Overview

URL a3o.onlinewhitepaper.net/lists/ze636csznlac5/unsubscribe/jd084ed59o33d/yo201kv6lp705
IP51.79.52.243
ASNOVH SAS
Location Canada
Report completed2022-10-02 22:17:19 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-10-02 2 a3o.onlinewhitepaper.net/lists/ze636csznlac5/unsubscribe/jd084ed59o33d/yo20 (...) Phishing
2022-10-02 2 a3o.onlinewhitepaper.net/assets/css/adminlte.css?av=9ec570bf Phishing
2022-10-02 2 a3o.onlinewhitepaper.net/frontend/assets/css/style.css?av=9ec570bf Phishing
2022-10-02 2 a3o.onlinewhitepaper.net/assets/css/skin-blue.css?av=9ec570bf Phishing
2022-10-02 2 a3o.onlinewhitepaper.net/assets/js/bootstrap.min.js?av=9ec570bf Phishing
2022-10-02 2 a3o.onlinewhitepaper.net/assets/js/adminlte.js?av=9ec570bf Phishing
2022-10-02 2 a3o.onlinewhitepaper.net/frontend/assets/cache/fd27507/jquery.min.js Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (12)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-02 05:00:42 UTC 34.160.144.191
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-02 04:45:21 UTC 34.117.237.239
mnemonic passive DNS ocsp.pki.goog (7) 175 2017-06-14 07:23:31 UTC 2022-10-02 05:01:45 UTC 142.250.74.3
mnemonic passive DNS fonts.gstatic.com (1) 0 2014-08-29 13:43:22 UTC 2022-10-02 11:24:27 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS img-getpocket.cdn.mozilla.net (7) 1631 2017-09-01 03:40:57 UTC 2022-10-02 11:24:29 UTC 34.120.237.76
mnemonic passive DNS r3.o.lencr.org (7) 344 2020-12-02 08:52:13 UTC 2022-10-02 05:33:45 UTC 23.36.76.226
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-10-02 16:25:36 UTC 13.224.222.39
mnemonic passive DNS fonts.googleapis.com (3) 8877 2013-06-10 20:14:26 UTC 2022-10-02 16:00:45 UTC 142.250.74.10
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-10-02 15:44:45 UTC 93.184.220.29
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-02 10:20:02 UTC 34.215.56.181
mnemonic passive DNS a3o.onlinewhitepaper.net (14) 0 2022-07-11 21:36:01 UTC 2022-10-01 18:31:06 UTC 51.79.52.243 Unknown ranking
mnemonic passive DNS cdnjs.cloudflare.com (2) 235 2020-10-20 10:17:36 UTC 2022-10-02 11:24:40 UTC 104.17.25.14


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 51.79.52.243

Date UQ / IDS / BL URL IP
2022-11-10 01:34:27 +0000
0 - 0 - 1 a3o.onlinewhitepaper.net/campaigns/de9486f59a (...) 51.79.52.243
2022-11-09 09:06:36 +0000
0 - 0 - 1 a3o.onlinewhitepaper.net/campaigns/ws249x1o39 (...) 51.79.52.243
2022-11-08 00:37:20 +0000
0 - 0 - 7 a3o.onlinewhitepaper.net/campaigns/on2744nz9y (...) 51.79.52.243
2022-10-22 18:56:38 +0000
0 - 0 - 7 a3o.onlinewhitepaper.net/campaigns/dg655mk3lv (...) 51.79.52.243
2022-10-06 15:21:04 +0000
0 - 0 - 1 a3o.onlinewhitepaper.net/campaigns/rw544cj40h (...) 51.79.52.243

Last 5 reports on ASN: OVH SAS

Date UQ / IDS / BL URL IP
2022-11-30 14:32:01 +0000
0 - 0 - 4 estadoempresaweblife.com/1669818096/ib/presen (...) 46.105.204.31
2022-11-30 14:25:57 +0000
0 - 0 - 1 54.39.90.100/ 54.39.90.100
2022-11-30 14:12:25 +0000
0 - 0 - 1 192.99.148.189/19044.1288.211006-0501.21h2_re (...) 192.99.148.189
2022-11-30 14:10:44 +0000
0 - 0 - 1 13hds.trk.elasticemail.com/tracking/click?d=P (...) 91.134.188.169
2022-11-30 14:05:50 +0000
0 - 0 - 2 buchung.huettenwirt.com/ 135.125.240.140

Last 5 reports on domain: onlinewhitepaper.net

Date UQ / IDS / BL URL IP
2022-11-22 06:46:55 +0000
0 - 0 - 2 a3o.onlinewhitepaper.net/campaigns/wt143l4k34 (...) 104.168.147.77
2022-11-22 06:46:52 +0000
0 - 0 - 1 a3o.onlinewhitepaper.net/campaigns/wt143l4k34 (...) 104.168.147.77
2022-11-14 12:27:43 +0000
0 - 0 - 7 a3o.onlinewhitepaper.net/campaigns/ym266yphax (...) 104.168.147.77
2022-11-10 01:34:27 +0000
0 - 0 - 1 a3o.onlinewhitepaper.net/campaigns/de9486f59a (...) 51.79.52.243
2022-11-09 09:06:36 +0000
0 - 0 - 1 a3o.onlinewhitepaper.net/campaigns/ws249x1o39 (...) 51.79.52.243

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-11-28 21:46:41 +0000
0 - 0 - 3 mws.enlighthr.com/index.php/lists/xc363mc6nn2 (...) 104.21.32.152
2022-11-28 02:38:57 +0000
0 - 0 - 15 news.klickboost.com/index.php/lists/en0936qzk (...) 92.204.132.9
2022-11-23 06:05:37 +0000
0 - 0 - 9 track.whitepaperdemand.com/campaigns/zg9170ee (...) 172.67.208.251
2022-11-07 23:32:16 +0000
0 - 0 - 2 greystonbrownies.org/index.php/lists/on619249 (...) 69.64.63.210
2022-11-07 23:13:15 +0000
0 - 0 - 2 greystonbrownies.org/index.php/lists/rr749w3y (...) 69.64.63.210


JavaScript

Executed Scripts (8)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (47)


Request Response
                                        
                                            GET /lists/ze636csznlac5/unsubscribe/jd084ed59o33d/yo201kv6lp705 HTTP/1.1 
Host: a3o.onlinewhitepaper.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         51.79.52.243
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Sun, 02 Oct 2022 22:17:08 GMT
Content-Length: 2025
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: mwsid=fhre9ndhqr2ej8a1cie7mfc953; path=/; HttpOnly csrf_token=f88937d8e79dbeb464ddc88536a29958c5a14fdds%3A88%3A%22X0hlU1pMZGV2MTZEOERoQktFOWNwQVdQaEd1YUQ5MFpOyhlvnNMcXLDqJ7pmp3xF6ccYrRPcneVvE-dorPUEKg%3D%3D%22%3B; path=/; HttpOnly
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (305)
Size:   2025
Md5:    6482c9f99bed277c3e9fe797d91b1fe3
Sha1:   8ec06fe0b4aaf56740529bc7049bcdf5d3ce7c2e
Sha256: fadfa2adcba7428c67028409d133fdde94e869b779a77592c004b4224329884d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17162
Expires: Mon, 03 Oct 2022 03:03:10 GMT
Date: Sun, 02 Oct 2022 22:17:08 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         13.224.222.39
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 02 Oct 2022 22:03:21 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 323b4a7971a31c96655a9c4fcac2b9ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-C2
X-Amz-Cf-Id: VFwo6MK0h-gcM9LVinm8AC05RB_G-afJB4HyvmFk6lY-ytxnKAeYMw==
Age: 827


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "69D097718CAC37CC6B77D417711C4356557F2B47C78026303BFE5F985B94A5A5"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16033
Expires: Mon, 03 Oct 2022 02:44:21 GMT
Date: Sun, 02 Oct 2022 22:17:08 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: 8wn9HjvuCwIDI1sEmhs3L7C/UD9hEIBTkHVK0SUK5+m3x+qSUDmNDReZRzvF2Je7xcEGgseZuTg=
x-amz-request-id: VAE069WVWD39PMBJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 02 Oct 2022 21:53:03 GMT
age: 1445
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 02 Oct 2022 22:17:08 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /ajax/libs/font-awesome/4.5.0/css/font-awesome.min.css?av=9ec570bf HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://a3o.onlinewhitepaper.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Sun, 02 Oct 2022 22:17:08 GMT
content-length: 4972
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-6b4a"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 10034623
expires: Fri, 22 Sep 2023 22:17:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xtja1RLIjn94eL4qITI8f3F9awSHTBq9oHgEaKIN8dL4wMZtuqBxaKkrWXYwpFODPmtOpwW78CkTZRMD99QR%2FHAPfS0NIL%2FRnXl8knDdKr%2Fd917v0yx9ozZGjoO9WAqkx6c%2FXY1H"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7540ce769a0db506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (27303)
Size:   4972
Md5:    fb68fcb5e0519fb76559c9ab267f8f3f
Sha1:   b96c07f9ef44dbecb4ec4d1cb4a0b30a210f9825
Sha256: 8d0f29c4b3a8b511e6a46bc29ab3d96566fb244fdca5003156c04ea6b65cdd71
                                        
                                            GET /ajax/libs/ionicons/2.0.1/css/ionicons.min.css?av=9ec570bf HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://a3o.onlinewhitepaper.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.25.14
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Sun, 02 Oct 2022 22:17:08 GMT
content-length: 6642
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ea8-c854"
last-modified: Mon, 04 May 2020 16:11:20 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 4601442
expires: Fri, 22 Sep 2023 22:17:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C36tZYIlEyhzNY4Dj9zGD8vWWXDEQYkko2kHTGJo6LT8U7wl9gQP8QVQCY4VYXRNc6b3mKbN2Ug%2FORhhq0diNoBLKfGRuiXabZDNwn8ZiA5OcB%2FBYJoh5Oqym7TEqysZmnZFTgyv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7540ce76aa15b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (50806)
Size:   6642
Md5:    0db2e85f504f65d4eba65a3a3176b99e
Sha1:   49445ca83b52538d5fb8f4ef3c5ed0bee904dc81
Sha256: 0153ed381a818cbc0ddab7d832c84bc3aae2aed1ccbe9821d625d6637046c953
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 22:17:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 22:17:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 22:17:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 22:17:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /assets/css/bootstrap.min.css?av=9ec570bf HTTP/1.1 
Host: a3o.onlinewhitepaper.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://a3o.onlinewhitepaper.net/lists/ze636csznlac5/unsubscribe/jd084ed59o33d/yo201kv6lp705
Cookie: mwsid=fhre9ndhqr2ej8a1cie7mfc953; csrf_token=f88937d8e79dbeb464ddc88536a29958c5a14fdds%3A88%3A%22X0hlU1pMZGV2MTZEOERoQktFOWNwQVdQaEd1YUQ5MFpOyhlvnNMcXLDqJ7pmp3xF6ccYrRPcneVvE-dorPUEKg%3D%3D%22%3B

                                         
                                         51.79.52.243
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Sun, 02 Oct 2022 22:17:08 GMT
Last-Modified: Mon, 18 Jul 2022 17:56:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62d59eca-18679"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (65366)
Size:   17160
Md5:    284e1d568b2a7da4b297a1728b093eed
Sha1:   06a900e1b20c68af158f4e1734100af72642d3eb
Sha256: abc3c286c13cff4efe7e3a637468442416e9a945ac9ce248bcac8699b5966584
                                        
                                            GET /assets/css/adminlte.css?av=9ec570bf HTTP/1.1 
Host: a3o.onlinewhitepaper.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://a3o.onlinewhitepaper.net/lists/ze636csznlac5/unsubscribe/jd084ed59o33d/yo201kv6lp705
Cookie: mwsid=fhre9ndhqr2ej8a1cie7mfc953; csrf_token=f88937d8e79dbeb464ddc88536a29958c5a14fdds%3A88%3A%22X0hlU1pMZGV2MTZEOERoQktFOWNwQVdQaEd1YUQ5MFpOyhlvnNMcXLDqJ7pmp3xF6ccYrRPcneVvE-dorPUEKg%3D%3D%22%3B

