r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13229
Expires: Sat, 28 Jan 2023 00:24:05 GMT
Date: Fri, 27 Jan 2023 20:43:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2405562765b49b2782ebd2e2994851d5
be7ac8e558f7875bb1fb86ab5ec674424a5ff269
422cfa907461cb7b93b9089d600052f9e94951e5e0c93d97651905002e48ad3e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "422CFA907461CB7B93B9089D600052F9E94951E5E0C93D97651905002E48AD3E"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16241
Expires: Sat, 28 Jan 2023 01:14:17 GMT
Date: Fri, 27 Jan 2023 20:43:36 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 27 Jan 2023 20:42:59 GMT
content-type: application/json
age: 37
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 69f73ac59327cd9ad7d99816ccfcc03e
c54844f82dbee0d5ee4c8ce344eb0139373e6c6b
e81c685b2d8f0e31b89e5cfc911a2c5a99a556646830ac5a8468d991b5e871a3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E81C685B2D8F0E31B89E5CFC911A2C5A99A556646830AC5A8468D991B5E871A3"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9259
Expires: Fri, 27 Jan 2023 23:17:55 GMT
Date: Fri, 27 Jan 2023 20:43:36 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: nUJYKlNGyJD9tpB8IHgHhrtZuL7nMHep/2YhqJUKyAuqwAtFBBO9D0GmawmzBPAjjmyLJh6K7os=
x-amz-request-id: P24RP5WPZEDV4X4N
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 27 Jan 2023 20:20:40 GMT
age: 1377
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
marylandcenterforhospitalitytraining.com/
107.180.41.148200 OK 4.9 kB URL HTTP/1.1 marylandcenterforhospitalitytraining.com/
IP 107.180.41.148:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (650)
Hash 8162a0375879a29e0d84fa224626303f
122117466445a91461f935b5300d4f1996b7bc87
8d5453cf3180cc324febdd257d98d0f5f15d325e2d974b5d4f506216855113f3
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: marylandcenterforhospitalitytraining.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 20:43:37 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 03 Jan 2023 15:53:50 GMT
ETag: "12a0770-485e-5f15e12ef80fa-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4868
Keep-Alive: timeout=5
Content-Type: text/html
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 20:43:37 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
img1.wsimg.com/traffic-assets/js/tccl.min.js
95.101.10.131302 Found 0 B URL HTTP/2 img1.wsimg.com/traffic-assets/js/tccl.min.js
IP 95.101.10.131:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /traffic-assets/js/tccl.min.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-length: 0
location: https://img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js
cache-control: max-age=1800
expires: Fri, 27 Jan 2023 21:13:37 GMT
date: Fri, 27 Jan 2023 20:43:37 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
marylandcenterforhospitalitytraining.com/assets/web/assets/mobirise-icons/mobirise-icons.css
107.180.41.148200 OK 1.6 kB URL HTTP/1.1 marylandcenterforhospitalitytraining.com/assets/web/assets/mobirise-icons/mobirise-icons.css
IP 107.180.41.148:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 71c1c21ca4d894cc19a8da9c1f60f3f2
da70eae45cacbef6baf8af6b97cdee2fdf5ca83b
87e1e82d2d9926c6cc2f45a86e9090d5e36c5c95db37d12039dd6074a69bae48
GET /assets/web/assets/mobirise-icons/mobirise-icons.css HTTP/1.1
Host: marylandcenterforhospitalitytraining.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 20:43:37 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 29 Dec 2020 14:37:25 GMT
ETag: "12a0286-1dbd-5b79b544d81fb-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1563
Keep-Alive: timeout=5
Content-Type: text/css
marylandcenterforhospitalitytraining.com/assets/web/assets/mobirise-icons2/mobirise2.css
107.180.41.148200 OK 1.6 kB URL HTTP/1.1 marylandcenterforhospitalitytraining.com/assets/web/assets/mobirise-icons2/mobirise2.css
IP 107.180.41.148:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 2e3002b90bb23147d4338f3dd7d98dac
a59e9140b46317a5c4080bce2445fcb2eb947ae7
e4a4f951fd9f5c0408d56453f5f6d5230d1647c384795cbcfcf0784c3c074f8f
GET /assets/web/assets/mobirise-icons2/mobirise2.css HTTP/1.1
Host: marylandcenterforhospitalitytraining.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 20:43:37 GMT
Server: Apache
Last-Modified: Tue, 29 Dec 2020 14:37:25 GMT
ETag: "12a028c-2205-5b79b544dc07b-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1646
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js
95.101.10.131200 OK 11 kB URL HTTP/2 img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js
IP 95.101.10.131:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (45837)
Hash 645b88efa25fd10bf181698e5f994175
c702cebb7ad47f0839332bedae7c7913d7113b25
9555a4ec4987438fc2d5ffd29e91bec3e1829e3f765e700f8d8941412e5eb520
GET /wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js HTTP/1.1
Host: img6.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://marylandcenterforhospitalitytraining.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
content-encoding: br
etag: "5c3e20ad749ddb088afc84b1b7ff009e"
last-modified: Tue, 29 Nov 2022 21:30:05 GMT
vary: Accept-Encoding
x-amz-id-2: SOgzPYjoNVqHmzSUdDQxjVjpOcgl04n3arSWjBq/s2doz6LRg79tFfSvSDtud9Y0icsa8uPNWH0=
x-amz-request-id: SW42RCTKTQJH3SB5
x-amz-server-side-encryption: AES256
x-amz-version-id: sTnOEJpl_Bn63xNm3Yru0HbQaHbS55CR
content-length: 11347
cache-control: max-age=31536000
date: Fri, 27 Jan 2023 20:43:37 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
marylandcenterforhospitalitytraining.com/assets/mobirise/css/mbr-additional.css
107.180.41.148200 OK 15 kB URL HTTP/1.1 marylandcenterforhospitalitytraining.com/assets/mobirise/css/mbr-additional.css
IP 107.180.41.148:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (522)
Hash 449ee9c474254cff032ffa9a521ff2f5
9b03e04cba08bed7390a528d45cc8001cd7702b9
1914f5d1293550ae4f2437f61acc34f41938dd6cea4deb6d742f689d52b8af3b
GET /assets/mobirise/css/mbr-additional.css HTTP/1.1
Host: marylandcenterforhospitalitytraining.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 20:43:37 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 16 Apr 2021 17:19:14 GMT
ETag: "12a0255-2ed85-5c01a2dd5a8ec-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 14957
Keep-Alive: timeout=5
Content-Type: text/css
marylandcenterforhospitalitytraining.com/assets/bootstrap/css/bootstrap-grid.min.css
107.180.41.148200 OK 6.2 kB URL HTTP/1.1 marylandcenterforhospitalitytraining.com/assets/bootstrap/css/bootstrap-grid.min.css
IP 107.180.41.148:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (50727)
Hash 03605cec0b3c1d920515fb4cd0a7219b
4dba5da1fca64f010cea749ab4723996a87d6db1
b3dfb5ce514dff49f500d95ea2f4ec2cbc70683fc50fd2037a22fde2c834f7d3
GET /assets/bootstrap/css/bootstrap-grid.min.css HTTP/1.1
Host: marylandcenterforhospitalitytraining.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 20:43:37 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 29 Dec 2020 14:37:25 GMT
ETag: "12a020c-c733-5b79b544b47a7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6199
Keep-Alive: timeout=5
Content-Type: text/css
marylandcenterforhospitalitytraining.com/assets/tether/tether.min.css
107.180.41.148200 OK 125 B URL HTTP/1.1 marylandcenterforhospitalitytraining.com/assets/tether/tether.min.css
IP 107.180.41.148:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with no line terminators
Hash df1690aabacf24719148baa62c5bcd94
40ebe703c71d4ebd372410c21acd268d83c4d4ce
3ec03ec58e6d40978ae2cd124623372d140f35c33f2c78c881addd777976c423
GET /assets/tether/tether.min.css HTTP/1.1
Host: marylandcenterforhospitalitytraining.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 20:43:37 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 29 Dec 2020 14:37:25 GMT
ETag: "12a026d-ed-5b79b544b9d98-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 125
Keep-Alive: timeout=5
Content-Type: text/css
marylandcenterforhospitalitytraining.com/assets/bootstrap/css/bootstrap.min.css
107.180.41.148200 OK 24 kB URL HTTP/1.1 marylandcenterforhospitalitytraining.com/assets/bootstrap/css/bootstrap.min.css
IP 107.180.41.148:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (65324)
Hash 6211f11d0886f4e639ef5b0054e5563d
916e5f8bd3da12e719c91a89d57ff13add3f28af
c4417522f457f1ee386fd29c84ee3e4333f3456b791d78867d1ec97d04e2323a
GET /assets/bootstrap/css/bootstrap.min.css HTTP/1.1
Host: marylandcenterforhospitalitytraining.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 20:43:37 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 02 Feb 2021 12:28:01 GMT
ETag: "12a020a-272d5-5ba5999eff3c5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 23886
Keep-Alive: timeout=5
Content-Type: text/css
marylandcenterforhospitalitytraining.com/assets/bootstrap/css/bootstrap-reboot.min.css
107.180.41.148200 OK 1.6 kB URL HTTP/1.1 marylandcenterforhospitalitytraining.com/assets/bootstrap/css/bootstrap-reboot.min.css
IP 107.180.41.148:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (3498)
Hash 978afe0f90846b046f520979448647e1
ad14df76b1601f8af8482c52cf0e4fb691289532
16eeaae4501faaf8b795ec5f1997b73ff0fe48bd72e8339104d25087cf822e19
GET /assets/bootstrap/css/bootstrap-reboot.min.css HTTP/1.1
Host: marylandcenterforhospitalitytraining.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 20:43:37 GMT
Server: Apache
Last-Modified: Tue, 29 Dec 2020 14:37:25 GMT
ETag: "12a020d-f27-5b79b544b62ff-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1589
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
marylandcenterforhospitalitytraining.com/assets/dropdown/css/style.css
107.180.41.148200 OK 1.7 kB URL HTTP/1.1 marylandcenterforhospitalitytraining.com/assets/dropdown/css/style.css
IP 107.180.41.148:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash ee33e369c2fd6b4caa6b073e6996d920
0e0acd5969b580f091cc22be65602db089257bae
7ff873a710dac0c5f79134e01c383ef4483a49f6f60cb6ebe6f8da39fae559d4
GET /assets/dropdown/css/style.css HTTP/1.1
Host: marylandcenterforhospitalitytraining.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 20:43:37 GMT
Server: Apache
Last-Modified: Tue, 29 Dec 2020 14:37:25 GMT
ETag: "12a021a-1f2e-5b79b544f106d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1694
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 7da8f9a23d8c05f64f248e4e3427c76e
e2d001c2909cd9403173cbb0e288d55fbc8e4d0a
db8790004124a0eeb0676860170ad9c37250b2ba697a27dee62c99b64c67b4b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 20:43:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
marylandcenterforhospitalitytraining.com/assets/socicon/css/styles.css
107.180.41.148200 OK 3.0 kB URL HTTP/1.1 marylandcenterforhospitalitytraining.com/assets/socicon/css/styles.css
IP 107.180.41.148:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 44950634cf653ef5fffce811ac2d899c
06a7e2bd071b66865948569cb30366f10db37ef3
19418e572c1ef3a27f93525cd210c8b12e7c77db6f4008606c5d49d3a323a2cd
GET /assets/socicon/css/styles.css HTTP/1.1
Host: marylandcenterforhospitalitytraining.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 20:43:37 GMT
Server: Apache
Last-Modified: Tue, 29 Dec 2020 14:37:25 GMT
ETag: "12a0265-3c93-5b79b544c4979-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2985
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
marylandcenterforhospitalitytraining.com/assets/datepicker/jquery.datetimepicker.min.css
107.180.41.148200 OK 4.5 kB URL HTTP/1.1 marylandcenterforhospitalitytraining.com/assets/datepicker/jquery.datetimepicker.min.css
IP 107.180.41.148:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (16502)
Hash ba97496308d371ab19527df07c3fc4a3
435c20de8d2caf1d40051c5141e7f138541a3ab9
e94525f36065fdc64140bab02a94adefbae646f03722c63c603d9d8ec0edefd4
GET /assets/datepicker/jquery.datetimepicker.min.css HTTP/1.1
Host: marylandcenterforhospitalitytraining.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 20:43:37 GMT
Server: Apache
Last-Modified: Tue, 29 Dec 2020 14:37:25 GMT
ETag: "12a0217-4077-5b79b5450e148-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4492
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 7da8f9a23d8c05f64f248e4e3427c76e
e2d001c2909cd9403173cbb0e288d55fbc8e4d0a
db8790004124a0eeb0676860170ad9c37250b2ba697a27dee62c99b64c67b4b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 20:43:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
marylandcenterforhospitalitytraining.com/assets/formstyler/jquery.formstyler.css
107.180.41.148200 OK 645 B URL HTTP/1.1 marylandcenterforhospitalitytraining.com/assets/formstyler/jquery.formstyler.css
IP 107.180.41.148:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 2da3ecdcfdf9162d1cacb6b28e5988e8
0f0110f28684c42fa7475b0e6e5a1f0c759be767
d051328f70cc7490733aa4434743fb8f6789354b7f36fb0daa38289414ba9f34
GET /assets/formstyler/jquery.formstyler.css HTTP/1.1
Host: marylandcenterforhospitalitytraining.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 20:43:37 GMT
