Report - designcast.jp/-/POSTBANK/

Report Overview

Submitted URL
designcast.jp/-/POSTBANK/
IP
45.32.33.82
ASN
#20473 AS-CHOOPA
Submitted
2022-08-28 23:34:45
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
26

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-06T05:09:03Z	2.0 kB	5.3 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-06T05:10:30Z	401 B	5.8 kB	143.204.55.25
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-06T05:09:43Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-06T06:00:56Z	329 B	797 B	93.184.220.29
designcast.jp	unknown	2019-06-02T11:00:37Z	2023-03-05T06:34:22Z	11 kB	1.1 MB	45.32.33.82
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-06T05:09:12Z	594 B	127 B	54.187.34.135
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-06T05:09:35Z	3.2 kB	52 kB	34.120.237.76
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-06T05:09:34Z	758 B	2.7 kB	143.204.55.115

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-08-27	medium	designcast.jp/-/POSTBANK/	Deutsche Postbank AG

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-08-28	medium	designcast.jp/-/POSTBANK/	Phishing
2022-08-28	medium	designcast.jp/-/POSTBANK/a1b2c3/e73e5eba082bcfec37703449e9d75d64?	Phishing
2022-08-28	medium	designcast.jp/-/POSTBANK/bower_components/jquery/dist/jquery.min.js	Phishing
2022-08-28	medium	designcast.jp/-/POSTBANK/core/token/core_token.js	Phishing
2022-08-28	medium	designcast.jp/-/POSTBANK/login/logo-claim.svg	Phishing
2022-08-28	medium	designcast.jp/-/POSTBANK/core/form/core_form.js	Phishing
2022-08-28	medium	designcast.jp/-/POSTBANK/login/ng/ng.js?v=630bfb8e91567	Phishing
2022-08-28	medium	designcast.jp/-/POSTBANK/login/frutigerltw02-55roman.woff2	Phishing
2022-08-28	medium	designcast.jp/-/POSTBANK/login/frutigerltw02-65bold.woff2	Phishing
2022-08-28	medium	designcast.jp/-/POSTBANK/bower_components/ua-parser-js/dist/ua-parser.min.js	Phishing
2022-08-28	medium	designcast.jp/-/POSTBANK/login/token/token.js?v=630bfb8e91568	Phishing
2022-08-28	medium	designcast.jp/-/POSTBANK/bower_components/angular/angular.min.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (14)

	URL	Size	First Seen	Last Seen
	designcast.jp/-/POSTBANK/	109 B	2023-03-07	2023-03-07
Pretty URL designcast.jp/-/POSTBANK/ IP 45.32.33.82 ASN #20473 AS-CHOOPA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:49 Last Seen2023-03-07 01:07:49 Times Seen1 Hash e9e23dc49e5cefa9913f659e1f7eeb32 f272b1ffd5abf39d2584b9a0e27d86bdbf811325 15ef413094d3c4773ee5abc5d71e438426b788a6c5ca45e4c22b7b06e8a797cf Loading...

	designcast.jp/-/POSTBANK/bower_components/jquery/dist/jquery.min.js	87 kB	2023-03-07	2024-04-19
Pretty URL designcast.jp/-/POSTBANK/bower_components/jquery/dist/jquery.min.js IP 45.32.33.82 ASN #20473 AS-CHOOPA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-19 00:45:39 Times Seen60646 Hash c9f5aeeca3ad37bf2aa006139b935f0a 1055018c28ab41087ef9ccefe411606893dabea2 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Loading...

	designcast.jp/-/POSTBANK/core/form/core_form.js	15 kB	2023-03-07	2023-03-11
Pretty URL designcast.jp/-/POSTBANK/core/form/core_form.js IP 45.32.33.82 ASN #20473 AS-CHOOPA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:40 Last Seen2023-03-11 14:10:14 Times Seen1 Hash e87c87ce80479c2497a3c8e9e5bf333d 9a86d204b583a9404606cbe4eed06582da36c804 847b62572ed6998893449d7b8858d8bac034e6111ae8225922b1316f59c8fd80 Loading...

	designcast.jp/-/POSTBANK/core/token/core_token.js	11 kB	2023-03-07	2023-03-11
Pretty URL designcast.jp/-/POSTBANK/core/token/core_token.js IP 45.32.33.82 ASN #20473 AS-CHOOPA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:40 Last Seen2023-03-11 14:10:14 Times Seen1 Hash 9079c1cbc61e0f27ebd2cabd737f667a cc3abb2f5ebedd01b1e2f3c2ac1ecbbdad3e06c9 8f49bc9b4670e94d5ccfbe9b8279802d3b3dd3d8272bb01ba570119e795a4c93 Loading...

	designcast.jp/-/POSTBANK/bower_components/angular/angular.min.js	169 kB	2023-03-07	2024-04-17
Pretty URL designcast.jp/-/POSTBANK/bower_components/angular/angular.min.js IP 45.32.33.82 ASN #20473 AS-CHOOPA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:40 Last Seen2024-04-17 21:52:49 Times Seen427 Hash 4c619ef91e3fa3f1d4813db2b2eb738d c5f77156c6f5397be71914eb80d8f998ea1279e7 35f73a70cca067828be9e0a712b8b48908e1bc4490637c62bd70158f95cd6e27 Loading...

	designcast.jp/-/POSTBANK/login/ng/ng.js?v=630bfb8e91567	4.9 kB	2023-03-07	2024-03-03
Pretty URL designcast.jp/-/POSTBANK/login/ng/ng.js?v=630bfb8e91567 IP 45.32.33.82 ASN #20473 AS-CHOOPA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:50 Last Seen2024-03-03 07:38:52 Times Seen16 Hash 361b00432ba38f1020bbd468f5c43489 46847dc338f69019104a5bb8fd9eb33cf466d44d 582065fc7e084249c1677034ff40a1f2cf7279620ce15d0d6b6cba6becd65427 Loading...

