r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash be88d3e043e3b95b52e41812e50fb634
0318ba1ce487817ea7cba61dd9413bed29213800
b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6195
Expires: Thu, 15 Sep 2022 17:40:57 GMT
Date: Thu, 15 Sep 2022 15:57:42 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 15 Sep 2022 15:10:26 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: T7Kq-3xUNqx6zH3iPWyX61upH43Imf91nph6K0XLFGYTh27q0eDsWQ==
Age: 2835
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 15 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Vb8M9iZbXd_zp6Xj61CyMeBWBwgpv0luby8i0O0GsbP_ZVBUaXe3Cg==
age: 40947
X-Firefox-Spdy: h2
sarahebott.org/wp-content/uploads/2022/07/foundation_of_mems_chang_liu_free_pdf97_top.pdf
192.0.78.211301 Moved Permanently 162 B URL HTTP/1.1 sarahebott.org/wp-content/uploads/2022/07/foundation_of_mems_chang_liu_free_pdf97_top.pdf
IP 192.0.78.211:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/07/foundation_of_mems_chang_liu_free_pdf97_top.pdf HTTP/1.1
Host: sarahebott.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 15 Sep 2022 15:57:42 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://sarahebott.org/wp-content/uploads/2022/07/foundation_of_mems_chang_liu_free_pdf97_top.pdf
X-ac: 3.arn _atomic_ams
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:42 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Thu, 15 Sep 2022 15:03:22 GMT
Expires: Thu, 15 Sep 2022 16:02:22 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: nHwgM2E7EIIDA4NGZUhI-gukK0yGBtcnz5bTpZ3znlbboBgbTtx86w==
Age: 3260
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d597af1ab2f21a983bf0f0d105b94209
9d5dd938777abde094c89066b539141a02106b88
a614eb7f969544c8040642be7c852625341e2441e757d063d2af1ff465c8c3f4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6091
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 15:57:43 GMT
Last-Modified: Thu, 15 Sep 2022 14:16:12 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.216.192.228101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.216.192.228:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: x6fUPDyjj/6UMC4Q327reg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: rBjk1phXKSBDnAPJNTXjI7thyd0=
sarahebott.org/wp-content/plugins/sold-out-badge-for-woocommerce//style.css?ver=6.0.2
192.0.78.150200 OK 180 B URL HTTP/2 sarahebott.org/wp-content/plugins/sold-out-badge-for-woocommerce//style.css?ver=6.0.2
IP 192.0.78.150:0
Hash c3ba98d5789cec288f1cab23a0bd99ad
73012bce179b67fb0260b33f267dd075be313b76
d35ed9360dfedea404e69b389fb297ae35f6064e5d8ae6d7c76b66eeeeb887ad
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/sold-out-badge-for-woocommerce//style.css?ver=6.0.2 HTTP/1.1
Host: sarahebott.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/wp-content/uploads/2022/07/foundation_of_mems_chang_liu_free_pdf97_top.pdf
Cookie: mailchimp_landing_site=https%3A%2F%2Fsarahebott.org%2Fwp-content%2Fuploads%2F2022%2F07%2Ffoundation_of_mems_chang_liu_free_pdf97_top.pdf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:44 GMT
content-type: text/css
content-length: 180
strict-transport-security: max-age=31536000
last-modified: Fri, 09 Sep 2022 17:11:43 GMT
etag: "631b73cf-b4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
accept-ranges: bytes
x-ac: 3.arn _atomic_ams
X-Firefox-Spdy: h2
sarahebott.org/wp-content/plugins/wp-content-copy-protection/assets/css/style.min.css?ver=1628456048
192.0.78.150200 OK 167 B URL HTTP/2 sarahebott.org/wp-content/plugins/wp-content-copy-protection/assets/css/style.min.css?ver=1628456048
IP 192.0.78.150:0
Hash 6359efe57d9d31610488faec79c0aace
02003847748defca9616bfbe013b71c9c62da216
