igniteafterschool.org/m3
301 Moved Permanently 162 B IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Phishing
GET /m3 HTTP/1.1
Host: igniteafterschool.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Location: https://igniteafterschool.org/m3
Server: nginx
X-Pantheon-Styx-Hostname: styx-fe1-b-5f7bdb8576-db55z
X-Styx-Req-Id: 4c90bf08-a765-11ed-99fc-e28955579f12
Cache-Control: public, max-age=86400
Date: Wed, 08 Feb 2023 04:01:43 GMT
X-Served-By: cache-chi-kigq8000078-CHI, cache-bma1625-BMA
X-Cache: MISS, MISS
X-Cache-Hits: 0, 0
X-Timer: S1675828904.582563,VS0,VE127
Vary: Cookie, Cookie
Age: 0
Accept-Ranges: bytes
Via: 1.1 varnish, 1.1 varnish
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13621
Expires: Wed, 08 Feb 2023 07:48:44 GMT
Date: Wed, 08 Feb 2023 04:01:43 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dca68db7aea32f6683ce8d542c078f04
19c495238df74fca680e21f18627ff94de5dd2e5
35cab3987fc0e4a41b305cb208c1e33fa38ce8bdfd9f386c3dc0411dd4d5ac61
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35CAB3987FC0E4A41B305CB208C1E33FA38CE8BDFD9F386C3DC0411DD4D5AC61"
Last-Modified: Mon, 06 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5281
Expires: Wed, 08 Feb 2023 05:29:44 GMT
Date: Wed, 08 Feb 2023 04:01:43 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3497
Expires: Wed, 08 Feb 2023 05:00:00 GMT
Date: Wed, 08 Feb 2023 04:01:43 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 08 Feb 2023 03:36:34 GMT
content-type: application/json
age: 1509
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ltdnpqm2zbRwWI05/a1sljYRL+gBT4QCNICG1o5Hx4m6wSE7ZdcZAnwDdbQuYv96PVgdKB3hFFo=
x-amz-request-id: DEBKE5BDZ7BS2354
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 08 Feb 2023 03:35:46 GMT
age: 1557
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 04:01:43 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
igniteafterschool.org/m3
200 OK 10 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2607)
Hash 2374303a9dacd6a203c5e834a889d467
7eb11b7597d2f5d5d13feaa42c5280e29900c609
2022adb7d445c39da68430411dc4ae6cc92bceaff10f279946477c890439bca3
Analyzer Verdict Alert fortinet Phishing
GET /m3 HTTP/1.1
Host: igniteafterschool.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
cache-control: max-age=900, public
content-encoding: gzip
content-language: en
content-type: text/html; charset=UTF-8
etag: W/"1675299477"
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Thu, 02 Feb 2023 00:57:57 GMT
server: nginx
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-drupal-cache: HIT
x-drupal-dynamic-cache: UNCACHEABLE
x-frame-options: SAMEORIGIN
x-generator: Drupal 9 (https://www.drupal.org)
x-pantheon-styx-hostname: styx-fe1-b-5f7bdb8576-t4jhf
x-styx-req-id: 479becd1-a765-11ed-9fb9-02773a3995d9
x-ua-compatible: IE=edge
date: Wed, 08 Feb 2023 04:01:43 GMT
x-served-by: cache-chi-kigq8000037-CHI, cache-bma1640-BMA
x-cache: HIT, MISS
x-cache-hits: 2, 0
x-timer: S1675828904.881632,VS0,VE110
vary: Accept-Encoding, Cookie, Cookie, Cookie
age: 9
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 10150
X-Firefox-Spdy: h2
igniteafterschool.org/sites/default/files/js/js_AcLYa1TPGPu5_X4g0CGe34HX1woOGOzDsp05bfBBFs4.js
200 OK 125 kB URL HTTP/2 igniteafterschool.org/sites/default/files/js/js_AcLYa1TPGPu5_X4g0CGe34HX1woOGOzDsp05bfBBFs4.js
IP
File type ASCII text, with very long lines (65447)
Size 125 kB (124956 bytes)
Hash f1c02cf63210a821ca26d48c354168b5
afb2204f61fd43e85fa89e7c8110987f87c403da
7927d2d86a5c7f15d447371517bb4b950f1503fea140cf2aade8355bc9bce0ce
Analyzer Verdict Alert fortinet Phishing
GET /sites/default/files/js/js_AcLYa1TPGPu5_X4g0CGe34HX1woOGOzDsp05bfBBFs4.js HTTP/1.1
Host: igniteafterschool.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igniteafterschool.org/m3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31622400
content-encoding: gzip
content-type: application/x-javascript
etag: W/"63dab326-5c6fc"
expires: Fri, 02 Feb 2024 19:22:06 GMT
last-modified: Wed, 01 Feb 2023 18:44:54 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe1-b-85db446999-87drl
x-styx-req-id: b6aee506-a265-11ed-b1bb-3a6896f3a7c3
date: Wed, 08 Feb 2023 04:01:44 GMT
x-served-by: cache-chi-klot8100154-CHI, cache-bma1640-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1675828904.134391,VS0,VE11
vary: Accept-Encoding
age: 549578
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 124956
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ed3f32fef9b843f5511bb882c0a38358
a1a60921f7cb6ab14b645c77bb7d77c20b8201ef
9a4b9e269aa66258c1d9b10fb1af899a3e669de3e244dcfd843a0bce87646f8e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 04:01:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-111365247-1
200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-111365247-1
IP
File type ASCII text, with very long lines (1759)
Hash 69690d9a6344ecbb26e20048bb7d8bd6
da9b143e6bfe7569a6100fc9a17df90272c53d6b
ce5e7d9352059220e5c3d4e001276b39ed6e8711a0b2a456409168c198875f89
GET /gtag/js?id=UA-111365247-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igniteafterschool.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 Feb 2023 04:01:44 GMT
expires: Wed, 08 Feb 2023 04:01:44 GMT
cache-control: private, max-age=900
last-modified: Wed, 08 Feb 2023 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44058
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
igniteafterschool.org/sites/default/files/css/css_lU-BYEswwRhy2_8QZVToGP990415Ooh1kSvworIyXbQ.css
200 OK 11 kB URL HTTP/2 igniteafterschool.org/sites/default/files/css/css_lU-BYEswwRhy2_8QZVToGP990415Ooh1kSvworIyXbQ.css
IP
File type troff or preprocessor input text\012- assembler source, ASCII text, with very long lines (47329)
Hash f2c39d63a95c2f82d3af83c17f70fe35
5de3994d87d28d15214332f50df07b593d1cf0b3
cd37ca48cd9f5d22a0c797a9db175231cbcc08dc4f4a8cdec5d2cf9d5877af41
GET /sites/default/files/css/css_lU-BYEswwRhy2_8QZVToGP990415Ooh1kSvworIyXbQ.css HTTP/1.1
Host: igniteafterschool.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igniteafterschool.org/m3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31622400
content-encoding: gzip
content-type: text/css
etag: W/"63c9a248-ce98"
expires: Sat, 20 Jan 2024 20:53:20 GMT
