xrnp.frisuba.online Open in urlscan Pro
188.114.96.3  Malicious Activity! Public Scan

15 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request U010101WAK.do Show response xrnp.frisuba.online/tp1web/	20 KB 6 KB	508ms 402ms	Document text/html	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xrnp.frisuba.online/tp1web/U010101WAK.do? Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a9e239aeb6fc17c47a1006f9d5a656228714c3f2fa98e98a13314d13ad1ac385 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 8815700e1dd7b908-AMS content-encoding br content-type text/html; charset=UTF-8 date Thu, 09 May 2024 23:23:31 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RK7BYqVN%2Fg9merfosYbo9OSWoVGwFH9uX6NVpJsGFqEI6eZmPvu%2FFrnwfj3rqKxw2lCx%2B2FxCc4ecPKHbt1N9gEonHXNuIACS818t3KmklzbQsfeHPlWKqn7s0YKbrKFEJHsTejs"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	dgCAbase.css cache.jp-bank.japanpost.jp/pages/pc/etc/css/	123 KB 16 KB	223ms 51ms	Stylesheet text/css	2.17.147.123 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cache.jp-bank.japanpost.jp/pages/pc/etc/css/dgCAbase.css?rv=24011 Requested by Host: xrnp.frisuba.online URL: https://xrnp.frisuba.online/tp1web/U010101WAK.do? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.147.123 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-147-123.deploy.static.akamaitechnologies.com Software Apache / Resource Hash c5c6e9f818e29d735c4baac7f34fc0721985638da58981f89a0763871a2bab75 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://xrnp.frisuba.online/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 09 May 2024 23:23:32 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 27 Jul 2023 07:09:56 GMT server Apache vary Accept-Encoding content-type text/css cache-control max-age=39258 accept-ranges bytes content-length 16059
GET H2	200	jquery.js Show response cache.jp-bank.japanpost.jp/pages/pc/etc/js/	90 KB 32 KB	295ms 123ms	Script application/javascript	2.17.147.123 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cache.jp-bank.japanpost.jp/pages/pc/etc/js/jquery.js?rv=24011 Requested by Host: xrnp.frisuba.online URL: https://xrnp.frisuba.online/tp1web/U010101WAK.do? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.147.123 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-147-123.deploy.static.akamaitechnologies.com Software Apache / Resource Hash c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://xrnp.frisuba.online/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 09 May 2024 23:23:32 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 12 Mar 2020 07:38:54 GMT server Apache vary Accept-Encoding content-type application/javascript cache-control max-age=45327 accept-ranges bytes content-length 32819
GET H2	200	mjl.js Show response cache.jp-bank.japanpost.jp/pages/pc/etc/js/	37 KB 12 KB	280ms 118ms	Script application/javascript	2.17.147.123 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cache.jp-bank.japanpost.jp/pages/pc/etc/js/mjl.js?rv=24011 Requested by Host: xrnp.frisuba.online URL: https://xrnp.frisuba.online/tp1web/U010101WAK.do? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.147.123 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-147-123.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 4f14fe1d7b13e8e050f89bbb18338c2dd575943cd0f254e52c6fe09401c7ae6f Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://xrnp.frisuba.online/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 09 May 2024 23:23:32 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 12 Mar 2020 07:38:54 GMT server Apache vary Accept-Encoding content-type application/javascript cache-control max-age=212595 accept-ranges bytes content-length 11999
GET H2	200	run.js Show response cache.jp-bank.japanpost.jp/pages/pc/etc/js/	71 KB 71 KB	220ms 58ms	Script application/javascript	2.17.147.123 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cache.jp-bank.japanpost.jp/pages/pc/etc/js/run.js?rv=24011 Requested by Host: xrnp.frisuba.online URL: https://xrnp.frisuba.online/tp1web/U010101WAK.do? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.147.123 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-147-123.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 21be32e3ebd437693ade8147db49917d4b94b3584f00f85a829a477cc81325cb Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://xrnp.frisuba.online/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 09 May 2024 23:23:32 GMT strict-transport-security max-age=31536000 last-modified Wed, 09 Mar 2022 05:08:02 GMT server Apache content-type application/javascript cache-control max-age=39303 accept-ranges bytes content-length 72475
