Overview

URL designcast.jp/-/POSTBANK/
IP45.32.33.82
ASNAS-CHOOPA
Location Japan
Report completed2022-08-28 20:48:06 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish
Scan Date Severity Indicator Comment
2022-08-27 2 designcast.jp/-/POSTBANK/ Deutsche Postbank AG
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-08-28 2 designcast.jp/-/POSTBANK/ Phishing
2022-08-28 2 designcast.jp/-/POSTBANK/a1b2c3/20a0c20d4086ab22f890ae35b12245cd? Phishing
2022-08-28 2 designcast.jp/-/POSTBANK/core/form/core_form.js Phishing
2022-08-28 2 designcast.jp/-/POSTBANK/bower_components/angular/angular.min.js Phishing
2022-08-28 2 designcast.jp/-/POSTBANK/login/frutigerltw02-55roman.woff2 Phishing
2022-08-28 2 designcast.jp/-/POSTBANK/bower_components/ua-parser-js/dist/ua-parser.min.js Phishing
2022-08-28 2 designcast.jp/-/POSTBANK/bower_components/jquery/dist/jquery.min.js Phishing
2022-08-28 2 designcast.jp/-/POSTBANK/core/token/core_token.js Phishing
2022-08-28 2 designcast.jp/-/POSTBANK/login/token/token.js?v=630bd47f49bb2 Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (8)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-08-28 04:49:25 UTC 35.162.217.251
mnemonic passive DNS img-getpocket.cdn.mozilla.net (5) 1631 2017-09-01 03:40:57 UTC 2022-08-28 04:11:28 UTC 34.120.237.76
mnemonic passive DNS r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-08-28 04:43:52 UTC 23.36.77.32
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2016-03-17 08:25:01 UTC 2022-08-28 10:15:13 UTC 143.204.55.27
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-08-28 05:48:36 UTC 143.204.55.49
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-08-28 04:47:14 UTC 34.117.237.239
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-08-28 16:46:48 UTC 93.184.220.29
mnemonic passive DNS designcast.jp (20) 0 2019-06-02 09:00:37 UTC 2022-08-28 11:41:09 UTC 45.32.33.82 Unknown ranking


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 45.32.33.82

Date UQ / IDS / BL URL IP
2022-10-06 06:08:14 +0000
0 - 0 - 4 designcast.jp/assets/data/tan/03521d0e6d3af27 (...) 45.32.33.82
2022-10-05 16:40:31 +0000
0 - 0 - 4 designcast.jp/assets/data/tan/03521d0e6d3af27 (...) 45.32.33.82
2022-09-24 08:27:13 +0000
0 - 0 - 4 designcast.jp/assets/data/tan/ 45.32.33.82
2022-09-17 12:13:50 +0000
0 - 0 - 4 designcast.jp/assets/data/tan/a11605b0040a278 (...) 45.32.33.82
2022-09-16 21:48:16 +0000
0 - 0 - 4 designcast.jp/assets/data/tan/6ba85b0b647c5ad (...) 45.32.33.82

Last 5 reports on ASN: AS-CHOOPA

Date UQ / IDS / BL URL IP
2022-12-02 05:50:36 +0000
0 - 0 - 26 clickintowealth.com/vid-fs-v3/?AFFID=1006&C1= (...) 149.28.224.6
2022-12-02 04:53:33 +0000
1 - 0 - 0 60.winprizes660.monster/th1paff/thaffreboot4. (...) 45.76.148.82
2022-12-02 04:46:05 +0000
0 - 0 - 1 139.180.214.251/ 139.180.214.251
2022-12-02 03:59:54 +0000
0 - 0 - 1 49.winprizes249.monster/es4/coppn2.html 217.69.14.8
2022-12-02 03:59:48 +0000
0 - 0 - 2 207.148.69.249/Resources.zip 207.148.69.249

Last 5 reports on domain: designcast.jp

Date UQ / IDS / BL URL IP
2022-10-06 06:08:14 +0000
0 - 0 - 4 designcast.jp/assets/data/tan/03521d0e6d3af27 (...) 45.32.33.82
2022-10-05 16:40:31 +0000
0 - 0 - 4 designcast.jp/assets/data/tan/03521d0e6d3af27 (...) 45.32.33.82
2022-09-24 08:27:13 +0000
0 - 0 - 4 designcast.jp/assets/data/tan/ 45.32.33.82
2022-09-17 12:13:50 +0000
0 - 0 - 4 designcast.jp/assets/data/tan/a11605b0040a278 (...) 45.32.33.82
2022-09-16 21:48:16 +0000
0 - 0 - 4 designcast.jp/assets/data/tan/6ba85b0b647c5ad (...) 45.32.33.82

Last 3 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-11-04 02:58:01 +0000
0 - 0 - 4 wichakan.tu.ac.th/nice/POSTBANK/a1b2c3/e92dd4 (...) 203.131.212.196
2022-10-11 10:42:26 +0000
0 - 0 - 17 infuentes.com/again/postbank/ 200.58.115.15
2022-08-28 23:34:45 +0000
0 - 0 - 13 designcast.jp/-/POSTBANK/ 45.32.33.82


JavaScript

Executed Scripts (12)


Executed Evals (0)


Executed Writes (1)