42b1291f205e30914c1ad28643764cce277a03c4f06d2b828058697c56dcf58f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-content-copy-protection/assets/css/style.min.css?ver=1628456048 HTTP/1.1
Host: sarahebott.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/wp-content/uploads/2022/07/foundation_of_mems_chang_liu_free_pdf97_top.pdf
Cookie: mailchimp_landing_site=https%3A%2F%2Fsarahebott.org%2Fwp-content%2Fuploads%2F2022%2F07%2Ffoundation_of_mems_chang_liu_free_pdf97_top.pdf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:44 GMT
content-type: text/css
content-length: 167
strict-transport-security: max-age=31536000
last-modified: Sun, 08 Aug 2021 20:54:08 GMT
etag: "61104470-a7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
accept-ranges: bytes
x-ac: 3.arn _atomic_ams
X-Firefox-Spdy: h2
sarahebott.org/wp-content/themes/rey-child/style.css?ver=6.0.2
192.0.78.150200 OK 332 B URL HTTP/2 sarahebott.org/wp-content/themes/rey-child/style.css?ver=6.0.2
IP 192.0.78.150:0
Hash 03442720de4a9c3ee7a0cfeb96a65327
e9fa53ff8969f9bd6d3ab7374a05ffd7673e6271
f146ef2d07dfeed1d4482ab82d2044363ce61e60d0b4bfe1a2716327f82180cd
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/rey-child/style.css?ver=6.0.2 HTTP/1.1
Host: sarahebott.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/wp-content/uploads/2022/07/foundation_of_mems_chang_liu_free_pdf97_top.pdf
Cookie: mailchimp_landing_site=https%3A%2F%2Fsarahebott.org%2Fwp-content%2Fuploads%2F2022%2F07%2Ffoundation_of_mems_chang_liu_free_pdf97_top.pdf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:44 GMT
content-type: text/css
content-length: 332
strict-transport-security: max-age=31536000
last-modified: Wed, 19 Feb 2020 15:47:12 GMT
etag: "5e4d5880-14c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
accept-ranges: bytes
x-ac: 3.arn _atomic_ams
X-Firefox-Spdy: h2
sarahebott.org/wp-content/plugins/ti-woocommerce-wishlist/assets/fonts/tinvwl-webfont.woff2?ver=xu2uyi
192.0.78.150200 OK 4.4 kB URL HTTP/2 sarahebott.org/wp-content/plugins/ti-woocommerce-wishlist/assets/fonts/tinvwl-webfont.woff2?ver=xu2uyi
IP 192.0.78.150:0
File type Web Open Font Format (Version 2), TrueType, length 4404, version 1.0\012- data
Hash 8c08be57504e2c88a3a30137b7ab4cf0
9f0ae0ec45f39685d2a1087ed6e81220cf4e5162
07444089d3352d24f2b95b60710475f82a79460c5f578a8ded3508f50c0400ef
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ti-woocommerce-wishlist/assets/fonts/tinvwl-webfont.woff2?ver=xu2uyi HTTP/1.1
Host: sarahebott.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/wp-content/uploads/2022/07/foundation_of_mems_chang_liu_free_pdf97_top.pdf
Cookie: mailchimp_landing_site=https%3A%2F%2Fsarahebott.org%2Fwp-content%2Fuploads%2F2022%2F07%2Ffoundation_of_mems_chang_liu_free_pdf97_top.pdf
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:44 GMT
content-type: application/font-woff2
content-length: 4404
strict-transport-security: max-age=31536000
last-modified: Sun, 19 Jun 2022 11:12:55 GMT
etag: "62af04b7-1134"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
accept-ranges: bytes
x-ac: 3.arn _atomic_ams
X-Firefox-Spdy: h2
sarahebott.org/wp-content/plugins/pinterest-for-woocommerce/assets/js/pinterest-for-woocommerce-tracking.min.js?ver=1.2.2
192.0.78.150200 OK 369 B URL HTTP/2 sarahebott.org/wp-content/plugins/pinterest-for-woocommerce/assets/js/pinterest-for-woocommerce-tracking.min.js?ver=1.2.2
IP 192.0.78.150:0
Hash 3881c1da1220215a5ea8b9d3fb9fe814
4f1e4604e8092310f3c73d7e8b5dbab61c1a721b
9c36f3ce7f23d7533d31664df192a16ce118b0c9f9cd13365c07138bef3af52f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/pinterest-for-woocommerce/assets/js/pinterest-for-woocommerce-tracking.min.js?ver=1.2.2 HTTP/1.1
Host: sarahebott.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/wp-content/uploads/2022/07/foundation_of_mems_chang_liu_free_pdf97_top.pdf
Cookie: mailchimp_landing_site=https%3A%2F%2Fsarahebott.org%2Fwp-content%2Fuploads%2F2022%2F07%2Ffoundation_of_mems_chang_liu_free_pdf97_top.pdf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:44 GMT
content-type: application/javascript
content-length: 369
strict-transport-security: max-age=31536000
last-modified: Wed, 24 Aug 2022 17:53:35 GMT
etag: "6306659f-171"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
accept-ranges: bytes
x-ac: 3.arn _atomic_ams
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7975b33417f675d21a178b997288d616
1d2e957c46d45d6cb2f44389f3dcc66c880b6065
daffff63daade8bb0c2fd63570229df8502c563dd079b4da4103f6ee89fa67e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 15:57:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sarahebott.org/wp-content/plugins/rey-core/assets/js/general/c-general.js?ver=2.3.5.1
192.0.78.150200 OK 2.1 kB URL HTTP/2 sarahebott.org/wp-content/plugins/rey-core/assets/js/general/c-general.js?ver=2.3.5.1
IP 192.0.78.150:0
File type ASCII text, with very long lines (4921), with no line terminators
Hash ecb55d1f2a1498fae7036179eec17d8e
e62386a08888a93303d149ddc01c961a8814d053
d5d7f2a558796e9aba3a5f41b942b9a4d23a1c7ba45e6b48996480579fb61170
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/rey-core/assets/js/general/c-general.js?ver=2.3.5.1 HTTP/1.1
Host: sarahebott.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/wp-content/uploads/2022/07/foundation_of_mems_chang_liu_free_pdf97_top.pdf
Cookie: mailchimp_landing_site=https%3A%2F%2Fsarahebott.org%2Fwp-content%2Fuploads%2F2022%2F07%2Ffoundation_of_mems_chang_liu_free_pdf97_top.pdf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:44 GMT
content-type: application/javascript
strict-transport-security: max-age=31536000
last-modified: Sun, 19 Jun 2022 11:12:52 GMT
vary: Accept-Encoding
etag: W/"62af04b4-1339"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams
X-Firefox-Spdy: h2
sarahebott.org/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?minify=false&ver=83ec8aa758f883d6da14
192.0.78.150200 OK 3.5 kB URL HTTP/2 sarahebott.org/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?minify=false&ver=83ec8aa758f883d6da14
IP 192.0.78.150:0
File type ASCII text, with very long lines (8983), with no line terminators
Hash 30f98f8315f2270ce5aadbba47f6995f
9a262a5652111e65645022c41b698a90b290deba
1bed36d309601b3f3581501988bbccb805d668745c162a9adb787fb7f0603517
GET /wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/intersection-observer.js?minify=false&ver=83ec8aa758f883d6da14 HTTP/1.1
Host: sarahebott.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/wp-content/uploads/2022/07/foundation_of_mems_chang_liu_free_pdf97_top.pdf
Cookie: mailchimp_landing_site=https%3A%2F%2Fsarahebott.org%2Fwp-content%2Fuploads%2F2022%2F07%2Ffoundation_of_mems_chang_liu_free_pdf97_top.pdf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:44 GMT
content-type: application/javascript
strict-transport-security: max-age=31536000
last-modified: Tue, 14 Dec 2021 19:26:02 GMT
vary: Accept-Encoding
etag: W/"61b8efca-2317"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams
X-Firefox-Spdy: h2
sarahebott.org/wp-content/plugins/jetpack/_inc/build/carousel/jetpack-carousel.min.js?ver=11.4-a.3
192.0.78.150200 OK 9.8 kB URL HTTP/2 sarahebott.org/wp-content/plugins/jetpack/_inc/build/carousel/jetpack-carousel.min.js?ver=11.4-a.3
IP 192.0.78.150:0
File type ASCII text, with very long lines (24378), with no line terminators
Hash 0c65efe18025629e6759e3e7e9322082
61d99c755b8b881454d6f9fcf0553808cb028288
ff8468e52ae76fb4b09044c6fdf826019bb72f1403c3fffd587c012b4bc714dd
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/jetpack/_inc/build/carousel/jetpack-carousel.min.js?ver=11.4-a.3 HTTP/1.1
Host: sarahebott.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/wp-content/uploads/2022/07/foundation_of_mems_chang_liu_free_pdf97_top.pdf
Cookie: mailchimp_landing_site=https%3A%2F%2Fsarahebott.org%2Fwp-content%2Fuploads%2F2022%2F07%2Ffoundation_of_mems_chang_liu_free_pdf97_top.pdf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:44 GMT
content-type: application/javascript
strict-transport-security: max-age=31536000
last-modified: Tue, 06 Sep 2022 17:22:56 GMT
vary: Accept-Encoding
etag: W/"631781f0-5f3a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams
X-Firefox-Spdy: h2
sarahebott.org/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
192.0.78.150200 OK 5.3 kB URL HTTP/2 sarahebott.org/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP 192.0.78.150:0
File type ASCII text, with very long lines (15660)
Hash e1351a0106456a6d6f1525fcc7bfaafb
998110ccf26fb6386404a7cb452d26798af2f56b
f508cd09670f54539e050770488f5e01b1f3cd28757376881a8030633cf73f11
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: sarahebott.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/wp-content/uploads/2022/07/foundation_of_mems_chang_liu_free_pdf97_top.pdf
Cookie: mailchimp_landing_site=https%3A%2F%2Fsarahebott.org%2Fwp-content%2Fuploads%2F2022%2F07%2Ffoundation_of_mems_chang_liu_free_pdf97_top.pdf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:44 GMT
content-type: application/javascript
strict-transport-security: max-age=31536000
last-modified: Tue, 12 Apr 2022 05:56:23 GMT
vary: Accept-Encoding
etag: W/"62551487-48b9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams
X-Firefox-Spdy: h2
sarahebott.org/wp-content/plugins/rey-core/inc/compatibility/ti-wishlist/style.css?ver=2.3.5.1
192.0.78.150200 OK 223 kB URL HTTP/2 sarahebott.org/wp-content/plugins/rey-core/inc/compatibility/ti-wishlist/style.css?ver=2.3.5.1
IP 192.0.78.150:0
File type ASCII text, with very long lines (9661)
Size 223 kB (222824 bytes)
Hash 995e9ec132d41d18d6cfa9190730b5c5
247fb8663e80286192ad7afa98cf64f1a57f1d9a
ee8abac3349895bb866347ee85b99726889575ed75ce55542eac576615485358
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/rey-core/inc/compatibility/ti-wishlist/style.css?ver=2.3.5.1 HTTP/1.1
Host: sarahebott.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/wp-content/uploads/2022/07/foundation_of_mems_chang_liu_free_pdf97_top.pdf
Cookie: mailchimp_landing_site=https%3A%2F%2Fsarahebott.org%2Fwp-content%2Fuploads%2F2022%2F07%2Ffoundation_of_mems_chang_liu_free_pdf97_top.pdf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:44 GMT
content-type: text/css
strict-transport-security: max-age=31536000
last-modified: Sun, 19 Jun 2022 11:12:52 GMT
vary: Accept-Encoding
etag: W/"62af04b4-25be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams
X-Firefox-Spdy: h2
i0.wp.com/sarahebott.org/wp-content/uploads/2022/06/image.jpg?fit=32%2C32&ssl=1
192.0.77.2200 OK 444 B URL HTTP/2 i0.wp.com/sarahebott.org/wp-content/uploads/2022/06/image.jpg?fit=32%2C32&ssl=1
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 32x32, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 796dabe9088b5d0cbcc40d4620d25114
13f10c7613026d78c438ea4d52a471bfb01639d3
0595669a1b330726a1db6d7501e620ee6f42944c6fbd04fef90df16946d0f5b0
GET /sarahebott.org/wp-content/uploads/2022/06/image.jpg?fit=32%2C32&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:44 GMT
content-type: image/webp
content-length: 444
last-modified: Sat, 10 Sep 2022 07:48:25 GMT