                                         
                                         51.79.52.243
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Sun, 02 Oct 2022 22:17:08 GMT
Last-Modified: Mon, 18 Jul 2022 17:56:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62d59eca-33740"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   27891
Md5:    1ce20c340bb00f5bae9c2ec25bdfdf9f
Sha1:   66248bdbd5d71d45ca2e860f0d0f5322aec56baf
Sha256: 25d7a9b0377e552eea49ae78cc8d21978353d7d1299b3c837e8aa1f9aeacf91b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /frontend/assets/css/style.css?av=9ec570bf HTTP/1.1 
Host: a3o.onlinewhitepaper.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://a3o.onlinewhitepaper.net/lists/ze636csznlac5/unsubscribe/jd084ed59o33d/yo201kv6lp705
Cookie: mwsid=fhre9ndhqr2ej8a1cie7mfc953; csrf_token=f88937d8e79dbeb464ddc88536a29958c5a14fdds%3A88%3A%22X0hlU1pMZGV2MTZEOERoQktFOWNwQVdQaEd1YUQ5MFpOyhlvnNMcXLDqJ7pmp3xF6ccYrRPcneVvE-dorPUEKg%3D%3D%22%3B

                                         
                                         51.79.52.243
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Sun, 02 Oct 2022 22:17:09 GMT
Last-Modified: Mon, 18 Jul 2022 17:56:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62d59eca-3fc6"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   2467
Md5:    9fd90fcf7b71eca519fbd1a4552f4a71
Sha1:   e10bc1e81bc6b90c6095295eb3e02867c7e11cd5
Sha256: a59b020f703458a66190250ac67121bfda7109d87d31614a2db4b7b0e09907b2

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /assets/css/skin-blue.css?av=9ec570bf HTTP/1.1 
Host: a3o.onlinewhitepaper.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://a3o.onlinewhitepaper.net/lists/ze636csznlac5/unsubscribe/jd084ed59o33d/yo201kv6lp705
Cookie: mwsid=fhre9ndhqr2ej8a1cie7mfc953; csrf_token=f88937d8e79dbeb464ddc88536a29958c5a14fdds%3A88%3A%22X0hlU1pMZGV2MTZEOERoQktFOWNwQVdQaEd1YUQ5MFpOyhlvnNMcXLDqJ7pmp3xF6ccYrRPcneVvE-dorPUEKg%3D%3D%22%3B

                                         
                                         51.79.52.243
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Sun, 02 Oct 2022 22:17:09 GMT
Last-Modified: Mon, 18 Jul 2022 17:56:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62d59eca-e04"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   791
Md5:    dcdfd461d00fd7b6f41db086c1252e33
Sha1:   01911f5945313ed1bce5a01a51be71253d570bc7
Sha256: fcda6f65c583bef5f70089b5b2fa2c5b9f175b15bf10cdf150938c27ce31189a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /assets/js/bootstrap.min.js?av=9ec570bf HTTP/1.1 
Host: a3o.onlinewhitepaper.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://a3o.onlinewhitepaper.net/lists/ze636csznlac5/unsubscribe/jd084ed59o33d/yo201kv6lp705
Cookie: mwsid=fhre9ndhqr2ej8a1cie7mfc953; csrf_token=f88937d8e79dbeb464ddc88536a29958c5a14fdds%3A88%3A%22X0hlU1pMZGV2MTZEOERoQktFOWNwQVdQaEd1YUQ5MFpOyhlvnNMcXLDqJ7pmp3xF6ccYrRPcneVvE-dorPUEKg%3D%3D%22%3B

                                         
                                         51.79.52.243
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 02 Oct 2022 22:17:09 GMT
Last-Modified: Mon, 18 Jul 2022 17:56:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62d59eca-71b6"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (28941)
Size:   7679
Md5:    18c650acaadcdf582747aea91bebda89
Sha1:   254df0d455514d4888e4906993b3e72d5f56d2d0
Sha256: cd2d43b5075c59279839a156425c64abefa206144a4e7ee4a9c35c1157e1217a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /assets/js/knockout.min.js?av=9ec570bf HTTP/1.1 
Host: a3o.onlinewhitepaper.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://a3o.onlinewhitepaper.net/lists/ze636csznlac5/unsubscribe/jd084ed59o33d/yo201kv6lp705
Cookie: mwsid=fhre9ndhqr2ej8a1cie7mfc953; csrf_token=f88937d8e79dbeb464ddc88536a29958c5a14fdds%3A88%3A%22X0hlU1pMZGV2MTZEOERoQktFOWNwQVdQaEd1YUQ5MFpOyhlvnNMcXLDqJ7pmp3xF6ccYrRPcneVvE-dorPUEKg%3D%3D%22%3B