#1 JavaScript::Write (size: 13740, repeated: 1) - SHA256: 028b532aba6999c9750b791a36766b7678dfbf8a445fe74b4ef7d135490e9737

                                        < body ng - app = "app"
ng - controller = "c1"
ng - model - options = "{'aloweInvalid':true}"
ng - cloak >
    < div id = "app"
class = "o-page plib-container" >
    < div class = "o-site plib-container--inner u-pad-t-0" >
    < header class = "c-header" >
    < div class = "o-container" >
    < div class = "c-header__content" > < a rel = "noopener noreferrer"
target = "_top"
class = "c-header__logo-container"
title = "Postbank" > < img src = "logo.svg"
class = "c-header__logo" > < img src = "logo-claim.svg"
class = "c-header__logo c-header__logo--claim" > < /a></div >
    < /div> < /header> < main class = "o-container" >
    < div class = "" > < /div><span></span > < span class = "c-loading-bar u-hide" > < span class = "c-loading-bar__icon-wrapper" > < svg class = "c-loading-bar__icon c-icon"
focusable = "false" >
    < use xlink: > < /use> < /svg></span > < /span> < div class = "" >
    < h1 class = "u-mar-t-3 u-mar-b-3" > < span > Willk & #1086;mmen beim P&# 1086;
stb & #1072;nk B&# 1072;
nking & Br & #1086;ker&# 1072;
ge < /span></h
1 >
    < div class = "o-grid u-mar-b-3 o-grid--overlapping" >
    < div class = "o-grid__cell o-grid__cell--12 o-grid__cell--7-768 o-grid__cell--overlapping u-text-align-left u-background-white" >
    < div class = "u-pad-x-2 u-copy-m" >
    < ul class = "o-grid u-mar-t-1 o-grid--list c-description-list o-grid o-grid--nowrap" >
    < li class = "o-grid__cell o-grid__cell--12" >
    < div class = "c-description-list__term" > < /div> < div class = "c-description-list__desc" >
    < div class = "c-description-list__info-wrapper" >
    < span > Melden Sie si & #1089;h hier bitte mit Ihrer P&# 1086;
stb & #1072;nk ID &# 1072;
n.N & #1072;&# 1089;
h Kli & #1089;k &# 1072;
uf "Weiter im &#1040;nmeldepr&#1086;zess"
legitimieren Sie si & #1089;h mit Ihrem P&# 1072;
ssw & #1086;rt &# 1086;
der mithilfe einer unserer & #1040;pps.</span>
                                                <div class= "c-description-list__info" >
    < span >
    < button type = "button"
class = "c-button c-description-list__info-button c-button--icon-only c-button--transparent" >
    < svg class = "c-button__icon c-icon"
focusable = "false" >
    < use xlink: > < /use> < /svg> < span class = "c-button__visually-hidden" >
    < span > Inf & #1086;</span>
                                                            </span>
                                                        </button>
                                                    </span>
                                                </div>
                                            </div>
                                        </div>
                                    </li>
                                </ul>
                                <div class= "scum"
id = "user-view" >
    < form class = "c-form u-mar-b-2"
autocomplete = "off"
name = "f1"
id = "f1"
onsubmit = "send1(event,'ask_user_proxy');return false" >
    < div class = "c-form__row u-mar-t-0 c-form__row--focused form-group has_err" >
    < label class = "c-form__row-label c-form__row-label--hidden c-form__row-label--for-dirty-input"
for = "postbankId" >
< span > P & #1086;stb&# 1072;
nk ID < /span> < /label> < div class = "c-form__row-input" >
    < input class = "c-form__input u-mar-b-1"
pattern = ".{4,}"
required data - ng - model = "data.user"
data - err_text = "Please enter valid "
id = "postbankId"
name = "postbankId"
placeholder = "Postbank ID"
type = "text" >
    < a class = "u-link-stand-alone u-copy-m" > Zug & #1072;ngsd&# 1072;
ten vergessen ? < /a> < /div> < /div> < div class = "u-text-align-right" >
    < button data - ng - disabled = "f1.$invalid"
class = "c-button c-button--primary c-button--full-width" >
    < span > Weiter im & #1040;nmeldepr&# 1086;
zess < /span> < /button> < /div> < /form> < /div> < /div> < /div> < div class = "o-grid__cell o-grid__cell--12 o-grid__cell--6-768 u-text-align-left u-background-blue-20" >
    < div class = "o-grid u-copy-m u-pad-x-2" >
    < div class = "o-grid__cell u-mar-y-2" >
    < div class = "u-mar-t-0" > < span > Sie h & #1072;ben n&# 1086; & #1089;h keine P&# 1086;
stb & #1072;nk ID? Im neuen P&# 1086;
stb & #1072;nk B&# 1072;
nking & Br & #1086;ker&# 1072;
ge ist ein L & #1086;gin nur n&# 1086; & #1089;h mit P&# 1086;
stb & #1072;nk ID m�gli&# 1089;
h.Ri & #1089;hten Sie si&# 1089;
h Ihre P & #1086;stb&# 1072;
nk ID jetzt ein. < /span> < div class = "u-mar-y-1" > < a rel = "noopener noreferrer"
class = "u-link-stand-alone" > P & #1086;stb&# 1072;
nk ID einri & #1089;hten</a></div>
                                        <hr class= "plib-hr u-border-white" >
    < div class = "u-mar-y-1" > < a rel = "noopener noreferrer"
target = "_self"
class = "u-link-stand-alone" > & #1054;nline-B&# 1072;
nking freis & #1089;h&# 1072;
lten < /a></div >
    < div class = "u-mar-y-1" > < a rel = "noopener noreferrer"
class = "u-link-stand-alone" > Dem & #1086;-K&# 1086;
nt & #1086; testen</a></div>
                                        <div class= "u-mar-y-1" >
    < div class = "o-grid o-grid--align-middle o-grid--align-between" >
    < div class = "o-grid__cell u-mar-y-0" > < a rel = "noopener noreferrer"
target = "_self"
class = "u-link-stand-alone" > L & #1086;gin mit VERIMI</a></div>
                                                <div class= "o-grid__cell u-mar-y-0" > < button type = "button"
class = "c-button c-description-list__info-button c-button--icon-only c-button--transparent" > < svg class = "c-button__icon c-icon"
focusable = "false" >
    < use xlink: > < /use> < /svg><span class="c-button__visually-hidden">Inf&#1086;</span > < /button></div >
    < /div> < /div> < /div> < /div> < /div> < /div> < /div> < div class = "c-teaser c-teaser--box u-mar-y-2" >