Server: Apache
Last-Modified: Tue, 29 Dec 2020 14:37:25 GMT
ETag: "12a0220-8a4-5b79b544b053f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 645
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
marylandcenterforhospitalitytraining.com/assets/formstyler/jquery.formstyler.theme.css
107.180.41.148200 OK 2.5 kB URL HTTP/1.1 marylandcenterforhospitalitytraining.com/assets/formstyler/jquery.formstyler.theme.css
IP 107.180.41.148:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (506)
Hash 6f55562c66bc0b8b211e7088ce3aa6e5
f445a4616d7139cc1b0f0c3fd3f85b3e3ff13562
13b92b2b4f5c352fc9c17cac68f84c75966d7a14b4b103f2d475cf4ab6368566
GET /assets/formstyler/jquery.formstyler.theme.css HTTP/1.1
Host: marylandcenterforhospitalitytraining.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 20:43:37 GMT
Server: Apache
Last-Modified: Tue, 29 Dec 2020 14:37:25 GMT
ETag: "12a0223-2bbd-5b79b544aaf4e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2513
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
142.250.74.106200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
IP 142.250.74.106:0
File type ASCII text, with very long lines (32077)
Hash fd2b58574f9637ba7ef639267349d848
6eda5ea93f549ceb5693f6f1c038893fa56a510d
75627d4b97e5e6294a8f88f5eeaf9b616696dc8600db9701c47ef05f067880ec
GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33951
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 22 Jan 2023 03:22:46 GMT
expires: Mon, 22 Jan 2024 03:22:46 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 494451
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
marylandcenterforhospitalitytraining.com/assets/theme/css/style.css
107.180.41.148200 OK 3.5 kB URL HTTP/1.1 marylandcenterforhospitalitytraining.com/assets/theme/css/style.css
IP 107.180.41.148:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 162965b253b39c657de359d3bc4bc2bd
e7ef324aced90afd519b417d7c4ba9f21a89e546
4bcb637dff2fb0ea40a0da14f053e59267939b675c3b72c3399dbfa57be143ba
GET /assets/theme/css/style.css HTTP/1.1
Host: marylandcenterforhospitalitytraining.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 20:43:37 GMT
Server: Apache
Last-Modified: Tue, 29 Dec 2020 14:37:25 GMT
ETag: "12a0272-3982-5b79b544bf770-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3477
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
marylandcenterforhospitalitytraining.com/assets/recaptcha.css
107.180.41.148200 OK 56 B URL HTTP/1.1 marylandcenterforhospitalitytraining.com/assets/recaptcha.css
IP 107.180.41.148:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash ac0afa862700f0d1efbe8f1f1dd0eb0d
29cdaae19e4a3e67efca8b0d01e61bb3f7d21e42
18c4793dade381e48800882772f5f151aceba9898c503ae1fb96dc25ebc38918
GET /assets/recaptcha.css HTTP/1.1
Host: marylandcenterforhospitalitytraining.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 20:43:37 GMT
Server: Apache
Last-Modified: Tue, 29 Dec 2020 14:37:25 GMT
ETag: "12a0260-38-5b79b544befa0"
Accept-Ranges: bytes
Content-Length: 56
Vary: Accept-Encoding
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 7da8f9a23d8c05f64f248e4e3427c76e
e2d001c2909cd9403173cbb0e288d55fbc8e4d0a
db8790004124a0eeb0676860170ad9c37250b2ba697a27dee62c99b64c67b4b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 20:43:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 27 Jan 2023 20:41:40 GMT
age: 117
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 7da8f9a23d8c05f64f248e4e3427c76e
e2d001c2909cd9403173cbb0e288d55fbc8e4d0a
db8790004124a0eeb0676860170ad9c37250b2ba697a27dee62c99b64c67b4b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 20:43:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 7da8f9a23d8c05f64f248e4e3427c76e
e2d001c2909cd9403173cbb0e288d55fbc8e4d0a
db8790004124a0eeb0676860170ad9c37250b2ba697a27dee62c99b64c67b4b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 20:43:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
marylandcenterforhospitalitytraining.com/form.js
107.180.41.148200 OK 546 B URL HTTP/1.1 marylandcenterforhospitalitytraining.com/form.js
IP 107.180.41.148:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash f87bac775d28c5d67fbffeb4e0a7fbed
6367d83d3c900e559d02e49b3440f390d0725283
9806e8fe739f3d4efb697b8d96a0c326627637bf08fa2af3064ae622170c3fa1
Analyzer Verdict Alert fortinet Phishing
GET /form.js HTTP/1.1
Host: marylandcenterforhospitalitytraining.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 20:43:37 GMT
Server: Apache
Last-Modified: Tue, 02 Feb 2021 07:47:07 GMT
ETag: "12a01cc-68a-5ba55ad5d4da8-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 546
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
marylandcenterforhospitalitytraining.com/assets/popper/popper.min.js
107.180.41.148200 OK 6.8 kB URL HTTP/1.1 marylandcenterforhospitalitytraining.com/assets/popper/popper.min.js
IP 107.180.41.148:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (18860)
Hash 4e03d867c60934ff070ff00b5310cb99
110af87deb75c590d0b01c139b20d85a40eea487
64aa91684c4116bc7a6ec9eb6fc07e6b959f781f6cabd3f2f61c48c29b223c03
Analyzer Verdict Alert fortinet Phishing
GET /assets/popper/popper.min.js HTTP/1.1
Host: marylandcenterforhospitalitytraining.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 20:43:37 GMT
Server: Apache
Last-Modified: Tue, 29 Dec 2020 14:37:25 GMT
ETag: "12a0257-4a32-5b79b544ced8a-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6827
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
marylandcenterforhospitalitytraining.com/assets/tether/tether.min.js
107.180.41.148200 OK 6.9 kB URL HTTP/1.1 marylandcenterforhospitalitytraining.com/assets/tether/tether.min.js
IP 107.180.41.148:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (23217), with no line terminators
Hash 455dad1468c1da3953e1590f7c956a39
3b82ae699d5fe28bd15e4211cf0a1f5f5c484fe2
02a38787fbfa10deac379dba764fad920e41ebbb8d644de30c798afe72bd0429
Analyzer Verdict Alert fortinet Phishing
GET /assets/tether/tether.min.js HTTP/1.1
Host: marylandcenterforhospitalitytraining.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 20:43:37 GMT
Server: Apache
Last-Modified: Tue, 29 Dec 2020 14:37:25 GMT
ETag: "12a026e-5ab1-5b79b544bb120-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6870
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
marylandcenterforhospitalitytraining.com/assets/bootstrap/js/bootstrap.min.js
107.180.41.148200 OK 15 kB URL HTTP/1.1 marylandcenterforhospitalitytraining.com/assets/bootstrap/js/bootstrap.min.js
IP 107.180.41.148:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (59893)
Hash f236cc80370139ed4d1587ef5ff6296f
dd802df8719dd40d40d191cd7d6630524d17813d
0340a26dbf5e696d2177ae3e33cfbc23ea745f09086939c751563f444e84b310
Analyzer Verdict Alert fortinet Phishing
GET /assets/bootstrap/js/bootstrap.min.js HTTP/1.1
Host: marylandcenterforhospitalitytraining.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 20:43:37 GMT
Server: Apache
Last-Modified: Tue, 29 Dec 2020 14:37:25 GMT
ETag: "12a0214-eb0e-5b79b544b72a0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 14890
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
marylandcenterforhospitalitytraining.com/assets/vimeoplayer/jquery.mb.vimeo_player.js
107.180.41.148200 OK 7.0 kB URL HTTP/1.1 marylandcenterforhospitalitytraining.com/assets/vimeoplayer/jquery.mb.vimeo_player.js
IP 107.180.41.148:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (573)
Hash d5ae58d536cea49cee0e68c2a8ceaf2e
4251cb1b1b2478b71b75cc913a3f0e10d5cfa039
ee000d211485fa1f75d9cdb78f7183994d3b4de49b451c25bac089b382d43d0f
Analyzer Verdict Alert fortinet Phishing
GET /assets/vimeoplayer/jquery.mb.vimeo_player.js HTTP/1.1
Host: marylandcenterforhospitalitytraining.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 20:43:37 GMT
Server: Apache
Last-Modified: Tue, 29 Dec 2020 14:37:25 GMT
ETag: "12a027a-7347-5b79b544cbeaa-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7038
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
marylandcenterforhospitalitytraining.com/assets/dropdown/js/nav-dropdown.js
107.180.41.148200 OK 2.6 kB URL HTTP/1.1 marylandcenterforhospitalitytraining.com/assets/dropdown/js/nav-dropdown.js
IP 107.180.41.148:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (526)
Hash 3142debdf96cf0d6df57e30206a097fa
23d9fa45599c670fb2d19abe5ab403d8e289d9bc
07242dff53302067383c21c996894bf364829ba027e2521e05201cddd8cb4992
Analyzer Verdict Alert fortinet Phishing
GET /assets/dropdown/js/nav-dropdown.js HTTP/1.1
Host: marylandcenterforhospitalitytraining.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 20:43:37 GMT
Server: Apache
Last-Modified: Tue, 29 Dec 2020 14:37:25 GMT
ETag: "12a021d-1f1d-5b79b544f377e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2603
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15150
Expires: Sat, 28 Jan 2023 00:56:07 GMT
Date: Fri, 27 Jan 2023 20:43:37 GMT
Connection: keep-alive
marylandcenterforhospitalitytraining.com/assets/dropdown/js/navbar-dropdown.js
107.180.41.148200 OK 654 B URL HTTP/1.1 marylandcenterforhospitalitytraining.com/assets/dropdown/js/navbar-dropdown.js
IP 107.180.41.148:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (560)
Hash f795a250d152eb9b5e7744094f57aa83
1232db8c755c1f3ae46f61d538cd5f580ba73cb2
ef590fd422d31aa7941cb757d37ef7fa8bb035952d9d5ee022dc468af49ac06d
Analyzer Verdict Alert fortinet Phishing
GET /assets/dropdown/js/navbar-dropdown.js HTTP/1.1
Host: marylandcenterforhospitalitytraining.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 20:43:37 GMT
Server: Apache
Last-Modified: Tue, 29 Dec 2020 14:37:25 GMT
ETag: "12a021c-62e-5b79b544f27dd-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 654
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
marylandcenterforhospitalitytraining.com/assets/touch-swipe/jquery.touch-swipe.min.js
107.180.41.148200 OK 5.0 kB URL HTTP/1.1 marylandcenterforhospitalitytraining.com/assets/touch-swipe/jquery.touch-swipe.min.js
IP 107.180.41.148:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (20000)
Hash fb4b13a45c215e614b076c96c91837ad
0a97631e12a769a31e68cb2394c499ccf1422429
0a0fd07fe02a859bd977639e1750050d0a0dced1198907773f94e0047be3a95c
Analyzer Verdict Alert fortinet Phishing
GET /assets/touch-swipe/jquery.touch-swipe.min.js HTTP/1.1
Host: marylandcenterforhospitalitytraining.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 20:43:37 GMT
Server: Apache
Last-Modified: Tue, 29 Dec 2020 14:37:25 GMT
ETag: "12a0276-4fbc-5b79b544a5d46-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5048
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
marylandcenterforhospitalitytraining.com/assets/ytplayer/jquery.mb.ytplayer.min.js
107.180.41.148200 OK 13 kB URL HTTP/1.1 marylandcenterforhospitalitytraining.com/assets/ytplayer/jquery.mb.ytplayer.min.js
IP 107.180.41.148:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (32031)
Hash 6bb5473ee09d12a750e3505449aeb2bd
9b707ed4c0fbf87affe0a7a747917e0e12ac3956
9ff2136f35902e3e1033db50efe0e6b9ad19b5c694cdb6c8b8f68a9fc738562b
Analyzer Verdict Alert fortinet Phishing
GET /assets/ytplayer/jquery.mb.ytplayer.min.js HTTP/1.1
Host: marylandcenterforhospitalitytraining.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 20:43:37 GMT
Server: Apache
Last-Modified: Tue, 29 Dec 2020 14:37:25 GMT
ETag: "12a029d-d01e-5b79b544f7216-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 13430
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
marylandcenterforhospitalitytraining.com/assets/popup-plugin/script.js
107.180.41.148200 OK 201 B URL HTTP/1.1 marylandcenterforhospitalitytraining.com/assets/popup-plugin/script.js
IP 107.180.41.148:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash f78ad1a6862ca88b4b06aa769a0e1f9f
502fd60d4894d43380195de0da3e0c8c10e4a3ff
a8a15cb7cdfeab7d0084bff7d880b8277ccbc0691d38276d529fc30ac3583f63
Analyzer Verdict Alert fortinet Phishing
GET /assets/popup-plugin/script.js HTTP/1.1
Host: marylandcenterforhospitalitytraining.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 20:43:37 GMT
Server: Apache
Last-Modified: Tue, 29 Dec 2020 14:37:25 GMT
ETag: "12a025f-11c-5b79b544a9bc6-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 201
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 36147c185553851c38547798733a9fb2
912ec40237eae2ed558d09103c86c41f87896eca
a4fd9090983c75e1b7faf5ea9439532f51d747faf1853138ac13bdaafa490246
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 20:43:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
marylandcenterforhospitalitytraining.com/assets/popup-onscroll-plugin/script.js
107.180.41.148200 OK 239 B URL HTTP/1.1 marylandcenterforhospitalitytraining.com/assets/popup-onscroll-plugin/script.js
IP 107.180.41.148:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (357)
Hash 7ed476ff5c090d04195bfb777838cb58
a2dba836337f4d885eb85d65fe1c6ed0a0cda57e
4733bdfde3f3c653ad158c859a801865cd8a32144d5e3d124591357e95727790