last-modified: Thu, 19 Jan 2023 20:04:24 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe1-b-7d6c958ff9-8k4vm
x-styx-req-id: 4e72e287-983b-11ed-9512-e2a1539b7370
date: Wed, 08 Feb 2023 04:01:44 GMT
x-served-by: cache-chi-klot8100107-CHI, cache-bma1640-BMA
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-timer: S1675828904.133948,VS0,VE106
vary: Accept-Encoding
age: 549578
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 10559
X-Firefox-Spdy: h2
igniteafterschool.org/sites/default/files/css/css_7osFkLJzicQQR1lVZEpdHwJvhq1WVmhQy1NVyUBu7Wg.css
200 OK 56 kB URL HTTP/2 igniteafterschool.org/sites/default/files/css/css_7osFkLJzicQQR1lVZEpdHwJvhq1WVmhQy1NVyUBu7Wg.css
IP
File type ASCII text, with very long lines (39345)
Hash 294f3f8466d1f34616f05e932802b9ef
a24020d485e0c8f703015ccff261448a08968758
e56708bc815e0d4103c091df81f3683190dc93b9b3d227eb4b6a3a06bedc4859
GET /sites/default/files/css/css_7osFkLJzicQQR1lVZEpdHwJvhq1WVmhQy1NVyUBu7Wg.css HTTP/1.1
Host: igniteafterschool.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igniteafterschool.org/m3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31622400
content-encoding: gzip
content-type: text/css
etag: W/"63c99929-629bd"
expires: Fri, 26 Jan 2024 18:36:50 GMT
last-modified: Thu, 19 Jan 2023 19:25:29 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe1-b-698cbcc5cb-8j2rs
x-styx-req-id: 3b0a5c93-9cdf-11ed-a4d2-7a1dd2dda4c8
date: Wed, 08 Feb 2023 04:01:44 GMT
x-served-by: cache-chi-klot8100058-CHI, cache-bma1640-BMA
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-timer: S1675828904.134093,VS0,VE106
vary: Accept-Encoding
age: 549578
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 55876
X-Firefox-Spdy: h2
igniteafterschool.org/themes/ignite_theme/logo.svg
200 OK 1.8 kB URL HTTP/2 igniteafterschool.org/themes/ignite_theme/logo.svg
IP
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 22f3723bf376744e69e10b6eae660cc8
54c03e6ec67b5c65d529d155592edd7a876ea929
a5169aab906d5a12c5a7a462af67be29c2a04ad6ad05f8df4a2d617a768827d0
Analyzer Verdict Alert fortinet Phishing
GET /themes/ignite_theme/logo.svg HTTP/1.1
Host: igniteafterschool.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igniteafterschool.org/m3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: max-age=31622400
content-encoding: gzip
content-type: image/svg+xml
etag: W/"63dab301-fbb"
expires: Fri, 02 Feb 2024 19:22:05 GMT
last-modified: Wed, 01 Feb 2023 18:44:17 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe1-b-85db446999-n8478
x-styx-req-id: b6af60f2-a265-11ed-97dc-6e4f118c1c25
date: Wed, 08 Feb 2023 04:01:44 GMT
x-served-by: cache-chi-kigq8000034-CHI, cache-bma1640-BMA
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-timer: S1675828904.134305,VS0,VE124
vary: Accept-Encoding
age: 549578
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 1782
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8d5417d247d259e3c0186136b83d9f75
49fbcf99a352669aee2559579ef73fa60f46d38d
3c013921158ec27e44d5e80a5108557de80a27f38089ac3a52c6c1cf5636f585
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 04:01:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/s/player/97ea7458/www-player.css
200 OK 50 kB URL HTTP/2 www.youtube.com/s/player/97ea7458/www-player.css
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 06da032848dee0d02f299eb5d9d0b47b
9328ede00a7daa3c3af4e9a745b2f288a89985e1
1b4032e39d4869ac4d51be6750760b10108ce5d47c357fec81c66dbc90578601
GET /s/player/97ea7458/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/STYH_fx2uqw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49954
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 12:54:19 GMT
expires: Wed, 07 Feb 2024 12:54:19 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 01 Feb 2023 01:21:00 GMT
content-type: text/css
age: 54445
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ed3f32fef9b843f5511bb882c0a38358
a1a60921f7cb6ab14b645c77bb7d77c20b8201ef
9a4b9e269aa66258c1d9b10fb1af899a3e669de3e244dcfd843a0bce87646f8e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 04:01:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Expires, Pragma, Retry-After, Last-Modified, ETag, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 08 Feb 2023 03:14:52 GMT
age: 2812
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.youtube.com/s/player/97ea7458/www-embed-player.vflset/www-embed-player.js
200 OK 110 kB URL HTTP/2 www.youtube.com/s/player/97ea7458/www-embed-player.vflset/www-embed-player.js
IP
File type ASCII text, with very long lines (679)
Size 110 kB (110070 bytes)
Hash ebe79d652346a39f78ba70ecfb911269
b996db460e2862473018d11947ac7711bc8ca537
445ae1b45376bf82466aa698c16011ea0781d16f3e25653713d935a9bc39fda9
GET /s/player/97ea7458/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/STYH_fx2uqw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 110070
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 15:52:28 GMT
expires: Thu, 01 Feb 2024 15:52:28 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 01 Feb 2023 01:21:00 GMT
content-type: text/javascript
age: 562156
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/embed/STYH_fx2uqw
200 OK 31 kB URL HTTP/2 www.youtube.com/embed/STYH_fx2uqw
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (58608)
Hash c578ee4fbeed57d90ac9313354a84150
f38533e1a7f5195ec3c24cae0df0474126c08aa4
ff50e33ec468199e77027f32f5efa4f3b73d4cdfdd8929b0465c4b940c032002
GET /embed/STYH_fx2uqw HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igniteafterschool.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 08 Feb 2023 04:01:44 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=mMculHQtYkM; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TnpZek1ETXpOemcyT0Rrek5qQTRNdz09EKi9jJ8GGKi9jJ8G; Domain=.youtube.com; Expires=Mon, 07-Aug-2023 04:01:44 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=rYerwXM2L3Y; Domain=.youtube.com; Expires=Mon, 07-Aug-2023 04:01:44 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+179; expires=Fri, 07-Feb-2025 04:01:44 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
brick.a.ssl.fastly.net/Roboto+Slab:400,700,900/Roboto:300,400,500,700
200 OK 222 B URL HTTP/1.1 brick.a.ssl.fastly.net/Roboto+Slab:400,700,900/Roboto:300,400,500,700