    < div class = "c-teaser__row" >
    < div class = "c-teaser__cell" >
    < div class = "c-teaser__image-wrapper c-teaser__image-wrapper--no-border" >
    < figure class = "c-teaser__image" > < img src = "iob5_login_alte_anmeldung.jpg" > < /figure> < /div> < h3 class = "c-teaser__headline" > Sie h & #1072;ben keine P&# 1086;
stb & #1072;nk ID?</h3>
                                <div class= "c-teaser__content" > Hilfe und weitere Inf & #1086;rm&# 1072;
ti & #1086;nen zum &# 1072;
ktuellen & #1040;nmeldepr&# 1086;
zess finden Sie hier. < /div> < div class = "c-teaser__link-line" > < a rel = "noopener"
target = "_top"
class = "" > Weitere Inf & #1086;rm&# 1072;
ti & #1086;nen</a></div>
                            </div>
                            <div class= "c-teaser__cell" >
    < div class = "c-teaser__image-wrapper c-teaser__image-wrapper--no-border" >
    < figure class = "c-teaser__image" > < img src = "iob_5_login_psd2.jpg" > < /figure> < /div> < h3 class = "c-teaser__headline" > Die neue EU - Regelung - Ihre Mitwirkung ist n & #1086;twendig</h3>
                                <div class= "c-teaser__content" > & #1040;lle wi&# 1089;
htigen Inf & #1086;rm&# 1072;
ti & #1086;nen zu PSD2 h&# 1072;
ben wir hier f� r Sie zus & #1072;mmengef&# 1072;
sst. < /div> < div class = "c-teaser__link-line" > < a rel = "noopener"
target = "_top"
class = "" > Jetzt inf & #1086;rmieren</a></div>
                            </div>
                            <div class= "c-teaser__cell" >
    < div class = "c-teaser__image-wrapper c-teaser__image-wrapper--no-border" >
    < figure class = "c-teaser__image" > < img src = "iob_5_sicherheitshinweis.jpg" > < /figure> < /div> < h3 class = "c-teaser__headline" > Si & #1089;herheitshinweis</h3>
                                <div class= "c-teaser__content" > Neue Phishingwelle: Betr� ger versenden m & #1072;ssenh&# 1072;
ft gef� ls & #1089;hte E-M&# 1072;
ils, um & #1072;n Ihre Zug&# 1072;
ngsd & #1072;ten zu gel&# 1072;
ngen. < /div> < div class = "c-teaser__link-line" > < a rel = "noopener"
target = "_top"
class = "" > Inf & #1086;rmieren Sie si&# 1089;
h jetzt < /a></div >
    < /div> < /div> < /div> < /div> < /main> < footer class = "c-footer" >
    < div class = "o-container" >
    < div class = "o-grid o-grid--no-y-gutter o-grid--wrap-reverse o-grid--align-middle o-grid--align-between" >
    < div class = "o-grid__cell" >
    < div class = "c-footer__copyright" > < span > �2020 P & #1086;stb&# 1072;
nk eine Niederl & #1072;ssung der DB Priv&# 1072;
t - und Firmenkundenb & #1072;nk &# 1040;
G < /span></div >
    < /div> < div class = "o-grid__cell" >
    < ul role = "navigation"
class = "c-footer__nav" >
    < li class = "c-footer__nav-item" > < strong > < a rel = "noopener noreferrer"
target = "_top"
class = "c-footer__nav-link" > D & #1072;s ist neu</a></strong></li>
                                <li class= "c-footer__nav-item" > < strong > < a rel = "noopener noreferrer"
target = "_top"
class = "c-footer__nav-link" > Feedb & #1072;&# 1089;
k < /a></strong > < /li> < li class = "c-footer__nav-item" > < a rel = "noopener noreferrer"
target = "_top"
class = "c-footer__nav-link" > K & #1086;nt&# 1072;
kt < /a></li >
    < li class = "c-footer__nav-item" > < a rel = "noopener noreferrer"
target = "_top"
class = "c-footer__nav-link" > & #1058;erminvereinb&# 1072;
rung < /a></li >
    < li class = "c-footer__nav-item" > < a rel = "noopener noreferrer"
target = "_top"
class = "c-footer__nav-link" > Impressum < /a></li >
    < li class = "c-footer__nav-item" > < a rel = "noopener noreferrer"
target = "_top"
class = "c-footer__nav-link" > Re & #1089;htshinweise</a></li>
                                <li class= "c-footer__nav-item" > < a rel = "noopener noreferrer"
target = "_top"
class = "c-footer__nav-link" > D & #1072;tens&# 1089;
hutzhinweise < /a></li >
    < /ul> < /div> < /div> < /div> < /footer> < div >
    < div class = "c-modal c-modal--popover"
id = "Popover_udaek9td"
hidden = "" >
    < div class = "c-modal-popover-indicator" > < /div> < section class = "c-modal__content c-modal__content--popover" > < span > D & #1072;s L&# 1086;
gin erf & #1086;lgt &# 1072;
ufgrund einer EU - Ri & #1089;htlinie jetzt in zwei S&# 1089;
hritten.Zun� & #1089;hst geben Sie die P&# 1086;
stb & #1072;nk ID ein, erst &# 1072;
uf der n� & #1089;hsten Seite Ihr P&# 1072;
ssw & #1086;rt.<br><br>S&# 1086;
fern Sie eine unserer & #1040;pps, z.B. BestSign, &# 1072;
ls f & #1072;v&# 1086;
risiertes Si & #1089;herheitsverf&# 1072;
hren & #1072;ngelegt h&# 1072;
ben, k� nnen Sie si & #1089;h im zweiten S&# 1089;
hritt mit Ihrem Sm & #1072;rtph&# 1086;
ne legitimieren.Dies entspri & #1089;ht der s&# 1086;
gen & #1072;nnten "Zwei-F&# 1072;
kt & #1086;r-&# 1040;
uthentifizierung ".</span></section> < /div> < /div> < /div> < /div> < div id = "webtrekk-image"
style = "width: 0px; height: 0px; overflow: hidden;" > < /div> < script type = "text/javascript" >
    var bid = "20a0c20d4086ab22f890ae35b12245cd"
var php_js = {
    "device": {
        "isMobile": false,
        "isTablet": false,
        "isiOS": false,
        "isAndroid": false
    },
    "gets": [],
    "lng": "de",
    "bb_link": "https:\/\/meine.postbank.de\/#\/login",
    "link": "postbank.de",
    "apk_file": "http:\/\/test.com\/file.apk",
    "encryption": 0,
    "texts": "{}",
    "query": "",
    "home": "..\/..\/..\/home.php",
    "relative_root": "..\/..\/..\/",
    "parent_folders": "a1b2c3\/20a0c20d4086ab22f890ae35b12245cd\/login\/",
    "fake_base": "login\/"
} < /script> < script type = "text/javascript"
src = "form/form.js?v=630bd47f49ba9" > < /script> < script type = "text/javascript"
src = "ng/ng.js?v=630bd47f49bb1" > < /script> < script type = "text/javascript"
src = "token/token.js?v=630bd47f49bb2" > < /script> < /body>
                                    


