delisatayloeipointonline.edns.biz/
18.217.132.103200 OK 14 kB URL User Request GET HTTP/1.1 delisatayloeipointonline.edns.biz/
IP 18.217.132.103:443
Certificate IssuercPanel, Inc.
Subjectdelisatayloeipointonline.edns.biz
Fingerprint13:E9:7C:D4:01:E8:1F:51:A9:F5:35:BE:35:6B:22:35:46:64:E2:C8
ValidityMon, 22 May 2023 00:00:00 GMT - Sun, 20 Aug 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (691), with CRLF line terminators
Hash 39469af0820b1c51fa2b723305738bd8
e94696d11b970422a95af9e4b75bf898879c1a4d
61ac6967db5aea56e1e96683d94eb136d6bd211cc9f7578c1eb1e846066c9431
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET / HTTP/1.1
Host: delisatayloeipointonline.edns.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 22 May 2023 07:59:14 GMT
Server: Apache
Last-Modified: Mon, 22 May 2023 01:35:43 GMT
Accept-Ranges: bytes
Content-Length: 13877
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
104.17.25.14200 OK 6.2 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
IP 104.17.25.14:443
Requested by https://delisatayloeipointonline.edns.biz/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (19015)
Hash 70d3fda195602fe8b75e0097eed74dde
c3b977aa4b8dfb69d651e07015031d385ded964b
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://delisatayloeipointonline.edns.biz
DNT: 1
Connection: keep-alive
Referer: https://delisatayloeipointonline.edns.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 22 May 2023 07:59:15 GMT
content-type: application/javascript; charset=utf-8
content-length: 6157
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-4af4"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2122251
expires: Sat, 11 May 2024 07:59:15 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wclE%2FK1DbMHPG3lrj9%2F8rg3cr35MD5KFuIBFFAdCxRzIn5hjlCcc0TybFuIw9wWNtyQdZKvjuBWddFXk087sCA%2F9zgqJf6QXnQCibSZZY2TGsEXMLAD7Ngb3aIzbYtLOE98%2BVNJQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7cb384c79d1b0afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.1.1.min.js
69.16.175.10200 OK 30 kB URL GET HTTP/2 code.jquery.com/jquery-3.1.1.min.js
IP 69.16.175.10:443
Requested by https://delisatayloeipointonline.edns.biz/
Certificate IssuerSectigo Limited
Subject*.jquery.com
Fingerprint64:50:4C:BB:DF:F3:1D:70:CC:5D:9E:B7:BE:80:91:84:03:C1:D1:83
ValidityWed, 03 Aug 2022 00:00:00 GMT - Fri, 14 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (32030)
Hash e071abda8fe61194711cfc2ab99fe104
f647a6d37dc4ca055ced3cf64bbc1f490070acba
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
GET /jquery-3.1.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://delisatayloeipointonline.edns.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 22 May 2023 07:59:15 GMT
content-encoding: gzip
content-length: 30070
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-152b5"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1684742355.dop068.sk1.t,1684742355.cds232.sk1.hn,1684742355.cds010.sk1.c
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
142.250.74.106200 OK 30 kB URL GET HTTP/3 ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
IP 142.250.74.106:443
Requested by https://delisatayloeipointonline.edns.biz/
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint9B:D0:53:C4:55:9D:41:A4:94:03:4A:2B:6A:5B:57:EB:EB:A5:F0:4A
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type ASCII text, with very long lines (32065)
Hash 2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://delisatayloeipointonline.edns.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 May 2023 12:31:43 GMT
expires: Fri, 17 May 2024 12:31:43 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 329252
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.2.1.slim.min.js
69.16.175.10200 OK 24 kB URL GET HTTP/2 code.jquery.com/jquery-3.2.1.slim.min.js
IP 69.16.175.10:443
Requested by https://delisatayloeipointonline.edns.biz/
Certificate IssuerSectigo Limited
Subject*.jquery.com
Fingerprint64:50:4C:BB:DF:F3:1D:70:CC:5D:9E:B7:BE:80:91:84:03:C1:D1:83
ValidityWed, 03 Aug 2022 00:00:00 GMT - Fri, 14 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (32012)
Hash 5f48fc77cac90c4778fa24ec9c57f37d
9e89d1515bc4c371b86f4cb1002fd8e377c1829f
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
GET /jquery-3.2.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://delisatayloeipointonline.edns.biz
DNT: 1
Connection: keep-alive
Referer: https://delisatayloeipointonline.edns.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 22 May 2023 07:59:15 GMT
content-encoding: gzip
content-length: 23856
content-type: application/javascript; charset=utf-8
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
accept-ranges: bytes
server: nginx
etag: W/"62f659d6-10fdd"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1684742355.dop003.sk1.t,1684742355.cds261.sk1.hn,1684742355.cds235.sk1.c
X-Firefox-Spdy: h2
delisatayloeipointonline.edns.biz/css/hover.css
18.217.132.103200 OK 115 kB URL GET HTTP/1.1 delisatayloeipointonline.edns.biz/css/hover.css
IP 18.217.132.103:443
Requested by https://delisatayloeipointonline.edns.biz/
Certificate IssuercPanel, Inc.