	designcast.jp/-/POSTBANK/a1b2c3/e73e5eba082bcfec37703449e9d75d64/login/?	58 B	2023-03-07	2023-03-07
Pretty URL designcast.jp/-/POSTBANK/a1b2c3/e73e5eba082bcfec37703449e9d75d64/login/? IP 45.32.33.82 ASN #20473 AS-CHOOPA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:50 Last Seen2023-03-07 01:07:50 Times Seen1 Hash 0a1d5e564859203e0f72c8ff77052290 0683f6823cbb58d02f993f52316b42f0a3ee10fc d22832cc741f268f42c2b05555fd7426a2cb71e7b940d883ad11889fdaab3f18 Loading...

	designcast.jp/-/POSTBANK/bower_components/ua-parser-js/dist/ua-parser.min.js	17 kB	2023-03-07	2024-04-09
Pretty URL designcast.jp/-/POSTBANK/bower_components/ua-parser-js/dist/ua-parser.min.js IP 45.32.33.82 ASN #20473 AS-CHOOPA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:40 Last Seen2024-04-09 18:16:12 Times Seen660 Hash e0ae48c8ebbe57edeacb5b02f16d0df9 0c5a29a88add39486162e0c16f23e2e06fc7842e 0fda30cf243e7650bf3e1666eddeb4fbba6b788ede36753eda5e2964cc14c896 Loading...

	designcast.jp/-/POSTBANK/a1b2c3/e73e5eba082bcfec37703449e9d75d64/login/?	19 kB	2023-03-07	2023-03-07
Pretty URL designcast.jp/-/POSTBANK/a1b2c3/e73e5eba082bcfec37703449e9d75d64/login/? IP 45.32.33.82 ASN #20473 AS-CHOOPA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:50 Last Seen2023-03-07 01:07:50 Times Seen1 Hash 2053cbf1e3bc6e9bed7aec7f337eb6ba c02b629414ac26e195e78b625b30b498f71d73c3 82161b552d4b6c5e7946cbb6abb09c98ff6c11d4cb97e303962cb5251a8cab9e Loading...

	designcast.jp/-/POSTBANK/a1b2c3/e73e5eba082bcfec37703449e9d75d64/login/?	473 B	2023-03-07	2023-03-07
Pretty URL designcast.jp/-/POSTBANK/a1b2c3/e73e5eba082bcfec37703449e9d75d64/login/? IP 45.32.33.82 ASN #20473 AS-CHOOPA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:50 Last Seen2023-03-07 01:07:50 Times Seen1 Hash 258e4145b206ef36448afb5575f7a858 45f9c2c3db8c70c07d3f467cec7f93170373373c ea0ae398b9da8d070e57d5e6c6b8abef01d4f3c6894b0f256b311209e616da22 Loading...

	designcast.jp/-/POSTBANK/login/form/form.js?v=630bfb8e91563	3.9 kB	2023-03-07	2024-03-03
Pretty URL designcast.jp/-/POSTBANK/login/form/form.js?v=630bfb8e91563 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:40 Last Seen2024-03-03 07:38:52 Times Seen14 Hash f1ed7b31a835f14719399b5e758f4d4a cfe03b4f1c15ad1822e26ce0a6d89168efc2d500 9459cfdaef9d197d1f48a2190e65dff33a3906fc7f98f6c28bcad7478c30ef47 Loading...

	designcast.jp/-/POSTBANK/login/token/token.js?v=630bfb8e91568	1.2 kB	2023-03-07	2023-12-03
Pretty URL designcast.jp/-/POSTBANK/login/token/token.js?v=630bfb8e91568 IP 45.32.33.82 ASN #20473 AS-CHOOPA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:40 Last Seen2023-12-03 16:06:30 Times Seen14 Hash 7aefdd2429a99988bd435eb70526fcdb 1e2a64f9a946943d3751824efc4792fcb40e1694 a14c0795d3c8aa995526096002771398d1c43837b5935beeebcb460e4406296a Loading...

	designcast.jp/-/POSTBANK/a1b2c3/e73e5eba082bcfec37703449e9d75d64/login/?	58 B	2023-03-07	2023-03-07
Pretty URL designcast.jp/-/POSTBANK/a1b2c3/e73e5eba082bcfec37703449e9d75d64/login/? IP 45.32.33.82 ASN #20473 AS-CHOOPA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:50 Last Seen2023-03-07 01:07:50 Times Seen1 Hash 807c97780d1c27791246e3fcb5ac88e9 1e55280f4424f7a87ae296ba4cdbf9893dfcfe59 214f390ccc12b4bdcb6d51fb9cf4bfaad3daa58bfdb8b25a6ed7919e27c6b59b Loading...

		Size	First Seen	Last Seen
	#1 Write - 3cc108b76718d441ceb0b3c03c8f4cc4	14 kB	2023-03-07	2023-03-07
Pretty Observations First Seen2023-03-07 01:07:50 Last Seen2023-03-07 01:07:50 Times Seen1 Hash 3cc108b76718d441ceb0b3c03c8f4cc4 2c7e436647dd46b8c1ffad891b559157e30f5afe ea570b3e227d6adc72b20f72e6d8e9cb4fc478cdf954764982a084e645024953 Loading...