IP
File type ASCII text, with very long lines (989), with no line terminators
Hash ef52cb03612ca11262c486dc9cade751
59603e60323f12c4da80650989c9491a93017914
74b4230dd0035fd9fd884b7baebd46547c42d9646de4f66558af6265292e164e
GET /Roboto+Slab:400,700,900/Roboto:300,400,500,700 HTTP/1.1
Host: brick.a.ssl.fastly.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igniteafterschool.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 222
Cache-Control: public, max-age=2628000
Content-Type: text/css
Expires: Fri, 10 Mar 2023 14:01:44 UTC
Last-Modified: Sun, 10 Jun 2018 00:27:42 UTC
Pragma: Public
Server: Brick
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Wed, 08 Feb 2023 04:01:44 GMT
Via: 1.1 varnish
Age: 0
X-Served-By: cache-bma1620-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1675828904.187071,VS0,VE312
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8585
Expires: Wed, 08 Feb 2023 06:24:49 GMT
Date: Wed, 08 Feb 2023 04:01:44 GMT
Connection: keep-alive
brick.freetls.fastly.net/fonts/roboto/300.woff
200 OK 129 kB URL HTTP/2 brick.freetls.fastly.net/fonts/roboto/300.woff
IP
File type Web Open Font Format, CFF, length 128632, version 2.980\012- data
Size 129 kB (128632 bytes)
Hash ba10d8287db7b653df95bc4ba857c6b9
f9bbf593f99f7fe93de40064052f2241952babc7
215f3d14936e6e1d3dc7ede5779890910977a95cb0c4f8a578515f65977134d4
GET /fonts/roboto/300.woff HTTP/1.1
Host: brick.freetls.fastly.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://igniteafterschool.org
Connection: keep-alive
Referer: https://brick.a.ssl.fastly.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff
last-modified: Sun, 10 Jun 2018 00:23:25 GMT
etag: "5b1c6f7d-1f678"
expires: Wed, 31 Jan 2024 05:42:35 GMT
cache-control: max-age=31536000
accept-ranges: bytes
date: Wed, 08 Feb 2023 04:01:44 GMT
via: 1.1 varnish
age: 685149
x-served-by: cache-bma1676-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1675828905.637816,VS0,VE1
access-control-allow-origin: *
content-length: 128632
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 3f3962ef574ee0069c41f7cbcabd1ef3
c4b6aefa8563432c5e5901488c38ae7da3c83fd7
9518b917cc6f0b1724d687d6aac4d8c1851d46949eeb4926acdb26a84728fdc0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 04:01:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
igniteafterschool.org/themes/ignite_theme/images/repeating-gridline-gray.svg
200 OK 382 B URL HTTP/2 igniteafterschool.org/themes/ignite_theme/images/repeating-gridline-gray.svg
IP
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash af7f180244f900d4a02042114518be57
c6d475aa0022af5fc2ede0efb02e3372275a9bae
dc2e0e7f9b2fb39a5380ee85aa8724427828e0f7236a2394b81bb5c1fe6da519
Analyzer Verdict Alert fortinet Phishing
GET /themes/ignite_theme/images/repeating-gridline-gray.svg HTTP/1.1
Host: igniteafterschool.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igniteafterschool.org/sites/default/files/css/css_7osFkLJzicQQR1lVZEpdHwJvhq1WVmhQy1NVyUBu7Wg.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: max-age=31622400
content-encoding: gzip
content-type: image/svg+xml
etag: W/"63dab301-232"
expires: Fri, 02 Feb 2024 18:53:24 GMT
last-modified: Wed, 01 Feb 2023 18:44:17 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe1-b-85db446999-n8478
x-styx-req-id: b4bf63d6-a261-11ed-97dc-6e4f118c1c25
date: Wed, 08 Feb 2023 04:01:44 GMT
x-served-by: cache-chi-klot8100052-CHI, cache-bma1640-BMA
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-timer: S1675828905.562551,VS0,VE106
vary: Accept-Encoding
age: 551300
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 382
X-Firefox-Spdy: h2
brick.freetls.fastly.net/fonts/roboto/500.woff
200 OK 128 kB URL HTTP/2 brick.freetls.fastly.net/fonts/roboto/500.woff
IP
File type Web Open Font Format, CFF, length 127960, version 2.980\012- data
Size 128 kB (127960 bytes)
Hash 0f5cabf9affc860bffaf93b94fadf43c
b5225c60203489a19b004d81fc7088b7b74bbfc4
5991170be27796ccb56250bc71630a5a8339920b94feca53a0486f6bb987c2c9
GET /fonts/roboto/500.woff HTTP/1.1
Host: brick.freetls.fastly.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://igniteafterschool.org
Connection: keep-alive
Referer: https://brick.a.ssl.fastly.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff
last-modified: Sun, 10 Jun 2018 00:23:25 GMT
etag: "5b1c6f7d-1f3d8"
expires: Thu, 25 Jan 2024 07:28:06 GMT
cache-control: max-age=31536000
accept-ranges: bytes
date: Wed, 08 Feb 2023 04:01:44 GMT
via: 1.1 varnish
age: 1197218
x-served-by: cache-bma1676-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1675828905.638557,VS0,VE1
access-control-allow-origin: *
content-length: 127960
X-Firefox-Spdy: h2
igniteafterschool.org/themes/ignite_theme/images/doodles/arrow.svg
200 OK 631 B URL HTTP/2 igniteafterschool.org/themes/ignite_theme/images/doodles/arrow.svg
IP
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a509cb6c002e5c85dca5105e6847d649
724d5c3e7fbb7842fe5300f12742ffdcfb159bd2
22c44949178c0ee81cabdf98adf7c33ff4060119d7ffc19b265ee61565da9de0
Analyzer Verdict Alert fortinet Phishing
GET /themes/ignite_theme/images/doodles/arrow.svg HTTP/1.1
Host: igniteafterschool.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igniteafterschool.org/sites/default/files/css/css_7osFkLJzicQQR1lVZEpdHwJvhq1WVmhQy1NVyUBu7Wg.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: max-age=31622400
content-encoding: gzip
content-type: image/svg+xml
etag: W/"63dab301-401"
expires: Fri, 02 Feb 2024 19:22:06 GMT
last-modified: Wed, 01 Feb 2023 18:44:17 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe1-b-85db446999-2rl8c
x-styx-req-id: b6dfd7b2-a265-11ed-93ee-86ed2a45be3c
date: Wed, 08 Feb 2023 04:01:44 GMT
x-served-by: cache-chi-klot8100082-CHI, cache-bma1640-BMA
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-timer: S1675828905.568715,VS0,VE105
vary: Accept-Encoding
age: 549578
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 631
X-Firefox-Spdy: h2
brick.freetls.fastly.net/fonts/robotoslab/700.woff
200 OK 91 kB URL HTTP/2 brick.freetls.fastly.net/fonts/robotoslab/700.woff
IP
File type Web Open Font Format, TrueType, length 91236, version 1.-30809\012- data
Hash 055cf7be3a4566b44e78a91539d56111
