mfa-auth.hkmc.com.hk Open in urlscan Pro
210.177.159.87 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://mfa-auth.hkmc.com.hk/
Effective URL:
https://mfa-auth.hkmc.com.hk/account
Submission: On November 03 via automatic, source certstream-suspicious (November 3rd 2020, 5:01:44 pm UTC)

Summary HTTP 25 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 25 HTTP transactions. The main IP is 210.177.159.87, located in Hong Kong and belongs to ERX-STAR HKT Limited, HK. The main domain is mfa-auth.hkmc.com.hk.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on November 3rd 2020. Valid for: a year.

This is the only time mfa-auth.hkmc.com.hk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 23	210.177.159.87 210.177.159.87	4515 (ERX-STAR ...) (ERX-STAR HKT Limited)
1	2a00:1450:400... 2a00:1450:4001:81a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE)
25	4

23 210.177.159.87 (Hong Kong) 1 redirects

ASN4515 (ERX-STAR HKT Limited, HK)

mfa-auth.hkmc.com.hk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	hkmc.com.hk 1 redirects mfa-auth.hkmc.com.hk	2 MB
1	gstatic.com www.gstatic.com	136 KB
1	google.com www.google.com	996 B
25	3

	Domain	Requested by
23	mfa-auth.hkmc.com.hk	1 redirects mfa-auth.hkmc.com.hk
1	www.gstatic.com	www.google.com
1	www.google.com	mfa-auth.hkmc.com.hk
25	3

This site contains no links.

Subject Issuer	Validity	Valid
mfa-auth.hkmc.com.hk DigiCert TLS RSA SHA256 2020 CA1	`2020-11-03` - `2021-11-09`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://mfa-auth.hkmc.com.hk/account
Frame ID: 63EA9558BCA641200644F24A7066FEC2
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://mfa-auth.hkmc.com.hk/ HTTP 302
https://mfa-auth.hkmc.com.hk/account Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<[^>]+data-react/i

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

script /\/recaptcha\/api\.js/i

Page Statistics

25
Requests

96 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

2375 kB
Transfer

2574 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mfa-auth.hkmc.com.hk/ HTTP 302
https://mfa-auth.hkmc.com.hk/account Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request account Show response
mfa-auth.hkmc.com.hk/
Redirect Chain

https://mfa-auth.hkmc.com.hk/
https://mfa-auth.hkmc.com.hk/account

2 KB
2 KB

209ms
209ms

Document
text/html

210.177.159.87
ERX-STAR HKT Limited

General

Check archive.org

Show headers Download Go to

Full URL

https://mfa-auth.hkmc.com.hk/account

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

210.177.159.87 , Hong Kong, ASN4515 (ERX-STAR HKT Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

7514cc13cf3e14ae81d5c1877f2eb4d0bca1403a5d04f434acb4444159088546

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: mfa-auth.hkmc.com.hk
:scheme: https
:path: /account
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
server: nginx
date: Tue, 03 Nov 2020 17:01:26 GMT
content-type: text/html; charset=UTF-8
content-length: 1875
strict-transport-security: max-age=63072000; includeSubdomains
content-security-policy: frame-ancestors 'self'
referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: no-store

Redirect headers

status: 302
server: nginx
date: Tue, 03 Nov 2020 17:01:26 GMT
content-type: text/html; charset=UTF-8
content-length: 176
location: https://mfa-auth.hkmc.com.hk/account
strict-transport-security: max-age=63072000; includeSubdomains
content-security-policy: frame-ancestors 'self'
referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: no-store

GET
H2 200 account.css
mfa-auth.hkmc.com.hk/static/css/ 461 KB
462 KB 205ms
203ms Stylesheet
text/css 210.177.159.87
ERX-STAR HKT Limited

General

Check archive.org

Show headers Download Go to

Full URL

https://mfa-auth.hkmc.com.hk/static/css/account.css?v=2cc47dff

Requested by

Host: mfa-auth.hkmc.com.hk
URL: https://mfa-auth.hkmc.com.hk/account

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

210.177.159.87 , Hong Kong, ASN4515 (ERX-STAR HKT Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

66c2d2d9c4220e93533826dd0c7d14174a9f4ebfbd5ed48d25921ec2f5630630

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 17:01:26 GMT
x-content-type-options: nosniff
status: 200
content-length: 472197
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 03 Nov 2020 10:13:09 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "5fa12d35-73485"
strict-transport-security: max-age=63072000; includeSubdomains
content-type: text/css
cache-control: no-cache, no-store
content-security-policy: frame-ancestors 'self'
accept-ranges: bytes
expires: Tue, 03 Nov 2020 17:01:25 GMT

GET
H2 200 rtl.css
mfa-auth.hkmc.com.hk/static/css/ 33 KB
34 KB 588ms
587ms Stylesheet
text/css 210.177.159.87
ERX-STAR HKT Limited

General

Check archive.org

Show headers Download Go to

Full URL

https://mfa-auth.hkmc.com.hk/static/css/rtl.css?v=2cc47dff

Requested by

Host: mfa-auth.hkmc.com.hk
URL: https://mfa-auth.hkmc.com.hk/account

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

210.177.159.87 , Hong Kong, ASN4515 (ERX-STAR HKT Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

64ec173903c2a17aad566348146aca6253937a3f677afbe0d024debacef91e8d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 17:01:26 GMT
x-content-type-options: nosniff
status: 200
content-length: 34153
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 03 Nov 2020 10:13:09 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "5fa12d35-8569"
strict-transport-security: max-age=63072000; includeSubdomains
content-type: text/css
cache-control: no-cache, no-store
content-security-policy: frame-ancestors 'self'
accept-ranges: bytes
expires: Tue, 03 Nov 2020 17:01:25 GMT

GET custom.css
mfa-auth.hkmc.com.hk/static/css/ 0
0

GET
H2 200 qrcode.min.js Show response
mfa-auth.hkmc.com.hk/static/assets/plugins/qrcodejs/ 19 KB
20 KB 589ms
587ms Script
application/javascript 210.177.159.87
ERX-STAR HKT Limited

General

Check archive.org

Show headers Download Go to

Full URL

https://mfa-auth.hkmc.com.hk/static/assets/plugins/qrcodejs/qrcode.min.js?v=2cc47dff

Requested by

Host: mfa-auth.hkmc.com.hk
URL: https://mfa-auth.hkmc.com.hk/account

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

210.177.159.87 , Hong Kong, ASN4515 (ERX-STAR HKT Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 17:01:26 GMT
x-content-type-options: nosniff
status: 200
content-length: 19927
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 03 Nov 2020 10:13:09 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "5fa12d35-4dd7"
strict-transport-security: max-age=63072000; includeSubdomains
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store
content-security-policy: frame-ancestors 'self'
accept-ranges: bytes
expires: Tue, 03 Nov 2020 17:01:25 GMT

GET
H2 200 global.js Show response
mfa-auth.hkmc.com.hk/static/js/ 37 B
417 B 589ms
588ms Script
application/javascript 210.177.159.87
ERX-STAR HKT Limited

General

Check archive.org

Show headers Download Go to

Full URL

https://mfa-auth.hkmc.com.hk/static/js/global.js?v=2cc47dff

Requested by

Host: mfa-auth.hkmc.com.hk
URL: https://mfa-auth.hkmc.com.hk/account

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

210.177.159.87 , Hong Kong, ASN4515 (ERX-STAR HKT Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

38171a1a0a0d69cacf53ba6f9229174101b3cb8d17e358f498e325f6623ce693

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 17:01:26 GMT
x-content-type-options: nosniff
status: 200
content-length: 37
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 03 Nov 2020 10:13:10 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "5fa12d36-25"
strict-transport-security: max-age=63072000; includeSubdomains
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store
content-security-policy: frame-ancestors 'self'
accept-ranges: bytes
expires: Tue, 03 Nov 2020 17:01:25 GMT

GET
H2 200 vendor.bundle.js Show response
mfa-auth.hkmc.com.hk/static/js/ 987 KB
988 KB 589ms
588ms Script
application/javascript 210.177.159.87
ERX-STAR HKT Limited

General

Check archive.org

Show headers Download Go to

Full URL

https://mfa-auth.hkmc.com.hk/static/js/vendor.bundle.js?v=2cc47dff

Requested by

Host: mfa-auth.hkmc.com.hk
URL: https://mfa-auth.hkmc.com.hk/account

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

210.177.159.87 , Hong Kong, ASN4515 (ERX-STAR HKT Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

75eb9c1738ad29c4b0c9c3f64ea82c1df1509a8c33a31fc13c7b4b604cb58e87

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 17:01:26 GMT
x-content-type-options: nosniff
status: 200
content-length: 1010719
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 03 Nov 2020 10:13:10 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "5fa12d36-f6c1f"
strict-transport-security: max-age=63072000; includeSubdomains
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store
content-security-policy: frame-ancestors 'self'
accept-ranges: bytes
expires: Tue, 03 Nov 2020 17:01:25 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
996 B 36ms
17ms Script
text/javascript 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: mfa-auth.hkmc.com.hk
URL: https://mfa-auth.hkmc.com.hk/account

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0bf897707835ef8d47aa7188075757f98d13185292bd7b8eccb3659e2c19ed93

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 17:01:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 558
x-xss-protection: 1; mode=block
expires: Tue, 03 Nov 2020 17:01:26 GMT

GET
H2 200 bundle_account.js Show response
mfa-auth.hkmc.com.hk/static/js/ 655 KB
657 KB 589ms
588ms Script
application/javascript 210.177.159.87
ERX-STAR HKT Limited

General

Check archive.org

Show headers Download Go to

Full URL

https://mfa-auth.hkmc.com.hk/static/js/bundle_account.js?v=2cc47dff

Requested by

Host: mfa-auth.hkmc.com.hk
URL: https://mfa-auth.hkmc.com.hk/account

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

210.177.159.87 , Hong Kong, ASN4515 (ERX-STAR HKT Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

30560d8de4dfb39c2cc53053a150c17b517ffebc1c84ab58cfaf8b0d85d3b2f3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 17:01:26 GMT
x-content-type-options: nosniff
status: 200
content-length: 671158
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 03 Nov 2020 10:13:10 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "5fa12d36-a3db6"
strict-transport-security: max-age=63072000; includeSubdomains
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store
content-security-policy: frame-ancestors 'self'
accept-ranges: bytes
expires: Tue, 03 Nov 2020 17:01:25 GMT

GET
H2 200 locales Show response
mfa-auth.hkmc.com.hk/rest/user/api/i18n/ 3 KB
3 KB 223ms
223ms XHR
application/json 210.177.159.87
ERX-STAR HKT Limited

General

Check archive.org

Show headers Download Go to

Full URL

https://mfa-auth.hkmc.com.hk/rest/user/api/i18n/locales

Requested by

Host: mfa-auth.hkmc.com.hk
URL: https://mfa-auth.hkmc.com.hk/static/js/vendor.bundle.js?v=2cc47dff

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

210.177.159.87 , Hong Kong, ASN4515 (ERX-STAR HKT Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

a03f666a62516b7350d9a355491416127628ae5d14b5e9e9436de33b92711116

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
referrer-policy: no-referrer
server: nginx
date: Tue, 03 Nov 2020 17:01:28 GMT
x-frame-options: SAMEORIGIN
content-type: application/json
status: 200
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
strict-transport-security: max-age=63072000; includeSubdomains
content-length: 3014
x-content-type-options: nosniff

GET
H2 200 locales Show response
mfa-auth.hkmc.com.hk/rest/user/api/i18n/ 3 KB
3 KB 210ms
210ms XHR
application/json 210.177.159.87
ERX-STAR HKT Limited

General

Check archive.org

Show headers Download Go to

Full URL

https://mfa-auth.hkmc.com.hk/rest/user/api/i18n/locales

Requested by

Host: mfa-auth.hkmc.com.hk
URL: https://mfa-auth.hkmc.com.hk/static/js/vendor.bundle.js?v=2cc47dff

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

210.177.159.87 , Hong Kong, ASN4515 (ERX-STAR HKT Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

a03f666a62516b7350d9a355491416127628ae5d14b5e9e9436de33b92711116

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
referrer-policy: no-referrer
server: nginx
date: Tue, 03 Nov 2020 17:01:28 GMT
x-frame-options: SAMEORIGIN
content-type: application/json
status: 200
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
strict-transport-security: max-age=63072000; includeSubdomains
content-length: 3014
x-content-type-options: nosniff

GET
H2 200 auth Show response
mfa-auth.hkmc.com.hk/rest/user/api/ 93 B
663 B 214ms
214ms XHR
application/json 210.177.159.87
ERX-STAR HKT Limited

General

Check archive.org

Show headers Download Go to

Full URL

https://mfa-auth.hkmc.com.hk/rest/user/api/auth?event=Authenticators%20Management

Requested by

Host: mfa-auth.hkmc.com.hk
URL: https://mfa-auth.hkmc.com.hk/static/js/vendor.bundle.js?v=2cc47dff

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

210.177.159.87 , Hong Kong, ASN4515 (ERX-STAR HKT Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

b06403e96c459c95cb46bb8b9ec922e3e0abf7045c2d373d050ce732f3c4ebe1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Tue, 03 Nov 2020 17:01:28 GMT
referrer-policy: no-referrer
x-csrf-token: 416d87f9194b0a2aeba931f823cb3a5d89f69bd1
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/json
status: 200
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
content-security-policy: frame-ancestors 'self'
strict-transport-security: max-age=63072000; includeSubdomains
content-length: 93
x-content-type-options: nosniff

GET
H2 200 b1ac4c55c234c758a329f468c7c33f7a.woff2
mfa-auth.hkmc.com.hk/static/css/ 61 KB
62 KB 203ms
203ms Font
application/octet-stream 210.177.159.87
ERX-STAR HKT Limited

General

Check archive.org

Show headers Download Go to

Full URL

https://mfa-auth.hkmc.com.hk/static/css/b1ac4c55c234c758a329f468c7c33f7a.woff2

Requested by

Host: mfa-auth.hkmc.com.hk
URL: https://mfa-auth.hkmc.com.hk/static/css/account.css?v=2cc47dff

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

210.177.159.87 , Hong Kong, ASN4515 (ERX-STAR HKT Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

3be8f2fb12501ef27d97ec5cf0de7e798cae0d0709e1d7fd3fa0940325590e54

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://mfa-auth.hkmc.com.hk
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 17:01:28 GMT
x-content-type-options: nosniff
status: 200
content-length: 62760
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 03 Nov 2020 10:13:09 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "5fa12d35-f528"
strict-transport-security: max-age=63072000; includeSubdomains
content-type: application/octet-stream
cache-control: no-cache, no-store
content-security-policy: frame-ancestors 'self'
accept-ranges: bytes
expires: Tue, 03 Nov 2020 17:01:27 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/1AZgzF1o3OlP73CVr69UmL65/ 344 KB
136 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/1AZgzF1o3OlP73CVr69UmL65/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd828162a2e54e24de6f167733fea047e61317ac2f573b83b75589bcbe00e6af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://mfa-auth.hkmc.com.hk
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 16:09:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3107
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138367
x-xss-protection: 0
last-modified: Mon, 02 Nov 2020 19:55:46 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 Nov 2021 16:09:41 GMT

GET
H2 404 en-US Show response
mfa-auth.hkmc.com.hk/rest/user/api/custom_messages_webui/ 152 B
380 B 211ms
210ms Fetch
text/html 210.177.159.87
ERX-STAR HKT Limited

General

Check archive.org

Show headers Download Go to

Full URL

https://mfa-auth.hkmc.com.hk/rest/user/api/custom_messages_webui/en-US

Requested by

Host: mfa-auth.hkmc.com.hk
URL: https://mfa-auth.hkmc.com.hk/static/js/bundle_account.js?v=2cc47dff

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

210.177.159.87 , Hong Kong, ASN4515 (ERX-STAR HKT Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

b2d8ed80e73d618b01dd4470f0786bc05ab45dacb7525a8f66524ecafe0ea5b4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: nginx
date: Tue, 03 Nov 2020 17:01:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
status: 404
strict-transport-security: max-age=63072000; includeSubdomains
content-length: 152
x-xss-protection: 1; mode=block

GET
H2 404 en Show response
mfa-auth.hkmc.com.hk/rest/user/api/custom_messages_webui/ 152 B
380 B 213ms
213ms Fetch
text/html 210.177.159.87
ERX-STAR HKT Limited

General

Check archive.org

Show headers Download Go to

Full URL

https://mfa-auth.hkmc.com.hk/rest/user/api/custom_messages_webui/en

Requested by

Host: mfa-auth.hkmc.com.hk
URL: https://mfa-auth.hkmc.com.hk/static/js/bundle_account.js?v=2cc47dff

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

210.177.159.87 , Hong Kong, ASN4515 (ERX-STAR HKT Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

b2d8ed80e73d618b01dd4470f0786bc05ab45dacb7525a8f66524ecafe0ea5b4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: nginx
date: Tue, 03 Nov 2020 17:01:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
status: 404
strict-transport-security: max-age=63072000; includeSubdomains
content-length: 152
x-xss-protection: 1; mode=block

GET
H2 200 locales Show response
mfa-auth.hkmc.com.hk/rest/user/api/i18n/ 3 KB
3 KB 206ms
206ms XHR
application/json 210.177.159.87
ERX-STAR HKT Limited

General

Check archive.org

Show headers Download Go to

Full URL

https://mfa-auth.hkmc.com.hk/rest/user/api/i18n/locales

Requested by

Host: mfa-auth.hkmc.com.hk
URL: https://mfa-auth.hkmc.com.hk/static/js/vendor.bundle.js?v=2cc47dff

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

210.177.159.87 , Hong Kong, ASN4515 (ERX-STAR HKT Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

a03f666a62516b7350d9a355491416127628ae5d14b5e9e9436de33b92711116

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
referrer-policy: no-referrer
server: nginx
date: Tue, 03 Nov 2020 17:01:28 GMT
x-frame-options: SAMEORIGIN
content-type: application/json
status: 200
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
strict-transport-security: max-age=63072000; includeSubdomains
content-length: 3014
x-content-type-options: nosniff

GET
H2 404 login
mfa-auth.hkmc.com.hk/static/assets/img/backgrounds/ 120 B
120 B 203ms
202ms Image
text/html 210.177.159.87
ERX-STAR HKT Limited

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mfa-auth.hkmc.com.hk/static/assets/img/backgrounds/login

Requested by

Host: mfa-auth.hkmc.com.hk
URL: https://mfa-auth.hkmc.com.hk/static/css/account.css?v=2cc47dff

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

210.177.159.87 , Hong Kong, ASN4515 (ERX-STAR HKT Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

3959b6be009cd5a83dc239b8a9a843760e89ffcd73f594166d083867b14f5c0a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: nginx
date: Tue, 03 Nov 2020 17:01:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
status: 404
strict-transport-security: max-age=63072000; includeSubdomains
content-length: 120
x-xss-protection: 1; mode=block

GET
H2 200 auth Show response
mfa-auth.hkmc.com.hk/rest/user/api/ 93 B
660 B 213ms
213ms XHR
application/json 210.177.159.87
ERX-STAR HKT Limited

General

Check archive.org

Show headers Download Go to

Full URL

https://mfa-auth.hkmc.com.hk/rest/user/api/auth?event=Authenticators%20Management&custom_session=

Requested by

Host: mfa-auth.hkmc.com.hk
URL: https://mfa-auth.hkmc.com.hk/static/js/vendor.bundle.js?v=2cc47dff

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

210.177.159.87 , Hong Kong, ASN4515 (ERX-STAR HKT Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

501001327f4686773423d3aa0f6ac9e220306d84b86e70a1b7b6fb8c0f9768eb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer
X-CSRF-Token: 416d87f9194b0a2aeba931f823cb3a5d89f69bd1
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Tue, 03 Nov 2020 17:01:29 GMT
referrer-policy: no-referrer
x-csrf-token: 53c8dc9f32675e28d35b52408ca2b163629a0eef
server: nginx
x-frame-options: SAMEORIGIN
content-type: application/json
status: 200
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
content-security-policy: frame-ancestors 'self'
strict-transport-security: max-age=63072000; includeSubdomains
content-length: 93
x-content-type-options: nosniff

GET
H2 404 webui.en-US.json Show response
mfa-auth.hkmc.com.hk/static/locale/ 120 B
348 B 203ms
202ms Fetch
text/html 210.177.159.87
ERX-STAR HKT Limited

General

Check archive.org

Show headers Download Go to

Full URL

https://mfa-auth.hkmc.com.hk/static/locale/webui.en-US.json

Requested by

Host: mfa-auth.hkmc.com.hk
URL: https://mfa-auth.hkmc.com.hk/static/js/bundle_account.js?v=2cc47dff

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

210.177.159.87 , Hong Kong, ASN4515 (ERX-STAR HKT Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

3959b6be009cd5a83dc239b8a9a843760e89ffcd73f594166d083867b14f5c0a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: nginx
date: Tue, 03 Nov 2020 17:01:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
status: 404
strict-transport-security: max-age=63072000; includeSubdomains
content-length: 120
x-xss-protection: 1; mode=block

GET
H2 404 webui.en.json Show response
mfa-auth.hkmc.com.hk/static/locale/ 120 B
348 B 203ms
202ms Fetch
text/html 210.177.159.87
ERX-STAR HKT Limited

General

Check archive.org

Show headers Download Go to

Full URL

https://mfa-auth.hkmc.com.hk/static/locale/webui.en.json

Requested by

Host: mfa-auth.hkmc.com.hk
URL: https://mfa-auth.hkmc.com.hk/static/js/bundle_account.js?v=2cc47dff

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

210.177.159.87 , Hong Kong, ASN4515 (ERX-STAR HKT Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

3959b6be009cd5a83dc239b8a9a843760e89ffcd73f594166d083867b14f5c0a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: nginx
date: Tue, 03 Nov 2020 17:01:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
status: 404
strict-transport-security: max-age=63072000; includeSubdomains
content-length: 120
x-xss-protection: 1; mode=block

GET
H2 404 webui.en-US.json Show response
mfa-auth.hkmc.com.hk/static/locale/ 120 B
348 B 203ms
202ms Fetch
text/html 210.177.159.87
ERX-STAR HKT Limited

General

Check archive.org

Show headers Download Go to

Full URL

https://mfa-auth.hkmc.com.hk/static/locale/webui.en-US.json

Requested by

Host: mfa-auth.hkmc.com.hk
URL: https://mfa-auth.hkmc.com.hk/static/js/bundle_account.js?v=2cc47dff

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

210.177.159.87 , Hong Kong, ASN4515 (ERX-STAR HKT Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

3959b6be009cd5a83dc239b8a9a843760e89ffcd73f594166d083867b14f5c0a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: nginx
date: Tue, 03 Nov 2020 17:01:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
status: 404
strict-transport-security: max-age=63072000; includeSubdomains
content-length: 120
x-xss-protection: 1; mode=block

GET
H2 404 webui.en.json Show response
mfa-auth.hkmc.com.hk/static/locale/ 120 B
348 B 204ms
203ms Fetch
text/html 210.177.159.87
ERX-STAR HKT Limited

General

Check archive.org

Show headers Download Go to

Full URL

https://mfa-auth.hkmc.com.hk/static/locale/webui.en.json

Requested by

Host: mfa-auth.hkmc.com.hk
URL: https://mfa-auth.hkmc.com.hk/static/js/bundle_account.js?v=2cc47dff

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

210.177.159.87 , Hong Kong, ASN4515 (ERX-STAR HKT Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

3959b6be009cd5a83dc239b8a9a843760e89ffcd73f594166d083867b14f5c0a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: nginx
date: Tue, 03 Nov 2020 17:01:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
status: 404
strict-transport-security: max-age=63072000; includeSubdomains
content-length: 120
x-xss-protection: 1; mode=block

GET
H2 404 webui.en-US.json Show response
mfa-auth.hkmc.com.hk/static/locale/ 120 B
348 B 203ms
202ms Fetch
text/html 210.177.159.87
ERX-STAR HKT Limited

General

Check archive.org

Show headers Download Go to

Full URL

https://mfa-auth.hkmc.com.hk/static/locale/webui.en-US.json

Requested by

Host: mfa-auth.hkmc.com.hk
URL: https://mfa-auth.hkmc.com.hk/static/js/bundle_account.js?v=2cc47dff

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

210.177.159.87 , Hong Kong, ASN4515 (ERX-STAR HKT Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

3959b6be009cd5a83dc239b8a9a843760e89ffcd73f594166d083867b14f5c0a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: nginx
date: Tue, 03 Nov 2020 17:01:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
status: 404
strict-transport-security: max-age=63072000; includeSubdomains
content-length: 120
x-xss-protection: 1; mode=block

GET
H2 404 webui.en.json Show response
mfa-auth.hkmc.com.hk/static/locale/ 120 B
348 B 203ms
203ms Fetch
text/html 210.177.159.87
ERX-STAR HKT Limited

General

Check archive.org

Show headers Download Go to

Full URL

https://mfa-auth.hkmc.com.hk/static/locale/webui.en.json

Requested by

Host: mfa-auth.hkmc.com.hk
URL: https://mfa-auth.hkmc.com.hk/static/js/bundle_account.js?v=2cc47dff

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

210.177.159.87 , Hong Kong, ASN4515 (ERX-STAR HKT Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

3959b6be009cd5a83dc239b8a9a843760e89ffcd73f594166d083867b14f5c0a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: nginx
date: Tue, 03 Nov 2020 17:01:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
status: 404
strict-transport-security: max-age=63072000; includeSubdomains
content-length: 120
x-xss-protection: 1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mfa-auth.hkmc.com.hk
URL: https://mfa-auth.hkmc.com.hk/static/css/custom.css?v=2cc47dff

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
mfa-auth.hkmc.com.hk/	1969-12-31 23:59:59	Name: auth_gss_off Value: true
mfa-auth.hkmc.com.hk/	1969-12-31 23:59:59	Name: session Value: zRMrsgSmZkebNrX--gEQFQQTtajShLdJZHeBoGCcw5Kvz05_B3-Fq6saO_nWKo56IUtWCYqJUb6broKVREDYMld6RTJNRFEwTWpJNE9EZ3NJREUyTURRME1qSTRPRGd1TmpZME5EQXlNaXdnZXlKZlkzTnlablJmSWpvZ0lqUXhObVE0TjJZNU1UazBZakJoTW1GbFltRTVNekZtT0RJelkySXpZVFZrT0RsbU5qbGlaREVpZlYwPQ
mfa-auth.hkmc.com.hk/	1969-12-31 23:59:59	Name: _LOCALE_ Value: en-US

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

mfa-auth.hkmc.com.hk
www.google.com
www.gstatic.com
mfa-auth.hkmc.com.hk
210.177.159.87
2a00:1450:4001:81a::2004
2a00:1450:4001:81f::2003
0bf897707835ef8d47aa7188075757f98d13185292bd7b8eccb3659e2c19ed93
30560d8de4dfb39c2cc53053a150c17b517ffebc1c84ab58cfaf8b0d85d3b2f3
38171a1a0a0d69cacf53ba6f9229174101b3cb8d17e358f498e325f6623ce693
3959b6be009cd5a83dc239b8a9a843760e89ffcd73f594166d083867b14f5c0a
3be8f2fb12501ef27d97ec5cf0de7e798cae0d0709e1d7fd3fa0940325590e54
501001327f4686773423d3aa0f6ac9e220306d84b86e70a1b7b6fb8c0f9768eb
64ec173903c2a17aad566348146aca6253937a3f677afbe0d024debacef91e8d
66c2d2d9c4220e93533826dd0c7d14174a9f4ebfbd5ed48d25921ec2f5630630
7514cc13cf3e14ae81d5c1877f2eb4d0bca1403a5d04f434acb4444159088546
75eb9c1738ad29c4b0c9c3f64ea82c1df1509a8c33a31fc13c7b4b604cb58e87
a03f666a62516b7350d9a355491416127628ae5d14b5e9e9436de33b92711116
b06403e96c459c95cb46bb8b9ec922e3e0abf7045c2d373d050ce732f3c4ebe1
b2d8ed80e73d618b01dd4470f0786bc05ab45dacb7525a8f66524ecafe0ea5b4
c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36
dd828162a2e54e24de6f167733fea047e61317ac2f573b83b75589bcbe00e6af

mfa-auth.hkmc.com.hk Open in urlscan Pro 210.177.159.87 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

25 Requests

96 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

4 IPs

2 Countries

2375 kBTransfer

2574 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

3 Cookies

Security Headers

Indicators

mfa-auth.hkmc.com.hk Open in urlscan Pro
210.177.159.87 Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

96 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

2375 kB
Transfer

2574 kB
Size

3
Cookies

25 HTTP transactions
0 data transactions