HTTP Transactions (40)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 28 Aug 2022 23:14:11 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: R7YvojAzM67wch8CbyFc0PJXVX94EOg9vm2bw4dOu02LEPQaGQ9osA==
Age: 1223

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
21b1296f31569e4fb94048c52df34904
3e3194f640d71b9da28e809660443e332bdba310
7ebe5d06efe28c8507b4cdfbf68c6e5bbd9919ba776990fb8a22d90cca0c1c1b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7EBE5D06EFE28C8507B4CDFBF68C6E5BBD9919BA776990FB8A22D90CCA0C1C1B"
Last-Modified: Sat, 27 Aug 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9622
Expires: Mon, 29 Aug 2022 02:14:56 GMT
Date: Sun, 28 Aug 2022 23:34:34 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.25

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 28 Aug 2022 22:35:59 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: sr9WK33GQuvwclb3c0cNoUrbpB79z81myxujJxI9FYFaGfhiLy184A==
age: 3516
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 23:34:35 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.115

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sun, 28 Aug 2022 23:17:12 GMT
Expires: Sun, 28 Aug 2022 23:43:46 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: D1ViuDoAcymNFhLtLU8I2_YVwuKnSThyOga91iLvxZ09aOrmpLBnWw==
Age: 1043

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c84972ac2eb701edb25c445e8317fd1e
373ac6e6561c6f277b06f17596e6cf3fd2d30e05
6864338e85d17133f07b2776608d6a29324349ef0ff9406f5aa48dbf10387f21

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6864338E85D17133F07B2776608D6A29324349EF0FF9406F5AA48DBF10387F21"
Last-Modified: Fri, 26 Aug 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11601
Expires: Mon, 29 Aug 2022 02:47:56 GMT
Date: Sun, 28 Aug 2022 23:34:35 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
396ffb5d17a8a353f8f748959fcf7966
8301f51528695b9c8a48de0e6e889b603f34308c
a5c0dd3453bdba148aea970cda083b70b3ba680286a6c65878cc369d20f1d216

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5421
Cache-Control: max-age=122548
Content-Type: application/ocsp-response
Date: Sun, 28 Aug 2022 23:34:35 GMT
Etag: "630b2212-1d7"
Expires: Tue, 30 Aug 2022 09:37:03 GMT
Last-Modified: Sun, 28 Aug 2022 08:06:42 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

designcast.jp/-/POSTBANK/

45.32.33.82

200 OK

452 B

URL HTTP/2
designcast.jp/-/POSTBANK/
IP
45.32.33.82:0
ASN
#20473 AS-CHOOPA

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
452 B (452 bytes)
Hash
9d418b52821b70b4e84bb5865af51e7d
d2bdcb4a2e3c1030efc0bc9aef6deff74dafdedf
8403bd54fe52a0bf649ca22cd4efd18502ef0620ea5720ecf8722c3b1571bfd8

Detections

Analyzer	Verdict	Alert
openphish	Deutsche Postbank AG
fortinet	Phishing

HTTP Headers

GET /-/POSTBANK/ HTTP/1.1
Host: designcast.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 23:34:35 GMT
content-type: text/html; charset=UTF-8
content-length: 452
set-cookie: real=OK
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-powered-by: PHP/8.0.22, PleskLin
X-Firefox-Spdy: h2

push.services.mozilla.com/

54.187.34.135

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.187.34.135:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: N76M8Uw3TjSPyWOmq21WbA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: yvyhGNKqfP2vaoTszoskRJA0dME=

designcast.jp/-/POSTBANK/a1b2c3/e73e5eba082bcfec37703449e9d75d64?

45.32.33.82

301 Moved Permanently

282 B

URL HTTP/2
designcast.jp/-/POSTBANK/a1b2c3/e73e5eba082bcfec37703449e9d75d64?
IP
45.32.33.82:0
ASN
#20473 AS-CHOOPA

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
282 B (282 bytes)
Hash
aca952b86e68fa5b10f55fdb07920243
8bd7b60f3f81939fe8dca3404ac712192d921814
f7ed27d1ddf78aa1118e25a24e1416d77a3baf20634f03a759ecae2dc93c55bf

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /-/POSTBANK/a1b2c3/e73e5eba082bcfec37703449e9d75d64? HTTP/1.1
Host: designcast.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://designcast.jp/-/POSTBANK/
Cookie: real=OK
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 301 Moved Permanently
server: nginx
date: Sun, 28 Aug 2022 23:34:36 GMT
content-type: text/html; charset=iso-8859-1
content-length: 282
location: https://designcast.jp/-/POSTBANK/a1b2c3/e73e5eba082bcfec37703449e9d75d64/?
x-powered-by: PleskLin
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
86b2884af34c96fbb194bd340a2d0193
e55b2a45be21cff15398ac7b7aff45206198fbdf
eff4ee2043ba81d81d564fae2b72994858725e9282d45972ca92291bbc193fee

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EFF4EE2043BA81D81D564FAE2B72994858725E9282D45972CA92291BBC193FEE"
Last-Modified: Fri, 26 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4924
Expires: Mon, 29 Aug 2022 00:56:41 GMT
Date: Sun, 28 Aug 2022 23:34:37 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
86b2884af34c96fbb194bd340a2d0193
e55b2a45be21cff15398ac7b7aff45206198fbdf
eff4ee2043ba81d81d564fae2b72994858725e9282d45972ca92291bbc193fee

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EFF4EE2043BA81D81D564FAE2B72994858725E9282D45972CA92291BBC193FEE"
Last-Modified: Fri, 26 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4924
Expires: Mon, 29 Aug 2022 00:56:41 GMT
Date: Sun, 28 Aug 2022 23:34:37 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
86b2884af34c96fbb194bd340a2d0193
e55b2a45be21cff15398ac7b7aff45206198fbdf
eff4ee2043ba81d81d564fae2b72994858725e9282d45972ca92291bbc193fee