GET H2	200	dgbaRequestControllerP02.js Show response cache.jp-bank.japanpost.jp/pages/pc/etc/js/	38 KB 9 KB	276ms 115ms	Script application/javascript	2.17.147.123 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://cache.jp-bank.japanpost.jp/pages/pc/etc/js/dgbaRequestControllerP02.js?rv=24011 Requested by Host: xrnp.frisuba.online URL: https://xrnp.frisuba.online/tp1web/U010101WAK.do? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.147.123 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-147-123.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 4d889649c218bde85ab1af95f9779b5cad73578d0033b85027018f4b41c4d647 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://xrnp.frisuba.online/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 09 May 2024 23:23:32 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Mon, 27 Jul 2020 05:33:00 GMT server Apache vary Accept-Encoding content-type application/javascript cache-control max-age=113457 accept-ranges bytes content-length 8932
GET H2	200	HcFwEhqexk.js Show response directcss.jp-bank.japanpost.jp/js/	18 KB 18 KB	1058ms 511ms	Script application/javascript	54.168.155.230 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://directcss.jp-bank.japanpost.jp/js/HcFwEhqexk.js Requested by Host: xrnp.frisuba.online URL: https://xrnp.frisuba.online/tp1web/U010101WAK.do? Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.168.155.230 Tokyo, Japan, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-168-155-230.ap-northeast-1.compute.amazonaws.com Software / Resource Hash 3b1b8ae5fb7088f0304761abcd882cc48647c1d2b68c0b14c122eea3f26de20d Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options ALLOWALL Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://xrnp.frisuba.online/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 09 May 2024 23:23:32 GMT x-content-type-options nosniff etag W/"LGvmOm41_sh" x-frame-options ALLOWALL access-control-allow-methods GET, POST content-type application/javascript;charset=utf-8 access-control-allow-origin * cache-control private, max-age=157680000 access-control-allow-headers X-Requested-With, Content-Type, x-phishwall-guid, x-phishwall-client, x-phishwall-version content-length 18396
GET H2	200	DFCAheaderLogo01.gif cache.jp-bank.japanpost.jp/pages/pc/etc/img/structure/	3 KB 4 KB	295ms 135ms	Image image/gif	2.17.147.123 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cache.jp-bank.japanpost.jp/pages/pc/etc/img/structure/DFCAheaderLogo01.gif Requested by Host: xrnp.frisuba.online URL: https://xrnp.frisuba.online/tp1web/U010101WAK.do? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.147.123 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-147-123.deploy.static.akamaitechnologies.com Software Apache / Resource Hash f2685585dd8c05dea3cf28ebaeb6e66eab278e8bb1456079c2a929aa270ff471 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://xrnp.frisuba.online/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 09 May 2024 23:23:32 GMT strict-transport-security max-age=31536000 last-modified Thu, 12 Mar 2020 07:38:54 GMT server Apache content-type image/gif cache-control max-age=212593 accept-ranges bytes content-length 3489
GET H2	200	DFCAheaderLogo02.gif cache.jp-bank.japanpost.jp/pages/pc/etc/img/structure/	3 KB 3 KB	77ms 77ms	Image image/gif	2.17.147.123 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cache.jp-bank.japanpost.jp/pages/pc/etc/img/structure/DFCAheaderLogo02.gif Requested by Host: xrnp.frisuba.online URL: https://xrnp.frisuba.online/tp1web/U010101WAK.do? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.147.123 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-147-123.deploy.static.akamaitechnologies.com Software Apache / Resource Hash a2ef74aa8f30b83294857131aaa7be38c76902cb6a553315ffeb11b26399f0b1 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://xrnp.frisuba.online/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 09 May 2024 23:23:32 GMT strict-transport-security max-age=31536000 last-modified Thu, 12 Mar 2020 07:38:54 GMT server Apache content-type image/gif cache-control max-age=50089 accept-ranges bytes content-length 2563
GET H2	200	phishingmail.png cache.jp-bank.japanpost.jp/pages/cmsimage/4/files/Image/	49 KB 49 KB	41ms 41ms	Image image/png	2.17.147.123 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cache.jp-bank.japanpost.jp/pages/cmsimage/4/files/Image/phishingmail.png Requested by Host: xrnp.frisuba.online URL: https://xrnp.frisuba.online/tp1web/U010101WAK.do? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.147.123 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-147-123.deploy.static.akamaitechnologies.com Software Apache / Resource Hash bdd8000d37fa4698590e721db10f65f8a2d435cded92f56323fd9e354bf17619 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://xrnp.frisuba.online/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 09 May 2024 23:23:32 GMT strict-transport-security max-age=31536000 last-modified Thu, 01 Oct 2020 14:38:16 GMT server Apache content-type image/png cache-control max-age=452120 accept-ranges bytes content-length 50256