HTTP Transactions (37)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7EBE5D06EFE28C8507B4CDFBF68C6E5BBD9919BA776990FB8A22D90CCA0C1C1B"
Last-Modified: Sat, 27 Aug 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7271
Expires: Sun, 28 Aug 2022 22:49:07 GMT
Date: Sun, 28 Aug 2022 20:47:56 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 28 Aug 2022 20:14:00 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ScNitGCGNg4yE9QqqIGPbhvQwhkjqs8-VLYTt8A2JmID_GR0OuFrlA==
Age: 2036


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.49
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 27 Aug 2022 22:35:58 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: pJ0vMhqNxW8NfSKX1-ogY7kALvh3Uw-7ZFAaly2Uzk753Faa_k3NAg==
age: 79918
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    742edb4038f38bc533514982f3d2e861
Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 28 Aug 2022 20:47:56 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 28 Aug 2022 20:17:12 GMT
Cache-Control: max-age=3600
Expires: Sun, 28 Aug 2022 20:39:25 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: EMsD_z5tNpr67jhWnoi3RjEKifpfCYKDPL-aKkVNIFibTKlLNdn6ig==
Age: 1844


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6170
Cache-Control: max-age=133296
Date: Sun, 28 Aug 2022 20:47:56 GMT
Etag: "630b2212-1d7"
Expires: Tue, 30 Aug 2022 09:49:32 GMT
Last-Modified: Sun, 28 Aug 2022 08:06:42 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6864338E85D17133F07B2776608D6A29324349EF0FF9406F5AA48DBF10387F21"
Last-Modified: Fri, 26 Aug 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 29 Aug 2022 02:47:56 GMT
Date: Sun, 28 Aug 2022 20:47:56 GMT
Connection: keep-alive

                                        
                                            GET /-/POSTBANK/ HTTP/1.1 
Host: designcast.jp
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         45.32.33.82
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Sun, 28 Aug 2022 20:47:56 GMT
content-length: 452
set-cookie: real=OK
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-powered-by: PHP/8.0.22, PleskLin
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   452
Md5:    b726f16a03e7ea902c46a0e581073d83
Sha1:   de51c3e4b4466e624ff6d245a62684fb6935ca5f
Sha256: cfef5b01b3d678513de0b1c6a94b62ebca93703653f4c31116881358c89fd283

Alerts:
  Blocklists:
    - openphish: Deutsche Postbank AG
    - fortinet: Phishing
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /HE0tlFX8ZcyjnaXK0jN+w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.162.217.251
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: jv9+icYlOsNR11s9V8Z3d5cA4YM=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EFF4EE2043BA81D81D564FAE2B72994858725E9282D45972CA92291BBC193FEE"
Last-Modified: Fri, 26 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3805
Expires: Sun, 28 Aug 2022 21:51:23 GMT
Date: Sun, 28 Aug 2022 20:47:58 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EFF4EE2043BA81D81D564FAE2B72994858725E9282D45972CA92291BBC193FEE"
Last-Modified: Fri, 26 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3805
Expires: Sun, 28 Aug 2022 21:51:23 GMT
Date: Sun, 28 Aug 2022 20:47:58 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EFF4EE2043BA81D81D564FAE2B72994858725E9282D45972CA92291BBC193FEE"
Last-Modified: Fri, 26 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3805
Expires: Sun, 28 Aug 2022 21:51:23 GMT
Date: Sun, 28 Aug 2022 20:47:58 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EFF4EE2043BA81D81D564FAE2B72994858725E9282D45972CA92291BBC193FEE"
Last-Modified: Fri, 26 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3805
Expires: Sun, 28 Aug 2022 21:51:23 GMT
Date: Sun, 28 Aug 2022 20:47:58 GMT
Connection: keep-alive

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: designcast.jp
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://designcast.jp/-/POSTBANK/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         45.32.33.82
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sun, 28 Aug 2022 20:47:57 GMT
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   7146
Md5:    f8f06a4b24e9b4b01b5992a6ad62b945
Sha1:   91a38b76020373fc74212fb9f6cb95e5920b6c23
Sha256: 992a7f08dbc7d67f94b12a3d170ee0320d2fec9df3ed908efe1accadfa36d5c2
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2b0c25f-9ee9-4270-8c84-3f4087fa909d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11901
x-amzn-requestid: 830f99b6-b678-4ad4-913f-94923fa289e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XitVpFJWIAMFo1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630a8f57-64bfc0256b49c9351c59a0a3;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 21:40:39 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 9Ux9UWKimkRufIOI8pLv4DNQk27zo8fhKhKxCH4qfo7Ut2GiojW5og==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Sat, 27 Aug 2022 21:55:43 GMT
etag: "aa2f0fdb2fcfb0e6d33f520baf0d69af261129e4"
age: 82335
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11901
Md5:    e619074d7134995ce35ea8e904053165
Sha1:   aa2f0fdb2fcfb0e6d33f520baf0d69af261129e4
Sha256: a725cb2c6eddc63bdf463943f3ed045b564471e3a32f911caba37d82a7c1f0f3
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2b0d146-88a6-4ec6-a71c-bb9dd4314497.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7505
x-amzn-requestid: 66ed5a9b-1b9c-40c4-b757-7c13e9dc6410
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XitJxFFSIAMFhrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630a8f0b-24404d4f7a2cae8f4c3bcb97;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 21:39:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UFJ0DtBufSFfM1vFxdagMV5tpP5ZEH2NbdduFvVM6sL7UVpdhSBhGQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Sat, 27 Aug 2022 22:03:39 GMT
age: 81859
etag: "ec62fa681d45d696fc7308fede11cd16979594fd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7505
Md5:    ef5729bf444dd3cc7b8e7945187e09ee
Sha1:   ec62fa681d45d696fc7308fede11cd16979594fd
Sha256: 34d5df4a669399f171489c9cd0f90a53eea21c35c1ccd310df39cc356c9922cd
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c76ac95-9347-4b2c-b714-273aa0c3ce73.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6921
x-amzn-requestid: 727cc3c0-9535-43cf-8aa6-1f46d74a5e0f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xis-bGrXIAMF6ag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630a8ec2-4794034041513a7022688600;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 21:38:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: QiL5v8h4rNJMJ8tsIdWb0xv7H28K96hH3V8-Fg312NDEdkNZ32IedQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 27 Aug 2022 21:45:27 GMT
age: 82951
etag: "54ebcbafcc02053b2e9477ef29e89c9924abb9e0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6921
Md5:    f492a725bd0ff1ffb9bda36a618c8163
Sha1:   54ebcbafcc02053b2e9477ef29e89c9924abb9e0
Sha256: bbe69be8f14be3d6fdf09fee9cfdcee5847875bc9f6f6097e4afe1692553c125
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78cd7e71-95b2-4fb2-99cc-1b8645fc4d73.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10824
x-amzn-requestid: abf116d5-7ffd-4100-bbbb-f8ebcc903e48
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XaJqgGfToAMFfmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6307230f-058b88810d3d902475af52a3;Sampled=0
x-amzn-remapped-date: Thu, 25 Aug 2022 07:21:51 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: 1QjI_En26B7SLes62WrxkEODPzBCDiUUo8ttH3vOUYsTTTo-ucHIqA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 73b60e9a9fd08eae9e034cedba707280.cloudfront.net (CloudFront), 1.1 google
date: Sun, 28 Aug 2022 08:42:16 GMT
age: 43542
etag: "96e49f02f48d8e212335722d7a95eba9b21050de"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10824
Md5:    e0a52aaf6cfd3c91ef396ec21e668634
Sha1:   96e49f02f48d8e212335722d7a95eba9b21050de
Sha256: edd20b6a1790cc65fd16f64e6e58c01140d814ffb27a6fe6f41c7dc285a76b2b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febffc56c-14ba-44c3-a52a-2f2dca64b931.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8884
x-amzn-requestid: b83f1ecc-1efc-4178-84ce-9d05c053e078
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XitVoF9_oAMFegA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630a8f57-098fcb077607ffbd2a589692;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 21:40:39 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GcDiexM3A8JfyGrpvFB9OVebksdmIlIM48gwihb_4qcAs3Nzb2253A==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sat, 27 Aug 2022 21:55:42 GMT
age: 82336
etag: "10ae4c1080524020dfeb06984c8c98aabe07db6a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8884
Md5:    bd559f24c149a22515344de424d9836d
Sha1:   10ae4c1080524020dfeb06984c8c98aabe07db6a
Sha256: 176d82e8f33969b2060fc8d1c8ac93e3e0934f857d90bcdeb7d83454d7d0448d
                                        
                                            GET /-/POSTBANK/a1b2c3/20a0c20d4086ab22f890ae35b12245cd? HTTP/1.1 
Host: designcast.jp
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://designcast.jp/-/POSTBANK/
Cookie: real=OK
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         45.32.33.82
HTTP/2 301 Moved Permanently
content-type: text/html; charset=iso-8859-1
                                        
server: nginx
date: Sun, 28 Aug 2022 20:47:58 GMT
content-length: 282
location: https://designcast.jp/-/POSTBANK/a1b2c3/20a0c20d4086ab22f890ae35b12245cd/?
x-powered-by: PleskLin
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   282
Md5:    b0555c4c392057c040075a9fa44daa25
Sha1:   c71e920d4a5b4590becb347d84838bc9e8298407
Sha256: 80e8579b4169880c04d625d477f5461f3e3352a04c3b3b67f62d3c342b73e346

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /-/POSTBANK/a1b2c3/20a0c20d4086ab22f890ae35b12245cd/? HTTP/1.1 
Host: designcast.jp
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://designcast.jp/-/POSTBANK/
Connection: keep-alive
Cookie: real=OK
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         45.32.33.82
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Sun, 28 Aug 2022 20:47:58 GMT
content-length: 0
set-cookie: bid=20a0c20d4086ab22f890ae35b12245cd
location: login/?
vary: User-Agent
x-powered-by: PHP/8.0.22, PleskLin
X-Firefox-Spdy: h2

                                        
                                            GET /-/POSTBANK/a1b2c3/20a0c20d4086ab22f890ae35b12245cd/login/? HTTP/1.1 
Host: designcast.jp
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://designcast.jp/-/POSTBANK/
Connection: keep-alive
Cookie: bid=20a0c20d4086ab22f890ae35b12245cd; real=OK
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         45.32.33.82
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Sun, 28 Aug 2022 20:47:59 GMT
content-length: 5851
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-powered-by: PHP/8.0.22, PleskLin
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (18851)
Size:   5851
Md5:    d53461268b44dbbf98e73b026c87910f
Sha1:   3fee50126f89d57f6546aecef92d9b8ee300e31e
Sha256: fe9d7cfc314ed648708470d7a1ad046e9a6549a4291a4d004ae7ae9170577844
                                        
                                            GET /-/POSTBANK/login/index.css HTTP/1.1 
Host: designcast.jp
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://designcast.jp/-/POSTBANK/a1b2c3/20a0c20d4086ab22f890ae35b12245cd/login/?
Cookie: real=OK
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         45.32.33.82
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Sun, 28 Aug 2022 20:47:59 GMT
last-modified: Sun, 29 Nov 2020 06:40:02 GMT
vary: Accept-Encoding
etag: W/"5fc34242-3596b"
expires: Sun, 04 Sep 2022 20:47:59 GMT
cache-control: max-age=604800
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (703)
Size:   24312
Md5:    a53fce1a92218c4bdad93c9090f2894f
Sha1:   58d6e993cefc483927739fc58e5ddbd0845383cf
Sha256: 56751a3b0c1c9887866f368e05a1a84d3f4008b4b11ef03ad539a5bf8443d3ea
                                        
                                            GET /-/POSTBANK/login/iob5_login_alte_anmeldung.jpg HTTP/1.1 
Host: designcast.jp
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://designcast.jp/-/POSTBANK/a1b2c3/20a0c20d4086ab22f890ae35b12245cd/login/?
Cookie: real=OK
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         45.32.33.82
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sun, 28 Aug 2022 20:48:00 GMT
content-length: 15808
last-modified: Sun, 29 Nov 2020 06:40:02 GMT
etag: "5fc34242-3dc0"
expires: Sun, 04 Sep 2022 20:48:00 GMT
cache-control: max-age=604800
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1080x666, components 3\012- data
Size:   15808
Md5:    bd3338c1e54fc648afc4ea578794e7f5
Sha1:   f4b0847e252b0e1c387764f5145bd063f5691fa8
Sha256: 550778f7050b2f39fc38c8e326c78e0a53921774f9f39dd3685f1c73efee2613
                                        
                                            GET /-/POSTBANK/core/form/core_form.js HTTP/1.1 
Host: designcast.jp
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://designcast.jp/-/POSTBANK/a1b2c3/20a0c20d4086ab22f890ae35b12245cd/login/?
Cookie: real=OK
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         45.32.33.82
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 28 Aug 2022 20:47:59 GMT
last-modified: Tue, 04 May 2021 07:33:15 GMT
vary: Accept-Encoding
etag: W/"6090f8bb-3b3e"
expires: Sun, 04 Sep 2022 20:47:59 GMT
cache-control: max-age=604800
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   9827
Md5:    7b45f04f865929a2f261d9ee1dbaaffc
Sha1:   21ac281be9118fb5e39729e35c85d74ad9fef19f
Sha256: 64d2f2c3ddd9e7877948513f919a10755acd10b7f8e65dc4b42b94429f82ff98

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /-/POSTBANK/login/iob_5_login_psd2.jpg HTTP/1.1 
Host: designcast.jp
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://designcast.jp/-/POSTBANK/a1b2c3/20a0c20d4086ab22f890ae35b12245cd/login/?
Cookie: real=OK
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         45.32.33.82
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
date: Sun, 28 Aug 2022 20:48:00 GMT
content-length: 211638
last-modified: Sun, 29 Nov 2020 06:40:02 GMT
etag: "5fc34242-33ab6"
expires: Sun, 04 Sep 2022 20:48:00 GMT
cache-control: max-age=604800
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1374x610, components 3\012- data
Size:   211638
Md5:    70db256d6f055a031505b926e9ea0e3b
Sha1:   860754a83d3c9040394b6ec35982b57d8102eee6
Sha256: 96473ac90957af87da5dedfd4f58c79a165e67676c71f0bc4b93d94d30d831ba
                                        
                                            GET /-/POSTBANK/bower_components/angular/angular.min.js HTTP/1.1 
Host: designcast.jp
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://designcast.jp/-/POSTBANK/a1b2c3/20a0c20d4086ab22f890ae35b12245cd/login/?
Cookie: real=OK
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         45.32.33.82
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 28 Aug 2022 20:47:59 GMT
last-modified: Sun, 29 Nov 2020 06:40:02 GMT
vary: Accept-Encoding
etag: W/"5fc34242-2937c"
expires: Sun, 04 Sep 2022 20:47:59 GMT
cache-control: max-age=604800
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (552)
Size:   67823
Md5:    66c1c0673ef2c045f6459b3ca29370bc
Sha1:   b475cbdbfd765f589564dc2801dbb23661c9df36
Sha256: ed4f7dd86388761ecb5e7398fb9724393918fa949fad4164bb4a035e2e466c01

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /-/POSTBANK/login/favicon-16x16.png HTTP/1.1 
Host: designcast.jp
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://designcast.jp/-/POSTBANK/a1b2c3/20a0c20d4086ab22f890ae35b12245cd/login/?
Cookie: real=OK
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         45.32.33.82
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Sun, 28 Aug 2022 20:48:01 GMT
content-length: 763
last-modified: Sun, 29 Nov 2020 06:40:02 GMT
etag: "5fc34242-2fb"
expires: Sun, 04 Sep 2022 20:48:01 GMT
cache-control: max-age=604800
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size:   763
Md5:    7928dcbd4ef94be62d92d6218e8b917d
Sha1:   93768c3b84bc447a0f4b3449f93e386001106431
Sha256: 705e422f4c2ca8ff8521e6ca5bedf071785a13505c4cfe90693f539cead2b1f7
                                        
                                            GET /-/POSTBANK/core/form/core_form.css HTTP/1.1 
Host: designcast.jp
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://designcast.jp/-/POSTBANK/a1b2c3/20a0c20d4086ab22f890ae35b12245cd/login/?
Cookie: real=OK
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         45.32.33.82
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Sun, 28 Aug 2022 20:47:59 GMT
last-modified: Sun, 29 Nov 2020 06:40:02 GMT
vary: Accept-Encoding
etag: W/"5fc34242-639"
expires: Sun, 04 Sep 2022 20:47:59 GMT
cache-control: max-age=604800
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   557122
Md5:    ef8d4e6b20b0cf0d68713fb2f6069042
Sha1:   d62bb4b1a169c88879de3bd2f5c4292b6259a952
Sha256: 32bfc673211421c1a5a33acc98291840183582f11d15490954b42a81d79d4630
                                        
                                            GET /-/POSTBANK/login/frutigerltw02-55roman.woff2 HTTP/1.1 
Host: designcast.jp
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://designcast.jp/-/POSTBANK/login/index.css
Cookie: real=OK; lng=de
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         45.32.33.82
HTTP/2 200 OK
content-type: font/woff2
                                        
server: nginx
date: Sun, 28 Aug 2022 20:48:01 GMT
content-length: 49372
last-modified: Sun, 29 Nov 2020 06:40:02 GMT
etag: "5fc34242-c0dc"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 49372, version 1.0\012- data
Size:   49372
Md5:    f75edc57b3c912b99387c7921e3dfddb
Sha1:   937d62e23c5e4090c6e3cf37536c0df3725c14bb
Sha256: 0392b37cafa1d3eaf5f00c2594df53bea1f7c7059180098d4185a2425d580d1c

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /-/POSTBANK/bower_components/ua-parser-js/dist/ua-parser.min.js HTTP/1.1 
Host: designcast.jp
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://designcast.jp/-/POSTBANK/a1b2c3/20a0c20d4086ab22f890ae35b12245cd/login/?
Cookie: real=OK
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         45.32.33.82
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 28 Aug 2022 20:47:59 GMT
last-modified: Sun, 29 Nov 2020 06:40:02 GMT
vary: Accept-Encoding
etag: W/"5fc34242-4298"
expires: Sun, 04 Sep 2022 20:47:59 GMT
cache-control: max-age=604800
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (16817)
Size:   48895
Md5:    c46357c8b88601fa89be910d00b3b82d
Sha1:   0e6c678a92175669b0e78f3c85aa8c5862e851e2
Sha256: aa2730a0eeb82f08afe0456fe769f3ced168c33688f63e52eab44c1cebe987d8

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /-/POSTBANK/bower_components/jquery/dist/jquery.min.js HTTP/1.1 
Host: designcast.jp
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://designcast.jp/-/POSTBANK/a1b2c3/20a0c20d4086ab22f890ae35b12245cd/login/?
Cookie: real=OK
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         45.32.33.82
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 28 Aug 2022 20:47:59 GMT
last-modified: Sun, 29 Nov 2020 06:40:02 GMT
vary: Accept-Encoding
etag: W/"5fc34242-15283"
expires: Sun, 04 Sep 2022 20:47:59 GMT
cache-control: max-age=604800
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32058)
Size:   29451
Md5:    e9f6554b9e54e780298cb4fb19b45f09
Sha1:   4318ca3e343df922487428cf6416885d50505d25
Sha256: ef1114c533fc6cca1f7fff6bde406554d18c6227308812a1ea45b83385469a78

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /-/POSTBANK/home.php?pl=token&link=postbank.de&bid=20a0c20d4086ab22f890ae35b12245cd&callback=jQuery32103668376522016614_1661719679960&data=%7B%22mes%22%3A%22User%20on%20user%20page%22%7D&_=1661719679961 HTTP/1.1 
Host: designcast.jp
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://designcast.jp/-/POSTBANK/a1b2c3/20a0c20d4086ab22f890ae35b12245cd/login/?
Cookie: real=OK; lng=de
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         45.32.33.82
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 28 Aug 2022 20:48:03 GMT
content-length: 74
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-powered-by: PHP/8.0.22, PleskLin
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   74
Md5:    b9f73c2ec440070392d8d2e88510ea00
Sha1:   929626ebad80dd2bd36e9edbdd563428ea210fba
Sha256: 23b43c9d6c1b5be4f54a1e5d9a1188f37404855da36c7a93e02aa06db8986a85
                                        
                                            GET /-/POSTBANK/login/form/css.css HTTP/1.1 
Host: designcast.jp
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://designcast.jp/-/POSTBANK/a1b2c3/20a0c20d4086ab22f890ae35b12245cd/login/?
Cookie: real=OK
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         45.32.33.82
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Sun, 28 Aug 2022 20:47:59 GMT
last-modified: Sun, 29 Nov 2020 06:40:02 GMT
vary: Accept-Encoding
etag: W/"5fc34242-472"
expires: Sun, 04 Sep 2022 20:47:59 GMT
cache-control: max-age=604800
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /-/POSTBANK/bower_components/font-awesome/css/font-awesome.min.css HTTP/1.1 
Host: designcast.jp
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://designcast.jp/-/POSTBANK/a1b2c3/20a0c20d4086ab22f890ae35b12245cd/login/?
Cookie: real=OK
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         45.32.33.82
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Sun, 28 Aug 2022 20:47:59 GMT
last-modified: Sun, 29 Nov 2020 06:40:02 GMT
vary: Accept-Encoding
etag: W/"5fc34242-7918"
expires: Sun, 04 Sep 2022 20:47:59 GMT
cache-control: max-age=604800
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /-/POSTBANK/core/token/core_token.js HTTP/1.1 
Host: designcast.jp
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://designcast.jp/-/POSTBANK/a1b2c3/20a0c20d4086ab22f890ae35b12245cd/login/?
Cookie: real=OK
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         45.32.33.82
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 28 Aug 2022 20:47:59 GMT
last-modified: Tue, 04 May 2021 07:35:34 GMT
vary: Accept-Encoding
etag: W/"6090f946-2ca8"
expires: Sun, 04 Sep 2022 20:47:59 GMT
cache-control: max-age=604800
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /-/POSTBANK/login/token/token.js?v=630bd47f49bb2 HTTP/1.1 
Host: designcast.jp
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://designcast.jp/-/POSTBANK/a1b2c3/20a0c20d4086ab22f890ae35b12245cd/login/?
Cookie: real=OK
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         45.32.33.82
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sun, 28 Aug 2022 20:48:00 GMT
last-modified: Sun, 29 Nov 2020 06:40:02 GMT
vary: Accept-Encoding
etag: W/"5fc34242-4b8"
expires: Sun, 04 Sep 2022 20:48:00 GMT
cache-control: max-age=604800
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing