Report - marlingandevanltd.co.uk/ll/0850/118/Y2l0aXNAcGFyYW4uY29t

Report Overview

Visitedpublic

2024-08-19 07:26:53

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Sent	Received	IP
r11.o.lencr.org	unknown	1.6 kB	4.4 kB	23.36.77.32
r10.o.lencr.org	unknown	1.3 kB	3.5 kB	23.36.76.226
marlingandevanltd.co.uk	unknown	510 B	218 B	31.192.232.30
leuiton.com	unknown	2.6 kB	8.7 kB	31.192.232.30
o.pki.goog	unknown	1.3 kB	2.8 kB	142.250.74.131
www.google.com	7	882 B	1.6 kB	142.250.74.100
t3.gstatic.com	unknown	2.0 kB	4.1 kB	142.250.74.100
mail.paran.com	unknown	500 B	0 B	0.0.0.0

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (2)

	URL	From	Size	First Seen	Last Seen
	leuiton.com/ebu/edg/?info=citis@paran.com	ScriptElement	0 B	0001-01-01	2025-08-02
URL leuiton.com/ebu/edg/?info=citis@paran.com IP / ASN 31.192.232.30 #44493 Chelyabinsk-Signal LLC Introduced by ScriptElement Embedded true Resource Info First Seen 0001-01-01 Last Seen 2025-08-02 Times Seen 5606067 Size 0 B (0 bytes) MD5 d41d8cd98f00b204e9800998ecf8427e SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709 SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Format Code Loading...

	leuiton.com/ebu/edg/assets/js/index.js	ScriptElement	25 kB	2024-02-29	2025-08-01
URL leuiton.com/ebu/edg/assets/js/index.js IP / ASN 31.192.232.30 #44493 Chelyabinsk-Signal LLC Introduced by ScriptElement Embedded false Resource Info First Seen 2024-02-29 Last Seen 2025-08-01 Times Seen 293 Size 25 kB (24730 bytes) MD5 a4279d8d402beb941895d3e9c18b738d SHA1 6cab01a778966e2d5d1d84659525339d5f70cb88 SHA256 e4f1f89acd4984a38721d43081ffb9b10323f1b2d37ae35c9c92eb69ae109d5d Format Code Loading...

HTTP Transactions (26)

URL IP Response Size

r11.o.lencr.org/

23.36.77.32

504 B

URL

r11.o.lencr.org/

IP / ASN

23.36.77.32

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-08-17

Last Seen2024-08-21

Times Seen36548

Size504 B (504 bytes)

MD5219f59137337a0ee601729cab5ec83f6

SHA185f2e3496820405559fd526b44b9a915e0009a4f

SHA256f9701bf0083b06f4a573774d1a4dd491236216bc08f1006a94ce79144df70a21

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "F9701BF0083B06F4A573774D1A4DD491236216BC08F1006A94CE79144DF70A21"
Last-Modified: Sat, 17 Aug 2024 00:55:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5616
Expires: Mon, 19 Aug 2024 09:00:03 GMT
Date: Mon, 19 Aug 2024 07:26:27 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL

r10.o.lencr.org/

IP / ASN

23.36.76.226

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-08-19

Last Seen2024-08-21

Times Seen14380

Size504 B (504 bytes)

MD5845d79542d05f08c933181b3750ce01b

SHA10220d4237c8891f2c270be589e23d0036c397d62

SHA2564689a75cc3d66fe81d22664238a8bf82f2c96f28f52752eaf39f5d4aee4b3f51

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "4689A75CC3D66FE81D22664238A8BF82F2C96F28F52752EAF39F5D4AEE4B3F51"
Last-Modified: Sun, 18 Aug 2024 18:27:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6324
Expires: Mon, 19 Aug 2024 09:11:51 GMT
Date: Mon, 19 Aug 2024 07:26:27 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL

r10.o.lencr.org/

IP / ASN

23.36.76.226

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-08-17

Last Seen2024-08-21

Times Seen37163

Size504 B (504 bytes)