GET H2	200	btn_menu_direct.gif cache.jp-bank.japanpost.jp/pages/cmsimage/4/files/Image/	12 KB 12 KB	52ms 49ms	Image image/gif	2.17.147.123 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cache.jp-bank.japanpost.jp/pages/cmsimage/4/files/Image/btn_menu_direct.gif Requested by Host: xrnp.frisuba.online URL: https://xrnp.frisuba.online/tp1web/U010101WAK.do? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.147.123 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-147-123.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 473fdd6dc5410d86bb29d2d5b778544d743019f8566ac2d0aede41af2c0e41c6 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://xrnp.frisuba.online/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 09 May 2024 23:23:32 GMT strict-transport-security max-age=31536000 last-modified Thu, 01 Oct 2020 14:38:16 GMT server Apache content-type image/gif cache-control max-age=58370 accept-ranges bytes content-length 12001
GET H2	200	FAQlink.png cache.jp-bank.japanpost.jp/pages/cmsimage/4/files/Image/	15 KB 16 KB	65ms 61ms	Image image/png	2.17.147.123 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cache.jp-bank.japanpost.jp/pages/cmsimage/4/files/Image/FAQlink.png Requested by Host: xrnp.frisuba.online URL: https://xrnp.frisuba.online/tp1web/U010101WAK.do? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.147.123 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-147-123.deploy.static.akamaitechnologies.com Software Apache / Resource Hash c1968701cdc45bfd81fafee99e9123fa2a5a00ef2e2427fc8b0a034aaf14c198 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://xrnp.frisuba.online/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 09 May 2024 23:23:32 GMT strict-transport-security max-age=31536000 last-modified Thu, 01 Oct 2020 14:38:16 GMT server Apache content-type image/png cache-control max-age=510378 accept-ranges bytes content-length 15799
GET H2	200	DFCAimgTel01.gif cache.jp-bank.japanpost.jp/pages/pc/etc/img/modules/	4 KB 4 KB	50ms 47ms	Image image/gif	2.17.147.123 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cache.jp-bank.japanpost.jp/pages/pc/etc/img/modules/DFCAimgTel01.gif Requested by Host: xrnp.frisuba.online URL: https://xrnp.frisuba.online/tp1web/U010101WAK.do? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.147.123 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-147-123.deploy.static.akamaitechnologies.com Software Apache / Resource Hash d8710c6feedd499a1e3967ee66dcde515486c538856e7a00d26481a918769e70 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://xrnp.frisuba.online/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 09 May 2024 23:23:32 GMT strict-transport-security max-age=31536000 last-modified Mon, 27 Jul 2020 05:33:00 GMT server Apache content-type image/gif cache-control max-age=45931 accept-ranges bytes content-length 3675
GET H2	200	aes.js Show response directacct.jp-bank.japanpost.jp/js/	13 KB 13 KB	1004ms 247ms	Script application/javascript	13.114.192.229 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://directacct.jp-bank.japanpost.jp/js/aes.js Requested by Host: xrnp.frisuba.online URL: https://xrnp.frisuba.online/tp1web/U010101WAK.do? Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.114.192.229 Tokyo, Japan, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-114-192-229.ap-northeast-1.compute.amazonaws.com Software / Resource Hash fc7e184beeda61bf6427938a84560f52348976bb55e807b224eb53930e97ef6a Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://xrnp.frisuba.online/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 09 May 2024 23:23:33 GMT accept-ranges bytes etag "6322fc31-3430" content-length 13360 content-type application/javascript
GET H2	200	load.js Show response directacct.jp-bank.japanpost.jp/js/	18 KB 18 KB	1201ms 496ms	Script application/javascript	13.114.192.229 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://directacct.jp-bank.japanpost.jp/js/load.js Requested by Host: xrnp.frisuba.online URL: https://xrnp.frisuba.online/tp1web/U010101WAK.do? Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.114.192.229 Tokyo, Japan, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-114-192-229.ap-northeast-1.compute.amazonaws.com Software / Resource Hash 6b001e4065ea23b49f6612349ddb98e15af867ef6a7d257dc7e8e93e738971e4 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options ALLOWALL Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://xrnp.frisuba.online/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 09 May 2024 23:23:33 GMT x-content-type-options nosniff etag W/"0cbf4db8bad7a15f5db7d131ca1a4f2a" x-frame-options ALLOWALL access-control-allow-methods GET, POST content-type application/javascript;charset=utf-8 access-control-allow-origin * access-control-allow-headers X-Requested-With, Content-Type, x-phishwall-guid, x-phishwall-client, x-phishwall-version content-length 18397