Analyzer Verdict Alert fortinet Phishing
GET /assets/popup-onscroll-plugin/script.js HTTP/1.1
Host: marylandcenterforhospitalitytraining.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 20:43:37 GMT
Server: Apache
Last-Modified: Tue, 29 Dec 2020 14:37:25 GMT
ETag: "12a025b-167-5b79b544c3dc1-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 239
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
marylandcenterforhospitalitytraining.com/assets/popup-onexit-plugin/script.js
107.180.41.148200 OK 179 B URL HTTP/1.1 marylandcenterforhospitalitytraining.com/assets/popup-onexit-plugin/script.js
IP 107.180.41.148:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 44e7cbdd2deb48d983346a7638fb311e
3e33b207538348b79c5d6d2443cb82433eec90ff
49483744a1230aaeb8a43596767e91cf24f72b204a0afa4a4e8280e6d4dbac8e
Analyzer Verdict Alert fortinet Phishing
GET /assets/popup-onexit-plugin/script.js HTTP/1.1
Host: marylandcenterforhospitalitytraining.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 20:43:37 GMT
Server: Apache
Last-Modified: Tue, 29 Dec 2020 14:37:25 GMT
ETag: "12a0259-dc-5b79b5450d978-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 179
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash cbe94bc7052911313fffd1cdad964a74
a96a6606f1d20baeeb4040c9ced3ba2f7bd1aada
430d90ac0a39038dbb5336cf29baf6786ac29491c5a8e4dcce04e93d9fceb5e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 20:43:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash cbe94bc7052911313fffd1cdad964a74
a96a6606f1d20baeeb4040c9ced3ba2f7bd1aada
430d90ac0a39038dbb5336cf29baf6786ac29491c5a8e4dcce04e93d9fceb5e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 20:43:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
marylandcenterforhospitalitytraining.com/assets/popup-overlay-plugin/script.js
107.180.41.148200 OK 228 B URL HTTP/1.1 marylandcenterforhospitalitytraining.com/assets/popup-overlay-plugin/script.js
IP 107.180.41.148:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (381)
Hash 1ea3a0f42438c0fd5aa7fb339cc0c9d7
ce42a28c396cd8dac5418cd344e67751843da338
2b090266068a07f81468257a74b177397cf510bf2691cd681c19ff9e7712353b
Analyzer Verdict Alert fortinet Phishing
GET /assets/popup-overlay-plugin/script.js HTTP/1.1
Host: marylandcenterforhospitalitytraining.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 20:43:37 GMT
Server: Apache
Last-Modified: Tue, 29 Dec 2020 14:37:25 GMT
ETag: "12a025d-17f-5b79b544d37c2-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 228
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
www.googletagmanager.com/gtm.js?id=GTM-ML7WKT6
142.250.74.40200 OK 38 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-ML7WKT6
IP 142.250.74.40:0
File type ASCII text, with very long lines (1759)
Hash 6cc03cfbbf497f676e2d67fbfa2fbe2f
aa3ebcb2369632e65f7631c5a45e6298b9850bba
b48d5731bf19d6e011cb189631f683cd01919dcd6df47e73b9ac2ff58ecec9fc
GET /gtm.js?id=GTM-ML7WKT6 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 27 Jan 2023 20:43:37 GMT
expires: Fri, 27 Jan 2023 20:43:37 GMT
cache-control: private, max-age=900
last-modified: Fri, 27 Jan 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 38209
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/notosanskr/v27/Pby7FmXiEBPT4ITbgNA5CgmOalvI7dAGs2lYoVAUOdqfkBNGBJWUFERI.119.woff2
142.250.74.67200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/notosanskr/v27/Pby7FmXiEBPT4ITbgNA5CgmOalvI7dAGs2lYoVAUOdqfkBNGBJWUFERI.119.woff2
IP 142.250.74.67:0
File type Web Open Font Format (Version 2), CFF, length 12180, version 1.0\012- data
Hash 3058686a6526e7004b070deef6fa10d5
64a0be34af691ade8e2768f466db8262104fd47b
625c3f729c9d8dcbf33d341cc879a4eb8b8ca99d9d32b7b4d3b847c09985b600
GET /s/notosanskr/v27/Pby7FmXiEBPT4ITbgNA5CgmOalvI7dAGs2lYoVAUOdqfkBNGBJWUFERI.119.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://marylandcenterforhospitalitytraining.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12180
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 18:38:12 GMT
expires: Wed, 24 Jan 2024 18:38:12 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 09 May 2022 19:32:33 GMT
content-type: font/woff2
age: 266725
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash cbe94bc7052911313fffd1cdad964a74
a96a6606f1d20baeeb4040c9ced3ba2f7bd1aada
430d90ac0a39038dbb5336cf29baf6786ac29491c5a8e4dcce04e93d9fceb5e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 20:43:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/notosanskr/v27/PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.117.woff2
142.250.74.67200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/notosanskr/v27/PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.117.woff2
IP 142.250.74.67:0
File type Web Open Font Format (Version 2), CFF, length 11788, version 1.0\012- data
Hash 7fca35a979c79aa765ea0476f765cf8d
656b2573051b74e45469c8a368d94bd885d03516
dd892bf635aea2d27f5f526da20459b331e9b3cf7b7a584d5b0ae3f574cb1c06
GET /s/notosanskr/v27/PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.117.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://marylandcenterforhospitalitytraining.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11788
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 18:39:10 GMT
expires: Wed, 24 Jan 2024 18:39:10 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 09 May 2022 19:36:01 GMT
content-type: font/woff2
age: 266667
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/notosanskr/v27/Pby7FmXiEBPT4ITbgNA5CgmOIl3I7dAGs2lYoVAUOdqfkBNGBJWUFERI.119.woff2
142.250.74.67200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/notosanskr/v27/Pby7FmXiEBPT4ITbgNA5CgmOIl3I7dAGs2lYoVAUOdqfkBNGBJWUFERI.119.woff2
IP 142.250.74.67:0
File type Web Open Font Format (Version 2), CFF, length 12096, version 1.0\012- data
Hash e0b4085dad407104658040b76315042d
371082cc8855d9a0277d0c8dd1d63148b53802ae
65776662077a717378c3ab6169eddfabb46d9a60d1cc05acbe756fa9c41d022d
GET /s/notosanskr/v27/Pby7FmXiEBPT4ITbgNA5CgmOIl3I7dAGs2lYoVAUOdqfkBNGBJWUFERI.119.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://marylandcenterforhospitalitytraining.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12096
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 18:39:10 GMT
expires: Wed, 24 Jan 2024 18:39:10 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 09 May 2022 19:32:04 GMT
content-type: font/woff2
age: 266667
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
marylandcenterforhospitalitytraining.com/assets/formstyler/jquery.formstyler.js
107.180.41.148200 OK 5.3 kB URL HTTP/1.1 marylandcenterforhospitalitytraining.com/assets/formstyler/jquery.formstyler.js
IP 107.180.41.148:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (631)
Hash e7d580f10a31bc69a98979354b2243b5
b1872e220a951103862c26461f8729055a80be58
c696d9bffa61940738648eface16099d56da76380710119a143b6e19d7a7cd37
Analyzer Verdict Alert fortinet Phishing
GET /assets/formstyler/jquery.formstyler.js HTTP/1.1
Host: marylandcenterforhospitalitytraining.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 20:43:37 GMT
Server: Apache
Last-Modified: Tue, 29 Dec 2020 14:37:25 GMT
ETag: "12a0221-47d4-5b79b544ae5ff-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5273
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
marylandcenterforhospitalitytraining.com/assets/formstyler/jquery.formstyler.min.js
107.180.41.148200 OK 5.1 kB URL HTTP/1.1 marylandcenterforhospitalitytraining.com/assets/formstyler/jquery.formstyler.min.js
IP 107.180.41.148:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Unicode text, UTF-8 text, with very long lines (17887)
Hash 01e7ee321faff4d58994bb703918ea16
5f12f6e057b1a24a1790f2143a35512878850f47
89b9a185dc08aa2bf981cf94c9b90f83f8c15a17c5afa877fc909a49b5587a06
Analyzer Verdict Alert fortinet Phishing
GET /assets/formstyler/jquery.formstyler.min.js HTTP/1.1
Host: marylandcenterforhospitalitytraining.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 20:43:37 GMT
Server: Apache
Last-Modified: Tue, 29 Dec 2020 14:37:25 GMT
ETag: "12a0222-4675-5b79b544ac2d6-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5127
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash cbe94bc7052911313fffd1cdad964a74
a96a6606f1d20baeeb4040c9ced3ba2f7bd1aada
430d90ac0a39038dbb5336cf29baf6786ac29491c5a8e4dcce04e93d9fceb5e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 20:43:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/notosanskr/v27/Pby7FmXiEBPT4ITbgNA5CgmOelzI7dAGs2lYoVAUOdqfkBNGBJWUFERI.119.woff2
142.250.74.67200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/notosanskr/v27/Pby7FmXiEBPT4ITbgNA5CgmOelzI7dAGs2lYoVAUOdqfkBNGBJWUFERI.119.woff2
IP 142.250.74.67:0
File type Web Open Font Format (Version 2), CFF, length 11884, version 1.0\012- data
Hash 412ef4662c76b45ea8bdb061760e67fb
d67287eb6d37c947710bc82e38b0ff049ff3121d
241239c9ab4e072d9ff2777b97ef40ac2dac926e860bda7f8f9973a788a86e2b
GET /s/notosanskr/v27/Pby7FmXiEBPT4ITbgNA5CgmOelzI7dAGs2lYoVAUOdqfkBNGBJWUFERI.119.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://marylandcenterforhospitalitytraining.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 19:06:41 GMT
expires: Wed, 24 Jan 2024 19:06:41 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 09 May 2022 19:49:51 GMT
content-type: font/woff2
age: 265016
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/notosanskr/v27/Pby7FmXiEBPT4ITbgNA5CgmOelzI7dAGs2lYoVAUOdqfkBNGBJWUFERI.116.woff2
142.250.74.67200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/notosanskr/v27/Pby7FmXiEBPT4ITbgNA5CgmOelzI7dAGs2lYoVAUOdqfkBNGBJWUFERI.116.woff2
IP 142.250.74.67:0
File type Web Open Font Format (Version 2), CFF, length 12800, version 1.0\012- data
Hash 735eda9af081736cb9b62f603fec55e8
c5cac0993330607e27733ba956b93c9a12d053b1
1cfcfbbbabf85b09907e0e74a7ee8568c6859960a8118c7fbe098dbb639c03aa
GET /s/notosanskr/v27/Pby7FmXiEBPT4ITbgNA5CgmOelzI7dAGs2lYoVAUOdqfkBNGBJWUFERI.116.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://marylandcenterforhospitalitytraining.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12800
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 02:06:39 GMT
expires: Sat, 27 Jan 2024 02:06:39 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 09 May 2022 19:49:39 GMT
content-type: font/woff2
age: 67018
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/notosanskr/v27/Pby7FmXiEBPT4ITbgNA5CgmOalvI7dAGs2lYoVAUOdqfkBNGBJWUFERI.117.woff2
142.250.74.67200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/notosanskr/v27/Pby7FmXiEBPT4ITbgNA5CgmOalvI7dAGs2lYoVAUOdqfkBNGBJWUFERI.117.woff2
IP 142.250.74.67:0
File type Web Open Font Format (Version 2), CFF, length 12088, version 1.0\012- data
Hash 718c524d33400516fb2a37a7ec264cc4
ab85017f4e9e0055ed674dc32d5236b7bf61e8e8
04e548fdbfa26a24caae781827ba9a183f15a879aabd875571b2da84061b9df5
GET /s/notosanskr/v27/Pby7FmXiEBPT4ITbgNA5CgmOalvI7dAGs2lYoVAUOdqfkBNGBJWUFERI.117.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://marylandcenterforhospitalitytraining.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12088
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 18:37:40 GMT
expires: Wed, 24 Jan 2024 18:37:40 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 09 May 2022 19:32:35 GMT
content-type: font/woff2
age: 266757
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Noto+Sans+KR:100,300,400,500,700,900&display=swap
142.250.74.106200 OK 151 kB URL HTTP/2 fonts.googleapis.com/css?family=Noto+Sans+KR:100,300,400,500,700,900&display=swap
IP 142.250.74.106:0
Size 151 kB (151051 bytes)
Hash 503e85e90c9f79994bef2dc52c783bcb
75bcb1000958ce1866dcb0ab73027842c4518217
5c11e4ca1b1068ea495dd245bac9605850ea226cb878dc9acafa310d9001c1e8
GET /css?family=Noto+Sans+KR:100,300,400,500,700,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 27 Jan 2023 20:43:37 GMT
date: Fri, 27 Jan 2023 20:43:37 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
marylandcenterforhospitalitytraining.com/assets/smoothscroll/smooth-scroll.js
107.180.41.148200 OK 3.5 kB URL HTTP/1.1 marylandcenterforhospitalitytraining.com/assets/smoothscroll/smooth-scroll.js
IP 107.180.41.148:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (525)
Hash 5a01c20a0a2e5995eb9dc43e04ac597e
2d5b8fdc5d12e00ed1b45efcc64572a07a6951d3
49abac7a8cce6f008a3598678a8c01c2aa66da00553317458e5522490f628e74
Analyzer Verdict Alert fortinet Phishing
GET /assets/smoothscroll/smooth-scroll.js HTTP/1.1
Host: marylandcenterforhospitalitytraining.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 20:43:37 GMT
Server: Apache
Last-Modified: Tue, 29 Dec 2020 14:37:25 GMT
ETag: "12a0262-1f22-5b79b544bd830-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3474
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
142.250.74.67200 OK 25 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
IP 142.250.74.67:0