dd1ae2e0684bb9c12929307b22ed29c70eb5c624
b3fd5377364d93864a1d5eb3d46ed5e3a3ae52f73c17b423304556ca1f132fb8
GET /fonts/robotoslab/700.woff HTTP/1.1
Host: brick.freetls.fastly.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://igniteafterschool.org
Connection: keep-alive
Referer: https://brick.a.ssl.fastly.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff
last-modified: Sun, 10 Jun 2018 00:23:25 GMT
etag: "5b1c6f7d-16464"
expires: Fri, 02 Feb 2024 12:37:11 GMT
cache-control: max-age=31536000
accept-ranges: bytes
date: Wed, 08 Feb 2023 04:01:44 GMT
via: 1.1 varnish
age: 487473
x-served-by: cache-bma1676-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1675828905.639462,VS0,VE1
access-control-allow-origin: *
content-length: 91236
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 Feb 2023 17:20:45 GMT
expires: Tue, 06 Feb 2024 17:20:45 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 124859
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
brick.freetls.fastly.net/fonts/roboto/400.woff
200 OK 126 kB URL HTTP/2 brick.freetls.fastly.net/fonts/roboto/400.woff
IP
File type Web Open Font Format, CFF, length 125676, version 2.980\012- data
Size 126 kB (125676 bytes)
Hash 3e5325babcf99a59302e247d9cb52e4d
0b76a78936b9654e37b4a77bf32f7a5fa5adcf4e
46c31b2341a23c784d7f5e224651002ffcc75b88ea8a27693e4e0367cfd2cc9e
GET /fonts/roboto/400.woff HTTP/1.1
Host: brick.freetls.fastly.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://igniteafterschool.org
Connection: keep-alive
Referer: https://brick.a.ssl.fastly.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff
last-modified: Sun, 10 Jun 2018 00:23:25 GMT
etag: "5b1c6f7d-1eaec"
expires: Tue, 06 Feb 2024 23:05:12 GMT
cache-control: max-age=31536000
accept-ranges: bytes
date: Wed, 08 Feb 2023 04:01:44 GMT
via: 1.1 varnish
age: 104192
x-served-by: cache-bma1676-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1675828905.644603,VS0,VE1
access-control-allow-origin: *
content-length: 125676
X-Firefox-Spdy: h2
brick.freetls.fastly.net/fonts/roboto/700.woff
200 OK 127 kB URL HTTP/2 brick.freetls.fastly.net/fonts/roboto/700.woff
IP
File type Web Open Font Format, CFF, length 127260, version 2.980\012- data
Size 127 kB (127260 bytes)
Hash af89041ca6d1f95bdce00bfc0a2a8b52
320baa98ab5b75d42279b362d817bff192f7f9a5
9b7d8b7210e1247b64f05e80a4d7b613906b2550d3683fe8f2c1cb5f9b37686a
GET /fonts/roboto/700.woff HTTP/1.1
Host: brick.freetls.fastly.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://igniteafterschool.org
Connection: keep-alive
Referer: https://brick.a.ssl.fastly.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/font-woff
last-modified: Sun, 10 Jun 2018 00:23:25 GMT
etag: "5b1c6f7d-1f11c"
expires: Wed, 31 Jan 2024 03:02:51 GMT
cache-control: max-age=31536000
accept-ranges: bytes
date: Wed, 08 Feb 2023 04:01:44 GMT
via: 1.1 varnish
age: 694733
x-served-by: cache-bma1676-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1675828905.640075,VS0,VE1
access-control-allow-origin: *
content-length: 127260
X-Firefox-Spdy: h2
igniteafterschool.org/themes/ignite_theme/images/390-mail3.svg
200 OK 421 B URL HTTP/2 igniteafterschool.org/themes/ignite_theme/images/390-mail3.svg
IP
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (385)
Hash f5985fe0b814bf33730b49c8a587527e
1142703ecce0ed7f354cbdd230774b7812527383
20cb365e0119d9b4b1d9c2ed1fd51c436cd0e29bdc6cc3d8d1d5321f0d846552
Analyzer Verdict Alert fortinet Phishing
GET /themes/ignite_theme/images/390-mail3.svg HTTP/1.1
Host: igniteafterschool.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igniteafterschool.org/sites/default/files/css/css_7osFkLJzicQQR1lVZEpdHwJvhq1WVmhQy1NVyUBu7Wg.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: max-age=31622400
content-encoding: gzip
content-type: image/svg+xml
etag: W/"63dab301-2c1"
expires: Fri, 02 Feb 2024 19:22:06 GMT
last-modified: Wed, 01 Feb 2023 18:44:17 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe1-b-85db446999-n8478
x-styx-req-id: b6e01688-a265-11ed-97dc-6e4f118c1c25
date: Wed, 08 Feb 2023 04:01:44 GMT
x-served-by: cache-chi-klot8100119-CHI, cache-bma1640-BMA
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-timer: S1675828905.570138,VS0,VE104
vary: Accept-Encoding
age: 549578
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 421
X-Firefox-Spdy: h2
igniteafterschool.org/themes/ignite_theme/images/doodles/scribble.svg
200 OK 816 B URL HTTP/2 igniteafterschool.org/themes/ignite_theme/images/doodles/scribble.svg
IP
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e5fa1fb7351b9080b0342f79268f9da2
f72f230ed41da29de7483c0eb5378e0685d125c6
21ef87d2ce4374400832cfb1a636cad86893f81d0195858a3748926e13de0b73
Analyzer Verdict Alert fortinet Phishing
GET /themes/ignite_theme/images/doodles/scribble.svg HTTP/1.1
Host: igniteafterschool.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igniteafterschool.org/sites/default/files/css/css_7osFkLJzicQQR1lVZEpdHwJvhq1WVmhQy1NVyUBu7Wg.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: max-age=31622400
content-encoding: gzip
content-type: image/svg+xml
etag: W/"63dab301-577"
expires: Fri, 02 Feb 2024 19:22:06 GMT
last-modified: Wed, 01 Feb 2023 18:44:17 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe1-b-85db446999-2rl8c
x-styx-req-id: b6e00e4c-a265-11ed-93ee-86ed2a45be3c
date: Wed, 08 Feb 2023 04:01:44 GMT
x-served-by: cache-chi-kigq8000155-CHI, cache-bma1640-BMA
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-timer: S1675828905.571053,VS0,VE104
vary: Accept-Encoding
age: 549578
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 816
X-Firefox-Spdy: h2
igniteafterschool.org/themes/ignite_theme/images/doodles/quote-bubble.svg
200 OK 995 B URL HTTP/2 igniteafterschool.org/themes/ignite_theme/images/doodles/quote-bubble.svg
IP
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 1c209d9bddff380df28e2a95a3c5901c
e2e7325c6d50e87da4a8bcc150c407196e05c333
f28539912f4026616347b4bdabef5ef3f3aafa0bfbdc99fef3a4d70d9529da70
Analyzer Verdict Alert fortinet Phishing
GET /themes/ignite_theme/images/doodles/quote-bubble.svg HTTP/1.1
Host: igniteafterschool.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igniteafterschool.org/sites/default/files/css/css_7osFkLJzicQQR1lVZEpdHwJvhq1WVmhQy1NVyUBu7Wg.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: max-age=31622400