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EFF4EE2043BA81D81D564FAE2B72994858725E9282D45972CA92291BBC193FEE"
Last-Modified: Fri, 26 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4924
Expires: Mon, 29 Aug 2022 00:56:41 GMT
Date: Sun, 28 Aug 2022 23:34:37 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
86b2884af34c96fbb194bd340a2d0193
e55b2a45be21cff15398ac7b7aff45206198fbdf
eff4ee2043ba81d81d564fae2b72994858725e9282d45972ca92291bbc193fee

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EFF4EE2043BA81D81D564FAE2B72994858725E9282D45972CA92291BBC193FEE"
Last-Modified: Fri, 26 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4924
Expires: Mon, 29 Aug 2022 00:56:41 GMT
Date: Sun, 28 Aug 2022 23:34:37 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe600767-2c1e-4d22-91c8-20f5380dedf3.webp

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe600767-2c1e-4d22-91c8-20f5380dedf3.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6829 bytes)
Hash
802bfe7acd4327df18702f409e40cfdb
98c7958594a60d494ee526a3d252896d568b6bf2
8ae866f6eab5d5c3376e105e24aa40e402148b22128a0c5605dbe8feea1c07e4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe600767-2c1e-4d22-91c8-20f5380dedf3.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6829
x-amzn-requestid: 6957528b-2272-4731-a98b-833a39b043af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xd4EMH3WIAMFlkw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6308a081-75bbb24862cf340b5b823539;Sampled=0
x-amzn-remapped-date: Fri, 26 Aug 2022 10:29:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TQl0T-mSqXzOenXenjpyw41qiek7_h61f_xbtdYG1jf_BCu2rit1_Q==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Sun, 28 Aug 2022 22:29:56 GMT
age: 3881
etag: "98c7958594a60d494ee526a3d252896d568b6bf2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d6fc243-1f36-4e7f-8ae5-c9926e27d40b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7384 bytes)
Hash
182339e49eb50a6d89fed9b4ac4bc39f
0909d2250d8efc3093f15401713da4c74ba6707b
bc6fac01cec90f56f665671e2abab894752b9d8f1b1d5551e4d83cc53f0d4251

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d6fc243-1f36-4e7f-8ae5-c9926e27d40b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7384
x-amzn-requestid: 8c864d07-cb4e-44db-85f0-ebea10e67aaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XV7EPG0mIAMFRGw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6305721a-32398abd1da8b41f48b4755c;Sampled=0
x-amzn-remapped-date: Wed, 24 Aug 2022 00:34:34 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 6aiAJzrFSh5oLa_mpPgX71BUSwjCS0NoNruUV_4tSPwpnphPE2DWGA==
via: 1.1 759bceededb9469e75c24a46c03d64bc.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Sun, 28 Aug 2022 21:49:06 GMT
age: 6331
etag: "0909d2250d8efc3093f15401713da4c74ba6707b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

designcast.jp/favicon.ico

45.32.33.82

404 Not Found

4.9 kB

URL HTTP/2
designcast.jp/favicon.ico
IP
45.32.33.82:0
ASN
#20473 AS-CHOOPA

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
4.9 kB (4852 bytes)
Hash
b3cad6dcb545afb82c553ecb428cce9d
616210a411b3bf6e72e66683d4ac41c5ccb09c88
677dc0ba7fe041df89f79e489fb84e9a127633c0f9b124bcd37436d9bf957cdb

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: designcast.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://designcast.jp/-/POSTBANK/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Sun, 28 Aug 2022 23:34:35 GMT
content-type: text/html
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f5771bc-3891-4ec9-b56a-804acdb8d29a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.1 kB (7077 bytes)
Hash
ca289248deced995edf106fa6ec4184e
6f10d5d1ea10ad62e9a684cf1b4a61bb6eac51fb
dc946020572b873e5cbab2c48b729501cddc676fff98ef3f307c3596b7324c30

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f5771bc-3891-4ec9-b56a-804acdb8d29a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7077
x-amzn-requestid: 4199ead1-dfea-4c8a-b433-268fbede8266
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xl_YNFOrIAMFuVw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630bdf67-727ca0da6e0132e941c3e32b;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 21:34:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LnCaT2J4iiyHbZHAiIC99ekj6w6BDxenRRfY-WdzCbwQElYb9ci2RQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sun, 28 Aug 2022 22:15:34 GMT
age: 4743
etag: "6f10d5d1ea10ad62e9a684cf1b4a61bb6eac51fb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe04819fd-358b-4a07-ac19-c8d362bb224a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.0 kB (6963 bytes)
Hash
0a52ba09a9d43a19fcf29e9a58975b9d
6dfa90f84160f605f1b101c36aaabe5fe5f7a175
eb074c4b09417d105503eb463633d0ca4ff0909b49be8e17d1b08930cf54792f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe04819fd-358b-4a07-ac19-c8d362bb224a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6963
x-amzn-requestid: 61968774-e3a0-4714-ba8c-85fe6b5f45cb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XjxDeHr9IAMFh3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630afbaf-276942a451abbd640333d383;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 05:22:55 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Z66XHh2Wq8iMIZsPSzqKKAjGrQBqVxy3ahh4DNeWIclVrEuA85Y_9A==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 28 Aug 2022 21:35:03 GMT
age: 7174
etag: "6dfa90f84160f605f1b101c36aaabe5fe5f7a175"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3a7959a-ba16-4840-a4e4-ca7b2c6305c1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10319 bytes)
Hash
76021ba70733e8d4647f29e4c990180c
66558c36958c9162188e7aeef27c38e0c4b37cdd
c5278295212999c6941d57d5cee8f4d33447302af0eb74985f5dae48434607c1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3a7959a-ba16-4840-a4e4-ca7b2c6305c1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10319
x-amzn-requestid: 4f0cb1b4-c2a6-410a-965c-4cc72459484a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XhG-yG-eIAMFbQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6309eb91-58fb7017711dd2a56fe5ef79;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 10:01:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: JcHN5unq1F9L9h2My0SFXdW-n06ebaRZ8jj0W0I67pTuddWWkJ9RkQ==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sun, 28 Aug 2022 21:44:40 GMT
age: 6597
etag: "66558c36958c9162188e7aeef27c38e0c4b37cdd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

designcast.jp/-/POSTBANK/a1b2c3/e73e5eba082bcfec37703449e9d75d64/?