GET H2	200	dl.js Show response directacct.jp-bank.japanpost.jp/js/	603 B 877 B	542ms 497ms	Script application/javascript	13.114.192.229 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://directacct.jp-bank.japanpost.jp/js/dl.js Requested by Host: xrnp.frisuba.online URL: https://xrnp.frisuba.online/tp1web/U010101WAK.do? Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.114.192.229 Tokyo, Japan, ASN16509 (AMAZON-02, US), Reverse DNS ec2-13-114-192-229.ap-northeast-1.compute.amazonaws.com Software / Resource Hash 8aaee76b24b99d4b8ba81846b8533f773dd43f357bb18aeeb50aac43eb58aa0f Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options ALLOWALL Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://xrnp.frisuba.online/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 09 May 2024 23:23:33 GMT x-content-type-options nosniff x-frame-options ALLOWALL access-control-allow-methods GET, POST content-type application/javascript;charset=utf-8 access-control-allow-origin * access-control-allow-headers X-Requested-With, Content-Type, x-phishwall-guid, x-phishwall-client, x-phishwall-version content-length 603
GET H2	200	DFCAfooterLogo01.gif cache.jp-bank.japanpost.jp/pages/pc/etc/img/structure/	2 KB 2 KB	67ms 63ms	Image image/gif	2.17.147.123 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cache.jp-bank.japanpost.jp/pages/pc/etc/img/structure/DFCAfooterLogo01.gif Requested by Host: xrnp.frisuba.online URL: https://xrnp.frisuba.online/tp1web/U010101WAK.do? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.147.123 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-147-123.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 6060e7b5a404985db41646a116c8a28af727efc49ca93a9044bd710de5eb9e90 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://xrnp.frisuba.online/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 09 May 2024 23:23:32 GMT strict-transport-security max-age=31536000 last-modified Thu, 12 Mar 2020 07:38:54 GMT server Apache content-type image/gif cache-control max-age=514813 accept-ranges bytes content-length 2052
GET H2	200	dgCApwc.js Show response directcss.jp-bank.japanpost.jp/js/	554 B 828 B	261ms 256ms	Script application/javascript	54.168.155.230 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://directcss.jp-bank.japanpost.jp/js/dgCApwc.js Requested by Host: xrnp.frisuba.online URL: https://xrnp.frisuba.online/tp1web/U010101WAK.do? Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.168.155.230 Tokyo, Japan, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-168-155-230.ap-northeast-1.compute.amazonaws.com Software / Resource Hash f7f8bf95182da264496d0ae691a6ffc2dd0d18d6f8ef941aaec0768dd3a5c7c0 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options ALLOWALL Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://xrnp.frisuba.online/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 09 May 2024 23:23:33 GMT x-content-type-options nosniff x-frame-options ALLOWALL access-control-allow-methods GET, POST content-type application/javascript;charset=utf-8 access-control-allow-origin * access-control-allow-headers X-Requested-With, Content-Type, x-phishwall-guid, x-phishwall-client, x-phishwall-version content-length 554
GET H2	200	ig.json Show response directss.jp-bank.japanpost.jp/	79 B 189 B	812ms 253ms	Script application/javascript	18.182.196.200 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://directss.jp-bank.japanpost.jp/ig.json Requested by Host: xrnp.frisuba.online URL: https://xrnp.frisuba.online/tp1web/U010101WAK.do? Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.182.196.200 Tokyo, Japan, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-182-196-200.ap-northeast-1.compute.amazonaws.com Software / Resource Hash 5ff47765449c3719b1523f2e2a4c289b14fbb50a3a26fd161ba2e2190991abb6 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://xrnp.frisuba.online/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 09 May 2024 23:23:33 GMT x-content-type-options nosniff content-length 79 content-type application/javascript;charset=utf-8
GET H2	200	DFCAiconArrow07.gif cache.jp-bank.japanpost.jp/pages/pc/etc/img/modules/	1 KB 1 KB	66ms 64ms	Image image/gif	2.17.147.123 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cache.jp-bank.japanpost.jp/pages/pc/etc/img/modules/DFCAiconArrow07.gif Requested by Host: cache.jp-bank.japanpost.jp URL: https://cache.jp-bank.japanpost.jp/pages/pc/etc/css/dgCAbase.css?rv=24011 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.147.123 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-147-123.deploy.static.akamaitechnologies.com Software Apache / Resource Hash a477076461d61c5b2c561d6affbea42b4e7554a255b847c9e44d4ff34b4f62fd Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://cache.jp-bank.japanpost.jp/pages/pc/etc/css/dgCAbase.css?rv=24011 Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 09 May 2024 23:23:32 GMT strict-transport-security max-age=31536000 last-modified Thu, 12 Mar 2020 07:38:54 GMT server Apache content-type image/gif cache-control max-age=514804 accept-ranges bytes content-length 1193