File type Web Open Font Format (Version 2), TrueType, length 25372, version 1.0\012- data
Hash fe424f96cb627d8b835cb001af17f56e
c5b4368fed99812a99036fba86d01367b5549505
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
GET /s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://marylandcenterforhospitalitytraining.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25372
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 10:03:33 GMT
expires: Wed, 24 Jan 2024 10:03:33 GMT
cache-control: public, max-age=31536000
age: 297604
last-modified: Mon, 18 Jul 2022 19:24:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash cbe94bc7052911313fffd1cdad964a74
a96a6606f1d20baeeb4040c9ced3ba2f7bd1aada
430d90ac0a39038dbb5336cf29baf6786ac29491c5a8e4dcce04e93d9fceb5e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 20:43:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
marylandcenterforhospitalitytraining.com/assets/theme/js/script.js
107.180.41.148200 OK 5.8 kB URL HTTP/1.1 marylandcenterforhospitalitytraining.com/assets/theme/js/script.js
IP 107.180.41.148:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (638)
Hash 29dde6ed4ee0be9068cf0574c5b696f4
b9856822d5eb94e86c9946374d24833749461945
45f0a83c99100e367b0581137f16b7b5985cf1e2f32b4f2e21647f1e80e80781
Analyzer Verdict Alert fortinet Phishing
GET /assets/theme/js/script.js HTTP/1.1
Host: marylandcenterforhospitalitytraining.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 20:43:37 GMT
Server: Apache
Last-Modified: Tue, 29 Dec 2020 14:37:25 GMT
ETag: "12a0274-483e-5b79b544c1a99-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5764
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
fonts.gstatic.com/s/notosanskr/v27/PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.119.woff2
142.250.74.67200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/notosanskr/v27/PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.119.woff2
IP 142.250.74.67:0
File type Web Open Font Format (Version 2), CFF, length 11924, version 1.0\012- data
Hash a3c7c1d7ff4ef98dbb0087c118990f7d
552fc23606a1319ddfc7848ad39ac4ad95fdc2b7
34e9b4603cfeb23e63014fe9774763579f080afccb4eb0694ef79d7fda7e723a
GET /s/notosanskr/v27/PbykFmXiEBPT4ITbgNA5Cgm20xz64px_1hVWr0wuPNGmlQNMEfD4.119.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://marylandcenterforhospitalitytraining.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 18:39:10 GMT
expires: Wed, 24 Jan 2024 18:39:10 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 09 May 2022 19:41:07 GMT
content-type: font/woff2
age: 266667
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
marylandcenterforhospitalitytraining.com/assets/datepicker/jquery.datetimepicker.full.js
107.180.41.148200 OK 20 kB URL HTTP/1.1 marylandcenterforhospitalitytraining.com/assets/datepicker/jquery.datetimepicker.full.js
IP 107.180.41.148:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (974)
Hash f7c104d9b88a0e2f456849115d2168ca
108cfdcaa1e7c5d20aba9655bda1f934e5fcb773
f4d27a3967ef6c593b02c2a3e03212c3ceebd9cc807d38328524605bd3a6a176
Analyzer Verdict Alert fortinet Phishing
GET /assets/datepicker/jquery.datetimepicker.full.js HTTP/1.1
Host: marylandcenterforhospitalitytraining.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 20:43:37 GMT
Server: Apache
Last-Modified: Tue, 29 Dec 2020 14:37:25 GMT
ETag: "12a0216-11237-5b79b5450f8b8-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 19836
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
marylandcenterforhospitalitytraining.com/assets/formoid.min.js
107.180.41.148200 OK 2.7 kB URL HTTP/1.1 marylandcenterforhospitalitytraining.com/assets/formoid.min.js
IP 107.180.41.148:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 214a1240bd293da53d72a9aa1a445fd5
831b09bccdf51951d4ac30095fb9a54dbc331748
9e5094bbed7e3aa47abf0dbfc4a244da546d7c78c5625780efb2ef13a86c0120
Analyzer Verdict Alert fortinet Phishing
GET /assets/formoid.min.js HTTP/1.1
Host: marylandcenterforhospitalitytraining.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 20:43:37 GMT
Server: Apache
Last-Modified: Tue, 29 Dec 2020 14:37:25 GMT
ETag: "12a021e-2f55-5b79b544d1882-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2706
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 36147c185553851c38547798733a9fb2
912ec40237eae2ed558d09103c86c41f87896eca
a4fd9090983c75e1b7faf5ea9439532f51d747faf1853138ac13bdaafa490246
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 20:43:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/notosanskr/v27/Pby7FmXiEBPT4ITbgNA5CgmOalvI7dAGs2lYoVAUOdqfkBNGBJWUFERI.118.woff2
142.250.74.67200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/notosanskr/v27/Pby7FmXiEBPT4ITbgNA5CgmOalvI7dAGs2lYoVAUOdqfkBNGBJWUFERI.118.woff2
IP 142.250.74.67:0
File type Web Open Font Format (Version 2), CFF, length 11536, version 1.0\012- data
Hash 717bb7afe7381e3528f79d5e9be3c998
ccf7a358b54d011a0a65d9a7e99e6a71edc409ef
262d72ff3fb54cc8ceba6a1f1c67cfdafbb9cbb67be60cadbaff2202b4c90fa9
GET /s/notosanskr/v27/Pby7FmXiEBPT4ITbgNA5CgmOalvI7dAGs2lYoVAUOdqfkBNGBJWUFERI.118.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://marylandcenterforhospitalitytraining.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11536
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 18:38:12 GMT
expires: Wed, 24 Jan 2024 18:38:12 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 09 May 2022 19:32:15 GMT
content-type: font/woff2
age: 266726
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
marylandcenterforhospitalitytraining.com/assets/images/mcht-logo-397x102.png
107.180.41.148200 OK 22 kB URL HTTP/1.1 marylandcenterforhospitalitytraining.com/assets/images/mcht-logo-397x102.png
IP 107.180.41.148:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 397 x 102, 8-bit/color RGBA, non-interlaced\012- data
Hash 66c4bec1682463506609c479b50dc0d3
79b933a21fb8e9a2af583bfeaf64092adcf9abe9
0c9cb0eab869ecc6fdb0e5d60eef04b01670c2eb0c7d4403b7f8d2ccc277ae08
GET /assets/images/mcht-logo-397x102.png HTTP/1.1
Host: marylandcenterforhospitalitytraining.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 20:43:38 GMT
Server: Apache
Last-Modified: Tue, 29 Dec 2020 14:37:25 GMT
ETag: "12a023c-5484-5b79b545025c7"
Accept-Ranges: bytes
Content-Length: 21636
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash cbe94bc7052911313fffd1cdad964a74
a96a6606f1d20baeeb4040c9ced3ba2f7bd1aada
430d90ac0a39038dbb5336cf29baf6786ac29491c5a8e4dcce04e93d9fceb5e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 20:43:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
35.160.141.134101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.160.141.134:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: khPyZR5Gx6rsHvGUC3bI5Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: IbRHKTkRxtOvjBhetzJ6LE5AdJw=
marylandcenterforhospitalitytraining.com/assets/socicon/fonts/socicon.woff2
107.180.41.148200 OK 64 kB URL HTTP/1.1 marylandcenterforhospitalitytraining.com/assets/socicon/fonts/socicon.woff2
IP 107.180.41.148:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Web Open Font Format (Version 2), TrueType, length 64512, version 3.-26214\012- data
Hash 0d3d8b23e678fa28287d44a01e10553b
5a5daf8519110f538391dabd1de828493ba60959
c254279147099e0b696b281d62b436b8aed42fb0f3abf1ba17abc398ca6c90e2
Analyzer Verdict Alert fortinet Phishing
GET /assets/socicon/fonts/socicon.woff2 HTTP/1.1
Host: marylandcenterforhospitalitytraining.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/assets/socicon/css/styles.css
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 20:43:38 GMT
Server: Apache
Last-Modified: Tue, 29 Dec 2020 14:37:25 GMT
ETag: "12a026b-fc00-5b79b544c8411"
Accept-Ranges: bytes
Content-Length: 64512
Vary: Accept-Encoding
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: font/woff2
marylandcenterforhospitalitytraining.com/assets/images/MCHT-Training-Flyer-Dec-2021.jpg
107.180.41.148200 OK 243 kB URL HTTP/1.1 marylandcenterforhospitalitytraining.com/assets/images/MCHT-Training-Flyer-Dec-2021.jpg
IP 107.180.41.148:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 200x200, segment length 16, baseline, precision 8, 1500x2000, components 3\012- data
Size 243 kB (242965 bytes)
Hash 6d4748058d619e981ce3d15884fa109d
a17c8dd34b344bcabfa06c0e96fd7bff624af5be
abea018c72b02983d4f47776ea01b983fbbb72fbc30dcc610a0cbf9f04e7c0b4
GET /assets/images/MCHT-Training-Flyer-Dec-2021.jpg HTTP/1.1
Host: marylandcenterforhospitalitytraining.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 20:43:38 GMT
Server: Apache
Last-Modified: Mon, 08 Nov 2021 15:06:51 GMT
ETag: "12a00e3-3b515-5d04857bfbebf"
Accept-Ranges: bytes
Content-Length: 242965
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
marylandcenterforhospitalitytraining.com/assets/images/cover-art-524x684.png
107.180.41.148200 OK 216 kB URL HTTP/1.1 marylandcenterforhospitalitytraining.com/assets/images/cover-art-524x684.png
IP 107.180.41.148:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 524 x 675, 8-bit/color RGBA, non-interlaced\012- data
Size 216 kB (216338 bytes)
Hash 42b9b6adc97226b14b657001f89d44dd
b6feb26a344c0a8a4ca6543150c798e3440be967
206b8b15bf825cec67f5473f5d8a86566e9d4e25ee109a23cc5246915b7eaeba
GET /assets/images/cover-art-524x684.png HTTP/1.1
Host: marylandcenterforhospitalitytraining.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 20:43:38 GMT
Server: Apache
Last-Modified: Tue, 29 Dec 2020 14:37:25 GMT
ETag: "12a022f-34d12-5b79b544fd3bf"
Accept-Ranges: bytes
Content-Length: 216338
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash e7ebbff54ced2c07469b302fc6d44078
f59983c844c398bd37705051ca685b2d07d85726
04eb3bd7658c1112bfc1d0098e8d7f5fafdb10459e3290c0d4e6a17e65a5494f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 20:43:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ab04da9bc46246cc0001464e7f6b5e19
01ce4f7004aec7a24d4545a1e742ab6a1e639b48
22e519a39cb2e7e5f6da23d35f4498aa7a2d00e06613fd3bbf8de8a62ed2d354
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 20:43:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img.youtube.com/vi/dLaImbt0IEE/maxresdefault.jpg
142.250.74.78200 OK 152 kB URL HTTP/1.1 img.youtube.com/vi/dLaImbt0IEE/maxresdefault.jpg
IP 142.250.74.78:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size 152 kB (151811 bytes)
Hash 4b989393e109db3a746519c4d3b14b74
20561cad14f2c65d63bd10964aecd2b9ec8f4eca
9ca769c26ba464e351520453a2ec7b4f657102087f2e04593984d302be6d2f84
GET /vi/dLaImbt0IEE/maxresdefault.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: image/jpeg
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
Timing-Allow-Origin: *
Content-Length: 151811
Date: Fri, 27 Jan 2023 20:43:38 GMT
Expires: Fri, 27 Jan 2023 22:43:38 GMT
Cache-Control: public, max-age=7200
ETag: "0"
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.130200 OK 50 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.130:0
File type ASCII text, with very long lines (4879)
Hash cbac03e342abe05d9259898ffcaaffec
df145745f67a1959fd13596b4e842fc4deb5cdff
d748ca9dd9e2676b58886b1201f87931a6435b3c02d9b63c4f23071c4e3464b6
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 27 Jan 2023 20:43:38 GMT
expires: Fri, 27 Jan 2023 20:43:38 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 15866310376958158611
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49795
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ab04da9bc46246cc0001464e7f6b5e19
01ce4f7004aec7a24d4545a1e742ab6a1e639b48
22e519a39cb2e7e5f6da23d35f4498aa7a2d00e06613fd3bbf8de8a62ed2d354
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 20:43:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash e7ebbff54ced2c07469b302fc6d44078
f59983c844c398bd37705051ca685b2d07d85726
04eb3bd7658c1112bfc1d0098e8d7f5fafdb10459e3290c0d4e6a17e65a5494f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 20:43:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/html/r20230124/r20190131/zrt_lookup.html
216.58.207.226200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20230124/r20190131/zrt_lookup.html
IP 216.58.207.226:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20230124/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Fri, 27 Jan 2023 03:54:17 GMT
expires: Fri, 10 Feb 2023 03:54:17 GMT
cache-control: public, max-age=1209600
age: 60561
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash c083fb68af37d6c700a3fa4eb04a29cb
9b3ff3c9c0bd7dc448eb18e74ddc029f7c18dc9a
3ea0d4252ad90ee13a6b23ebd1144639f7bb73e4d96ef2590b21a155809e65e2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 20:43:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.67200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.67:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 21:48:03 GMT
expires: Fri, 26 Jan 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 82536
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.67200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.67:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 16:40:43 GMT
expires: Fri, 26 Jan 2024 16:40:43 GMT
cache-control: public, max-age=31536000
age: 100976
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=marylandcenterforhospitalitytraining.com
142.250.74.98200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=marylandcenterforhospitalitytraining.com
IP 142.250.74.98:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=marylandcenterforhospitalitytraining.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 27 Jan 2023 20:43:39 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=marylandcenterforhospitalitytraining.com
142.250.74.98200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=marylandcenterforhospitalitytraining.com
IP 142.250.74.98:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=marylandcenterforhospitalitytraining.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 27 Jan 2023 20:43:39 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash c083fb68af37d6c700a3fa4eb04a29cb
9b3ff3c9c0bd7dc448eb18e74ddc029f7c18dc9a
3ea0d4252ad90ee13a6b23ebd1144639f7bb73e4d96ef2590b21a155809e65e2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 20:43:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
marylandcenterforhospitalitytraining.com/assets/logos/Updated%20OC%20Recruitment%2004152021.png
107.180.41.148200 OK 5.9 MB URL HTTP/1.1 marylandcenterforhospitalitytraining.com/assets/logos/Updated%20OC%20Recruitment%2004152021.png
IP 107.180.41.148:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 2250 x 3000, 8-bit/color RGBA, non-interlaced\012- data
Size 5.9 MB (5900438 bytes)
Hash 5437be15acedc7904fbe729b203b3d9f
03e23e6a10536032ab468d4ec14198fb97096bb6
f20f40f4d88bc58f95e0c04c80d446d56c29c9f4cfee98035f23a352d3f2298e
GET /assets/logos/Updated%20OC%20Recruitment%2004152021.png HTTP/1.1
Host: marylandcenterforhospitalitytraining.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 20:43:38 GMT
Server: Apache
Last-Modified: Fri, 16 Apr 2021 16:39:30 GMT
ETag: "12a06a8-5a0896-5c0199fc0d199"
Accept-Ranges: bytes
Content-Length: 5900438
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10831
Expires: Fri, 27 Jan 2023 23:44:10 GMT
Date: Fri, 27 Jan 2023 20:43:39 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 4abb97e5fd107cb87b896feb33a2159b
757fc267c534b8f5191f97d4c6dce60753e965f2
88d691d314752499a884e54232b88c0d19e4c8163236851b99a0b0d3ac0d7f8a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 20:43:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cc9d867-fc35-4a62-9934-4cb307d6146d.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cc9d867-fc35-4a62-9934-4cb307d6146d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 869cdfba2637cc932ce387317a3c485e
51d87a5223d87c959bf27b2a825dce0a28f52ada
6dc4247dd3110836195f9962463bd8265be89633e9e589bf19955991751c26fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cc9d867-fc35-4a62-9934-4cb307d6146d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5669
x-amzn-requestid: 17f6235c-d495-4813-9453-407331e0dcad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fR1ZSH4fIAMFxeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d09c3b-67ff5c7f416727670e7c3b21;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 03:04:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KGNpzuI2ny_1LH90atWa09SPYG7Ovolbv_KvL8nC6fUk59z-6TFsMQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 03:05:08 GMT
age: 63511
etag: "51d87a5223d87c959bf27b2a825dce0a28f52ada"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a8a63ec-e0a4-4297-b143-649ad3968ae8.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a8a63ec-e0a4-4297-b143-649ad3968ae8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f62e9b7bdca82d18c945851912d8fea8
a7ca44d337c43bc5c6145b26778661c71cc50484
5da02cc405c1cada55813ffe376844375f1d6ad222cbb63405348b1f5132a0b1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a8a63ec-e0a4-4297-b143-649ad3968ae8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9595
x-amzn-requestid: c257bfbe-1bd7-4540-bbfa-e4c49a2624a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUXwfGigoAMFvBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a002-226c08656eeefbfa3c2dddb6;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:32:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k9njnQmggD7UkVJzZqSzo90HJJjTjGK0QIoPU0HWYKrSstjM6s1rOw==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 21:49:48 GMT
age: 82431
etag: "a7ca44d337c43bc5c6145b26778661c71cc50484"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b7a0759c043594fbe85af422b59b8227
a05cfaad16078f42218dae233da38f6f5dff8487
e898d6ef1b3998fb9322a8fc190069ec5f7b3582bfe8397a2367497d84a27549
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11568
x-amzn-requestid: 2e85f75e-ab9d-4d45-adad-7313950a9647
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSWbxGwnoAMFejw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0d117-68f1a9e71a07a0453311fd32;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 06:49:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dbz3wXGNaetf6xvRE98rshyHy-FVfDo8co-4VDL0a4Qe3E4U8A82Og==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 18:36:01 GMT
age: 7658
etag: "a05cfaad16078f42218dae233da38f6f5dff8487"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
partner.googleadservices.com/gampad/cookie.js?domain=marylandcenterforhospitalitytraining.com&callback=_gfp_s_&client=ca-pub-3060354495383951
142.250.74.66200 OK 271 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=marylandcenterforhospitalitytraining.com&callback=_gfp_s_&client=ca-pub-3060354495383951
IP 142.250.74.66:0
File type ASCII text, with very long lines (447), with no line terminators
Hash ae0100e1ecb48e195c55fadaee43994d
a90187da6e9225811a0b16081ac0d6504c66767b
e64db9e33b40adf81acdfada6313e73e53d16e30766ae1fa29f9cff57f8b25bd
GET /gampad/cookie.js?domain=marylandcenterforhospitalitytraining.com&callback=_gfp_s_&client=ca-pub-3060354495383951 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 27 Jan 2023 20:43:39 GMT
server: cafe
cache-control: private
content-length: 271
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba0a42dadf6a976df148f652e9cc1844
4d825b74865effa4a858ddcad1d0969671facc07
7276a38c9ba6b13a06f24ab8b802f210f98c5541df53fbcd8e879a14d2957d95
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5943
x-amzn-requestid: 6774f4a4-ed83-49df-868f-4517c2af914b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUXxNF2UIAMFlYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a007-75b1e8975c3f4b503e0a1c5b;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:32:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KY05WKpINERD5g9o2QLYdsNMSuuy_YKn2Tl7Qkn7YaAOaPTDfLteeA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 21:49:48 GMT
age: 82431
etag: "4d825b74865effa4a858ddcad1d0969671facc07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16430244-f45f-4aea-a8a8-2b1f37fa80ef.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16430244-f45f-4aea-a8a8-2b1f37fa80ef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5e7158416f60576804ccff03307319fe
a342f94625e913fa6b8d862a59979f1e3ad80dd1
5c525df7d169cc7e033d920c11f4a0163a781c025a22b70530882b56964a9a52
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16430244-f45f-4aea-a8a8-2b1f37fa80ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5737
x-amzn-requestid: cc977ea9-c418-4a5a-a13b-c86e16bbe6ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fRGPFGL5oAMFiSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d050c6-2d540cac5ca7d4e64cfdb8bc;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 21:42:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uZnA5gkRlZyqamh_n3992G9PlMJa4gJ-mjSOQEysII73dDKLXmeXsg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 16:31:38 GMT
age: 15121
etag: "a342f94625e913fa6b8d862a59979f1e3ad80dd1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F71e9b44e-6d59-411b-90e8-54e0efae62a5.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F71e9b44e-6d59-411b-90e8-54e0efae62a5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 41fd0074a6ce752b1271302feade4cee
6311d1365504f06cb7516606c56c502d553c9d16
544c508899fe8855b0975a87cb0bf35663ab4ad0ec8fd057b3962d50cc001b8c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F71e9b44e-6d59-411b-90e8-54e0efae62a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7365
x-amzn-requestid: c2a8ae3d-47f8-415f-bf08-78dd12ede3d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUYRwEUbIAMFnag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a0d7-38f72fec78120cf113c7a4f7;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:36:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w2YQTruAWzbdhCWhHu5V1Wj0DlkD6-BsEwgjtR9RJqqmStbW8mPS9w==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 21:49:07 GMT
age: 82472
etag: "6311d1365504f06cb7516606c56c502d553c9d16"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 4abb97e5fd107cb87b896feb33a2159b
757fc267c534b8f5191f97d4c6dce60753e965f2
88d691d314752499a884e54232b88c0d19e4c8163236851b99a0b0d3ac0d7f8a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 20:43:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash af1c521d29c662e208d80836c19fa58a
64e18dcf8f3ea43f6aeb1c66299bd37121cdfe14
57fe9c6dbb637c6090c7110234fb9d3aadb75850d6d5ed5c668376ebd121c1f6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 20:43:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.134200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.134:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 20:42:52 GMT
expires: Fri, 27 Jan 2023 20:57:52 GMT
cache-control: public, max-age=900
age: 47
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash af1c521d29c662e208d80836c19fa58a
64e18dcf8f3ea43f6aeb1c66299bd37121cdfe14
57fe9c6dbb637c6090c7110234fb9d3aadb75850d6d5ed5c668376ebd121c1f6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 20:43:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.10200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Fri, 27 Jan 2023 20:43:39 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.10200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.10:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 39d31683f6cb5f9f2b43fbe03c5611d2
6e4df99a74f6530137232e5bd590a3276b16390e
a0db19ad5dfda2401961c57206604c911b5fbab2bca818541f24d86c05155d0f
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 27 Jan 2023 20:43:39 GMT
server: ESF
cache-control: private
content-length: 30796
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 622311873d3819b9911301b09bc2d43c
9f08d648e40479aa12da033da15b80a15017c739
6138674cec17da8b7bb02bf0686bf3e7aefa2bce6a5f844ebd80e10b665818b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 20:43:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/x4UJj8gT6CtT5_PZSB2sMkWT7oT3ONYvYheI_Vl_kb0.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/x4UJj8gT6CtT5_PZSB2sMkWT7oT3ONYvYheI_Vl_kb0.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (36171)
Hash a13a76dd17af226d4a24bd16ef702377
c364171cd0f66eb4a1a8dde04e1e083154d81dbd
1dd3352cbdb7561b142954006a2bb94008486c22760c3d5ebb1b6fffeb325173
GET /js/th/x4UJj8gT6CtT5_PZSB2sMkWT7oT3ONYvYheI_Vl_kb0.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14250
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 18:38:28 GMT
expires: Sat, 27 Jan 2024 18:38:28 GMT
cache-control: public, max-age=31536000
age: 7511
last-modified: Tue, 03 Jan 2023 15:00:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash e2579e6546ece9f51d426a7d7f271499
1a73b4aa9dd0a6ad011c8d56d5bfdd1be30e2b10
56f86a1282b4e619ae6a9f211ccebaa8a6ddf614acec73700814986dc84a593c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 20:43:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/dLaImbt0IEE/maxresdefault.webp
216.58.207.246200 OK 72 kB URL HTTP/2 i.ytimg.com/vi_webp/dLaImbt0IEE/maxresdefault.webp
IP 216.58.207.246:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 23b22efeebb91cdd5ca5b047fedc9f9d
a4cc7ba64c010635705dcd7cf0fe8b6b1e8e7785
7693a23a9282310240a9db94f87b5e2f30043fb52ed67893fde1f7042e55065b
GET /vi_webp/dLaImbt0IEE/maxresdefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 72154
date: Fri, 27 Jan 2023 20:43:39 GMT
expires: Fri, 27 Jan 2023 22:43:39 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash e2579e6546ece9f51d426a7d7f271499
1a73b4aa9dd0a6ad011c8d56d5bfdd1be30e2b10
56f86a1282b4e619ae6a9f211ccebaa8a6ddf614acec73700814986dc84a593c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 20:43:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 166bf2c6932f048996b3fe12e1cf3db9
9489d067ac8215775dda446a4c291e6db1e8ab3f
896314990eb656b725f8ec5d3753e70bf71e956c142a15b45773a77bb7d6ff24
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 20:43:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AL5GRJUjunKmOLW5noTcVqgU1Q20GgJ8oTgqBYgVIJbb=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 2.4 kB URL HTTP/2 yt3.ggpht.com/ytc/AL5GRJUjunKmOLW5noTcVqgU1Q20GgJ8oTgqBYgVIJbb=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash 73e4d05d376931709e9d939e7bdfed8d
11101bdf2ec817391212754196700dd2d9afdf08
e8ddfc34ab6880c40b47756ef77dc70506185a66dbe0f1a3798a72182f507ee9
GET /ytc/AL5GRJUjunKmOLW5noTcVqgU1Q20GgJ8oTgqBYgVIJbb=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v24"
expires: Sat, 28 Jan 2023 20:43:40 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Fri, 27 Jan 2023 20:43:40 GMT
server: fife
content-length: 2421
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 166bf2c6932f048996b3fe12e1cf3db9
9489d067ac8215775dda446a4c291e6db1e8ab3f
896314990eb656b725f8ec5d3753e70bf71e956c142a15b45773a77bb7d6ff24
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 20:43:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.10200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Fri, 27 Jan 2023 20:43:40 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 9cb1b0e28aa4782094fdef39189329de
bb71ad80edfe9fda1c8feeb10561ec9c80ed3153
db1341579cd5138d2c43444f0e19b62a5a260ee792d0a1a7ecc8a59f80129dbf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 20:43:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 9cb1b0e28aa4782094fdef39189329de
bb71ad80edfe9fda1c8feeb10561ec9c80ed3153
db1341579cd5138d2c43444f0e19b62a5a260ee792d0a1a7ecc8a59f80129dbf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 20:43:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1674873820&ei=fDfUY9WOFMnNyQXt5KmQDQ&ip=91.90.42.154&id=o-AKplsuY1IGECpqNhGcACORt3ORnaNDN_I-o9eaK-8rXG&itag=251&source=youtube&requiressl=yes&mh=Ga&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1635000&spc=H3gIhjO8Npqj2fPAJUaKXEU5tPCLHjM&vprv=1&mime=audio%2Fwebm&ns=v_OtLFeY8NkSusEbxYpEPxEL&gir=yes&clen=23406&otfp=1&dur=51.081&lmt=1590560298765074&mt=1674851862&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=mnX8WawNcrdXtw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAMmB7eIEp22Wq4VT9loG0imWcumHo7dU2FzTYo0noj_rAiEA0CoZBiPfxNTSoMih9cYqeo87ny2c_5kFR3TIe3BSYCI%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgdhbkRNJ_UilAKdDsJzkPewX8Mk4eikH4t7fYMTXbTwQCIEP3AH-HulLmCVFoNQ_1LjYWVd4kqGvSUBDvJSsXcQ3e&alr=yes&cpn=yerdgRiitPUPjWGR&cver=1.20230111.01.00&range=0-352&rn=2&rbuf=0
91.90.45.172200 OK 1.0 kB URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1674873820&ei=fDfUY9WOFMnNyQXt5KmQDQ&ip=91.90.42.154&id=o-AKplsuY1IGECpqNhGcACORt3ORnaNDN_I-o9eaK-8rXG&itag=251&source=youtube&requiressl=yes&mh=Ga&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1635000&spc=H3gIhjO8Npqj2fPAJUaKXEU5tPCLHjM&vprv=1&mime=audio%2Fwebm&ns=v_OtLFeY8NkSusEbxYpEPxEL&gir=yes&clen=23406&otfp=1&dur=51.081&lmt=1590560298765074&mt=1674851862&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=mnX8WawNcrdXtw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAMmB7eIEp22Wq4VT9loG0imWcumHo7dU2FzTYo0noj_rAiEA0CoZBiPfxNTSoMih9cYqeo87ny2c_5kFR3TIe3BSYCI%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgdhbkRNJ_UilAKdDsJzkPewX8Mk4eikH4t7fYMTXbTwQCIEP3AH-HulLmCVFoNQ_1LjYWVd4kqGvSUBDvJSsXcQ3e&alr=yes&cpn=yerdgRiitPUPjWGR&cver=1.20230111.01.00&range=0-352&rn=2&rbuf=0
IP 91.90.45.172:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1030), with no line terminators
Hash b2772108f5c90684c2399651f30e95c2
e01982113da06484b35f881cd6d9972075ac2df2
8657f6255b0ca7ed598fbe831c8e43c519e1ff5c43fb6bb494600e58db49c01a
POST /videoplayback?expire=1674873820&ei=fDfUY9WOFMnNyQXt5KmQDQ&ip=91.90.42.154&id=o-AKplsuY1IGECpqNhGcACORt3ORnaNDN_I-o9eaK-8rXG&itag=251&source=youtube&requiressl=yes&mh=Ga&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1635000&spc=H3gIhjO8Npqj2fPAJUaKXEU5tPCLHjM&vprv=1&mime=audio%2Fwebm&ns=v_OtLFeY8NkSusEbxYpEPxEL&gir=yes&clen=23406&otfp=1&dur=51.081&lmt=1590560298765074&mt=1674851862&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=mnX8WawNcrdXtw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAMmB7eIEp22Wq4VT9loG0imWcumHo7dU2FzTYo0noj_rAiEA0CoZBiPfxNTSoMih9cYqeo87ny2c_5kFR3TIe3BSYCI%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgdhbkRNJ_UilAKdDsJzkPewX8Mk4eikH4t7fYMTXbTwQCIEP3AH-HulLmCVFoNQ_1LjYWVd4kqGvSUBDvJSsXcQ3e&alr=yes&cpn=yerdgRiitPUPjWGR&cver=1.20230111.01.00&range=0-352&rn=2&rbuf=0 HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Fri, 27 Jan 2023 20:43:40 GMT
Expires: Fri, 27 Jan 2023 20:43:40 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1030
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1674873820&ei=fDfUY9WOFMnNyQXt5KmQDQ&ip=91.90.42.154&id=o-AKplsuY1IGECpqNhGcACORt3ORnaNDN_I-o9eaK-8rXG&itag=244&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=yt_otf&requiressl=yes&mh=Ga&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1635000&spc=H3gIhjO8Npqj2fPAJUaKXEU5tPCLHjM&vprv=1&mime=video%2Fwebm&ns=v_OtLFeY8NkSusEbxYpEPxEL&otf=1&otfp=1&dur=0.000&lmt=1590560301367880&mt=1674851862&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6210222&n=mnX8WawNcrdXtw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgDUrnpvefQKg-0V2mnwJB_yAE1-r-9nGPEj77TCSC6D8CIQCm8F16cTK_1w8tREvqfbeplwYDXWCiICS_W-8JdQArug%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgdhbkRNJ_UilAKdDsJzkPewX8Mk4eikH4t7fYMTXbTwQCIEP3AH-HulLmCVFoNQ_1LjYWVd4kqGvSUBDvJSsXcQ3e&alr=yes&cpn=yerdgRiitPUPjWGR&cver=1.20230111.01.00&sq=0&rn=1&rbuf=0
91.90.45.172200 OK 1.1 kB URL HTTP/1.1 rr1---sn-capm-vnae.googlevideo.com/videoplayback?expire=1674873820&ei=fDfUY9WOFMnNyQXt5KmQDQ&ip=91.90.42.154&id=o-AKplsuY1IGECpqNhGcACORt3ORnaNDN_I-o9eaK-8rXG&itag=244&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=yt_otf&requiressl=yes&mh=Ga&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1635000&spc=H3gIhjO8Npqj2fPAJUaKXEU5tPCLHjM&vprv=1&mime=video%2Fwebm&ns=v_OtLFeY8NkSusEbxYpEPxEL&otf=1&otfp=1&dur=0.000&lmt=1590560301367880&mt=1674851862&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6210222&n=mnX8WawNcrdXtw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgDUrnpvefQKg-0V2mnwJB_yAE1-r-9nGPEj77TCSC6D8CIQCm8F16cTK_1w8tREvqfbeplwYDXWCiICS_W-8JdQArug%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgdhbkRNJ_UilAKdDsJzkPewX8Mk4eikH4t7fYMTXbTwQCIEP3AH-HulLmCVFoNQ_1LjYWVd4kqGvSUBDvJSsXcQ3e&alr=yes&cpn=yerdgRiitPUPjWGR&cver=1.20230111.01.00&sq=0&rn=1&rbuf=0
IP 91.90.45.172:0
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1068), with no line terminators
Hash 3ffe1d1d060ce4f08088d49d10fe4e98
f6693993b462d5bc39b2dd9b17198786192c692b
abe019880b9befae3e7f380c30434bc4fb3948451a316ab21504c62830ea3cf9
POST /videoplayback?expire=1674873820&ei=fDfUY9WOFMnNyQXt5KmQDQ&ip=91.90.42.154&id=o-AKplsuY1IGECpqNhGcACORt3ORnaNDN_I-o9eaK-8rXG&itag=244&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=yt_otf&requiressl=yes&mh=Ga&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenes&ms=au%2Crdu&mv=m&mvi=1&pl=21&initcwndbps=1635000&spc=H3gIhjO8Npqj2fPAJUaKXEU5tPCLHjM&vprv=1&mime=video%2Fwebm&ns=v_OtLFeY8NkSusEbxYpEPxEL&otf=1&otfp=1&dur=0.000&lmt=1590560301367880&mt=1674851862&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6210222&n=mnX8WawNcrdXtw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgDUrnpvefQKg-0V2mnwJB_yAE1-r-9nGPEj77TCSC6D8CIQCm8F16cTK_1w8tREvqfbeplwYDXWCiICS_W-8JdQArug%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgdhbkRNJ_UilAKdDsJzkPewX8Mk4eikH4t7fYMTXbTwQCIEP3AH-HulLmCVFoNQ_1LjYWVd4kqGvSUBDvJSsXcQ3e&alr=yes&cpn=yerdgRiitPUPjWGR&cver=1.20230111.01.00&sq=0&rn=1&rbuf=0 HTTP/1.1
Host: rr1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Fri, 27 Jan 2023 20:43:40 GMT
Expires: Fri, 27 Jan 2023 20:43:40 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1068
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 9cb1b0e28aa4782094fdef39189329de
bb71ad80edfe9fda1c8feeb10561ec9c80ed3153
db1341579cd5138d2c43444f0e19b62a5a260ee792d0a1a7ecc8a59f80129dbf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 20:43:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash a698ec74ee4a3a0dbbaee5ffcc4d17bf
8c63a9b76fa5010cf1bcaae8f546d5a0cb6cd706
771192d458f35787b90de5dac221e0a306f687091a4f8621a75d676c42fa576d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 20:43:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash a698ec74ee4a3a0dbbaee5ffcc4d17bf
8c63a9b76fa5010cf1bcaae8f546d5a0cb6cd706
771192d458f35787b90de5dac221e0a306f687091a4f8621a75d676c42fa576d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 20:43:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr2---sn-5goeenes.googlevideo.com/videoplayback?expire=1674873820&ei=fDfUY9WOFMnNyQXt5KmQDQ&ip=91.90.42.154&id=o-AKplsuY1IGECpqNhGcACORt3ORnaNDN_I-o9eaK-8rXG&itag=244&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=yt_otf&requiressl=yes&spc=H3gIhjO8Npqj2fPAJUaKXEU5tPCLHjM&vprv=1&mime=video%2Fwebm&ns=v_OtLFeY8NkSusEbxYpEPxEL&otf=1&otfp=1&dur=0.000&lmt=1590560301367880&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6210222&n=mnX8WawNcrdXtw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgDUrnpvefQKg-0V2mnwJB_yAE1-r-9nGPEj77TCSC6D8CIQCm8F16cTK_1w8tREvqfbeplwYDXWCiICS_W-8JdQArug%3D%3D&alr=yes&cpn=yerdgRiitPUPjWGR&cver=1.20230111.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=Ga&mm=29&mn=sn-5goeenes&ms=rdu&mt=1674852116&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhALoFwqamRrrM9CSwkNpSyoJUBOY7X9Nc78AvoCfQGJ4GAiEAu-e55Js2LZSGjrDGzjf1R7ZLZAxKm58_kSgqR0FBUe4%3D&sq=0&rn=4&rbuf=0&pot=DyFJky4KOmhCIXHBOXA-lLivhgnJnXm4wAKptquyee2_wV_f7HatqDxxdrSI_5_br62JtZlkw4ZjsoU5LBfbzOBTU0qIW4leODY-jHsrm7FSeJxxs-W43ziqNqqup-hp5836clk=
74.125.108.231200 OK 1.2 kB URL HTTP/1.1 rr2---sn-5goeenes.googlevideo.com/videoplayback?expire=1674873820&ei=fDfUY9WOFMnNyQXt5KmQDQ&ip=91.90.42.154&id=o-AKplsuY1IGECpqNhGcACORt3ORnaNDN_I-o9eaK-8rXG&itag=244&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=yt_otf&requiressl=yes&spc=H3gIhjO8Npqj2fPAJUaKXEU5tPCLHjM&vprv=1&mime=video%2Fwebm&ns=v_OtLFeY8NkSusEbxYpEPxEL&otf=1&otfp=1&dur=0.000&lmt=1590560301367880&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6210222&n=mnX8WawNcrdXtw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgDUrnpvefQKg-0V2mnwJB_yAE1-r-9nGPEj77TCSC6D8CIQCm8F16cTK_1w8tREvqfbeplwYDXWCiICS_W-8JdQArug%3D%3D&alr=yes&cpn=yerdgRiitPUPjWGR&cver=1.20230111.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=Ga&mm=29&mn=sn-5goeenes&ms=rdu&mt=1674852116&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhALoFwqamRrrM9CSwkNpSyoJUBOY7X9Nc78AvoCfQGJ4GAiEAu-e55Js2LZSGjrDGzjf1R7ZLZAxKm58_kSgqR0FBUe4%3D&sq=0&rn=4&rbuf=0&pot=DyFJky4KOmhCIXHBOXA-lLivhgnJnXm4wAKptquyee2_wV_f7HatqDxxdrSI_5_br62JtZlkw4ZjsoU5LBfbzOBTU0qIW4leODY-jHsrm7FSeJxxs-W43ziqNqqup-hp5836clk=
IP 74.125.108.231:0
File type ASCII text, with very long lines (1214), with no line terminators
Hash 229b37a4ea893128cf92ec02bb5c784c
4e7e56b1eaa1b3a788da73e47eb2e9727dfd359a
a972c27c6a5c92fb0e6f567f60c440296ec297f546082334b72f6157f04d356c
POST /videoplayback?expire=1674873820&ei=fDfUY9WOFMnNyQXt5KmQDQ&ip=91.90.42.154&id=o-AKplsuY1IGECpqNhGcACORt3ORnaNDN_I-o9eaK-8rXG&itag=244&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=yt_otf&requiressl=yes&spc=H3gIhjO8Npqj2fPAJUaKXEU5tPCLHjM&vprv=1&mime=video%2Fwebm&ns=v_OtLFeY8NkSusEbxYpEPxEL&otf=1&otfp=1&dur=0.000&lmt=1590560301367880&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6210222&n=mnX8WawNcrdXtw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgDUrnpvefQKg-0V2mnwJB_yAE1-r-9nGPEj77TCSC6D8CIQCm8F16cTK_1w8tREvqfbeplwYDXWCiICS_W-8JdQArug%3D%3D&alr=yes&cpn=yerdgRiitPUPjWGR&cver=1.20230111.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=Ga&mm=29&mn=sn-5goeenes&ms=rdu&mt=1674852116&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhALoFwqamRrrM9CSwkNpSyoJUBOY7X9Nc78AvoCfQGJ4GAiEAu-e55Js2LZSGjrDGzjf1R7ZLZAxKm58_kSgqR0FBUe4%3D&sq=0&rn=4&rbuf=0&pot=DyFJky4KOmhCIXHBOXA-lLivhgnJnXm4wAKptquyee2_wV_f7HatqDxxdrSI_5_br62JtZlkw4ZjsoU5LBfbzOBTU0qIW4leODY-jHsrm7FSeJxxs-W43ziqNqqup-hp5836clk= HTTP/1.1
Host: rr2---sn-5goeenes.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Fri, 27 Jan 2023 20:43:40 GMT
Expires: Fri, 27 Jan 2023 20:43:40 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1214
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr2---sn-5goeenes.googlevideo.com/videoplayback?expire=1674873820&ei=fDfUY9WOFMnNyQXt5KmQDQ&ip=91.90.42.154&id=o-AKplsuY1IGECpqNhGcACORt3ORnaNDN_I-o9eaK-8rXG&itag=251&source=youtube&requiressl=yes&spc=H3gIhjO8Npqj2fPAJUaKXEU5tPCLHjM&vprv=1&mime=audio%2Fwebm&ns=v_OtLFeY8NkSusEbxYpEPxEL&gir=yes&clen=23406&otfp=1&dur=51.081&lmt=1590560298765074&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=mnX8WawNcrdXtw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAMmB7eIEp22Wq4VT9loG0imWcumHo7dU2FzTYo0noj_rAiEA0CoZBiPfxNTSoMih9cYqeo87ny2c_5kFR3TIe3BSYCI%3D&alr=yes&cpn=yerdgRiitPUPjWGR&cver=1.20230111.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=Ga&mm=29&mn=sn-5goeenes&ms=rdu&mt=1674852116&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAIYM-x7S8AN5hqTbIx56aJpykVXdZ04CxEfDAkTKCfUsAiAbwdHDNFVBit6aMMnYa0APznDus7oos_MtInPdhzUoIQ%3D%3D&range=0-352&rn=3&rbuf=0&pot=DyFJky4KOmhCIXHBOXA-lLivhgnJnXm4wAKptquyee2_wV_f7HatqDxxdrSI_5_br62JtZlkw4ZjsoU5LBfbzOBTU0qIW4leODY-jHsrm7FSeJxxs-W43ziqNqqup-hp5836clk=