content-encoding: gzip
content-type: image/svg+xml
etag: W/"63dab301-6a1"
expires: Fri, 02 Feb 2024 19:22:06 GMT
last-modified: Wed, 01 Feb 2023 18:44:17 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe1-a-7cf67848f-vqhjn
x-styx-req-id: b6e0b05a-a265-11ed-80dc-42cc9a85c389
date: Wed, 08 Feb 2023 04:01:44 GMT
x-served-by: cache-chi-klot8100068-CHI, cache-bma1640-BMA
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-timer: S1675828905.572774,VS0,VE104
vary: Accept-Encoding
age: 549578
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 995
X-Firefox-Spdy: h2
igniteafterschool.org/themes/ignite_theme/images/407-twitter.svg
200 OK 620 B URL HTTP/2 igniteafterschool.org/themes/ignite_theme/images/407-twitter.svg
IP
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (749)
Hash 18530de31216e016a4fc06c857ddae6a
ddb0f8d8c894bc39b052fe136effb19262de4b9d
ec0a6401561168ab0def814e30ac834c9ce9844dc546abdb65652efc3f9f4b61
Analyzer Verdict Alert fortinet Phishing
GET /themes/ignite_theme/images/407-twitter.svg HTTP/1.1
Host: igniteafterschool.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igniteafterschool.org/sites/default/files/css/css_7osFkLJzicQQR1lVZEpdHwJvhq1WVmhQy1NVyUBu7Wg.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: max-age=31622400
content-encoding: gzip
content-type: image/svg+xml
etag: W/"63dab301-42d"
expires: Fri, 02 Feb 2024 19:22:06 GMT
last-modified: Wed, 01 Feb 2023 18:44:17 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe1-a-7cf67848f-jxjbl
x-styx-req-id: b6e04314-a265-11ed-89e3-2aee60edd385
date: Wed, 08 Feb 2023 04:01:44 GMT
x-served-by: cache-chi-kigq8000043-CHI, cache-bma1640-BMA
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-timer: S1675828905.575852,VS0,VE104
vary: Accept-Encoding
age: 549578
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 620
X-Firefox-Spdy: h2
igniteafterschool.org/themes/ignite_theme/images/401-facebook.svg
200 OK 329 B URL HTTP/2 igniteafterschool.org/themes/ignite_theme/images/401-facebook.svg
IP
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 61ad77118bbc67e854585d804866131d
c2ed133fc11ce502679e84557da8413961fd5c3b
12f5207b8aff0cf01ecbec861652469d727b02df68d2468cb6f8f812d796f316
Analyzer Verdict Alert fortinet Phishing
GET /themes/ignite_theme/images/401-facebook.svg HTTP/1.1
Host: igniteafterschool.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igniteafterschool.org/sites/default/files/css/css_7osFkLJzicQQR1lVZEpdHwJvhq1WVmhQy1NVyUBu7Wg.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: max-age=31622400
content-encoding: gzip
content-type: image/svg+xml
etag: W/"63dab301-1c8"
expires: Fri, 02 Feb 2024 19:22:06 GMT
last-modified: Wed, 01 Feb 2023 18:44:17 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe1-b-85db446999-6xgx4
x-styx-req-id: b6dfdc90-a265-11ed-b15c-ee7b8300b1ac
date: Wed, 08 Feb 2023 04:01:44 GMT
x-served-by: cache-chi-kigq8000168-CHI, cache-bma1640-BMA
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-timer: S1675828905.571868,VS0,VE135
vary: Accept-Encoding
age: 549578
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 329
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 3f3962ef574ee0069c41f7cbcabd1ef3
c4b6aefa8563432c5e5901488c38ae7da3c83fd7
9518b917cc6f0b1724d687d6aac4d8c1851d46949eeb4926acdb26a84728fdc0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 04:01:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 21:48:03 GMT
expires: Fri, 02 Feb 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 454421
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
igniteafterschool.org/sites/default/files/styles/small_banner/public/2017-12/M3%20Logo%20600x600.jpg?itok=g002xABz
200 OK 21 kB URL HTTP/2 igniteafterschool.org/sites/default/files/styles/small_banner/public/2017-12/M3%20Logo%20600x600.jpg?itok=g002xABz
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, xresolution=98, yresolution=106, resolutionunit=2, software=paint.net 4.0.19], baseline, precision 8, 480x480, components 3\012- data
Hash 8eda6b53d00c19e83b09559a41ce542d
60b2ee359dc78c31a793f32427f67294977e07cd
db5d0027c5bafe3c290d54f27769fc3c8c06a7506407b2ea0e879675e8126b32
Analyzer Verdict Alert fortinet Phishing
GET /sites/default/files/styles/small_banner/public/2017-12/M3%20Logo%20600x600.jpg?itok=g002xABz HTTP/1.1
Host: igniteafterschool.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igniteafterschool.org/m3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31622400
content-type: image/jpeg
etag: "5dfd648b-532e"
expires: Fri, 26 Jan 2024 20:05:03 GMT
last-modified: Sat, 21 Dec 2019 00:17:15 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe1-a-b4c459988-t29xl
x-styx-req-id: 8e660b6c-9ceb-11ed-8ea7-868cb9bb9b41
date: Wed, 08 Feb 2023 04:01:44 GMT
x-served-by: cache-chi-kigq8000026-CHI, cache-bma1640-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1675828905.621841,VS0,VE104
age: 515735
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 21294
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 3f3962ef574ee0069c41f7cbcabd1ef3
c4b6aefa8563432c5e5901488c38ae7da3c83fd7
9518b917cc6f0b1724d687d6aac4d8c1851d46949eeb4926acdb26a84728fdc0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 04:01:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
igniteafterschool.org/sites/default/files/styles/paragraph_image/public/2020-12/M3%20Overview.png?itok=Edwi2Y1A
200 OK 92 kB URL HTTP/2 igniteafterschool.org/sites/default/files/styles/paragraph_image/public/2020-12/M3%20Overview.png?itok=Edwi2Y1A
IP
File type PNG image data, 300 x 388, 8-bit/color RGBA, non-interlaced\012- data
Hash c078a902e09ab843b41e99a3940e5608
59a2ff569126ef0fea44a7d196a298b87deda7d0
f3e79f9bd29d97200f18b3e19754dd1c2ada91f4f76827b63385cf50a7c05baf
Analyzer Verdict Alert fortinet Phishing
GET /sites/default/files/styles/paragraph_image/public/2020-12/M3%20Overview.png?itok=Edwi2Y1A HTTP/1.1
Host: igniteafterschool.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igniteafterschool.org/m3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31622400
content-type: image/png
etag: "5fc7dd5f-1656a"
expires: Sat, 27 Jan 2024 21:44:57 GMT
last-modified: Wed, 02 Dec 2020 18:30:55 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe1-a-7566df5b84-rz7gg
x-styx-req-id: ad53f06f-9dc2-11ed-bf0d-3e13e2c8f029
date: Wed, 08 Feb 2023 04:01:44 GMT
x-served-by: cache-chi-kigq8000108-CHI, cache-bma1640-BMA
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-timer: S1675828905.622168,VS0,VE107
age: 515735
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 91498
X-Firefox-Spdy: h2
igniteafterschool.org/themes/ignite_theme/favicons/apple-touch-icon.png
200 OK 4.9 kB URL HTTP/2 igniteafterschool.org/themes/ignite_theme/favicons/apple-touch-icon.png
IP
File type PNG image data, 180 x 180, 8-bit/color RGB, non-interlaced\012- data
Hash 8e60c41b1c7f0cb134e4a64a06fcd650
4d52a0d11948311a4bccdaab2d19396995e13d32
bcdca6a63db2362f93bb7eb5b11fcce0b29ce1e55279ab9eb06cf56c17366a85
GET /themes/ignite_theme/favicons/apple-touch-icon.png HTTP/1.1
Host: igniteafterschool.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igniteafterschool.org/m3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31622400
content-type: image/png
etag: "63dab301-131f"
expires: Fri, 02 Feb 2024 18:47:53 GMT
last-modified: Wed, 01 Feb 2023 18:44:17 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe1-b-85db446999-87drl
x-styx-req-id: efa2a7cf-a260-11ed-b1bb-3a6896f3a7c3
date: Wed, 08 Feb 2023 04:01:44 GMT
x-served-by: cache-chi-kigq8000046-CHI, cache-bma1640-BMA
x-cache: HIT, MISS
x-cache-hits: 8, 0
x-timer: S1675828905.746631,VS0,VE103
age: 542276
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 4895
X-Firefox-Spdy: h2
igniteafterschool.org/themes/ignite_theme/favicons/favicon-16x16.png
200 OK 972 B URL HTTP/2 igniteafterschool.org/themes/ignite_theme/favicons/favicon-16x16.png
IP
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash b6204f97f8a1e1e8218578b89c67ea50
45a0da1205c03d92242605c3b3bfa9a3e25e0f93
468daf752d3d3500f4ea50b715dbc03fb56232770dd1993a721ec802fadd73b6
GET /themes/ignite_theme/favicons/favicon-16x16.png HTTP/1.1
Host: igniteafterschool.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igniteafterschool.org/m3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31622400
content-type: image/png
etag: "63dab301-3cc"
expires: Fri, 02 Feb 2024 20:01:24 GMT
last-modified: Wed, 01 Feb 2023 18:44:17 GMT
server: nginx
strict-transport-security: max-age=300
x-pantheon-styx-hostname: styx-fe1-a-7cf67848f-jxjbl
x-styx-req-id: 34bed7a2-a26b-11ed-89e3-2aee60edd385
date: Wed, 08 Feb 2023 04:01:44 GMT
x-served-by: cache-chi-klot8100086-CHI, cache-bma1640-BMA
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-timer: S1675828905.748322,VS0,VE118
age: 547220
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
content-length: 972
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7+i10EHgF3r/rGyu5rj5Dg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +hWjEOXGRFrM99KWj+4mmWjjMfU=
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ddbcc8409304b59c7d2faa53ed360fb5
98746db490891a3e5aa21f3dff58438d0c7795d5
b0ffc1ea39f25451920b84f09d650c564bd412bca0e2db72d99e736e385a176d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 04:01:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash c471b21d134490ae24442cdb78208a9d
bfa9c84e2ee28ac6fdc9d505fd00439d8792043b
d1b607c65d35a568c2b04ae86635d85bb84912cfe78f6e2915e325d659259b08
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 04:01:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 08 Feb 2023 03:50:52 GMT
expires: Wed, 08 Feb 2023 04:05:52 GMT
cache-control: public, max-age=900
age: 653
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Wed, 08 Feb 2023 04:01:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash c471b21d134490ae24442cdb78208a9d
bfa9c84e2ee28ac6fdc9d505fd00439d8792043b
d1b607c65d35a568c2b04ae86635d85bb84912cfe78f6e2915e325d659259b08
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 04:01:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ddbcc8409304b59c7d2faa53ed360fb5
98746db490891a3e5aa21f3dff58438d0c7795d5
b0ffc1ea39f25451920b84f09d650c564bd412bca0e2db72d99e736e385a176d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 04:01:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 325a8a10ce2837a8c6820e30572d181c
195d6189f0f10fcb301fce3af4c27028bbcb9eaa
2f1a0e948582fa64266617acc77e9beb71c5031d9cffe1bed1393a554f259810
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 04:01:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 325a8a10ce2837a8c6820e30572d181c
195d6189f0f10fcb301fce3af4c27028bbcb9eaa
2f1a0e948582fa64266617acc77e9beb71c5031d9cffe1bed1393a554f259810
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 04:01:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Wed, 08 Feb 2023 04:01:45 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 5bcb9125c18e4ed3562ceb950dc6eaad
a6c6944804b772de3a487723e3e866c0219de230
94947430d745a6648a2e87f163bf474b4fd4513519360bf4bfecfabc141e5ff1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 04:01:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash a7480bc192652256440e70318b7a4110
883fb323f83b81d4527bc3a897e593c5bfbfd7c2
ecd9b2d5e3c190bae1071a81c53cd7376ee6144b240d67f057b977606457e132
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 08 Feb 2023 04:01:45 GMT
server: ESF
cache-control: private
content-length: 31010
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/js/th/dmR7aMZhpUGxXU8vYsM9MYWlbSW0lxfxjbRhFsF7E9Q.js
200 OK 14 kB URL HTTP/2 www.google.com/js/th/dmR7aMZhpUGxXU8vYsM9MYWlbSW0lxfxjbRhFsF7E9Q.js
IP
File type ASCII text, with very long lines (35901)
Hash f48d26fa9ad0d03051b76570c1ceb3f4
c655b97693149f733e24548b380b652967720939
5f1167fdda70ef7585fcc20b8c7a0a371ceefa2b28ba80c4115e69e3f7a006c9
GET /js/th/dmR7aMZhpUGxXU8vYsM9MYWlbSW0lxfxjbRhFsF7E9Q.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14207
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 06:08:19 GMT
expires: Thu, 01 Feb 2024 06:08:19 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 30 Jan 2023 12:00:00 GMT
content-type: text/javascript
age: 597206
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 325a8a10ce2837a8c6820e30572d181c
195d6189f0f10fcb301fce3af4c27028bbcb9eaa