                                         
                                         51.79.52.243
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 02 Oct 2022 22:17:09 GMT
Last-Modified: Mon, 18 Jul 2022 17:56:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62d59eca-e9ae"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (564)
Size:   22093
Md5:    4a4fc7c2f6995fadea409096e13e7fc7
Sha1:   734492495fc72d05eebe7a49eb0b76802904c4c4
Sha256: c25598ec2f3396e372ad0a51bce9d2576c3a7a77be014e80679b3009d610c38c
                                        
                                            GET /assets/js/notify.js?av=9ec570bf HTTP/1.1 
Host: a3o.onlinewhitepaper.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://a3o.onlinewhitepaper.net/lists/ze636csznlac5/unsubscribe/jd084ed59o33d/yo201kv6lp705
Cookie: mwsid=fhre9ndhqr2ej8a1cie7mfc953; csrf_token=f88937d8e79dbeb464ddc88536a29958c5a14fdds%3A88%3A%22X0hlU1pMZGV2MTZEOERoQktFOWNwQVdQaEd1YUQ5MFpOyhlvnNMcXLDqJ7pmp3xF6ccYrRPcneVvE-dorPUEKg%3D%3D%22%3B

                                         
                                         51.79.52.243
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 02 Oct 2022 22:17:09 GMT
Last-Modified: Mon, 18 Jul 2022 17:56:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62d59eca-15de"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   1230
Md5:    9ebfc48a18f857e2e29756498f0d80a1
Sha1:   166b4a773b5688ddfa37376227ad6a0eb1971b59
Sha256: 6be61c4559e6de59f12bb4e2e51381d1b41eb555262dadaaa3db5bfb39665f4b
                                        
                                            GET /assets/js/adminlte.js?av=9ec570bf HTTP/1.1 
Host: a3o.onlinewhitepaper.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://a3o.onlinewhitepaper.net/lists/ze636csznlac5/unsubscribe/jd084ed59o33d/yo201kv6lp705
Cookie: mwsid=fhre9ndhqr2ej8a1cie7mfc953; csrf_token=f88937d8e79dbeb464ddc88536a29958c5a14fdds%3A88%3A%22X0hlU1pMZGV2MTZEOERoQktFOWNwQVdQaEd1YUQ5MFpOyhlvnNMcXLDqJ7pmp3xF6ccYrRPcneVvE-dorPUEKg%3D%3D%22%3B

                                         
                                         51.79.52.243
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 02 Oct 2022 22:17:09 GMT
Last-Modified: Mon, 18 Jul 2022 17:56:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62d59eca-262e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (9373)
Size:   2986
Md5:    d92aa5042a44694e1e5b92039153dbf9
Sha1:   a4caf186151c00eaa9d8d398b6d1877c15f9ecad
Sha256: 5e5fec05f9c57d264a2223ad40688118ef0b11d364f20f7055d7ccb68f18314c

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /frontend/assets/cache/fd27507/jquery.min.js HTTP/1.1 
Host: a3o.onlinewhitepaper.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://a3o.onlinewhitepaper.net/lists/ze636csznlac5/unsubscribe/jd084ed59o33d/yo201kv6lp705
Cookie: mwsid=fhre9ndhqr2ej8a1cie7mfc953; csrf_token=f88937d8e79dbeb464ddc88536a29958c5a14fdds%3A88%3A%22X0hlU1pMZGV2MTZEOERoQktFOWNwQVdQaEd1YUQ5MFpOyhlvnNMcXLDqJ7pmp3xF6ccYrRPcneVvE-dorPUEKg%3D%3D%22%3B

                                         
                                         51.79.52.243
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 02 Oct 2022 22:17:09 GMT
Last-Modified: Thu, 28 Jul 2022 13:26:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62e28e8e-1762a"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (32086)
Size:   33266
Md5:    ece879ee496f4d73786b4f086d20495b
Sha1:   f0dddf54755394aceb56dc377ab5879015b1b92f
Sha256: 56c5badd7be6180bd27a9a542803f82fe4a4d589b96253add8f187be20117997

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /assets/js/cookie.js?av=9ec570bf HTTP/1.1 
Host: a3o.onlinewhitepaper.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://a3o.onlinewhitepaper.net/lists/ze636csznlac5/unsubscribe/jd084ed59o33d/yo201kv6lp705
Cookie: mwsid=fhre9ndhqr2ej8a1cie7mfc953; csrf_token=f88937d8e79dbeb464ddc88536a29958c5a14fdds%3A88%3A%22X0hlU1pMZGV2MTZEOERoQktFOWNwQVdQaEd1YUQ5MFpOyhlvnNMcXLDqJ7pmp3xF6ccYrRPcneVvE-dorPUEKg%3D%3D%22%3B

                                         
                                         51.79.52.243
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 02 Oct 2022 22:17:09 GMT
Last-Modified: Mon, 18 Jul 2022 17:56:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62d59eca-134a"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   1500
Md5:    94f6c24dce4142d9422050d2d7337d24
Sha1:   3c8f7c1c03ca148da6d7fd506f8e468922b18d6b
Sha256: fe445a5d631511d6e58d504434bceb4a007830bb46e9dde7f5e786853229a35e
                                        
                                            GET /assets/js/app.js?av=9ec570bf HTTP/1.1 
Host: a3o.onlinewhitepaper.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://a3o.onlinewhitepaper.net/lists/ze636csznlac5/unsubscribe/jd084ed59o33d/yo201kv6lp705
Cookie: mwsid=fhre9ndhqr2ej8a1cie7mfc953; csrf_token=f88937d8e79dbeb464ddc88536a29958c5a14fdds%3A88%3A%22X0hlU1pMZGV2MTZEOERoQktFOWNwQVdQaEd1YUQ5MFpOyhlvnNMcXLDqJ7pmp3xF6ccYrRPcneVvE-dorPUEKg%3D%3D%22%3B

                                         
                                         51.79.52.243
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 02 Oct 2022 22:17:09 GMT
Last-Modified: Mon, 18 Jul 2022 17:56:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62d59eca-8f6"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text
Size:   900
Md5:    65ff4b7d242f00c6d87ff34afc1031dd
Sha1:   5fa2717642b2fec88ea9fd996cdcbf691401e0f3
Sha256: af6a646bd03edee4dee61ed24b7176a8eb2397540ec0e1a4631929295d15f7a7
                                        
                                            GET /frontend/assets/js/app.js?av=9ec570bf HTTP/1.1 
Host: a3o.onlinewhitepaper.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://a3o.onlinewhitepaper.net/lists/ze636csznlac5/unsubscribe/jd084ed59o33d/yo201kv6lp705
Cookie: mwsid=fhre9ndhqr2ej8a1cie7mfc953; csrf_token=f88937d8e79dbeb464ddc88536a29958c5a14fdds%3A88%3A%22X0hlU1pMZGV2MTZEOERoQktFOWNwQVdQaEd1YUQ5MFpOyhlvnNMcXLDqJ7pmp3xF6ccYrRPcneVvE-dorPUEKg%3D%3D%22%3B

                                         
                                         51.79.52.243
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Sun, 02 Oct 2022 22:17:09 GMT
Content-Length: 469
Last-Modified: Mon, 18 Jul 2022 17:56:26 GMT
Connection: keep-alive
ETag: "62d59eca-1d5"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   469
Md5:    5154609f598be8d873ff615d521b6d60
Sha1:   55165af84a2129e8432f1e96326ee686a07392bd
Sha256: 0ad96c8bca01a84d8b932da6e7cb095707bce86f4844acd88925b295a7422f2f
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         13.224.222.39
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Sun, 02 Oct 2022 21:32:53 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sun, 02 Oct 2022 21:45:39 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 da1b51482b08b4548d36c4cddfb34c00.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-C2
X-Amz-Cf-Id: AQPSUALh4YPIRcVDyWW1o67tfUOM4h2x62C0343Cx3miqXkqZTcBEg==
Age: 2656


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 22:17:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 22:17:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://a3o.onlinewhitepaper.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 03:08:55 GMT
expires: Sun, 01 Oct 2023 03:08:55 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
age: 155294
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size:   44856
Md5:    565ce506190ad3af920b40baf1794cec
Sha1:   ad3cba5d06100e09449a864d3b5e58403b478b3d
Sha256: 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
                                        
                                            GET /css?family=Roboto:300,400,700,900&av=9ec570bf HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://a3o.onlinewhitepaper.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 02 Oct 2022 22:17:09 GMT
date: Sun, 02 Oct 2022 22:17:09 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   31616
Md5:    74cab72bdcbd598e340545b7031cb5d0
Sha1:   e256b18cf7a906229a4158698ccf18430c509a7a
Sha256: 1c05021b5aaaf42180e2cf22a54b3aa7a1671622e0aace263b0d9a498e25f24d
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 02 Oct 2022 22:17:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5883
Cache-Control: 'max-age=158059'
Date: Sun, 02 Oct 2022 22:17:09 GMT
Last-Modified: Sun, 02 Oct 2022 20:39:06 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: a3o.onlinewhitepaper.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://a3o.onlinewhitepaper.net/lists/ze636csznlac5/unsubscribe/jd084ed59o33d/yo201kv6lp705
Cookie: mwsid=fhre9ndhqr2ej8a1cie7mfc953; csrf_token=f88937d8e79dbeb464ddc88536a29958c5a14fdds%3A88%3A%22X0hlU1pMZGV2MTZEOERoQktFOWNwQVdQaEd1YUQ5MFpOyhlvnNMcXLDqJ7pmp3xF6ccYrRPcneVvE-dorPUEKg%3D%3D%22%3B

                                         
                                         51.79.52.243
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx
Date: Sun, 02 Oct 2022 22:17:09 GMT
Content-Length: 1150
Last-Modified: Fri, 22 Jul 2022 15:14:05 GMT
Connection: keep-alive
ETag: "62dabebd-47e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size:   1150
Md5:    924eb744ade18d2a391182a9afd060c0
Sha1:   2a8e4f2d392434838d0d86e574219a80e8229e07
Sha256: e7c0618b1d4bfdb425e11e7afe49ab33d118109f5fb37e422a51c6ef78559bc3
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: DmDSbmDpotM4Vz84oc2sag==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         34.215.56.181
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: HNUR2peZtsS47k4I8jS+AbcBFeo=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5004
Expires: Sun, 02 Oct 2022 23:40:35 GMT
Date: Sun, 02 Oct 2022 22:17:11 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5004
Expires: Sun, 02 Oct 2022 23:40:35 GMT
Date: Sun, 02 Oct 2022 22:17:11 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5004
Expires: Sun, 02 Oct 2022 23:40:35 GMT
Date: Sun, 02 Oct 2022 22:17:11 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5004
Expires: Sun, 02 Oct 2022 23:40:35 GMT
Date: Sun, 02 Oct 2022 22:17:11 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5004
Expires: Sun, 02 Oct 2022 23:40:35 GMT
Date: Sun, 02 Oct 2022 22:17:11 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F943d6a55-696e-4fd8-901a-a9ab097959d7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6321
x-amzn-requestid: 605adeca-4345-4481-999e-d50ebc123767
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWabGsgIAMFcSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a0442-68542d1b56697ab33dd63941;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:36:02 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: xZUu90wyCNVEexHxRRNQz0aDhNy_u0WC2v8TVxHkQvW-evaDwfKTtQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:45:27 GMT
etag: "89ce0e6d742144439a96ace034adae4e7e167311"
age: 1904
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6321
Md5:    8bb7613964aef696917cb85a6d0bcac4
Sha1:   89ce0e6d742144439a96ace034adae4e7e167311
Sha256: 24b100b10aa041effad83e9379447f4f62d95dcf6eb27a6b093a7caaa484f964
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb7e3592-97bd-498d-bf7f-2c5bb0fc867b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6983
x-amzn-requestid: e551848c-073a-4317-8841-1fc5fd8a38c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWb3EGdoAMFY4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a044b-6c6a638527bb19f621cd40b1;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:36:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: dovur2A7-Vx80FdqmWlJZDBBKnAqX0t9FYOIaqikEumI9bebg171KQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:45:27 GMT
etag: "2d543d6b1bed9901437c3b880bd415ece354cbf7"
age: 1904
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6983
Md5:    91079e915678800d2e2e1f68415d5dc4
Sha1:   2d543d6b1bed9901437c3b880bd415ece354cbf7
Sha256: b9bda55eef23a199fff3bd3fde22486ef4d50edd36b105b0ee13479b96c2ba22
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd0be942-f345-4da4-974e-a9fe16b90b3c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9083
x-amzn-requestid: fda71fd3-ef25-4a63-94ae-1bfc8aef8d14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZXD2H0DIAMFjrg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a054b-198915fc17ce3dab571b7575;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:40:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _JxPe8uPQIgRKoJxtJAKjXpVy1hCW0rFcs8K_erJOHbVNpw339Pz6w==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:45:27 GMT
age: 1904
etag: "8118ee462077c291b9d6f1402b85b55a9ceba8c2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9083
Md5:    523edd86af4757d0bc5fa5b3b8a3596a
Sha1:   8118ee462077c291b9d6f1402b85b55a9ceba8c2
Sha256: c27de9970317636df8c4a517a9ed38e573235b351bf92c9b8bb1f964cd100031
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98a090b5-0736-4ddd-b6ca-3c76661e7051.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8158
x-amzn-requestid: 424c8c6c-7075-4ace-97e6-2b0a609d1b7e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZXDxGRlIAMFZrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a054b-046d963a345c15e81dc74e4d;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:40:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: AM8Ox9ObWGoXI-QnnoI7QkY5mOh8j6xBPetTrhyVktVO40ekk4X2Eg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:45:27 GMT
age: 1904
etag: "3fc3aeae907a0ce0db21753c67c1000681e48b8e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8158
Md5:    721a8d8f94c3796abf021978fcdbc831
Sha1:   3fc3aeae907a0ce0db21753c67c1000681e48b8e
Sha256: cb497b15e7c2e49930b99f8d6659f0394acefb7b11613ca04397ee782dac759d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 04:41:00 GMT
age: 63371
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6315
Md5:    206fb65e75dbadf119512f71e0b78402
Sha1:   58ff0bf8ce7528b303d28bab01a80ad721705569
Sha256: 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faca14744-6a37-4b92-bc31-53527a78d6be.avif HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 400 Bad Request
content-type: application/json
                                        
server: nginx
date: Sun, 02 Oct 2022 22:17:11 GMT
content-length: 3
x-amzn-requestid: 68620b3f-6ab4-44b0-839a-1407ff52472d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZcVvGZToAMFubg=
cache-control: max-age=120,public
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a0dbe-4aa380a934d7685117a3bfab;Sampled=0
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Error from cloudfront
x-amz-cf-id: a6M9cGanF7HZ_tPGlACrt7MqngU-8B2r4a6aq7LCIX5BsvZTea1W4A==
age: 11
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   3
Md5:    fcc3d7489d15ef49dbbf735234234cf7
Sha1:   654e0aaee80e38636c503629d32225db31a616de
Sha256: 52109349dabf69106e04ec2f493fb8b6ade94ea100227cccce6559ab8b96553f
                                        
                                            GET /direct?url=https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faca14744-6a37-4b92-bc31-53527a78d6be.avif&resize=w450 HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: application/x-empty; charset=binary
                                        
server: nginx
content-length: 1
x-amzn-requestid: e07bcab1-4238-4f19-bd9f-5c13df7d377f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWamH3tIAMFzbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a0443-074d95046d062c2475ab5efb;Sampled=0
x-amzn-remapped-date:
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5YU9gPtzbBt1JHoOo05mPgE4n4VPzMcFzGczDf49M3vsULsxlD_4oQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:42:47 GMT
age: 2064
etag:
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    7215ee9c7d9dc229d2921a40e899ec5f
Sha1:   b858cb282617fb0956d960215c8e84d1ccf909c6
Sha256: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
                                        
                                            GET /css?family=Open+Sans:300,400,700&av=9ec570bf HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://a3o.onlinewhitepaper.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 02 Oct 2022 22:17:08 GMT
date: Sun, 02 Oct 2022 22:17:08 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&av=9ec570bf HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://a3o.onlinewhitepaper.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 02 Oct 2022 22:17:09 GMT
date: Sun, 02 Oct 2022 22:17:09 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---