MD569a9603269726ce602d708bf57058c4c

SHA18689e9ea81ea9636e7b08c3ed42650553a0c4e3b

SHA2561a2339d740b715f3df1900d80114c8376ead57205961a6f896edf37b3ee3a897

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "1A2339D740B715F3DF1900D80114C8376EAD57205961A6F896EDF37B3EE3A897"
Last-Modified: Sat, 17 Aug 2024 09:59:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5615
Expires: Mon, 19 Aug 2024 09:00:02 GMT
Date: Mon, 19 Aug 2024 07:26:27 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL

r10.o.lencr.org/

IP / ASN

23.36.76.226

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-08-18

Last Seen2024-08-21

Times Seen40508

Size504 B (504 bytes)

MD518f75729f3e25e2eb7f12b70dfce3849

SHA1479177b92dda7c4e8763c80a15cbc71c3386d06c

SHA2560b7da2da1fcba23c5118479e14828f87a605a32af15d0962f216115a9ff1d02a

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "0B7DA2DA1FCBA23C5118479E14828F87A605A32AF15D0962F216115A9FF1D02A"
Last-Modified: Sun, 18 Aug 2024 15:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2466
Expires: Mon, 19 Aug 2024 08:07:33 GMT
Date: Mon, 19 Aug 2024 07:26:27 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.77.32

504 B

URL

r11.o.lencr.org/

IP / ASN

23.36.77.32

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-08-19

Last Seen2024-08-19

Times Seen2

Size504 B (504 bytes)

MD5a1068c83338ecfb05f85cdf38d1b04dc

SHA1589ec02eb0a7b33e03340617782e17ce1573e655

SHA25669812f5d1aa7ecbbbd6145b196735057f7ca63beeaef3ff43aa12541f02fcac5

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "69812F5D1AA7ECBBBD6145B196735057F7CA63BEEAEF3FF43AA12541F02FCAC5"
Last-Modified: Sun, 18 Aug 2024 23:04:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17827
Expires: Mon, 19 Aug 2024 12:23:35 GMT
Date: Mon, 19 Aug 2024 07:26:28 GMT
Connection: keep-alive

marlingandevanltd.co.uk/ll/0850/118/Y2l0aXNAcGFyYW4uY29t

31.192.232.30

0 B

URL

marlingandevanltd.co.uk/ll/0850/118/Y2l0aXNAcGFyYW4uY29t

IP / ASN

31.192.232.30

#44493 Chelyabinsk-Signal LLC

Requested byN/A

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-02

Times Seen5606067

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /ll/0850/118/Y2l0aXNAcGFyYW4uY29t HTTP/1.1
Host: marlingandevanltd.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Aug 2024 07:26:28 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
refresh: 0;url=https://leuiton.com/ebu/edg/?info=citis@paran.com

r10.o.lencr.org/

23.36.76.226

504 B

URL

r10.o.lencr.org/

IP / ASN

23.36.76.226

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-08-19

Last Seen2024-08-19

Times Seen2

Size504 B (504 bytes)

MD5026cfedb3972fd0a8f6b8ea03dc145bc

SHA1440a7d9757356432bce1ffffe11e3370c9174b9f

SHA25631dbecd4cbc7f39ed1ff633400799128c752aed70aa7bf7a784bac8edc525381

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "31DBECD4CBC7F39ED1FF633400799128C752AED70AA7BF7A784BAC8EDC525381"
Last-Modified: Mon, 19 Aug 2024 01:47:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 19 Aug 2024 13:26:29 GMT
Date: Mon, 19 Aug 2024 07:26:29 GMT
Connection: keep-alive

GET leuiton.com/ebu/edg/?info=citis@paran.com

31.192.232.30

200 OK

682 B

URL

leuiton.com/ebu/edg/?info=citis@paran.com

IP / ASN

31.192.232.30

#44493 Chelyabinsk-Signal LLC

Requested byN/A

Resource Info

File typeHTML document, ASCII text, with very long lines (475)

First Seen2024-02-29

Last Seen2025-08-01

Times Seen193

Size682 B (682 bytes)

MD5247e8f3c18fdb021661afa17a4fea102

SHA184b25bd876a25f9c26d0c246b873a45d809148bb

SHA2562737879b7b4b28e45e809b1d2817d2bf10795f33e5b70c167fbb67336f4111ab

Certificate Info

IssuerLet's Encrypt

Subjectleuiton.com

Fingerprint44:5F:08:C7:8B:D9:94:35:E3:A9:56:F2:49:E1:0D:80:FA:88:07:24

ValidityMon, 19 Aug 2024 00:46:41 GMT - Sun, 17 Nov 2024 00:46:40 GMT

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /ebu/edg/?info=citis@paran.com HTTP/1.1
Host: leuiton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Aug 2024 07:26:29 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 682
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