74.125.108.231200 OK 1.2 kB URL HTTP/1.1 rr2---sn-5goeenes.googlevideo.com/videoplayback?expire=1674873820&ei=fDfUY9WOFMnNyQXt5KmQDQ&ip=91.90.42.154&id=o-AKplsuY1IGECpqNhGcACORt3ORnaNDN_I-o9eaK-8rXG&itag=251&source=youtube&requiressl=yes&spc=H3gIhjO8Npqj2fPAJUaKXEU5tPCLHjM&vprv=1&mime=audio%2Fwebm&ns=v_OtLFeY8NkSusEbxYpEPxEL&gir=yes&clen=23406&otfp=1&dur=51.081&lmt=1590560298765074&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=mnX8WawNcrdXtw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAMmB7eIEp22Wq4VT9loG0imWcumHo7dU2FzTYo0noj_rAiEA0CoZBiPfxNTSoMih9cYqeo87ny2c_5kFR3TIe3BSYCI%3D&alr=yes&cpn=yerdgRiitPUPjWGR&cver=1.20230111.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=Ga&mm=29&mn=sn-5goeenes&ms=rdu&mt=1674852116&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAIYM-x7S8AN5hqTbIx56aJpykVXdZ04CxEfDAkTKCfUsAiAbwdHDNFVBit6aMMnYa0APznDus7oos_MtInPdhzUoIQ%3D%3D&range=0-352&rn=3&rbuf=0&pot=DyFJky4KOmhCIXHBOXA-lLivhgnJnXm4wAKptquyee2_wV_f7HatqDxxdrSI_5_br62JtZlkw4ZjsoU5LBfbzOBTU0qIW4leODY-jHsrm7FSeJxxs-W43ziqNqqup-hp5836clk=
IP 74.125.108.231:0
File type ASCII text, with very long lines (1182), with no line terminators
Hash 9076fde502b53b9a164a14c09c86373d
a3e91ccce18d1356a333a61475a48a02869d86f2
cd8af2dd7741b847d19f14ea056d9ba8ea1caad9dcacfa2c9194421484e24df8
POST /videoplayback?expire=1674873820&ei=fDfUY9WOFMnNyQXt5KmQDQ&ip=91.90.42.154&id=o-AKplsuY1IGECpqNhGcACORt3ORnaNDN_I-o9eaK-8rXG&itag=251&source=youtube&requiressl=yes&spc=H3gIhjO8Npqj2fPAJUaKXEU5tPCLHjM&vprv=1&mime=audio%2Fwebm&ns=v_OtLFeY8NkSusEbxYpEPxEL&gir=yes&clen=23406&otfp=1&dur=51.081&lmt=1590560298765074&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=mnX8WawNcrdXtw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAMmB7eIEp22Wq4VT9loG0imWcumHo7dU2FzTYo0noj_rAiEA0CoZBiPfxNTSoMih9cYqeo87ny2c_5kFR3TIe3BSYCI%3D&alr=yes&cpn=yerdgRiitPUPjWGR&cver=1.20230111.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=Ga&mm=29&mn=sn-5goeenes&ms=rdu&mt=1674852116&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAIYM-x7S8AN5hqTbIx56aJpykVXdZ04CxEfDAkTKCfUsAiAbwdHDNFVBit6aMMnYa0APznDus7oos_MtInPdhzUoIQ%3D%3D&range=0-352&rn=3&rbuf=0&pot=DyFJky4KOmhCIXHBOXA-lLivhgnJnXm4wAKptquyee2_wV_f7HatqDxxdrSI_5_br62JtZlkw4ZjsoU5LBfbzOBTU0qIW4leODY-jHsrm7FSeJxxs-W43ziqNqqup-hp5836clk= HTTP/1.1
Host: rr2---sn-5goeenes.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Fri, 27 Jan 2023 20:43:40 GMT
Expires: Fri, 27 Jan 2023 20:43:40 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1182
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash a698ec74ee4a3a0dbbaee5ffcc4d17bf
8c63a9b76fa5010cf1bcaae8f546d5a0cb6cd706
771192d458f35787b90de5dac221e0a306f687091a4f8621a75d676c42fa576d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 20:43:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr2---sn-5goeenes.googlevideo.com/videoplayback?expire=1674873820&ei=fDfUY9WOFMnNyQXt5KmQDQ&ip=91.90.42.154&id=o-AKplsuY1IGECpqNhGcACORt3ORnaNDN_I-o9eaK-8rXG&itag=251&source=youtube&requiressl=yes&spc=H3gIhjO8Npqj2fPAJUaKXEU5tPCLHjM&vprv=1&mime=audio%2Fwebm&ns=v_OtLFeY8NkSusEbxYpEPxEL&gir=yes&clen=23406&otfp=1&dur=51.081&lmt=1590560298765074&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=mnX8WawNcrdXtw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAMmB7eIEp22Wq4VT9loG0imWcumHo7dU2FzTYo0noj_rAiEA0CoZBiPfxNTSoMih9cYqeo87ny2c_5kFR3TIe3BSYCI%3D&alr=yes&cpn=yerdgRiitPUPjWGR&cver=1.20230111.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=Ga&mm=29&mn=sn-5goeenes&ms=rdu&mt=1674852116&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgVZm27yB0wM1U20GGWhWAq9HlDdjzVTaC9hxYHe2Hr20CIGPo0LttYkZeCCjQ-r3TKXQbzmEfOxuDWThV4Sw0dNf4&range=0-352&rn=7&rbuf=0&pot=DyFJky4KOmhCIXHBOXA-lLivhgnJnXm4wAKptquyee2_wV_f7HatqDxxdrSI_5_br62JtZlkw4ZjsoU5LBfbzOBTU0qIW4leODY-jHsrm7FSeJxxs-W43ziqNqqup-hp5836clk=
74.125.108.231200 OK 1.2 kB URL HTTP/1.1 rr2---sn-5goeenes.googlevideo.com/videoplayback?expire=1674873820&ei=fDfUY9WOFMnNyQXt5KmQDQ&ip=91.90.42.154&id=o-AKplsuY1IGECpqNhGcACORt3ORnaNDN_I-o9eaK-8rXG&itag=251&source=youtube&requiressl=yes&spc=H3gIhjO8Npqj2fPAJUaKXEU5tPCLHjM&vprv=1&mime=audio%2Fwebm&ns=v_OtLFeY8NkSusEbxYpEPxEL&gir=yes&clen=23406&otfp=1&dur=51.081&lmt=1590560298765074&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=mnX8WawNcrdXtw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAMmB7eIEp22Wq4VT9loG0imWcumHo7dU2FzTYo0noj_rAiEA0CoZBiPfxNTSoMih9cYqeo87ny2c_5kFR3TIe3BSYCI%3D&alr=yes&cpn=yerdgRiitPUPjWGR&cver=1.20230111.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=Ga&mm=29&mn=sn-5goeenes&ms=rdu&mt=1674852116&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgVZm27yB0wM1U20GGWhWAq9HlDdjzVTaC9hxYHe2Hr20CIGPo0LttYkZeCCjQ-r3TKXQbzmEfOxuDWThV4Sw0dNf4&range=0-352&rn=7&rbuf=0&pot=DyFJky4KOmhCIXHBOXA-lLivhgnJnXm4wAKptquyee2_wV_f7HatqDxxdrSI_5_br62JtZlkw4ZjsoU5LBfbzOBTU0qIW4leODY-jHsrm7FSeJxxs-W43ziqNqqup-hp5836clk=
IP 74.125.108.231:0
File type ASCII text, with very long lines (1180), with no line terminators
Hash 47f1d8aa86036b21a2e583c231327d61
9adfaa87cc1cd0b3cf579e59a30610d2f3696bf5
b7a23538db82fa1f883aad21d062a50bd5a5eb79da49692054e74a14edbb1e2d
POST /videoplayback?expire=1674873820&ei=fDfUY9WOFMnNyQXt5KmQDQ&ip=91.90.42.154&id=o-AKplsuY1IGECpqNhGcACORt3ORnaNDN_I-o9eaK-8rXG&itag=251&source=youtube&requiressl=yes&spc=H3gIhjO8Npqj2fPAJUaKXEU5tPCLHjM&vprv=1&mime=audio%2Fwebm&ns=v_OtLFeY8NkSusEbxYpEPxEL&gir=yes&clen=23406&otfp=1&dur=51.081&lmt=1590560298765074&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=mnX8WawNcrdXtw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAMmB7eIEp22Wq4VT9loG0imWcumHo7dU2FzTYo0noj_rAiEA0CoZBiPfxNTSoMih9cYqeo87ny2c_5kFR3TIe3BSYCI%3D&alr=yes&cpn=yerdgRiitPUPjWGR&cver=1.20230111.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7e&cms_redirect=yes&cmsv=e&mh=Ga&mm=29&mn=sn-5goeenes&ms=rdu&mt=1674852116&mv=m&mvi=2&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgVZm27yB0wM1U20GGWhWAq9HlDdjzVTaC9hxYHe2Hr20CIGPo0LttYkZeCCjQ-r3TKXQbzmEfOxuDWThV4Sw0dNf4&range=0-352&rn=7&rbuf=0&pot=DyFJky4KOmhCIXHBOXA-lLivhgnJnXm4wAKptquyee2_wV_f7HatqDxxdrSI_5_br62JtZlkw4ZjsoU5LBfbzOBTU0qIW4leODY-jHsrm7FSeJxxs-W43ziqNqqup-hp5836clk= HTTP/1.1
Host: rr2---sn-5goeenes.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Fri, 27 Jan 2023 20:43:40 GMT
Expires: Fri, 27 Jan 2023 20:43:40 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1180
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
events.api.secureserver.net/t/1/tl/event?cts=1674852217765&dh=marylandcenterforhospitalitytraining.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&vci=2090139007&cv=2.0.1&z=1592562228&vg=4c33c502-e226-5be0-9f09-dbc0c5156444&vtg=4c33c502-e226-5be0-9f09-dbc0c5156444&dp=%2F&ap=cpsh&trfd=%7B%22ap%22%3A%22cpsh%22%2C%22server%22%3A%22a2plcpnl0327%22%2C%22dcenter%22%3A%22a2%22%2C%22cp_id%22%3A%222889303%22%7D&hit_id=90b7ca39-8f57-5df7-8a7e-f2cda05f702c&ht=pageview
104.84.152.186200 OK 43 B URL HTTP/2 events.api.secureserver.net/t/1/tl/event?cts=1674852217765&dh=marylandcenterforhospitalitytraining.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&vci=2090139007&cv=2.0.1&z=1592562228&vg=4c33c502-e226-5be0-9f09-dbc0c5156444&vtg=4c33c502-e226-5be0-9f09-dbc0c5156444&dp=%2F&ap=cpsh&trfd=%7B%22ap%22%3A%22cpsh%22%2C%22server%22%3A%22a2plcpnl0327%22%2C%22dcenter%22%3A%22a2%22%2C%22cp_id%22%3A%222889303%22%7D&hit_id=90b7ca39-8f57-5df7-8a7e-f2cda05f702c&ht=pageview
IP 104.84.152.186:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /t/1/tl/event?cts=1674852217765&dh=marylandcenterforhospitalitytraining.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&vci=2090139007&cv=2.0.1&z=1592562228&vg=4c33c502-e226-5be0-9f09-dbc0c5156444&vtg=4c33c502-e226-5be0-9f09-dbc0c5156444&dp=%2F&ap=cpsh&trfd=%7B%22ap%22%3A%22cpsh%22%2C%22server%22%3A%22a2plcpnl0327%22%2C%22dcenter%22%3A%22a2%22%2C%22cp_id%22%3A%222889303%22%7D&hit_id=90b7ca39-8f57-5df7-8a7e-f2cda05f702c&ht=pageview HTTP/1.1
Host: events.api.secureserver.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://marylandcenterforhospitalitytraining.com
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 43
access-control-allow-origin: http://marylandcenterforhospitalitytraining.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
cache-control: private
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: DENY
date: Fri, 27 Jan 2023 20:43:40 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 17504951994384b5dfa3387f5e8b684f
d76ab271cbc580a05222ec155fbc0e82545ae97c
f7e09c196a20bed2d1c1f6fada5eb982e04880a2f1c8c24d7fdce87e46152c3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 20:43:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.97200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.97:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Fri, 27 Jan 2023 20:43:40 GMT
expires: Fri, 27 Jan 2023 20:43:40 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
events.api.secureserver.net/t/1/tl/event?cts=1674852220338&dh=marylandcenterforhospitalitytraining.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&vci=2090139007&cv=2.0.1&z=1426926448&vg=4c33c502-e226-5be0-9f09-dbc0c5156444&vtg=4c33c502-e226-5be0-9f09-dbc0c5156444&dp=%2F&ap=cpsh&trfd=%7B%22ap%22%3A%22cpsh%22%2C%22server%22%3A%22a2plcpnl0327%22%2C%22dcenter%22%3A%22a2%22%2C%22cp_id%22%3A%222889303%22%7D&hit_id=61c97f15-196e-578d-af5c-3faf2dbbf429&ht=perf&tce=1674852216694&tcs=1674852216595&tdc=1674852220182&tdclee=1674852217803&tdcles=1674852217767&tdi=1674852217765&tdl=1674852216821&tdle=1674852216595&tdls=1674852216381&tfs=1674852216280&tns=1674852216288&trqs=1674852216694&tre=1674852216804&trps=1674852216804&tles=1674852220182&tlee=0&nt=navigate&nav_type=hard
104.84.152.186200 OK 43 B URL HTTP/2 events.api.secureserver.net/t/1/tl/event?cts=1674852220338&dh=marylandcenterforhospitalitytraining.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&vci=2090139007&cv=2.0.1&z=1426926448&vg=4c33c502-e226-5be0-9f09-dbc0c5156444&vtg=4c33c502-e226-5be0-9f09-dbc0c5156444&dp=%2F&ap=cpsh&trfd=%7B%22ap%22%3A%22cpsh%22%2C%22server%22%3A%22a2plcpnl0327%22%2C%22dcenter%22%3A%22a2%22%2C%22cp_id%22%3A%222889303%22%7D&hit_id=61c97f15-196e-578d-af5c-3faf2dbbf429&ht=perf&tce=1674852216694&tcs=1674852216595&tdc=1674852220182&tdclee=1674852217803&tdcles=1674852217767&tdi=1674852217765&tdl=1674852216821&tdle=1674852216595&tdls=1674852216381&tfs=1674852216280&tns=1674852216288&trqs=1674852216694&tre=1674852216804&trps=1674852216804&tles=1674852220182&tlee=0&nt=navigate&nav_type=hard
IP 104.84.152.186:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /t/1/tl/event?cts=1674852220338&dh=marylandcenterforhospitalitytraining.com&dr=&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&vci=2090139007&cv=2.0.1&z=1426926448&vg=4c33c502-e226-5be0-9f09-dbc0c5156444&vtg=4c33c502-e226-5be0-9f09-dbc0c5156444&dp=%2F&ap=cpsh&trfd=%7B%22ap%22%3A%22cpsh%22%2C%22server%22%3A%22a2plcpnl0327%22%2C%22dcenter%22%3A%22a2%22%2C%22cp_id%22%3A%222889303%22%7D&hit_id=61c97f15-196e-578d-af5c-3faf2dbbf429&ht=perf&tce=1674852216694&tcs=1674852216595&tdc=1674852220182&tdclee=1674852217803&tdcles=1674852217767&tdi=1674852217765&tdl=1674852216821&tdle=1674852216595&tdls=1674852216381&tfs=1674852216280&tns=1674852216288&trqs=1674852216694&tre=1674852216804&trps=1674852216804&tles=1674852220182&tlee=0&nt=navigate&nav_type=hard HTTP/1.1
Host: events.api.secureserver.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://marylandcenterforhospitalitytraining.com
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 43
access-control-allow-origin: http://marylandcenterforhospitalitytraining.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
cache-control: private
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: DENY
date: Fri, 27 Jan 2023 20:43:40 GMT
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
142.250.74.97200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 142.250.74.97:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 20:43:30 GMT
expires: Fri, 26 Jan 2024 20:43:30 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 86410
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