GET H2	200	DFCAiconArrow02.gif cache.jp-bank.japanpost.jp/pages/pc/etc/img/modules/	1 KB 1 KB	66ms 65ms	Image image/gif	2.17.147.123 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cache.jp-bank.japanpost.jp/pages/pc/etc/img/modules/DFCAiconArrow02.gif Requested by Host: cache.jp-bank.japanpost.jp URL: https://cache.jp-bank.japanpost.jp/pages/pc/etc/css/dgCAbase.css?rv=24011 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.147.123 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-147-123.deploy.static.akamaitechnologies.com Software Apache / Resource Hash d15f46a0d7e9532ce64f54d9eb7688e7c0ae6be961d57d4cbe3394c90fc5ed94 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://cache.jp-bank.japanpost.jp/pages/pc/etc/css/dgCAbase.css?rv=24011 Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 09 May 2024 23:23:32 GMT strict-transport-security max-age=31536000 last-modified Thu, 12 Mar 2020 07:38:54 GMT server Apache content-type image/gif cache-control max-age=149102 accept-ranges bytes content-length 1181
GET H2	200	DFCAiconArrow04.gif cache.jp-bank.japanpost.jp/pages/pc/etc/img/modules/	1 KB 1 KB	63ms 60ms	Image image/gif	2.17.147.123 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cache.jp-bank.japanpost.jp/pages/pc/etc/img/modules/DFCAiconArrow04.gif Requested by Host: cache.jp-bank.japanpost.jp URL: https://cache.jp-bank.japanpost.jp/pages/pc/etc/css/dgCAbase.css?rv=24011 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.147.123 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-147-123.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 6633a0dfe38f8b851462327a3a5084be43ef3aa7d091e8fa365b1a6ac0083d12 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://cache.jp-bank.japanpost.jp/pages/pc/etc/css/dgCAbase.css?rv=24011 Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 09 May 2024 23:23:32 GMT strict-transport-security max-age=31536000 last-modified Thu, 12 Mar 2020 07:38:54 GMT server Apache content-type image/gif cache-control max-age=78949 accept-ranges bytes content-length 1197
GET H2	200	DFCAiconArrow04L.gif cache.jp-bank.japanpost.jp/pages/pc/etc/img/modules/	1 KB 1 KB	63ms 61ms	Image image/gif	2.17.147.123 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cache.jp-bank.japanpost.jp/pages/pc/etc/img/modules/DFCAiconArrow04L.gif Requested by Host: cache.jp-bank.japanpost.jp URL: https://cache.jp-bank.japanpost.jp/pages/pc/etc/css/dgCAbase.css?rv=24011 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.147.123 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-147-123.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 8c79231392942d162c1775ea71a394530897d95607770c6f80c5c2544b7d66d1 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://cache.jp-bank.japanpost.jp/pages/pc/etc/css/dgCAbase.css?rv=24011 Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 09 May 2024 23:23:32 GMT strict-transport-security max-age=31536000 last-modified Thu, 12 Mar 2020 07:38:54 GMT server Apache content-type image/gif cache-control max-age=88644 accept-ranges bytes content-length 1193
GET H2	200	DFCAiconBullet01.gif cache.jp-bank.japanpost.jp/pages/pc/etc/img/modules/	1 KB 1 KB	63ms 62ms	Image image/gif	2.17.147.123 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cache.jp-bank.japanpost.jp/pages/pc/etc/img/modules/DFCAiconBullet01.gif Requested by Host: cache.jp-bank.japanpost.jp URL: https://cache.jp-bank.japanpost.jp/pages/pc/etc/css/dgCAbase.css?rv=24011 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.147.123 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-147-123.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 49a955deefb073a61a2256ba50ee27aa60ecc531bf7dd94bffce6d077b264175 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://cache.jp-bank.japanpost.jp/pages/pc/etc/css/dgCAbase.css?rv=24011 Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 09 May 2024 23:23:32 GMT strict-transport-security max-age=31536000 last-modified Thu, 12 Mar 2020 07:38:54 GMT server Apache content-type image/gif cache-control max-age=81348 accept-ranges bytes content-length 1181
