jquery-1.8.3.min.js
www.mtr.com.hk/share/customer/js/ Frame 2E46 0
0

GET frame_responsive_rpyg.js
www.mtr.com.hk/share/customer/js/ Frame 2E46 0
0

GET index_responsive.js
www.mtr.com.hk/share/customer/js/ Frame 2E46 0
0

GET selectivizr_rpyg.js
www.mtr.com.hk/share/customer/js/ Frame 2E46 0
0

GET jquery_cookie.js
www.mtr.com.hk/share/customer/js/ Frame 2E46 0
0

GET common_rpyg.js
www.mtr.com.hk/share/customer/js/ Frame 2E46 0
0

GET
H/1.1 200
OK owl.carousel.css
www.mtr.com.hk/en/customer/css/ Frame 2E46 1 KB
896 B 980ms
942ms Stylesheet
text/css 23.5.164.115
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mtr.com.hk/en/customer/css/owl.carousel.css
Requested by: Host: www.mtr.com.hk
URL: https://www.mtr.com.hk/en/customer/main/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.5.164.115 Schiphol, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-5-164-115.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: fe34530a1749ae56ec2f276e35c6639ead7ffe32cb33937e12c0201a2074c0e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mtr.com.hk/en/customer/main/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 09:47:16 GMT
Content-Encoding: gzip
Last-Modified: Mon, 31 Mar 2014 09:31:37 GMT
Server: Apache
ETag: "5c8-4f5e3b7ceb040"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 531

GET owl.carousel.js
www.mtr.com.hk/share/customer/js/ Frame 2E46 0
0

GET index.js
www.mtr.com.hk/share/customer/js/ Frame 2E46 0
0

GET
H/1.1 200
OK jquery.sidr.dark.css
www.mtr.com.hk/en/customer/css/ Frame 2E46 2 KB
1 KB 990ms
952ms Stylesheet
text/css 23.5.164.115
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mtr.com.hk/en/customer/css/jquery.sidr.dark.css
Requested by: Host: www.mtr.com.hk
URL: https://www.mtr.com.hk/en/customer/main/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.5.164.115 Schiphol, Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-5-164-115.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7b82766b36d1aeade45fdcbf3c0aa3ffb2ed75efb9906146ab29d0e7521c1037

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.mtr.com.hk/en/customer/main/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 05 Oct 2021 09:47:16 GMT
Content-Encoding: gzip
Last-Modified: Mon, 31 Mar 2014 09:31:37 GMT
Server: Apache
ETag: "94a-4f5e3b7ceb040"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 765

GET jquery.sidr.min.js
www.mtr.com.hk/share/customer/js/ Frame 2E46 0
0

GET mobilemenu.js
www.mtr.com.hk/share/customer/js/ Frame 2E46 0
0

GET rpyg_common.css
www.mtr.com.hk/en/customer/css/ Frame 2E46 0
0

GET AlertRed.png
www.mtr.com.hk/ch/customer/images/ Frame 2E46 0
0

GET loading.gif
www.mtr.com.hk/en/customer/images/ Frame 2E46 0
0

GET online.jpg
www.mtr.com.hk/ch/customer/images/homepage/ Frame 2E46 0
0

GET column-banner.jpg
www.mtr.com.hk/ch/customer/images/promotion/infection_preventative_measures/ Frame 2E46 0
0

GET img04.jpg
www.mtr.com.hk/en/customer/images/ Frame 2E46 0
0

GET img05.jpg
www.mtr.com.hk/en/customer/images/ Frame 2E46 0
0

GET community2017.jpg
www.mtr.com.hk/ch/customer/images/homepage/ Frame 2E46 0
0

GET img07.jpg
www.mtr.com.hk/en/customer/images/ Frame 2E46 0
0

GET Gen2_Logo_271px105.jpg
www.mtr.com.hk/ch/customer/images/promotion/railgen_2/ Frame 2E46 0
0

GET ico-refresh.png
www.mtr.com.hk/en/customer/images/ Frame 2E46 0
0

GET refreshicon.jpg
www.mtr.com.hk/en/customer/images/ Frame 2E46 0
0

GET gtm.js
www.googletagmanager.com/ Frame 2E46 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.mtr.com.hk
URL: https://www.mtr.com.hk/share/customer/js/RYGfunc.js?v=0.2

Domain: www.mtr.com.hk
URL: https://www.mtr.com.hk/share/customer/js/jquery-1.8.3.min.js

Domain: www.mtr.com.hk
URL: https://www.mtr.com.hk/share/customer/js/frame_responsive_rpyg.js

Domain: www.mtr.com.hk
URL: https://www.mtr.com.hk/share/customer/js/index_responsive.js

Domain: www.mtr.com.hk
URL: https://www.mtr.com.hk/share/customer/js/selectivizr_rpyg.js

Domain: www.mtr.com.hk
URL: https://www.mtr.com.hk/share/customer/js/jquery_cookie.js

Domain: www.mtr.com.hk
URL: https://www.mtr.com.hk/share/customer/js/common_rpyg.js

Domain: www.mtr.com.hk
URL: https://www.mtr.com.hk/share/customer/js/owl.carousel.js