Subjectdelisatayloeipointonline.edns.biz
Fingerprint13:E9:7C:D4:01:E8:1F:51:A9:F5:35:BE:35:6B:22:35:46:64:E2:C8
ValidityMon, 22 May 2023 00:00:00 GMT - Sun, 20 Aug 2023 23:59:59 GMT
Size 115 kB (114697 bytes)
Hash fac4178c15e5a86139c662dafc809501
ef1481841399156a880ec31b07dda9cfaa1ace39
bb88454962767eb6f2ddb1aabaaf844d8a57de7e8f848d7f6928f81b54998452
Analyzer Verdict Alert urlquery phishing Phishing - Adobe
urlquery suspicious Suspicious - DynDNS domain
GET /css/hover.css HTTP/1.1
Host: delisatayloeipointonline.edns.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://delisatayloeipointonline.edns.biz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 22 May 2023 07:59:15 GMT
Server: Apache
Last-Modified: Mon, 11 Jun 2018 09:44:36 GMT
Accept-Ranges: bytes
Content-Length: 114697
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
104.18.11.207200 OK 44 kB URL GET HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
IP 104.18.11.207:443
Requested by https://delisatayloeipointonline.edns.biz/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (48664)
Hash 14d449eb8876fa55e1ef3c2cc52b0c17
a9545831803b1359cfeed47e3b4d6bae68e40e99
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://delisatayloeipointonline.edns.biz
DNT: 1
Connection: keep-alive
Referer: https://delisatayloeipointonline.edns.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 22 May 2023 07:59:15 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 11/25/2022 23:23:38
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 865
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 4551d547e1b4b88ab6e1acca7ff34b17
cdn-cache: HIT
cf-cache-status: HIT
age: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7cb384c79b31b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
delisatayloeipointonline.edns.biz/images/gmail.png
18.217.132.103200 OK 67 kB URL GET HTTP/1.1 delisatayloeipointonline.edns.biz/images/gmail.png
IP 18.217.132.103:443
Requested by https://delisatayloeipointonline.edns.biz/
Certificate IssuercPanel, Inc.
Subjectdelisatayloeipointonline.edns.biz
Fingerprint13:E9:7C:D4:01:E8:1F:51:A9:F5:35:BE:35:6B:22:35:46:64:E2:C8
ValidityMon, 22 May 2023 00:00:00 GMT - Sun, 20 Aug 2023 23:59:59 GMT
File type PNG image data, 1280 x 1280, 8-bit/color RGBA, non-interlaced\012- data
Hash dce2f2b0e50cb1dbb0246d152791cb46
d0a69c159304edc08db005163e7a0daf5a1e98a6
acf087c1757f08b0cfd53d59066544d7ef0bfcc50999e77c5813739cd9dc1479
Analyzer Verdict Alert urlquery phishing Phishing - Adobe
urlquery suspicious Suspicious - DynDNS domain
GET /images/gmail.png HTTP/1.1
Host: delisatayloeipointonline.edns.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://delisatayloeipointonline.edns.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 22 May 2023 07:59:15 GMT
Server: Apache
Last-Modified: Mon, 13 Jan 2020 17:06:16 GMT
Accept-Ranges: bytes
Content-Length: 66743
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
delisatayloeipointonline.edns.biz/images/other1.png
18.217.132.103200 OK 22 kB URL GET HTTP/1.1 delisatayloeipointonline.edns.biz/images/other1.png
IP 18.217.132.103:443
Requested by https://delisatayloeipointonline.edns.biz/
Certificate IssuercPanel, Inc.
Subjectdelisatayloeipointonline.edns.biz
Fingerprint13:E9:7C:D4:01:E8:1F:51:A9:F5:35:BE:35:6B:22:35:46:64:E2:C8
ValidityMon, 22 May 2023 00:00:00 GMT - Sun, 20 Aug 2023 23:59:59 GMT
File type PNG image data, 190 x 187, 8-bit/color RGBA, non-interlaced\012- data
Hash 6843a244e12fab158aa189680b5e7049
0e1c691f87cc4fa35c88344974f2829c40176b70
3a9b144d6482b78afc4e0a940a1d3c22240f14fa535b808cf4dab9635339569f
Analyzer Verdict Alert urlquery phishing Phishing - Adobe
urlquery suspicious Suspicious - DynDNS domain
GET /images/other1.png HTTP/1.1
Host: delisatayloeipointonline.edns.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://delisatayloeipointonline.edns.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 22 May 2023 07:59:15 GMT
Server: Apache
Last-Modified: Sat, 18 Jan 2020 17:01:40 GMT
Accept-Ranges: bytes
Content-Length: 21882
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
delisatayloeipointonline.edns.biz/images/aol1.png
18.217.132.103200 OK 26 kB URL GET HTTP/1.1 delisatayloeipointonline.edns.biz/images/aol1.png
IP 18.217.132.103:443
Requested by https://delisatayloeipointonline.edns.biz/
Certificate IssuercPanel, Inc.
Subjectdelisatayloeipointonline.edns.biz
Fingerprint13:E9:7C:D4:01:E8:1F:51:A9:F5:35:BE:35:6B:22:35:46:64:E2:C8
ValidityMon, 22 May 2023 00:00:00 GMT - Sun, 20 Aug 2023 23:59:59 GMT
File type PNG image data, 253 x 218, 8-bit/color RGBA, non-interlaced\012- data
Hash ec9cbc1048239b3927ad0276fc983019
17c27c038644bdb141381b606c7c94a177c07326
f8a8cf4f1928938c796e2f35f8c21b0d510d4e3f16e016ee83d1f206f8ebde14
Analyzer Verdict Alert urlquery phishing Phishing - Adobe
urlquery suspicious Suspicious - DynDNS domain
GET /images/aol1.png HTTP/1.1
Host: delisatayloeipointonline.edns.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://delisatayloeipointonline.edns.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 22 May 2023 07:59:15 GMT
Server: Apache
Last-Modified: Sat, 18 Jan 2020 16:45:42 GMT
Accept-Ranges: bytes
Content-Length: 26456
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
delisatayloeipointonline.edns.biz/images/adobe.jpg
18.217.132.103200 OK 31 kB URL GET HTTP/1.1 delisatayloeipointonline.edns.biz/images/adobe.jpg
IP 18.217.132.103:443
Requested by https://delisatayloeipointonline.edns.biz/
Certificate IssuercPanel, Inc.
Subjectdelisatayloeipointonline.edns.biz
Fingerprint13:E9:7C:D4:01:E8:1F:51:A9:F5:35:BE:35:6B:22:35:46:64:E2:C8
ValidityMon, 22 May 2023 00:00:00 GMT - Sun, 20 Aug 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x400, components 3\012- data
Hash be5274af7d8bd25b8148a190ff515399
b8d0850fd92ee935287e17988b89e53607808c8c
26c62dbdf527b8dcbf378ea62f129cbbba3b244730687909ba21ecd729c9d2e6
Analyzer Verdict Alert urlquery phishing Phishing - Adobe
urlquery suspicious Suspicious - DynDNS domain
GET /images/adobe.jpg HTTP/1.1
Host: delisatayloeipointonline.edns.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://delisatayloeipointonline.edns.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 22 May 2023 07:59:15 GMT
Server: Apache
Last-Modified: Tue, 21 Jan 2020 07:44:56 GMT
Accept-Ranges: bytes
Content-Length: 30925
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
delisatayloeipointonline.edns.biz/images/8.jpg
18.217.132.103200 OK 161 kB URL GET HTTP/1.1 delisatayloeipointonline.edns.biz/images/8.jpg
IP 18.217.132.103:443
Requested by https://delisatayloeipointonline.edns.biz/
Certificate IssuercPanel, Inc.
Subjectdelisatayloeipointonline.edns.biz
Fingerprint13:E9:7C:D4:01:E8:1F:51:A9:F5:35:BE:35:6B:22:35:46:64:E2:C8
ValidityMon, 22 May 2023 00:00:00 GMT - Sun, 20 Aug 2023 23:59:59 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=709, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1200], baseline, precision 8, 1200x646, components 3\012- data
Size 161 kB (161118 bytes)
Hash f17b5b1163efb6d2d47de6bae6d3a9cd
6d6964b34bc44c6d2b106ade1ae675985b96d012
7829f065e0e10c8466f3d57766e0719421b7b652f6a1082f21b98702f1b28a30
Analyzer Verdict Alert urlquery phishing Phishing - Adobe
urlquery suspicious Suspicious - DynDNS domain
GET /images/8.jpg HTTP/1.1
Host: delisatayloeipointonline.edns.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://delisatayloeipointonline.edns.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 22 May 2023 07:59:15 GMT
Server: Apache
Last-Modified: Tue, 21 Jan 2020 08:41:44 GMT
Accept-Ranges: bytes
Content-Length: 161118
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
delisatayloeipointonline.edns.biz/images/outlook1.png
18.217.132.103200 OK 771 B URL GET HTTP/1.1 delisatayloeipointonline.edns.biz/images/outlook1.png
IP 18.217.132.103:443
Requested by https://delisatayloeipointonline.edns.biz/
Certificate IssuercPanel, Inc.
Subjectdelisatayloeipointonline.edns.biz
Fingerprint13:E9:7C:D4:01:E8:1F:51:A9:F5:35:BE:35:6B:22:35:46:64:E2:C8
ValidityMon, 22 May 2023 00:00:00 GMT - Sun, 20 Aug 2023 23:59:59 GMT
File type PNG image data, 26 x 26, 8-bit/color RGBA, non-interlaced\012- data
Hash c3fc46c5799c76f9107504028f39190f
519096ad3f03410cf9ce3c9b9fcca6b439d97b23
57898461712a639d119bdf88b7145919dcc8956c7a271d2e4a1084b29eae6785
Analyzer Verdict Alert urlquery phishing Phishing - Adobe
urlquery suspicious Suspicious - DynDNS domain
GET /images/outlook1.png HTTP/1.1
Host: delisatayloeipointonline.edns.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://delisatayloeipointonline.edns.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 22 May 2023 07:59:15 GMT
Server: Apache
Last-Modified: Sat, 18 Jan 2020 16:38:48 GMT
Accept-Ranges: bytes
Content-Length: 771
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
delisatayloeipointonline.edns.biz/images/yahoo1.png
18.217.132.103200 OK 18 kB URL GET HTTP/1.1 delisatayloeipointonline.edns.biz/images/yahoo1.png
IP 18.217.132.103:443
Requested by https://delisatayloeipointonline.edns.biz/
Certificate IssuercPanel, Inc.
Subjectdelisatayloeipointonline.edns.biz
Fingerprint13:E9:7C:D4:01:E8:1F:51:A9:F5:35:BE:35:6B:22:35:46:64:E2:C8
ValidityMon, 22 May 2023 00:00:00 GMT - Sun, 20 Aug 2023 23:59:59 GMT
File type PNG image data, 151 x 151, 8-bit/color RGBA, non-interlaced\012- data
Hash 4458cd0a6df7deabdff0b99bd5905ec9
45a8b436d07d7ed7973b87a1c393d6973afe6fb5
aad24ed5f36320964c515b9889cb2943bbf830b40703999ad3976fce8176e554
Analyzer Verdict Alert urlquery phishing Phishing - Adobe
urlquery suspicious Suspicious - DynDNS domain
GET /images/yahoo1.png HTTP/1.1
Host: delisatayloeipointonline.edns.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://delisatayloeipointonline.edns.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 22 May 2023 07:59:15 GMT
Server: Apache
Last-Modified: Sat, 18 Jan 2020 16:56:08 GMT
Accept-Ranges: bytes
Content-Length: 17931
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
delisatayloeipointonline.edns.biz/favicon.ico
18.217.132.103404 Not Found 315 B URL GET HTTP/1.1 delisatayloeipointonline.edns.biz/favicon.ico
IP 18.217.132.103:443
Requested by https://delisatayloeipointonline.edns.biz/
Certificate IssuercPanel, Inc.
Subjectdelisatayloeipointonline.edns.biz
Fingerprint13:E9:7C:D4:01:E8:1F:51:A9:F5:35:BE:35:6B:22:35:46:64:E2:C8
ValidityMon, 22 May 2023 00:00:00 GMT - Sun, 20 Aug 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert urlquery phishing Phishing - Adobe
urlquery suspicious Suspicious - DynDNS domain
GET /favicon.ico HTTP/1.1
Host: delisatayloeipointonline.edns.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://delisatayloeipointonline.edns.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Mon, 22 May 2023 07:59:16 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
delisatayloeipointonline.edns.biz/images/office3651.png
18.217.132.103200 OK 18 kB URL GET HTTP/1.1 delisatayloeipointonline.edns.biz/images/office3651.png
IP 18.217.132.103:443
Requested by https://delisatayloeipointonline.edns.biz/
Certificate IssuercPanel, Inc.
Subjectdelisatayloeipointonline.edns.biz
Fingerprint13:E9:7C:D4:01:E8:1F:51:A9:F5:35:BE:35:6B:22:35:46:64:E2:C8
ValidityMon, 22 May 2023 00:00:00 GMT - Sun, 20 Aug 2023 23:59:59 GMT
File type PNG image data, 187 x 188, 8-bit/color RGBA, non-interlaced\012- data
Hash fe22440d79ffa34950f512ef4a718b2a
0e147e59544ee6580d3095353d4420849fa5eb8a
a2f26b68a6c8810c1aeb4048c938f835a86ba83756a7a440f989b967e78f3ba8
Analyzer Verdict Alert urlquery phishing Phishing - Adobe
urlquery suspicious Suspicious - DynDNS domain
GET /images/office3651.png HTTP/1.1
Host: delisatayloeipointonline.edns.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://delisatayloeipointonline.edns.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 22 May 2023 07:59:16 GMT
Server: Apache
Last-Modified: Tue, 21 Jan 2020 09:30:16 GMT
Accept-Ranges: bytes
Content-Length: 18025
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=585b051251
172.64.203.28200 OK 60 kB URL GET HTTP/2 ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=585b051251
IP 172.64.203.28:443
Requested by https://delisatayloeipointonline.edns.biz/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint49:14:F2:7A:2C:AE:36:01:38:B7:F7:3D:DB:44:3E:3F:5C:FB:6B:15
ValidityFri, 12 Aug 2022 00:00:00 GMT - Sat, 12 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (60130)
Hash a12ec7ebe75a4d59a5dd6b79e2ba2e16
28f5dcc595ee6d4163481ef64170180502c8629b
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda
GET /releases/v5.15.4/css/free.min.css?token=585b051251 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://delisatayloeipointonline.edns.biz/
Origin: https://delisatayloeipointonline.edns.biz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 22 May 2023 07:59:15 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 7309328e91f012108061822748228b68.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: KwpJfliFD3b49rVFHKety5e_R2j_GivsBzGAXKxtbEB0q70L1IvdEw==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BzLcF7AEzEFTS4%2BIYipFYcN9ergIGnYooN2XhlhLBb8K2c5%2Fqe9jVkxEpNx6QyidK0eUZfdTbBX%2FFovuqjlMKxYU346LgCbrDTFk0%2B7jw2jMEblUEDED7s6%2Bx3zaPcuiBTHJBYBCuw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cb384c9cc7e23c5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