rr3---sn-5hne6n6e.googlevideo.com/videoplayback?expire=1674873820&ei=fDfUY9WOFMnNyQXt5KmQDQ&ip=91.90.42.154&id=o-AKplsuY1IGECpqNhGcACORt3ORnaNDN_I-o9eaK-8rXG&itag=251&source=youtube&requiressl=yes&spc=H3gIhjO8Npqj2fPAJUaKXEU5tPCLHjM&vprv=1&mime=audio%2Fwebm&ns=v_OtLFeY8NkSusEbxYpEPxEL&gir=yes&clen=23406&otfp=1&dur=51.081&lmt=1590560298765074&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=mnX8WawNcrdXtw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAMmB7eIEp22Wq4VT9loG0imWcumHo7dU2FzTYo0noj_rAiEA0CoZBiPfxNTSoMih9cYqeo87ny2c_5kFR3TIe3BSYCI%3D&alr=yes&cpn=yerdgRiitPUPjWGR&cver=1.20230111.01.00&cm2rm=sn-capm-vnae7e,sn-5goly7l&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=Ga&mm=34&mn=sn-5hne6n6e&ms=ltu&mt=1674851826&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhALCfc0OnEHQxhKsaUyB2E4r5-ihtsAekSHDfUbFRcoTdAiEA0JjVnk9k6H3QQta27Erk0dwlEHGZPBCRI8ji0LIVKMM%3D&range=0-352&rn=8&rbuf=0&pot=DyFJky4KOmhCIXHBOXA-lLivhgnJnXm4wAKptquyee2_wV_f7HatqDxxdrSI_5_br62JtZlkw4ZjsoU5LBfbzOBTU0qIW4leODY-jHsrm7FSeJxxs-W43ziqNqqup-hp5836clk=
172.217.132.232200 OK 353 B URL HTTP/1.1 rr3---sn-5hne6n6e.googlevideo.com/videoplayback?expire=1674873820&ei=fDfUY9WOFMnNyQXt5KmQDQ&ip=91.90.42.154&id=o-AKplsuY1IGECpqNhGcACORt3ORnaNDN_I-o9eaK-8rXG&itag=251&source=youtube&requiressl=yes&spc=H3gIhjO8Npqj2fPAJUaKXEU5tPCLHjM&vprv=1&mime=audio%2Fwebm&ns=v_OtLFeY8NkSusEbxYpEPxEL&gir=yes&clen=23406&otfp=1&dur=51.081&lmt=1590560298765074&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=mnX8WawNcrdXtw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAMmB7eIEp22Wq4VT9loG0imWcumHo7dU2FzTYo0noj_rAiEA0CoZBiPfxNTSoMih9cYqeo87ny2c_5kFR3TIe3BSYCI%3D&alr=yes&cpn=yerdgRiitPUPjWGR&cver=1.20230111.01.00&cm2rm=sn-capm-vnae7e,sn-5goly7l&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=Ga&mm=34&mn=sn-5hne6n6e&ms=ltu&mt=1674851826&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhALCfc0OnEHQxhKsaUyB2E4r5-ihtsAekSHDfUbFRcoTdAiEA0JjVnk9k6H3QQta27Erk0dwlEHGZPBCRI8ji0LIVKMM%3D&range=0-352&rn=8&rbuf=0&pot=DyFJky4KOmhCIXHBOXA-lLivhgnJnXm4wAKptquyee2_wV_f7HatqDxxdrSI_5_br62JtZlkw4ZjsoU5LBfbzOBTU0qIW4leODY-jHsrm7FSeJxxs-W43ziqNqqup-hp5836clk=
IP 172.217.132.232:0
File type WebM\012- EBML file, creator webmB\20\012- data
Hash d41010783f6b0d8d33f53eca8308f603
d676b68bec4b45e4c4d0dd604b78ef77de097066
2bc0fb4ff41cc1e7c7d9f55a0e8ae2b1c72601967ccb6a8a9353ff7ce02335a6
POST /videoplayback?expire=1674873820&ei=fDfUY9WOFMnNyQXt5KmQDQ&ip=91.90.42.154&id=o-AKplsuY1IGECpqNhGcACORt3ORnaNDN_I-o9eaK-8rXG&itag=251&source=youtube&requiressl=yes&spc=H3gIhjO8Npqj2fPAJUaKXEU5tPCLHjM&vprv=1&mime=audio%2Fwebm&ns=v_OtLFeY8NkSusEbxYpEPxEL&gir=yes&clen=23406&otfp=1&dur=51.081&lmt=1590560298765074&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=mnX8WawNcrdXtw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAMmB7eIEp22Wq4VT9loG0imWcumHo7dU2FzTYo0noj_rAiEA0CoZBiPfxNTSoMih9cYqeo87ny2c_5kFR3TIe3BSYCI%3D&alr=yes&cpn=yerdgRiitPUPjWGR&cver=1.20230111.01.00&cm2rm=sn-capm-vnae7e,sn-5goly7l&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=Ga&mm=34&mn=sn-5hne6n6e&ms=ltu&mt=1674851826&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhALCfc0OnEHQxhKsaUyB2E4r5-ihtsAekSHDfUbFRcoTdAiEA0JjVnk9k6H3QQta27Erk0dwlEHGZPBCRI8ji0LIVKMM%3D&range=0-352&rn=8&rbuf=0&pot=DyFJky4KOmhCIXHBOXA-lLivhgnJnXm4wAKptquyee2_wV_f7HatqDxxdrSI_5_br62JtZlkw4ZjsoU5LBfbzOBTU0qIW4leODY-jHsrm7FSeJxxs-W43ziqNqqup-hp5836clk= HTTP/1.1
Host: rr3---sn-5hne6n6e.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Wed, 27 May 2020 06:18:18 GMT
Content-Type: audio/webm
Date: Fri, 27 Jan 2023 20:43:41 GMT
Expires: Fri, 27 Jan 2023 20:43:41 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 353
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr3---sn-5hne6n6e.googlevideo.com/videoplayback?expire=1674873820&ei=fDfUY9WOFMnNyQXt5KmQDQ&ip=91.90.42.154&id=o-AKplsuY1IGECpqNhGcACORt3ORnaNDN_I-o9eaK-8rXG&itag=251&source=youtube&requiressl=yes&spc=H3gIhjO8Npqj2fPAJUaKXEU5tPCLHjM&vprv=1&mime=audio%2Fwebm&ns=v_OtLFeY8NkSusEbxYpEPxEL&gir=yes&clen=23406&otfp=1&dur=51.081&lmt=1590560298765074&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=mnX8WawNcrdXtw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAMmB7eIEp22Wq4VT9loG0imWcumHo7dU2FzTYo0noj_rAiEA0CoZBiPfxNTSoMih9cYqeo87ny2c_5kFR3TIe3BSYCI%3D&alr=yes&cpn=yerdgRiitPUPjWGR&cver=1.20230111.01.00&cm2rm=sn-capm-vnae7e,sn-5goly7l&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=Ga&mm=34&mn=sn-5hne6n6e&ms=ltu&mt=1674851826&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhALCfc0OnEHQxhKsaUyB2E4r5-ihtsAekSHDfUbFRcoTdAiEA0JjVnk9k6H3QQta27Erk0dwlEHGZPBCRI8ji0LIVKMM%3D&range=353-23405&rn=9&rbuf=0&pot=DyFJky4KOmhCIXHBOXA-lLivhgnJnXm4wAKptquyee2_wV_f7HatqDxxdrSI_5_br62JtZlkw4ZjsoU5LBfbzOBTU0qIW4leODY-jHsrm7FSeJxxs-W43ziqNqqup-hp5836clk=
172.217.132.232200 OK 23 kB URL HTTP/1.1 rr3---sn-5hne6n6e.googlevideo.com/videoplayback?expire=1674873820&ei=fDfUY9WOFMnNyQXt5KmQDQ&ip=91.90.42.154&id=o-AKplsuY1IGECpqNhGcACORt3ORnaNDN_I-o9eaK-8rXG&itag=251&source=youtube&requiressl=yes&spc=H3gIhjO8Npqj2fPAJUaKXEU5tPCLHjM&vprv=1&mime=audio%2Fwebm&ns=v_OtLFeY8NkSusEbxYpEPxEL&gir=yes&clen=23406&otfp=1&dur=51.081&lmt=1590560298765074&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=mnX8WawNcrdXtw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAMmB7eIEp22Wq4VT9loG0imWcumHo7dU2FzTYo0noj_rAiEA0CoZBiPfxNTSoMih9cYqeo87ny2c_5kFR3TIe3BSYCI%3D&alr=yes&cpn=yerdgRiitPUPjWGR&cver=1.20230111.01.00&cm2rm=sn-capm-vnae7e,sn-5goly7l&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=Ga&mm=34&mn=sn-5hne6n6e&ms=ltu&mt=1674851826&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhALCfc0OnEHQxhKsaUyB2E4r5-ihtsAekSHDfUbFRcoTdAiEA0JjVnk9k6H3QQta27Erk0dwlEHGZPBCRI8ji0LIVKMM%3D&range=353-23405&rn=9&rbuf=0&pot=DyFJky4KOmhCIXHBOXA-lLivhgnJnXm4wAKptquyee2_wV_f7HatqDxxdrSI_5_br62JtZlkw4ZjsoU5LBfbzOBTU0qIW4leODY-jHsrm7FSeJxxs-W43ziqNqqup-hp5836clk=
IP 172.217.132.232:0
Hash 7f42cdd72a2cc927bb97c28b306471f7
d262889b4843b52011448aa3b1f950b8900204ff
e42d7404df0247a168451852390ce974342e1c11a92940b92c608cc1bef42788
POST /videoplayback?expire=1674873820&ei=fDfUY9WOFMnNyQXt5KmQDQ&ip=91.90.42.154&id=o-AKplsuY1IGECpqNhGcACORt3ORnaNDN_I-o9eaK-8rXG&itag=251&source=youtube&requiressl=yes&spc=H3gIhjO8Npqj2fPAJUaKXEU5tPCLHjM&vprv=1&mime=audio%2Fwebm&ns=v_OtLFeY8NkSusEbxYpEPxEL&gir=yes&clen=23406&otfp=1&dur=51.081&lmt=1590560298765074&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6211222&n=mnX8WawNcrdXtw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAMmB7eIEp22Wq4VT9loG0imWcumHo7dU2FzTYo0noj_rAiEA0CoZBiPfxNTSoMih9cYqeo87ny2c_5kFR3TIe3BSYCI%3D&alr=yes&cpn=yerdgRiitPUPjWGR&cver=1.20230111.01.00&cm2rm=sn-capm-vnae7e,sn-5goly7l&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=Ga&mm=34&mn=sn-5hne6n6e&ms=ltu&mt=1674851826&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhALCfc0OnEHQxhKsaUyB2E4r5-ihtsAekSHDfUbFRcoTdAiEA0JjVnk9k6H3QQta27Erk0dwlEHGZPBCRI8ji0LIVKMM%3D&range=353-23405&rn=9&rbuf=0&pot=DyFJky4KOmhCIXHBOXA-lLivhgnJnXm4wAKptquyee2_wV_f7HatqDxxdrSI_5_br62JtZlkw4ZjsoU5LBfbzOBTU0qIW4leODY-jHsrm7FSeJxxs-W43ziqNqqup-hp5836clk= HTTP/1.1
Host: rr3---sn-5hne6n6e.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Wed, 27 May 2020 06:18:18 GMT
Content-Type: audio/webm
Date: Fri, 27 Jan 2023 20:43:41 GMT
Expires: Fri, 27 Jan 2023 20:43:41 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 23053
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr3---sn-5hne6n6e.googlevideo.com/videoplayback?expire=1674873820&ei=fDfUY9WOFMnNyQXt5KmQDQ&ip=91.90.42.154&id=o-AKplsuY1IGECpqNhGcACORt3ORnaNDN_I-o9eaK-8rXG&itag=244&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=yt_otf&requiressl=yes&spc=H3gIhjO8Npqj2fPAJUaKXEU5tPCLHjM&vprv=1&mime=video%2Fwebm&ns=v_OtLFeY8NkSusEbxYpEPxEL&otf=1&otfp=1&dur=0.000&lmt=1590560301367880&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6210222&n=mnX8WawNcrdXtw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgDUrnpvefQKg-0V2mnwJB_yAE1-r-9nGPEj77TCSC6D8CIQCm8F16cTK_1w8tREvqfbeplwYDXWCiICS_W-8JdQArug%3D%3D&alr=yes&cpn=yerdgRiitPUPjWGR&cver=1.20230111.01.00&cm2rm=sn-capm-vnae7e,sn-5goly7l&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=Ga&mm=34&mn=sn-5hne6n6e&ms=ltu&mt=1674851826&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgHJeyDYWBT1nCg3nCDTofn0Kp2NUTKXknIyjEqIciae8CIHaLvSFMihWHJYN2xiDsZL0KZyn7Z9CBIcPvy6XGCO6B&sq=0&rn=5&rbuf=0&pot=DyFJky4KOmhCIXHBOXA-lLivhgnJnXm4wAKptquyee2_wV_f7HatqDxxdrSI_5_br62JtZlkw4ZjsoU5LBfbzOBTU0qIW4leODY-jHsrm7FSeJxxs-W43ziqNqqup-hp5836clk=
172.217.132.232200 OK 315 B URL HTTP/1.1 rr3---sn-5hne6n6e.googlevideo.com/videoplayback?expire=1674873820&ei=fDfUY9WOFMnNyQXt5KmQDQ&ip=91.90.42.154&id=o-AKplsuY1IGECpqNhGcACORt3ORnaNDN_I-o9eaK-8rXG&itag=244&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=yt_otf&requiressl=yes&spc=H3gIhjO8Npqj2fPAJUaKXEU5tPCLHjM&vprv=1&mime=video%2Fwebm&ns=v_OtLFeY8NkSusEbxYpEPxEL&otf=1&otfp=1&dur=0.000&lmt=1590560301367880&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6210222&n=mnX8WawNcrdXtw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgDUrnpvefQKg-0V2mnwJB_yAE1-r-9nGPEj77TCSC6D8CIQCm8F16cTK_1w8tREvqfbeplwYDXWCiICS_W-8JdQArug%3D%3D&alr=yes&cpn=yerdgRiitPUPjWGR&cver=1.20230111.01.00&cm2rm=sn-capm-vnae7e,sn-5goly7l&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=Ga&mm=34&mn=sn-5hne6n6e&ms=ltu&mt=1674851826&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgHJeyDYWBT1nCg3nCDTofn0Kp2NUTKXknIyjEqIciae8CIHaLvSFMihWHJYN2xiDsZL0KZyn7Z9CBIcPvy6XGCO6B&sq=0&rn=5&rbuf=0&pot=DyFJky4KOmhCIXHBOXA-lLivhgnJnXm4wAKptquyee2_wV_f7HatqDxxdrSI_5_br62JtZlkw4ZjsoU5LBfbzOBTU0qIW4leODY-jHsrm7FSeJxxs-W43ziqNqqup-hp5836clk=
IP 172.217.132.232:0
File type WebM\012- EBML file, creator webmB\20\012- data
Hash b88980698ab09855bb5a8fc5b63ef888
120ce1fea18e627fe7fc385f906160383f73f049
8ba5cf067502eda85ef3666f005f5469d29832da28b73acc71762b5477f2c053
POST /videoplayback?expire=1674873820&ei=fDfUY9WOFMnNyQXt5KmQDQ&ip=91.90.42.154&id=o-AKplsuY1IGECpqNhGcACORt3ORnaNDN_I-o9eaK-8rXG&itag=244&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278&source=yt_otf&requiressl=yes&spc=H3gIhjO8Npqj2fPAJUaKXEU5tPCLHjM&vprv=1&mime=video%2Fwebm&ns=v_OtLFeY8NkSusEbxYpEPxEL&otf=1&otfp=1&dur=0.000&lmt=1590560301367880&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=6210222&n=mnX8WawNcrdXtw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIgDUrnpvefQKg-0V2mnwJB_yAE1-r-9nGPEj77TCSC6D8CIQCm8F16cTK_1w8tREvqfbeplwYDXWCiICS_W-8JdQArug%3D%3D&alr=yes&cpn=yerdgRiitPUPjWGR&cver=1.20230111.01.00&cm2rm=sn-capm-vnae7e,sn-5goly7l&redirect_counter=2&cms_redirect=yes&cmsv=e&mh=Ga&mm=34&mn=sn-5hne6n6e&ms=ltu&mt=1674851826&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgHJeyDYWBT1nCg3nCDTofn0Kp2NUTKXknIyjEqIciae8CIHaLvSFMihWHJYN2xiDsZL0KZyn7Z9CBIcPvy6XGCO6B&sq=0&rn=5&rbuf=0&pot=DyFJky4KOmhCIXHBOXA-lLivhgnJnXm4wAKptquyee2_wV_f7HatqDxxdrSI_5_br62JtZlkw4ZjsoU5LBfbzOBTU0qIW4leODY-jHsrm7FSeJxxs-W43ziqNqqup-hp5836clk= HTTP/1.1
Host: rr3---sn-5hne6n6e.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Thu, 19 Jan 2023 08:48:58 GMT
Content-Type: video/webm
Date: Fri, 27 Jan 2023 20:43:41 GMT
Expires: Fri, 27 Jan 2023 20:43:41 GMT
Cache-Control: private, max-age=21299
Transfer-Encoding: chunked
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
fonts.googleapis.com/css?family=Oswald:200,300,400,500,600,700&display=swap
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Oswald:200,300,400,500,600,700&display=swap
IP 142.250.74.106:0
GET /css?family=Oswald:200,300,400,500,600,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 27 Jan 2023 20:43:37 GMT
date: Fri, 27 Jan 2023 20:43:37 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/notosanskr/v27/Pby7FmXiEBPT4ITbgNA5CgmOelzI7dAGs2lYoVAUOdqfkBNGBJWUFERI.118.woff2
142.250.74.67200 OK 0 B URL HTTP/2 fonts.gstatic.com/s/notosanskr/v27/Pby7FmXiEBPT4ITbgNA5CgmOelzI7dAGs2lYoVAUOdqfkBNGBJWUFERI.118.woff2
IP 142.250.74.67:0
GET /s/notosanskr/v27/Pby7FmXiEBPT4ITbgNA5CgmOelzI7dAGs2lYoVAUOdqfkBNGBJWUFERI.118.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://marylandcenterforhospitalitytraining.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11188
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 21:09:25 GMT
expires: Wed, 24 Jan 2024 21:09:25 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 09 May 2022 19:49:22 GMT
content-type: font/woff2
age: 257652
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/iframe_api?v=3.0.20
142.250.74.78200 OK 0 B URL HTTP/2 www.youtube.com/iframe_api?v=3.0.20
IP 142.250.74.78:0
GET /iframe_api?v=3.0.20 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://marylandcenterforhospitalitytraining.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Fri, 27 Jan 2023 20:43:38 GMT
date: Fri, 27 Jan 2023 20:43:38 GMT
cache-control: private, max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=vwZhgEEvSnI; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=wZ1mYyZ9wNs; Domain=.youtube.com; Expires=Wed, 26-Jul-2023 20:43:38 GMT; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TXpRek5UVXdNelV6TWpBM016UXlOQT09EPru0J4GGPru0J4G; Domain=.youtube.com; Expires=Wed, 26-Jul-2023 20:43:38 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+775; expires=Sun, 26-Jan-2025 20:43:38 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2