Domain: www.mtr.com.hk
URL: https://www.mtr.com.hk/share/customer/js/index.js

Domain: www.mtr.com.hk
URL: https://www.mtr.com.hk/share/customer/js/jquery.sidr.min.js

Domain: www.mtr.com.hk
URL: https://www.mtr.com.hk/share/customer/js/mobilemenu.js

Domain: www.mtr.com.hk
URL: https://www.mtr.com.hk/en/customer/css/rpyg_common.css

Domain: www.mtr.com.hk
URL: https://www.mtr.com.hk/ch/customer/images/AlertRed.png

Domain: www.mtr.com.hk
URL: https://www.mtr.com.hk/en/customer/images/loading.gif

Domain: www.mtr.com.hk
URL: https://www.mtr.com.hk/ch/customer/images/homepage/online.jpg

Domain: www.mtr.com.hk
URL: https://www.mtr.com.hk/ch/customer/images/promotion/infection_preventative_measures/column-banner.jpg

Domain: www.mtr.com.hk
URL: https://www.mtr.com.hk/en/customer/images/img04.jpg

Domain: www.mtr.com.hk
URL: https://www.mtr.com.hk/en/customer/images/img05.jpg

Domain: www.mtr.com.hk
URL: https://www.mtr.com.hk/ch/customer/images/homepage/community2017.jpg

Domain: www.mtr.com.hk
URL: https://www.mtr.com.hk/en/customer/images/img07.jpg

Domain: www.mtr.com.hk
URL: https://www.mtr.com.hk/ch/customer/images/promotion/railgen_2/Gen2_Logo_271px105.jpg

Domain: www.mtr.com.hk
URL: https://www.mtr.com.hk/en/customer/images/ico-refresh.png

Domain: www.mtr.com.hk
URL: https://www.mtr.com.hk/en/customer/images/refreshicon.jpg

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR5MZDK

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Outlook Web Access (Online)

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			summary.magicmoving.co.ke/	1969-12-31 23:59:59	Name: PHPSESSID Value: 9b06566c95ae1b4805e7535c56a148ff
			.doubleclick.net/	1970-01-19 21:43:48	Name: test_cookie Value: CheckForPermission

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://summary.magicmoving.co.ke/owa/auth/15.1.2242/themes/resources/segoeui-regular.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://pagead2.googlesyndication.com/%20pagead/js/adsbygoogle.js Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

googleads.g.doubleclick.net
ixoraprime.in
pagead2.googlesyndication.com
summary.magicmoving.co.ke
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.mtr.com.hk
www.googletagmanager.com
www.mtr.com.hk
142.250.181.227
142.250.185.104
142.250.185.194
142.250.186.110
142.250.186.98
148.72.215.4
172.217.23.100
23.5.164.115
67.225.192.145
034b1a987030cbb0a4ee3ea5b48dc0a1c87c9ef0849088339022aefc2de1d8aa
07f38b8b8c1f96ed85ecd96988f0454a95d1f665427086a507c72e55ff3ce0e7
17b24d4c7bf02ba559823d51ca140d1f3a9aeb772614423d4fb3e51fdc384cb1
2396108cf0ee5fb4e1deb2a9c2d8fca2e6b13cf8ea33460f90ad978e12e1dcd4
25aaa724793440f24f085bc4a21123d191ec64f367016ee4ede35639ddf12494
2f9dd269f6bdf6ed5360a81f467aeceb34ed6071d15850826531f225d7a026e8
3b53627cfc4a6d437c0af7a6f12602eafcb11f6081bf36f0dbd699642679a950
4de8fc175826d9f78fce9f9f2b71a63fe832fc7507e0394125c823b0909fa54a
6710ee6e22d5e3e82f70554804806c37aac5789b110d944383ea393d93eb627a
7b82766b36d1aeade45fdcbf3c0aa3ffb2ed75efb9906146ab29d0e7521c1037
9800af4ecac9f443da94c45d291596b82c9f7e2fa9635028d4fc60224137575c
9bedfd1d0c99bb5e2963a5079716c3f6a6faa003da79795ef89edfab425769ca
a7c14ee84d81a536a4cd54e3a144f388f2174a4a5c409ae118ea49f0da6b4aa6
c49a7b5a9d86162aaf177580ee0d548e9fcb37775e9fb972f5ff3127a005a341
d9ed6586942003696afe4e52b09f343f8342244b51a9e175b75162d7e615207b
ebcdd4eb5a216168bb125c78b4e2fc17561344999a122919f62903ab78f453e9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fe34530a1749ae56ec2f276e35c6639ead7ffe32cb33937e12c0201a2074c0e3

summary.magicmoving.co.ke Open in urlscan Pro 67.225.192.145 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

42 Requests

43 %HTTPS

0 %IPv6

10 Domains

10 Subdomains

9 IPs

3 Countries

145 kBTransfer

446 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

33 JavaScript Global Variables

2 Cookies

2 Console Messages

Indicators

summary.magicmoving.co.ke Open in urlscan Pro
67.225.192.145 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

43 %
HTTPS

0 %
IPv6

10
Domains

10
Subdomains

9
IPs

3
Countries

145 kB
Transfer

446 kB
Size

2
Cookies

42 HTTP transactions
4 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!