GET H2	200	DFCAiconArrow03T.gif cache.jp-bank.japanpost.jp/pages/pc/etc/img/modules/	1 KB 1 KB	63ms 62ms	Image image/gif	2.17.147.123 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cache.jp-bank.japanpost.jp/pages/pc/etc/img/modules/DFCAiconArrow03T.gif Requested by Host: cache.jp-bank.japanpost.jp URL: https://cache.jp-bank.japanpost.jp/pages/pc/etc/css/dgCAbase.css?rv=24011 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.147.123 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-147-123.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 3ff7d4cc230bbdd9c3937309a74716d1fcbd6e932e6b8c25ac767e7944686828 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://cache.jp-bank.japanpost.jp/pages/pc/etc/css/dgCAbase.css?rv=24011 Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 09 May 2024 23:23:32 GMT strict-transport-security max-age=31536000 last-modified Thu, 12 Mar 2020 07:38:54 GMT server Apache content-type image/gif cache-control max-age=249682 accept-ranges bytes content-length 1371
GET H2	200	chrome.png Show response directcss.jp-bank.japanpost.jp/js/	3 B 275 B	257ms 257ms	Script application/javascript	54.168.155.230 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://directcss.jp-bank.japanpost.jp/js/chrome.png Requested by Host: xrnp.frisuba.online URL: https://xrnp.frisuba.online/tp1web/U010101WAK.do? Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.168.155.230 Tokyo, Japan, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-168-155-230.ap-northeast-1.compute.amazonaws.com Software / Resource Hash 732c4e9711639ed1436dd90d3951ca347d737084fc0cea250eed823bef07d0f1 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options ALLOWALL Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://xrnp.frisuba.online/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 09 May 2024 23:23:33 GMT x-content-type-options nosniff x-frame-options ALLOWALL access-control-allow-methods GET, POST content-type application/javascript;charset=utf-8 access-control-allow-origin * access-control-allow-headers X-Requested-With, Content-Type, x-phishwall-guid, x-phishwall-client, x-phishwall-version content-length 3
GET H2	200	DFCAiconBlank01.gif cache.jp-bank.japanpost.jp/pages/pc/etc/img/modules/	1 KB 1 KB	51ms 51ms	Image image/gif	2.17.147.123 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cache.jp-bank.japanpost.jp/pages/pc/etc/img/modules/DFCAiconBlank01.gif Requested by Host: xrnp.frisuba.online URL: https://xrnp.frisuba.online/tp1web/U010101WAK.do? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.147.123 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-147-123.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 85fa3146e5b7d274791cdb45992abb155b92ec78e2449360ef665c02acfdd029 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://xrnp.frisuba.online/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 09 May 2024 23:23:33 GMT strict-transport-security max-age=31536000 last-modified Thu, 12 Mar 2020 07:38:54 GMT server Apache content-type image/gif cache-control max-age=61427 accept-ranges bytes content-length 1243
GET H2	200	r.js Show response directss.jp-bank.japanpost.jp/js/	32 KB 32 KB	1017ms 510ms	XHR application/javascript	18.182.196.200 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://directss.jp-bank.japanpost.jp/js/r.js?ver=21&rev=51020241 Requested by Host: xrnp.frisuba.online URL: https://xrnp.frisuba.online/tp1web/U010101WAK.do? Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.182.196.200 Tokyo, Japan, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-182-196-200.ap-northeast-1.compute.amazonaws.com Software / Resource Hash 8df829b70c38ead2863f846ea4b3cf8c0664a91a0bd23b8eb03fee3a021d26d5 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options ALLOWALL Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://xrnp.frisuba.online/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 09 May 2024 23:23:34 GMT x-content-type-options nosniff x-frame-options ALLOWALL access-control-allow-methods GET, POST content-type application/javascript;charset=utf-8 access-control-allow-origin * cache-control private, max-age=3600 access-control-allow-headers X-Requested-With, Content-Type, x-phishwall-guid, x-phishwall-client, x-phishwall-version content-length 32699
GET H3	200	favicon.ico xrnp.frisuba.online/	4 KB 2 KB	431ms 429ms	Other text/html	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xrnp.frisuba.online/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 92b1ee7ccd603b3521f475711fe36a6326b86dddbdda73a907239b7fc815bc9b Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://xrnp.frisuba.online/tp1web/U010101WAK.do? Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 09 May 2024 23:23:34 GMT content-encoding br cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q3rLG%2FGq6LYk2MVnYLnbNUarCkegSaJsulYYVL46Tfm1zburM3LpHGkMINWLSI9dq2Qg84Z%2F%2BM%2BeRcE2AKQniRlY%2FZOHFR9UbK0WebhOiHFK1GOk%2Br0xE3BStTiwCqye%2FQJohOy7"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate cf-ray 88157020799fb908-AMS alt-svc h3=":443"; ma=86400 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	r.js Show response directss.jp-bank.japanpost.jp/js/	31 KB 31 KB	505ms 503ms	Script application/javascript	18.182.196.200 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://directss.jp-bank.japanpost.jp/js/r.js?rev=51020241 Requested by Host: xrnp.frisuba.online URL: https://xrnp.frisuba.online/tp1web/U010101WAK.do? Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.182.196.200 Tokyo, Japan, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-182-196-200.ap-northeast-1.compute.amazonaws.com Software / Resource Hash cdef2d509ecd24a286429284674a175d1cf4d4d76ea0256b899a5359dc68bcb3 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options ALLOWALL Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://xrnp.frisuba.online/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 09 May 2024 23:23:34 GMT x-content-type-options nosniff x-frame-options ALLOWALL access-control-allow-methods GET, POST content-type application/javascript;charset=utf-8 access-control-allow-origin * cache-control private, max-age=3600 access-control-allow-headers X-Requested-With, Content-Type, x-phishwall-guid, x-phishwall-client, x-phishwall-version content-length 31642
OPTIONS H2	200	d directss.jp-bank.japanpost.jp/	0 0	256ms 256ms	Preflight application/javascript	18.182.196.200 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://directss.jp-bank.japanpost.jp/d Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.182.196.200 Tokyo, Japan, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-182-196-200.ap-northeast-1.compute.amazonaws.com Software / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options ALLOWALL Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://xrnp.frisuba.online Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers access-control-allow-headers X-Requested-With, Content-Type, x-phishwall-guid, x-phishwall-client, x-phishwall-version access-control-allow-methods GET, POST access-control-allow-origin * content-length 0 content-type application/javascript;charset=utf-8 date Thu, 09 May 2024 23:23:34 GMT x-content-type-options nosniff x-frame-options ALLOWALL
POST H2	200	d Show response directss.jp-bank.japanpost.jp/	512 B 786 B	282ms 282ms	XHR application/javascript	18.182.196.200 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://directss.jp-bank.japanpost.jp/d Requested by Host: xrnp.frisuba.online URL: https://xrnp.frisuba.online/tp1web/U010101WAK.do? Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.182.196.200 Tokyo, Japan, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-182-196-200.ap-northeast-1.compute.amazonaws.com Software / Resource Hash 51e09c2945ce28c9496fd505ea5c1464854cd8d706c425806b23f35d986fb595 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options ALLOWALL Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://xrnp.frisuba.online/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type application/json Response headers date Thu, 09 May 2024 23:23:35 GMT x-content-type-options nosniff x-frame-options ALLOWALL access-control-allow-methods GET, POST content-type application/javascript;charset=utf-8 access-control-allow-origin * access-control-allow-headers X-Requested-With, Content-Type, x-phishwall-guid, x-phishwall-client, x-phishwall-version content-length 512
POST H2	200	u Show response directss.jp-bank.japanpost.jp/	0 254 B	411ms 410ms	XHR application/javascript	18.182.196.200 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://directss.jp-bank.japanpost.jp/u Requested by Host: xrnp.frisuba.online URL: https://xrnp.frisuba.online/tp1web/U010101WAK.do? Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.182.196.200 Tokyo, Japan, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-182-196-200.ap-northeast-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options ALLOWALL Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://xrnp.frisuba.online/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type application/json Response headers date Thu, 09 May 2024 23:23:35 GMT x-content-type-options nosniff x-frame-options ALLOWALL access-control-allow-methods GET, POST content-type application/javascript;charset=utf-8 access-control-allow-origin * access-control-allow-headers X-Requested-With, Content-Type, x-phishwall-guid, x-phishwall-client, x-phishwall-version content-length 0
OPTIONS H2	200	u directss.jp-bank.japanpost.jp/	0 0	256ms 256ms	Preflight application/javascript	18.182.196.200 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://directss.jp-bank.japanpost.jp/u Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.182.196.200 Tokyo, Japan, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-182-196-200.ap-northeast-1.compute.amazonaws.com Software / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options ALLOWALL Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://xrnp.frisuba.online Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers access-control-allow-headers X-Requested-With, Content-Type, x-phishwall-guid, x-phishwall-client, x-phishwall-version access-control-allow-methods GET, POST access-control-allow-origin * content-length 0 content-type application/javascript;charset=utf-8 date Thu, 09 May 2024 23:23:35 GMT x-content-type-options nosniff x-frame-options ALLOWALL