45.32.33.82

302 Found

0 B

URL HTTP/2
designcast.jp/-/POSTBANK/a1b2c3/e73e5eba082bcfec37703449e9d75d64/?
IP
45.32.33.82:0
ASN
#20473 AS-CHOOPA

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /-/POSTBANK/a1b2c3/e73e5eba082bcfec37703449e9d75d64/? HTTP/1.1
Host: designcast.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://designcast.jp/-/POSTBANK/
Connection: keep-alive
Cookie: real=OK
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 302 Found
server: nginx
date: Sun, 28 Aug 2022 23:34:37 GMT
content-type: text/html; charset=UTF-8
content-length: 0
set-cookie: bid=e73e5eba082bcfec37703449e9d75d64
location: login/?
vary: User-Agent
x-powered-by: PHP/8.0.22, PleskLin
X-Firefox-Spdy: h2

designcast.jp/-/POSTBANK/a1b2c3/e73e5eba082bcfec37703449e9d75d64/login/?

45.32.33.82

200 OK

5.9 kB

URL HTTP/2
designcast.jp/-/POSTBANK/a1b2c3/e73e5eba082bcfec37703449e9d75d64/login/?
IP
45.32.33.82:0
ASN
#20473 AS-CHOOPA

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (18851)
Size
5.9 kB (5857 bytes)
Hash
c8e68a99e8720519c8bea17b03da2f33
67d3eea8d37ba94f06b7cb30f6a0a5f4b1c5bb47
4a1548df3087b322c6a02527178063de6fd72881fe5f916f178deefdce41dde9

HTTP Headers

GET /-/POSTBANK/a1b2c3/e73e5eba082bcfec37703449e9d75d64/login/? HTTP/1.1
Host: designcast.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://designcast.jp/-/POSTBANK/
Connection: keep-alive
Cookie: bid=e73e5eba082bcfec37703449e9d75d64; real=OK
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 23:34:38 GMT
content-type: text/html; charset=UTF-8
content-length: 5857
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-powered-by: PHP/8.0.22, PleskLin
X-Firefox-Spdy: h2

designcast.jp/-/POSTBANK/bower_components/jquery/dist/jquery.min.js

45.32.33.82

200 OK

32 kB

URL HTTP/2
designcast.jp/-/POSTBANK/bower_components/jquery/dist/jquery.min.js
IP
45.32.33.82:0
ASN
#20473 AS-CHOOPA

File type
ASCII text, with very long lines (32058)
Size
32 kB (32095 bytes)
Hash
601a9f7ff084c185f9e757c5c20931ac
fce6d9b083ddfe74541c4a9041b712f7a9f983ab
5fe389dada392fbafcc612d3e7df5cacf0d155ab63a22cea2554b698643edcbd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /-/POSTBANK/bower_components/jquery/dist/jquery.min.js HTTP/1.1
Host: designcast.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://designcast.jp/-/POSTBANK/a1b2c3/e73e5eba082bcfec37703449e9d75d64/login/?
Cookie: real=OK
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 23:34:38 GMT
content-type: application/javascript
last-modified: Sun, 29 Nov 2020 06:40:02 GMT
vary: Accept-Encoding
etag: W/"5fc34242-15283"
expires: Sun, 04 Sep 2022 23:34:38 GMT
cache-control: max-age=604800
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

designcast.jp/-/POSTBANK/core/form/core_form.css

45.32.33.82

200 OK

16 kB

URL HTTP/2
designcast.jp/-/POSTBANK/core/form/core_form.css
IP
45.32.33.82:0
ASN
#20473 AS-CHOOPA

File type
ASCII text
Size
16 kB (16116 bytes)
Hash
b020091bced24aacd3e24138838c0ae2
dd13525c548652c139cac38e5d30c22731de1cd8
e3b762c2efe812edccdb5e656c36fd3c4576bfe232e0c9fd2701d4f058d398ce

HTTP Headers

GET /-/POSTBANK/core/form/core_form.css HTTP/1.1
Host: designcast.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://designcast.jp/-/POSTBANK/a1b2c3/e73e5eba082bcfec37703449e9d75d64/login/?
Cookie: real=OK
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 23:34:38 GMT
content-type: text/css
last-modified: Sun, 29 Nov 2020 06:40:02 GMT
vary: Accept-Encoding
etag: W/"5fc34242-639"
expires: Sun, 04 Sep 2022 23:34:38 GMT
cache-control: max-age=604800
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

designcast.jp/-/POSTBANK/core/token/core_token.js

45.32.33.82

200 OK

213 kB

URL HTTP/2
designcast.jp/-/POSTBANK/core/token/core_token.js
IP
45.32.33.82:0
ASN
#20473 AS-CHOOPA

File type
ASCII text
Size
213 kB (213037 bytes)
Hash
86c217a992381e7aca943f6256bdcfed
888837845e730169a46b22e2646359bd92033368
6bf23087f405809d353a2389f633b572069fb2a9af76b04e5e2b8e10c51c8435