2f1a0e948582fa64266617acc77e9beb71c5031d9cffe1bed1393a554f259810
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 04:01:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 13370dcedeaf8987047cb7cfd4bfa25f
cc4b7e79c14104030a2faa6bd2ec18d5c9f50190
abdc10b39e3b64b79fbd1931fb74cdf2a91d9b65a6562575dda90193a744f73c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 04:01:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 7ec32dff957003dae195c36ca9e3bd6c
6761a20819b0d5a48216d74782e3ea752af7257a
953a3a2d35250df7b506b42f7d1d8813301dd1f9f9bcc30d2d100bd0788e4c76
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 04:01:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-111365247-1&cid=1295646457.1675828957&jid=1763924830&gjid=16259911&_gid=1740473112.1675828957&npa=1&_u=YEBAAUAAAAAAACAAI~&z=1766302595
200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-111365247-1&cid=1295646457.1675828957&jid=1763924830&gjid=16259911&_gid=1740473112.1675828957&npa=1&_u=YEBAAUAAAAAAACAAI~&z=1766302595
IP
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-111365247-1&cid=1295646457.1675828957&jid=1763924830&gjid=16259911&_gid=1740473112.1675828957&npa=1&_u=YEBAAUAAAAAAACAAI~&z=1766302595 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://igniteafterschool.org
Connection: keep-alive
Referer: https://igniteafterschool.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://igniteafterschool.org
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 08 Feb 2023 04:01:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
i.ytimg.com/vi/STYH_fx2uqw/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-CYACrgWKAgwIABABGGUgUig_MA8=&rs=AOn4CLCgdOKfKrYxp696GEVQHZFNqGPbMw
200 OK 36 kB URL HTTP/2 i.ytimg.com/vi/STYH_fx2uqw/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-CYACrgWKAgwIABABGGUgUig_MA8=&rs=AOn4CLCgdOKfKrYxp696GEVQHZFNqGPbMw
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x480, components 3\012- data
Hash a581ba4b42146842910fe39edd2a3563
2db64b155038d22366da6daeb81eb2ca236c2e1f
96fbe29f5478224dd7181b361cb6957bc42820e589f915b6058412804ea0c086
GET /vi/STYH_fx2uqw/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-CYACrgWKAgwIABABGGUgUig_MA8=&rs=AOn4CLCgdOKfKrYxp696GEVQHZFNqGPbMw HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 35920
date: Wed, 08 Feb 2023 04:01:45 GMT
expires: Wed, 08 Feb 2023 06:01:45 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4fe8a46e4fe7c971a068b163b275e25a
5ca9fb282e652f18298c755e61c5e38665ddc7b1
c4639e8bacf773e2ad7c0256587dcabb3db19ceda949ffd365358091e1eef0f3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 04:01:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AL5GRJVeqL2qNHqic8bslSNp1Zl7zVqJnIzVCwuPl7NYzxDg5LhnhOq5R3QM-KkXSnw7=s68-c-k-c0x00ffffff-no-rj
200 OK 1.2 kB URL HTTP/2 yt3.ggpht.com/ytc/AL5GRJVeqL2qNHqic8bslSNp1Zl7zVqJnIzVCwuPl7NYzxDg5LhnhOq5R3QM-KkXSnw7=s68-c-k-c0x00ffffff-no-rj
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 20029929a9fe4196269ad766b867d7f2
c6a63f8de81236ee3d22e9245da296ea0b9633d5
f370b0768ee82495c8095aa77a3d02cfcbbbfc138e4f7fa9dcbe6cec5bec988c
GET /ytc/AL5GRJVeqL2qNHqic8bslSNp1Zl7zVqJnIzVCwuPl7NYzxDg5LhnhOq5R3QM-KkXSnw7=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1209
x-xss-protection: 0
date: Wed, 08 Feb 2023 01:02:52 GMT
expires: Thu, 09 Feb 2023 01:02:52 GMT
cache-control: public, max-age=86400, no-transform
content-type: image/jpeg
age: 10733
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 13370dcedeaf8987047cb7cfd4bfa25f
cc4b7e79c14104030a2faa6bd2ec18d5c9f50190
abdc10b39e3b64b79fbd1931fb74cdf2a91d9b65a6562575dda90193a744f73c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 04:01:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 7ec32dff957003dae195c36ca9e3bd6c
6761a20819b0d5a48216d74782e3ea752af7257a
953a3a2d35250df7b506b42f7d1d8813301dd1f9f9bcc30d2d100bd0788e4c76
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 04:01:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4fe8a46e4fe7c971a068b163b275e25a
5ca9fb282e652f18298c755e61c5e38665ddc7b1
c4639e8bacf773e2ad7c0256587dcabb3db19ceda949ffd365358091e1eef0f3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Feb 2023 04:01:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Wed, 08 Feb 2023 04:01:45 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 5979e6775d0b589dab203a7a6530968f
8b6c95f25005fc1d1bac3b8ebe415582e93eefec
4c17778a0a7ab7537f8d5168bd6591e82a2623aa6d68b1179232cb7750247b0d
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 860
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 08 Feb 2023 04:01:45 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20345
Expires: Wed, 08 Feb 2023 09:40:50 GMT
Date: Wed, 08 Feb 2023 04:01:45 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20345
Expires: Wed, 08 Feb 2023 09:40:50 GMT
Date: Wed, 08 Feb 2023 04:01:45 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20345
Expires: Wed, 08 Feb 2023 09:40:50 GMT
Date: Wed, 08 Feb 2023 04:01:45 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F363ca744-ffa5-4390-9968-412e24620e36.jpeg
200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F363ca744-ffa5-4390-9968-412e24620e36.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5129898de057eb92808f18d120eb7a70
eb0a900843beac5c4ee46686b89b3e8b8d77f80f
7ce3e4f7be652895e93cb8c1a9019b70d699c0a9da013d311395a6440b4e9f96
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F363ca744-ffa5-4390-9968-412e24620e36.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7847
x-amzn-requestid: 60759e32-ac58-4dda-8ea3-fd80413c0deb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_OkkEpMoAMFnGw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c483-61b8715a0da73f4526215649;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:37:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TCX7ZFhV73kN0UBshXeb0qdSkY-8qdeNN6EgioqOUmSAnraEhAohMQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:42:11 GMT
age: 22774
etag: "eb0a900843beac5c4ee46686b89b3e8b8d77f80f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 003fc35e140a75a12b7795c3986426ec
da002b22e2a01f48a545b369d4403eabb17a10d5
bb0754411aa7d0a5036b86b282d0e93d13227765ca9ccaf3a34e8e486cb413d1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13160