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Japan Post (Transportation)

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| MJL function| jsLaunchFidoApp function| jsLaunchFidoAppLogin function| jsLaunchFidoAppInactive function| jsLaunchFidoAppInactiveOverdraft function| launchFidoApp number| Cmc0gV41_sh function| nd_shtml function| Ah3_sh object| z_sh object| wo_sh boolean| ije_sh boolean| ije9_sh boolean| ije10_sh string| zM_sh function| uw_sh function| ep_sh string| yM_sh function| ct44_shtml object| scpt_sh function| dec_shtml function| Ct44_shtml string| m_shtml function| rr_sh function| nd_sh object| nk_sh string| ua_sh number| pa_sh boolean| mac_sh function| at1_sh function| as_sh boolean| lge_sh undefined| lxE_sh boolean| kon_sh function| fJ_sh boolean| fas_sh boolean| goog_sh boolean| alreadyClicked boolean| isCanceled function| dcRequest string| wid string| hei string| men string| too string| loc string| sta string| res string| scr string| opt function| dcPrintRequest function| dcPrintRequestClose function| dcAbort function| cgfLoadHomepage function| pwc_loadpljs function| pwc_create_loadpljs string| pwc_plugin_jsurl string| gPwcHost function| pwcCall object| spf object| target_paths function| PWCOBJ string| key string| iv object| contents_info function| DC function| LDS function| EXS function| includePageIds object| gPwc_spf_ object| CryptoJS function| sb_loader function| load_accesslog_image object| jQuery191091088723755652 object| $tableDiv object| $SelectSelect number| $SelectChecked object| uri object| plugin string| code number| gPRSeed function| dnre function| lgin object| _ieCie1aeti_ string| gPWDone number| gPRSeed2 function| uuid string| func_str undefined| desc number| bB string| out string| url object| x object| buttons object| button

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.frisuba.online/tp1web/	1970-01-21 06:04:17	Name: JP_GID Value: 5d3042dc-80a9-4c2a-ba89-faa251cb8f5c
			xrnp.frisuba.online/	1969-12-31 23:59:59	Name: PHPSESSID Value: crdf9dse0jtv3hsk5arj553f8e

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cache.jp-bank.japanpost.jp
directacct.jp-bank.japanpost.jp
directcss.jp-bank.japanpost.jp
directss.jp-bank.japanpost.jp
xrnp.frisuba.online
13.114.192.229
18.182.196.200
188.114.96.3
2.17.147.123
54.168.155.230
21be32e3ebd437693ade8147db49917d4b94b3584f00f85a829a477cc81325cb
3b1b8ae5fb7088f0304761abcd882cc48647c1d2b68c0b14c122eea3f26de20d
3ff7d4cc230bbdd9c3937309a74716d1fcbd6e932e6b8c25ac767e7944686828
473fdd6dc5410d86bb29d2d5b778544d743019f8566ac2d0aede41af2c0e41c6
49a955deefb073a61a2256ba50ee27aa60ecc531bf7dd94bffce6d077b264175
4d889649c218bde85ab1af95f9779b5cad73578d0033b85027018f4b41c4d647
4f14fe1d7b13e8e050f89bbb18338c2dd575943cd0f254e52c6fe09401c7ae6f
51e09c2945ce28c9496fd505ea5c1464854cd8d706c425806b23f35d986fb595
5ff47765449c3719b1523f2e2a4c289b14fbb50a3a26fd161ba2e2190991abb6
6060e7b5a404985db41646a116c8a28af727efc49ca93a9044bd710de5eb9e90
6633a0dfe38f8b851462327a3a5084be43ef3aa7d091e8fa365b1a6ac0083d12
6b001e4065ea23b49f6612349ddb98e15af867ef6a7d257dc7e8e93e738971e4
732c4e9711639ed1436dd90d3951ca347d737084fc0cea250eed823bef07d0f1
85fa3146e5b7d274791cdb45992abb155b92ec78e2449360ef665c02acfdd029
8aaee76b24b99d4b8ba81846b8533f773dd43f357bb18aeeb50aac43eb58aa0f
8c79231392942d162c1775ea71a394530897d95607770c6f80c5c2544b7d66d1
8df829b70c38ead2863f846ea4b3cf8c0664a91a0bd23b8eb03fee3a021d26d5
92b1ee7ccd603b3521f475711fe36a6326b86dddbdda73a907239b7fc815bc9b
a2ef74aa8f30b83294857131aaa7be38c76902cb6a553315ffeb11b26399f0b1
a477076461d61c5b2c561d6affbea42b4e7554a255b847c9e44d4ff34b4f62fd
a9e239aeb6fc17c47a1006f9d5a656228714c3f2fa98e98a13314d13ad1ac385
bdd8000d37fa4698590e721db10f65f8a2d435cded92f56323fd9e354bf17619
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c1968701cdc45bfd81fafee99e9123fa2a5a00ef2e2427fc8b0a034aaf14c198
c5c6e9f818e29d735c4baac7f34fc0721985638da58981f89a0763871a2bab75
cdef2d509ecd24a286429284674a175d1cf4d4d76ea0256b899a5359dc68bcb3
d15f46a0d7e9532ce64f54d9eb7688e7c0ae6be961d57d4cbe3394c90fc5ed94
d8710c6feedd499a1e3967ee66dcde515486c538856e7a00d26481a918769e70
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2685585dd8c05dea3cf28ebaeb6e66eab278e8bb1456079c2a929aa270ff471
f7f8bf95182da264496d0ae691a6ffc2dd0d18d6f8ef941aaec0768dd3a5c7c0
fc7e184beeda61bf6427938a84560f52348976bb55e807b224eb53930e97ef6a