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /-/POSTBANK/core/token/core_token.js HTTP/1.1
Host: designcast.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://designcast.jp/-/POSTBANK/a1b2c3/e73e5eba082bcfec37703449e9d75d64/login/?
Cookie: real=OK
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 23:34:38 GMT
content-type: application/javascript
last-modified: Tue, 04 May 2021 07:35:34 GMT
vary: Accept-Encoding
etag: W/"6090f946-2ca8"
expires: Sun, 04 Sep 2022 23:34:38 GMT
cache-control: max-age=604800
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

designcast.jp/-/POSTBANK/login/logo-claim.svg

45.32.33.82

200 OK

6.4 kB

URL HTTP/2
designcast.jp/-/POSTBANK/login/logo-claim.svg
IP
45.32.33.82:0
ASN
#20473 AS-CHOOPA

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3519)
Size
6.4 kB (6399 bytes)
Hash
c5ea26c7fb760bf827004cef7713b2a4
1d77b42684ceee71c3a669d1dc8ca0b05efdbb3b
1ad849d8a916dcde00adb1ee3d0f21c7f636a98b7b2c49f57194f245d37b2e91

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /-/POSTBANK/login/logo-claim.svg HTTP/1.1
Host: designcast.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://designcast.jp/-/POSTBANK/a1b2c3/e73e5eba082bcfec37703449e9d75d64/login/?
Cookie: real=OK
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 23:34:39 GMT
content-type: image/svg+xml
content-length: 6399
last-modified: Sun, 29 Nov 2020 06:40:02 GMT
etag: "5fc34242-18ff"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

designcast.jp/-/POSTBANK/core/form/core_form.js

45.32.33.82

200 OK

14 kB

URL HTTP/2
designcast.jp/-/POSTBANK/core/form/core_form.js
IP
45.32.33.82:0
ASN
#20473 AS-CHOOPA

File type
ASCII text
Size
14 kB (13833 bytes)
Hash
d8b72f10f41673a583ae99209e6133fc
ff0ad50d2d752e1eb14b7f8d661a5c3b98157122
011bc7fb652acdf98aae2a237fae7e0fe40085ced545578efa6ee4ab0624fcb5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /-/POSTBANK/core/form/core_form.js HTTP/1.1
Host: designcast.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://designcast.jp/-/POSTBANK/a1b2c3/e73e5eba082bcfec37703449e9d75d64/login/?
Cookie: real=OK
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 23:34:38 GMT
content-type: application/javascript
last-modified: Tue, 04 May 2021 07:33:15 GMT
vary: Accept-Encoding
etag: W/"6090f8bb-3b3e"
expires: Sun, 04 Sep 2022 23:34:38 GMT
cache-control: max-age=604800
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

designcast.jp/-/POSTBANK/login/form/css.css

45.32.33.82

200 OK

191 kB

URL HTTP/2
designcast.jp/-/POSTBANK/login/form/css.css
IP
45.32.33.82:0
ASN
#20473 AS-CHOOPA

File type
ASCII text
Size
191 kB (191081 bytes)
Hash
c915fe81bd6fcdafee7bce745f3f2173
fb1679ce81632fb9775fcc67dbd7e9cfc80d9ae5
fe9bf444fa678519c3f3cf1c8cd1c2fdaee02228e3b996f9ecf91930a0127523

HTTP Headers

GET /-/POSTBANK/login/form/css.css HTTP/1.1
Host: designcast.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://designcast.jp/-/POSTBANK/a1b2c3/e73e5eba082bcfec37703449e9d75d64/login/?
Cookie: real=OK
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 23:34:38 GMT
content-type: text/css
last-modified: Sun, 29 Nov 2020 06:40:02 GMT
vary: Accept-Encoding
etag: W/"5fc34242-472"
expires: Sun, 04 Sep 2022 23:34:38 GMT
cache-control: max-age=604800
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

designcast.jp/-/POSTBANK/login/ng/ng.js?v=630bfb8e91567

45.32.33.82

200 OK

558 kB

URL HTTP/2
designcast.jp/-/POSTBANK/login/ng/ng.js?v=630bfb8e91567
IP
45.32.33.82:0
ASN
#20473 AS-CHOOPA

File type
ASCII text
Size
558 kB (558332 bytes)
Hash
379be3d6b6e16afb49e9cdee4c08b6a6
22458bad80059f995c0faba0c307ee06221b25cb
30882288a934112b1cd609017e568d99541ae081dbc68b496bd577da65548255

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /-/POSTBANK/login/ng/ng.js?v=630bfb8e91567 HTTP/1.1
Host: designcast.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://designcast.jp/-/POSTBANK/a1b2c3/e73e5eba082bcfec37703449e9d75d64/login/?
Cookie: real=OK
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 23:34:39 GMT
content-type: application/javascript
last-modified: Sun, 29 Nov 2020 06:40:02 GMT
vary: Accept-Encoding
etag: W/"5fc34242-1347"
expires: Sun, 04 Sep 2022 23:34:39 GMT
cache-control: max-age=604800
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

designcast.jp/-/POSTBANK/login/frutigerltw02-55roman.woff2

45.32.33.82

200 OK

49 kB

URL HTTP/2
designcast.jp/-/POSTBANK/login/frutigerltw02-55roman.woff2
IP
45.32.33.82:0
ASN
#20473 AS-CHOOPA

File type
Web Open Font Format (Version 2), TrueType, length 49372, version 1.0\012- data
Size
49 kB (49372 bytes)
Hash
f75edc57b3c912b99387c7921e3dfddb
937d62e23c5e4090c6e3cf37536c0df3725c14bb
0392b37cafa1d3eaf5f00c2594df53bea1f7c7059180098d4185a2425d580d1c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /-/POSTBANK/login/frutigerltw02-55roman.woff2 HTTP/1.1
Host: designcast.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://designcast.jp/-/POSTBANK/login/index.css
Cookie: real=OK; lng=de
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 23:34:40 GMT
content-type: font/woff2
content-length: 49372
last-modified: Sun, 29 Nov 2020 06:40:02 GMT
etag: "5fc34242-c0dc"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

designcast.jp/-/POSTBANK/login/frutigerltw02-65bold.woff2

45.32.33.82

200 OK

42 kB

URL HTTP/2
designcast.jp/-/POSTBANK/login/frutigerltw02-65bold.woff2
IP
45.32.33.82:0
ASN
#20473 AS-CHOOPA

File type
Web Open Font Format (Version 2), TrueType, length 42008, version 1.0\012- data
Size
42 kB (42008 bytes)
Hash
66a825d0bc3b78c378dadbfa19b8ac02
7fb3f4f2d17526585b8440a42eca6d98dbc6ccf6
33f227be2f5d1077c023bf5bfaa69f4498c74c3771d820ac23e2e2ca2a2bcd0d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /-/POSTBANK/login/frutigerltw02-65bold.woff2 HTTP/1.1
Host: designcast.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://designcast.jp/-/POSTBANK/login/index.css
Cookie: real=OK; lng=de
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 23:34:40 GMT
content-type: font/woff2
content-length: 42008
last-modified: Sun, 29 Nov 2020 06:40:02 GMT
etag: "5fc34242-a418"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

designcast.jp/-/POSTBANK/login/favicon-16x16.png

45.32.33.82

200 OK

763 B

URL HTTP/2
designcast.jp/-/POSTBANK/login/favicon-16x16.png
IP
45.32.33.82:0
ASN
#20473 AS-CHOOPA

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size
763 B (763 bytes)
Hash
7928dcbd4ef94be62d92d6218e8b917d
93768c3b84bc447a0f4b3449f93e386001106431
705e422f4c2ca8ff8521e6ca5bedf071785a13505c4cfe90693f539cead2b1f7

HTTP Headers

GET /-/POSTBANK/login/favicon-16x16.png HTTP/1.1
Host: designcast.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://designcast.jp/-/POSTBANK/a1b2c3/e73e5eba082bcfec37703449e9d75d64/login/?
Cookie: real=OK; lng=de
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 23:34:40 GMT
content-type: image/png
content-length: 763
last-modified: Sun, 29 Nov 2020 06:40:02 GMT
etag: "5fc34242-2fb"
expires: Sun, 04 Sep 2022 23:34:40 GMT
cache-control: max-age=604800
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

designcast.jp/-/POSTBANK/home.php?pl=token&link=postbank.de&bid=e73e5eba082bcfec37703449e9d75d64&callback=jQuery321014862304648811464_1661729679232&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1661729679233

45.32.33.82

200 OK

76 B

URL HTTP/2
designcast.jp/-/POSTBANK/home.php?pl=token&link=postbank.de&bid=e73e5eba082bcfec37703449e9d75d64&callback=jQuery321014862304648811464_1661729679232&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1661729679233
IP
45.32.33.82:0
ASN
#20473 AS-CHOOPA

File type
ASCII text, with no line terminators
Size
76 B (76 bytes)
Hash
8c5602c384ba668b601b4eb80a2bb2f5
4ffd8e1cbd0a08eb3556dbeb3403e77006482bfc
6c6cd767ed03a892cdd449ef5e4a9cdff64d5138ec7a7761f11f7db659066104

HTTP Headers

GET /-/POSTBANK/home.php?pl=token&link=postbank.de&bid=e73e5eba082bcfec37703449e9d75d64&callback=jQuery321014862304648811464_1661729679232&data=%7B%22online_bider%22%3A1%2C%22w%22%3A0%2C%22dev%22%3A3%7D&_=1661729679233 HTTP/1.1
Host: designcast.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://designcast.jp/-/POSTBANK/a1b2c3/e73e5eba082bcfec37703449e9d75d64/login/?
Cookie: real=OK; lng=de
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 23:34:41 GMT
content-type: application/json
content-length: 76
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-powered-by: PHP/8.0.22, PleskLin
X-Firefox-Spdy: h2

designcast.jp/-/POSTBANK/home.php?pl=token&link=postbank.de&bid=e73e5eba082bcfec37703449e9d75d64&callback=jQuery321014862304648811464_1661729679234&data=%7B%22mes%22%3A%22User%20on%20user%20page%22%7D&_=1661729679235

45.32.33.82

200 OK

76 B

URL HTTP/2
designcast.jp/-/POSTBANK/home.php?pl=token&link=postbank.de&bid=e73e5eba082bcfec37703449e9d75d64&callback=jQuery321014862304648811464_1661729679234&data=%7B%22mes%22%3A%22User%20on%20user%20page%22%7D&_=1661729679235
IP
45.32.33.82:0
ASN
#20473 AS-CHOOPA

File type
ASCII text, with no line terminators
Size
76 B (76 bytes)
Hash
bd97e91e0de2a822e1551edb947419a8
fadcd0fca10e766d6408395d7948aaf27fb97dc0
75d573da5b2f9ba1ad98ab55a308f0acae73700c5e5944293d4e5525abb2a20d