GET leuiton.com/ebu/edg/assets/js/index.js

31.192.232.30

200 OK

4.7 kB

URL

leuiton.com/ebu/edg/assets/js/index.js

IP / ASN

31.192.232.30

#44493 Chelyabinsk-Signal LLC

Requested byhttps://leuiton.com/ebu/edg/?info=citis@paran.com

Resource Info

File typeASCII text, with very long lines (14329), with CRLF line terminators

First Seen2024-02-29

Last Seen2025-08-01

Times Seen293

Size4.7 kB (4688 bytes)

MD5a4279d8d402beb941895d3e9c18b738d

SHA16cab01a778966e2d5d1d84659525339d5f70cb88

SHA256e4f1f89acd4984a38721d43081ffb9b10323f1b2d37ae35c9c92eb69ae109d5d

Certificate Info

IssuerLet's Encrypt

Subjectleuiton.com

Fingerprint44:5F:08:C7:8B:D9:94:35:E3:A9:56:F2:49:E1:0D:80:FA:88:07:24

ValidityMon, 19 Aug 2024 00:46:41 GMT - Sun, 17 Nov 2024 00:46:40 GMT

HTTP Headers

GET /ebu/edg/assets/js/index.js HTTP/1.1
Host: leuiton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://leuiton.com/ebu/edg/?info=citis@paran.com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Aug 2024 07:26:29 GMT
Content-Type: application/javascript
Last-Modified: Mon, 19 Aug 2024 04:30:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"66c2ca59-609a"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip

GET leuiton.com/ebu/edg/?info=citis@paran.com

31.192.232.30

200 OK

682 B

URL

leuiton.com/ebu/edg/?info=citis@paran.com

IP / ASN

31.192.232.30

#44493 Chelyabinsk-Signal LLC

Requested byN/A

Resource Info

File typeHTML document, ASCII text, with very long lines (475)

First Seen2024-02-29

Last Seen2025-08-01

Times Seen193

Size682 B (682 bytes)

MD5247e8f3c18fdb021661afa17a4fea102

SHA184b25bd876a25f9c26d0c246b873a45d809148bb

SHA2562737879b7b4b28e45e809b1d2817d2bf10795f33e5b70c167fbb67336f4111ab

Certificate Info

IssuerLet's Encrypt

Subjectleuiton.com

Fingerprint44:5F:08:C7:8B:D9:94:35:E3:A9:56:F2:49:E1:0D:80:FA:88:07:24

ValidityMon, 19 Aug 2024 00:46:41 GMT - Sun, 17 Nov 2024 00:46:40 GMT

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /ebu/edg/?info=citis@paran.com HTTP/1.1
Host: leuiton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://leuiton.com/ebu/edg/?info=citis@paran.com
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Aug 2024 07:26:29 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 682
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

r11.o.lencr.org/

23.36.77.32

504 B

URL

r11.o.lencr.org/

IP / ASN

23.36.77.32

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-08-18

Last Seen2024-08-21

Times Seen37247

Size504 B (504 bytes)

MD57944981bcac427aa8d0aa016ec63764d

SHA148bf925b10dc02afa8f597af8d26f5bf5efc0b7e

SHA25626bde594c33cd3386f4e65e3eaf0fc048fca46ed4a185f5c2aa70e8deeaffb0a

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "26BDE594C33CD3386F4E65E3EAF0FC048FCA46ED4A185F5C2AA70E8DEEAFFB0A"
Last-Modified: Sat, 17 Aug 2024 21:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12268
Expires: Mon, 19 Aug 2024 10:50:57 GMT
Date: Mon, 19 Aug 2024 07:26:29 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.77.32

504 B

URL

r11.o.lencr.org/

IP / ASN

23.36.77.32

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-08-18

Last Seen2024-08-21

Times Seen37247

Size504 B (504 bytes)

MD57944981bcac427aa8d0aa016ec63764d

SHA148bf925b10dc02afa8f597af8d26f5bf5efc0b7e

SHA25626bde594c33cd3386f4e65e3eaf0fc048fca46ed4a185f5c2aa70e8deeaffb0a

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "26BDE594C33CD3386F4E65E3EAF0FC048FCA46ED4A185F5C2AA70E8DEEAFFB0A"
Last-Modified: Sat, 17 Aug 2024 21:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12268
Expires: Mon, 19 Aug 2024 10:50:57 GMT
Date: Mon, 19 Aug 2024 07:26:29 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.77.32

504 B

URL

r11.o.lencr.org/

IP / ASN

23.36.77.32

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-08-18

Last Seen2024-08-21

Times Seen37247

Size504 B (504 bytes)

MD57944981bcac427aa8d0aa016ec63764d

SHA148bf925b10dc02afa8f597af8d26f5bf5efc0b7e

SHA25626bde594c33cd3386f4e65e3eaf0fc048fca46ed4a185f5c2aa70e8deeaffb0a

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "26BDE594C33CD3386F4E65E3EAF0FC048FCA46ED4A185F5C2AA70E8DEEAFFB0A"
Last-Modified: Sat, 17 Aug 2024 21:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12268
Expires: Mon, 19 Aug 2024 10:50:57 GMT
Date: Mon, 19 Aug 2024 07:26:29 GMT
Connection: keep-alive

POST leuiton.com/ebu/edg/assets/php/policy.php

31.192.232.30

200 OK

140 B

URL

leuiton.com/ebu/edg/assets/php/policy.php

IP / ASN

31.192.232.30

#44493 Chelyabinsk-Signal LLC

Requested byhttps://leuiton.com/ebu/edg/?info=citis@paran.com

Resource Info

File typeJSON text data

First Seen2024-08-19

Last Seen2024-08-19

Times Seen1

Size140 B (140 bytes)

MD52753fe6814eee41792d095161ddc390f

SHA10ded8006111b174e705c6b1b4ef559ad47aaa9c8

SHA256f78bb9c40f36e66c4c07a52fe5bce526f21ff2af0ff6782dc14da70f3b84af13

Certificate Info

IssuerLet's Encrypt

Subjectleuiton.com

Fingerprint44:5F:08:C7:8B:D9:94:35:E3:A9:56:F2:49:E1:0D:80:FA:88:07:24

ValidityMon, 19 Aug 2024 00:46:41 GMT - Sun, 17 Nov 2024 00:46:40 GMT

HTTP Headers

POST /ebu/edg/assets/php/policy.php HTTP/1.1
Host: leuiton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://leuiton.com/ebu/edg/?info=citis@paran.com
Content-Type: application/json
Content-Length: 35
Origin: https://leuiton.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Aug 2024 07:26:29 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 140
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Origin, Content-Type, X-Auth-Token
Vary: Accept-Encoding
Content-Encoding: gzip

o.pki.goog/wr2

142.250.74.131

471 B

URL

o.pki.goog/wr2

IP / ASN

142.250.74.131

#15169 GOOGLE

Requested byN/A

Resource Info

File typedata

First Seen2024-08-19

Last Seen2024-08-21

Times Seen1205

Size471 B (471 bytes)

MD5bce851b453be918b66f619252f31ca8c

SHA13053d529b106cccab6416c27aa1ef5703572600d

SHA2565bd1cd1659c5ec3e741cbaf0d6cc4bba6e95f5b8db9f5a19836a7f0709d4eb50

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Aug 2024 07:26:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET www.google.com/s2/favicons?domain=paran.com

142.250.74.100

301 Moved Permanently

329 B

URL

www.google.com/s2/favicons?domain=paran.com

IP / ASN

142.250.74.100

#15169 GOOGLE

Requested byhttps://leuiton.com/ebu/edg/?info=citis@paran.com

Resource Info

File typeHTML document, ASCII text, with CRLF, LF line terminators

First Seen2024-08-19

Last Seen2024-08-19

Times Seen1

Size329 B (329 bytes)

MD51fe6677e3bf8f16200b354aa97b7a2e8

SHA1dbd14c574c9dbccdb407a7accf6bf1edf2e3b3b9

SHA256ddfd4457e102d0fbbe582a581c3ad90ea3111e70809c5e27635b7d24b1513e55

Certificate Info

IssuerGoogle Trust Services

Subjectwww.google.com

Fingerprint78:90:10:00:62:E9:32:D2:E2:99:72:73:B5:44:27:CB:98:2E:AD:29

ValidityTue, 30 Jul 2024 12:50:13 GMT - Tue, 22 Oct 2024 12:50:12 GMT

HTTP Headers

GET /s2/favicons?domain=paran.com HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://leuiton.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://paran.com&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 19 Aug 2024 07:26:30 GMT
expires: Mon, 19 Aug 2024 07:56:30 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 329
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET www.google.com/s2/favicons?domain=paran.com

142.250.74.100

301 Moved Permanently

329 B

URL

www.google.com/s2/favicons?domain=paran.com

IP / ASN

142.250.74.100

#15169 GOOGLE

Requested byhttps://leuiton.com/ebu/edg/?info=citis@paran.com

Resource Info

File typeHTML document, ASCII text, with CRLF, LF line terminators

First Seen2024-08-19

Last Seen2024-08-19

Times Seen1

Size329 B (329 bytes)

MD51fe6677e3bf8f16200b354aa97b7a2e8

SHA1dbd14c574c9dbccdb407a7accf6bf1edf2e3b3b9

SHA256ddfd4457e102d0fbbe582a581c3ad90ea3111e70809c5e27635b7d24b1513e55

Certificate Info

IssuerGoogle Trust Services

Subjectwww.google.com

Fingerprint78:90:10:00:62:E9:32:D2:E2:99:72:73:B5:44:27:CB:98:2E:AD:29

ValidityTue, 30 Jul 2024 12:50:13 GMT - Tue, 22 Oct 2024 12:50:12 GMT

HTTP Headers

GET /s2/favicons?domain=paran.com HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://leuiton.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 301 Moved Permanently
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://paran.com&size=16
x-content-type-options: nosniff
server: sffe
content-length: 329
x-xss-protection: 0
date: Mon, 19 Aug 2024 07:26:30 GMT
expires: Mon, 19 Aug 2024 07:56:30 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

472 B

URL

o.pki.goog/wr2

IP / ASN

142.250.74.131

#15169 GOOGLE

Requested byN/A

Resource Info

File typedata

First Seen2024-08-18

Last Seen2024-08-21

Times Seen1880

Size472 B (472 bytes)

MD58a87817540e7e2ead175b651c1ea4780

SHA11eaa2ee9290680c91afcad1b90da211de7454726

SHA25633cd881e9daa8467fd5bb76f1ba5c379e503a3a1fdea961cb118db3f90a7061c

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Aug 2024 07:26:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

o.pki.goog/wr2

142.250.74.131

471 B

URL

o.pki.goog/wr2

IP / ASN

142.250.74.131

#15169 GOOGLE

Requested byN/A

Resource Info

File typedata

First Seen2024-08-18

Last Seen2024-08-21

Times Seen1235

Size471 B (471 bytes)

MD5accea7bfb07a1a5efaf635df31f6be36

SHA169415199bb3d42fa72f4457f0223798802bd03bb

SHA256a974df11f24983086c5812943d0a2c0e495a24b0ce0868e1e49ea18c846eb0cb

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Aug 2024 07:26:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://paran.com&size=16

142.250.74.100

726 B

URL

t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://paran.com&size=16

IP / ASN

142.250.74.100

#15169 GOOGLE

Requested byN/A

Resource Info

File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced

First Seen2023-04-05

Last Seen2025-08-02

Times Seen4828

Size726 B (726 bytes)

MD5b8a0bf372c762e966cc99ede8682bc71

SHA12d7c9b60d1e2b4f4726141de2e4ab738110b9287

SHA25659bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://paran.com&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://leuiton.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Mon, 19 Aug 2024 07:26:30 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://paran.com&size=16

142.250.74.100

726 B

URL

t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://paran.com&size=16

IP / ASN

142.250.74.100

#15169 GOOGLE

Requested byN/A

Resource Info

File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced

First Seen2023-04-05

Last Seen2025-08-02

Times Seen4828

Size726 B (726 bytes)

MD5b8a0bf372c762e966cc99ede8682bc71

SHA12d7c9b60d1e2b4f4726141de2e4ab738110b9287

SHA25659bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://paran.com&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://leuiton.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Mon, 19 Aug 2024 07:26:30 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