x-amzn-requestid: 34aa6dfe-7f14-48d0-89b2-90548621be79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzVxSHh7IAMFjAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63de033b-49587fff75aebe96136137be;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 07:03:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qwSN-ztVJgRfu3bFIjYaVYV8Cnx77j1ugkRjqhRtRXdPju7AhEMg-A==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 07:15:46 GMT
age: 74759
etag: "da002b22e2a01f48a545b369d4403eabb17a10d5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e586b8-49f5-40c3-b0d4-f6cdfc375a2b.jpeg
200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e586b8-49f5-40c3-b0d4-f6cdfc375a2b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 18a84ae645223aba0709b5e16c0207f7
0b865e797846520ccc6fff6fb2ee38d8836bd2c0
b1e4868045f074a84e3de1d82ec3ae22f6d2a1a4131b2a40bcce7f3f5375aff7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e586b8-49f5-40c3-b0d4-f6cdfc375a2b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9760
x-amzn-requestid: d5d8fdde-048f-4705-9fa4-99fd7d29d804
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f582DETSIAMFmEA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0a826-52a3b175584df1914260c8ae;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 07:11:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: wUaruDuqNDIlR6CWz9G7DAofcvS7UNmtPM7C2ve-RRbp57J43rWPxQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 07:22:49 GMT
age: 74336
etag: "0b865e797846520ccc6fff6fb2ee38d8836bd2c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf4a5986-35e6-4c6b-9dba-c981908d9ec1.jpeg
200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf4a5986-35e6-4c6b-9dba-c981908d9ec1.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 726928e5de19ef978faebbe933c34008
bdaba3ed0c7efb65de88af96063d830683c8499b
c6d208fcee052da80de1bf2dcccbbc48853511b8888c4777799ee676abba51b5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf4a5986-35e6-4c6b-9dba-c981908d9ec1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8644
x-amzn-requestid: d6d71f42-f887-4ad0-a2b7-9073d3857b03
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_OjRHBFoAMF4_Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c47b-57490f255d8d30a561fdcd3a;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:36:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xU_uVO78ZQRKon3Cz-fVcHJuPEMMgzDsVuY8BXoKL6ntJwkl-SLeQA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:42:03 GMT
age: 22782
etag: "bdaba3ed0c7efb65de88af96063d830683c8499b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce53bc9b-2505-4efd-9151-fa75ed70138a.jpeg
200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce53bc9b-2505-4efd-9151-fa75ed70138a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash be9f475292d4b5b0502d4381ccdf455b
ecb943b48c822b086ea699d802f8f1bb5ee26651
ed22a5102709dc7a067107a6c0cde26931f7781065de9cee49e22de6b9086e31
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce53bc9b-2505-4efd-9151-fa75ed70138a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8703
x-amzn-requestid: 6456aa7d-11f7-4066-a833-9ac5312c0c24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7JGLTIAMFqdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c513-0679a75676cdc19251c81bdd;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DLVp9hiUjE2w5BiukFfUMALWxvcobbJcJRO-7CdXj3cy6rAdFhPRFQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:44:01 GMT
age: 22664
etag: "ecb943b48c822b086ea699d802f8f1bb5ee26651"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e2b00c2-f304-42e8-b98d-20fe408448f0.jpeg
200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e2b00c2-f304-42e8-b98d-20fe408448f0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c65144dcdaf688643761916851b151c0
1419c4eefac8032e8cfaf2d65dd4a57bff5b25a1
974b5a62f2d051b2dd2c609f7bd08a4ef339dab0d31bccaa0f9898893c3ba6b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e2b00c2-f304-42e8-b98d-20fe408448f0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3379
x-amzn-requestid: 6f8c97bc-c1f9-4681-9544-f2863dc7f782
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f5aSYH47oAMF-ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e070db-4a730cd079f03c8b1cf77997;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 03:15:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Qnk0MflT4eIxNuooDKhm0uauKq1dYj1iG9O_prtNU8c0IoAwODZxig==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 04:27:12 GMT
age: 84873
etag: "1419c4eefac8032e8cfaf2d65dd4a57bff5b25a1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92b2ed55-154e-4ed7-a7ab-1418742cdf6e.jpeg
200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92b2ed55-154e-4ed7-a7ab-1418742cdf6e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7543be9bef0afb8f61344286b7136dd7
e1537aa408cde39d2a314cc2a14f7f7a04a84eb1
162f0898f88d84c8d06542e48e8ff6a903e638f2a837f32681ae1f5e28ae40d7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92b2ed55-154e-4ed7-a7ab-1418742cdf6e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7303
x-amzn-requestid: 081c79e9-2b23-47ad-8b7d-7197c5515c0c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f58kdHMvIAMFdzg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0a7b5-66fca524070e374310920915;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 07:09:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CV8Q0EwlleoBURF3IvwUGDm_ANrg_SINlUR3cl6OhqySJPejP6T0hg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 07:41:21 GMT
age: 73231
etag: "e1537aa408cde39d2a314cc2a14f7f7a04a84eb1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.youtube.com/s/player/97ea7458/player_ias.vflset/en_US/base.js
200 OK 0 B URL HTTP/2 www.youtube.com/s/player/97ea7458/player_ias.vflset/en_US/base.js
IP
GET /s/player/97ea7458/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/STYH_fx2uqw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 612749
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 18:33:32 GMT
expires: Wed, 07 Feb 2024 18:33:32 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 01 Feb 2023 01:21:00 GMT
content-type: text/javascript
age: 34092
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
23.185.0.1
23.33.119.10
0.0.0.0