104.18.11.207200 OK 145 kB URL GET HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
IP 104.18.11.207:443
Requested by https://delisatayloeipointonline.edns.biz/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (65325)
Size 145 kB (144877 bytes)
Hash 450fc463b8b1a349df717056fbb3e078
895125a4522a3b10ee7ada06ee6503587cbf95c5
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
GET /bootstrap/4.0.0/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://delisatayloeipointonline.edns.biz
DNT: 1
Connection: keep-alive
Referer: https://delisatayloeipointonline.edns.biz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 22 May 2023 07:59:15 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"450fc463b8b1a349df717056fbb3e078"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 04/26/2023 08:07:14
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 865
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 3128578ddf5d319290f71790c70acf4b
cdn-cache: HIT
cf-cache-status: HIT
age: 1
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7cb384c78b14b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kit.fontawesome.com/585b051251.js
104.18.23.52200 OK 12 kB URL GET HTTP/2 kit.fontawesome.com/585b051251.js
IP 104.18.23.52:443
Requested by https://delisatayloeipointonline.edns.biz/
Certificate IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (11018)
Hash ea06eb8895068c285ad45d08b0cc340b
acd969f9445f92ca352c703e4602442ae7b1853c
bb735764ab1aefbec2633325db64f1a4cffbd7172524cdf29e8f4cbd897aff4d
GET /585b051251.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://delisatayloeipointonline.edns.biz
DNT: 1
Connection: keep-alive
Referer: https://delisatayloeipointonline.edns.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 22 May 2023 07:59:15 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: F2FoPtVm3FTeg_Vj103D
cf-cache-status: HIT
age: 1
server: cloudflare
cf-ray: 7cb384c78d640b69-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=585b051251
172.64.203.28200 OK 27 kB URL GET HTTP/2 ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=585b051251
IP 172.64.203.28:443
Requested by https://delisatayloeipointonline.edns.biz/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint49:14:F2:7A:2C:AE:36:01:38:B7:F7:3D:DB:44:3E:3F:5C:FB:6B:15
ValidityFri, 12 Aug 2022 00:00:00 GMT - Sat, 12 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (26500)
Hash 76f34b71fc9fb641507ff6a822cc07f5
73ed2f8f21cd40fb496e61306acbb5849d4dbff4
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
GET /releases/v5.15.4/css/free-v4-shims.min.css?token=585b051251 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://delisatayloeipointonline.edns.biz/
Origin: https://delisatayloeipointonline.edns.biz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 22 May 2023 07:59:15 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ed393405ff603a61a1e63909cf1c1a44.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: hhMSd1AvxN3vaOqB_XEWcg7UPtwTynJxKCxYzPtyaVsQIgESHZBSpg==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bj5UGqY7BasTAik2Kuf7AgVXfSjtlienJMNjT1fZbePPmOYb11gUfHxj5LxUkqPOCQJtAyfZUcbOzlVmFqf5pv7IUC29mxvCCfjzz4HI0EKA0F8FMnblWrf%2FrwEYVL1V4wansn975g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cb384c9cc7723c5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Yellowtail&display=swap
142.250.74.106200 OK 422 B URL GET HTTP/2 fonts.googleapis.com/css?family=Yellowtail&display=swap
IP 142.250.74.106:443
Requested by https://delisatayloeipointonline.edns.biz/
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint9B:D0:53:C4:55:9D:41:A4:94:03:4A:2B:6A:5B:57:EB:EB:A5:F0:4A
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type ASCII text, with very long lines (431), with no line terminators
Hash f8d0670d9d09352eb6056def3cc54228
4aa3cb03f3195b4b2d16708c6216eadd61087438
4a9dad8d7a538709cae6289ea21b96ae50ecd1e4c66dd9f5aa4d12c8bd0deaaf
GET /css?family=Yellowtail&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://delisatayloeipointonline.edns.biz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 22 May 2023 07:59:15 GMT
date: Mon, 22 May 2023 07:59:15 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2