472 B

URL

o.pki.goog/wr2

IP / ASN

142.250.74.131

#15169 GOOGLE

Requested byN/A

Resource Info

File typedata

First Seen2024-08-18

Last Seen2024-08-21

Times Seen1880

Size472 B (472 bytes)

MD58a87817540e7e2ead175b651c1ea4780

SHA11eaa2ee9290680c91afcad1b90da211de7454726

SHA25633cd881e9daa8467fd5bb76f1ba5c379e503a3a1fdea961cb118db3f90a7061c

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Aug 2024 07:26:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET leuiton.com/ebu/edg/?info=citis@paran.com

31.192.232.30

200 OK

1.2 kB

URL

leuiton.com/ebu/edg/?info=citis@paran.com

IP / ASN

31.192.232.30

#44493 Chelyabinsk-Signal LLC

Requested byhttps://leuiton.com/ebu/edg/?info=citis@paran.com

Resource Info

File typeHTML document, ASCII text, with very long lines (1287), with no line terminators

First Seen2024-02-29

Last Seen2025-02-28

Times Seen214

Size1.2 kB (1215 bytes)

MD5568221a04eeb06a2845e674ca91cf392

SHA1a3cb3d65681151217b5cd2578e2e84e29edfff38

SHA256e544b4d688f81d861888c641e7d0afe29d6f4dcf1bd9ceee9fcfd4cd1178ee5a

Certificate Info

IssuerLet's Encrypt

Subjectleuiton.com

Fingerprint44:5F:08:C7:8B:D9:94:35:E3:A9:56:F2:49:E1:0D:80:FA:88:07:24

ValidityMon, 19 Aug 2024 00:46:41 GMT - Sun, 17 Nov 2024 00:46:40 GMT

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Microsoft Outlook

HTTP Headers

GET /ebu/edg/?info=citis@paran.com HTTP/1.1
Host: leuiton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://leuiton.com/ebu/edg/?info=citis@paran.com
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Aug 2024 07:26:29 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 682
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

GET mail.paran.com/

0.0.0.0

0 B

URL

mail.paran.com/

IP / ASN

0.0.0.0

Requested byhttps://leuiton.com/ebu/edg/?info=citis@paran.com

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-02

Times Seen5606067

Size0 B (0 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: mail.paran.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://leuiton.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

GET t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://paran.com&size=16

142.250.74.100

404 Not Found

726 B

URL

t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://paran.com&size=16

IP / ASN

142.250.74.100

#15169 GOOGLE

Requested byhttps://leuiton.com/ebu/edg/?info=citis@paran.com

Resource Info

File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced

First Seen2023-04-05

Last Seen2025-08-02

Times Seen4828

Size726 B (726 bytes)

MD5b8a0bf372c762e966cc99ede8682bc71

SHA12d7c9b60d1e2b4f4726141de2e4ab738110b9287

SHA25659bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

Certificate Info

IssuerGoogle Trust Services

Subject*.gstatic.com

FingerprintF2:15:54:4E:F3:58:7F:5A:14:9D:F2:45:37:0E:B1:A6:48:C6:2B:14

ValidityTue, 30 Jul 2024 12:49:30 GMT - Tue, 22 Oct 2024 12:49:29 GMT

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://paran.com&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://leuiton.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Mon, 19 Aug 2024 07:26:30 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://paran.com&size=16

142.250.74.100

404 Not Found

726 B

URL

t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://paran.com&size=16

IP / ASN

142.250.74.100

#15169 GOOGLE

Requested byhttps://leuiton.com/ebu/edg/?info=citis@paran.com

Resource Info

File typePNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced

First Seen2023-04-05

Last Seen2025-08-02

Times Seen4828

Size726 B (726 bytes)

MD5b8a0bf372c762e966cc99ede8682bc71

SHA12d7c9b60d1e2b4f4726141de2e4ab738110b9287

SHA25659bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

Certificate Info

IssuerGoogle Trust Services

Subject*.gstatic.com

FingerprintF2:15:54:4E:F3:58:7F:5A:14:9D:F2:45:37:0E:B1:A6:48:C6:2B:14

ValidityTue, 30 Jul 2024 12:49:30 GMT - Tue, 22 Oct 2024 12:49:29 GMT

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://paran.com&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://leuiton.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Mon, 19 Aug 2024 07:26:30 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2