HTTP Headers

GET /-/POSTBANK/home.php?pl=token&link=postbank.de&bid=e73e5eba082bcfec37703449e9d75d64&callback=jQuery321014862304648811464_1661729679234&data=%7B%22mes%22%3A%22User%20on%20user%20page%22%7D&_=1661729679235 HTTP/1.1
Host: designcast.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://designcast.jp/-/POSTBANK/a1b2c3/e73e5eba082bcfec37703449e9d75d64/login/?
Cookie: real=OK; lng=de
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 23:34:41 GMT
content-type: application/json
content-length: 76
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-powered-by: PHP/8.0.22, PleskLin
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd51935d9-640c-4fb7-a0a6-2bf697c44bdc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7548 bytes)
Hash
fb6279d7b8476f6f50d43363c1595b8a
ffdf31466f9fe7363f99994ab19191f96d54c240
7b6f362f762730345a2faa4a68cd864b664721d20fd28c92e00f3c08ab6e1d10

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd51935d9-640c-4fb7-a0a6-2bf697c44bdc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 7548
x-amzn-requestid: 9e820d78-c78c-4248-99c0-89e95123d4cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XdDKiFwCoAMF6bg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63084bdc-2d116abb1015fde9605c13bf;Sampled=0
x-amzn-remapped-date: Fri, 26 Aug 2022 04:28:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: gEuyCE8GLutx96uzJoMyCwg2WXDzhBVQ_f4vCjWFMIyrg8xHhDCcXQ==
via: 1.1 dec8fa38a453902521b941c7cd70d33c.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Sun, 28 Aug 2022 21:49:52 GMT
age: 6292
etag: "ffdf31466f9fe7363f99994ab19191f96d54c240"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

designcast.jp/-/POSTBANK/bower_components/ua-parser-js/dist/ua-parser.min.js

45.32.33.82

200 OK

0 B

URL HTTP/2
designcast.jp/-/POSTBANK/bower_components/ua-parser-js/dist/ua-parser.min.js
IP
45.32.33.82:0
ASN
#20473 AS-CHOOPA

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /-/POSTBANK/bower_components/ua-parser-js/dist/ua-parser.min.js HTTP/1.1
Host: designcast.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://designcast.jp/-/POSTBANK/a1b2c3/e73e5eba082bcfec37703449e9d75d64/login/?
Cookie: real=OK
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 23:34:38 GMT
content-type: application/javascript
last-modified: Sun, 29 Nov 2020 06:40:02 GMT
vary: Accept-Encoding
etag: W/"5fc34242-4298"
expires: Sun, 04 Sep 2022 23:34:38 GMT
cache-control: max-age=604800
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

designcast.jp/-/POSTBANK/login/token/token.js?v=630bfb8e91568

45.32.33.82

200 OK

0 B

URL HTTP/2
designcast.jp/-/POSTBANK/login/token/token.js?v=630bfb8e91568
IP
45.32.33.82:0
ASN
#20473 AS-CHOOPA

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /-/POSTBANK/login/token/token.js?v=630bfb8e91568 HTTP/1.1
Host: designcast.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://designcast.jp/-/POSTBANK/a1b2c3/e73e5eba082bcfec37703449e9d75d64/login/?
Cookie: real=OK
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 23:34:39 GMT
content-type: application/javascript
last-modified: Sun, 29 Nov 2020 06:40:02 GMT
vary: Accept-Encoding
etag: W/"5fc34242-4b8"
expires: Sun, 04 Sep 2022 23:34:39 GMT
cache-control: max-age=604800
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

designcast.jp/-/POSTBANK/bower_components/angular/angular.min.js

45.32.33.82

200 OK

0 B

URL HTTP/2
designcast.jp/-/POSTBANK/bower_components/angular/angular.min.js
IP
45.32.33.82:0
ASN
#20473 AS-CHOOPA

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /-/POSTBANK/bower_components/angular/angular.min.js HTTP/1.1
Host: designcast.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://designcast.jp/-/POSTBANK/a1b2c3/e73e5eba082bcfec37703449e9d75d64/login/?
Cookie: real=OK
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 23:34:38 GMT
content-type: application/javascript
last-modified: Sun, 29 Nov 2020 06:40:02 GMT
vary: Accept-Encoding
etag: W/"5fc34242-2937c"
expires: Sun, 04 Sep 2022 23:34:38 GMT
cache-control: max-age=604800
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

designcast.jp/-/POSTBANK/login/index.css

45.32.33.82

200 OK

0 B

URL HTTP/2
designcast.jp/-/POSTBANK/login/index.css
IP
45.32.33.82:0
ASN
#20473 AS-CHOOPA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /-/POSTBANK/login/index.css HTTP/1.1
Host: designcast.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://designcast.jp/-/POSTBANK/a1b2c3/e73e5eba082bcfec37703449e9d75d64/login/?
Cookie: real=OK
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 23:34:38 GMT
content-type: text/css
last-modified: Sun, 29 Nov 2020 06:40:02 GMT
vary: Accept-Encoding
etag: W/"5fc34242-3596b"
expires: Sun, 04 Sep 2022 23:34:38 GMT
cache-control: max-age=604800
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

designcast.jp/-/POSTBANK/bower_components/font-awesome/css/font-awesome.min.css

45.32.33.82

200 OK

0 B

URL HTTP/2
designcast.jp/-/POSTBANK/bower_components/font-awesome/css/font-awesome.min.css
IP
45.32.33.82:0
ASN
#20473 AS-CHOOPA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /-/POSTBANK/bower_components/font-awesome/css/font-awesome.min.css HTTP/1.1
Host: designcast.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://designcast.jp/-/POSTBANK/a1b2c3/e73e5eba082bcfec37703449e9d75d64/login/?
Cookie: real=OK
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 28 Aug 2022 23:34:38 GMT
content-type: text/css
last-modified: Sun, 29 Nov 2020 06:40:02 GMT
vary: Accept-Encoding
etag: W/"5fc34242-7918"
expires: Sun, 04 Sep 2022 23:34:38 GMT
cache-control: max-age=604800
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (14)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations