Known malicious kithighphishing
Azure Static Web Apps Sister Cohort — chunk-vendors
family: azure-swa-sister-119a
Sister of the existing `cloud-storage-abuse-72ea` kit. 5 hosts on Azure Static Web Apps: abw219, hk3091, london25, nsd90317, xdl719 — geographic-cohort naming (HK=Hong Kong, london, etc.) suggests targeted-region phishing.
Fingerprint anchors
Provenance
Added by: analyst
Added: 2026-05-26 18:58
5 hosts on Azure SWA. Sister of cloud-storage-abuse-72ea.
Sightings (9)
| Host | Scan | Script | Match | When |
|---|---|---|---|---|
| hk3091.z11.web.core.windows.net | 444aa90e… | https://hk3091.z11.web.core.windows.net/new/static/js/chunk-vendors.32a23925.js | byte | 2026-05-24 22:49 |
| hk3091.z11.web.core.windows.net | 7b8cf558… | https://hk3091.z11.web.core.windows.net/new/static/js/chunk-vendors.32a23925.js | byte | 2026-05-24 22:14 |
| xdl719.z11.web.core.windows.net | 8852da56… | https://xdl719.z11.web.core.windows.net/xdl/static/js/chunk-vendors.32a23925.js | byte | 2026-05-24 20:12 |
| xdl719.z11.web.core.windows.net | 53274c08… | https://xdl719.z11.web.core.windows.net/xdl/static/js/chunk-vendors.32a23925.js | byte | 2026-05-24 19:33 |
| xdl719.z11.web.core.windows.net | 7b7c7cc2… | https://xdl719.z11.web.core.windows.net/xdl/static/js/chunk-vendors.32a23925.js | byte | 2026-05-24 19:24 |
| nsd90317.z38.web.core.windows.net | d08f05b4… | https://nsd90317.z38.web.core.windows.net/web_wl/static/js/chunk-vendors.32a23925.js | byte | 2026-05-24 15:45 |
| nsd90317.z38.web.core.windows.net | 319cc025… | https://nsd90317.z38.web.core.windows.net/web_wl/static/js/chunk-vendors.32a23925.js | byte | 2026-05-24 15:39 |
| abw219.z1.web.core.windows.net | ed687f86… | https://abw219.z1.web.core.windows.net/static/js/chunk-vendors.5209c17a.js | byte | 2026-05-24 06:54 |
| london25.z33.web.core.windows.net | 31900e48… | https://london25.z33.web.core.windows.net/static/js/chunk-vendors.32a23925.js | byte | 2026-05-22 18:51 |