expires: Mon, 09 Sep 2024 19:48:25 GMT
cache-control: public, max-age=63115200
link: <https://sarahebott.org/wp-content/uploads/2022/06/image.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "cc7dd40fe78361ed"
vary: Accept
x-nc: HIT arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
sarahebott.org/wp-content/mu-plugins/wpcomsh/vendor/automattic/custom-fonts/js/webfont.js
192.0.78.150200 OK 8.1 kB URL HTTP/2 sarahebott.org/wp-content/mu-plugins/wpcomsh/vendor/automattic/custom-fonts/js/webfont.js
IP 192.0.78.150:0
File type ASCII text, with very long lines (2134)
Hash 105e5a6f6dd5b59ccff609a010ccd440
36f2c7aeadfdf3716ef03ee48e17732fc6f396cd
a78a35b4b59ecd062fe9f2c82ad284678a088ce55063f8dad5771c1a4447a41e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/mu-plugins/wpcomsh/vendor/automattic/custom-fonts/js/webfont.js HTTP/1.1
Host: sarahebott.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/wp-content/uploads/2022/07/foundation_of_mems_chang_liu_free_pdf97_top.pdf
Cookie: mailchimp_landing_site=https%3A%2F%2Fsarahebott.org%2Fwp-content%2Fuploads%2F2022%2F07%2Ffoundation_of_mems_chang_liu_free_pdf97_top.pdf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:44 GMT
content-type: application/javascript
strict-transport-security: max-age=31536000
last-modified: Mon, 08 Aug 2022 08:04:56 GMT
vary: Accept-Encoding
etag: W/"62f0c3a8-30cd"
expires: Thu, 22 Sep 2022 15:57:44 GMT
cache-control: max-age=604800
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams
X-Firefox-Spdy: h2
s.pinimg.com/ct/core.js
23.38.200.197200 OK 1.2 kB IP 23.38.200.197:0
File type ASCII text, with very long lines (1182), with no line terminators
Hash 7cac7e5d9e2b15cdc4ae76549dde174b
41a5b48387aef7bef116d52da64af00c504c7f86
d8261c0f4ae314e710ac7b15aa6bd0cf371de5b1cec41331ca12a1c392742ce6
GET /ct/core.js HTTP/1.1
Host: s.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "7cac7e5d9e2b15cdc4ae76549dde174b"
cache-control: max-age=7200
accept-ranges: bytes
content-type: application/javascript
content-length: 1182
vary: Accept-Encoding, Origin
x-cdn: akamai
access-control-max-age: 86400
access-control-expose-headers: X-CDN
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6e669093dc2c285ce41d74ad82e5c3d2
1e65ded94e2b8c575979da362ce8dc2e304c5d5f
5a3c12851ee84e69a6ff8f0707d036d36827c77011af12aeabc187220e0fc79c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 15:57:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d5a5d04d15c71a4e71821b6ddd4110e0
7c5495f9d4165a90ce681ddd1b330675e55a4993
545c765db5e55c1d89bc56d93a3cde1a3b6f5c9d741ad9b58253f9fd7ab24457
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 15:57:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d65b161562e9954cbbfa1fe751b894b6
b07c476e717ee82ebee32f34350b5a26b9dab949
4d6d53c250f858e6fb4c677243c0b04a520038455cfbb2f42ab4fb9fa7f07f76
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 15:57:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d5a5d04d15c71a4e71821b6ddd4110e0
7c5495f9d4165a90ce681ddd1b330675e55a4993
545c765db5e55c1d89bc56d93a3cde1a3b6f5c9d741ad9b58253f9fd7ab24457
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 15:57:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c0.wp.com/p/woocommerce/6.9.1/assets/js/jquery-blockui/jquery.blockUI.min.js
192.0.77.37200 OK 26 kB URL HTTP/2 c0.wp.com/p/woocommerce/6.9.1/assets/js/jquery-blockui/jquery.blockUI.min.js
IP 192.0.77.37:0
File type ASCII text, with very long lines (9115)
Hash a8b8f9ab6ffce49d9f55c6c426c15ca4
66b05095327aabcfdb0bdbd150323541cbea92b2
6d83a3d4218c8cc5be57d82a92f238be7b19cd45ecec3f559100875d17eadf6f
GET /p/woocommerce/6.9.1/assets/js/jquery-blockui/jquery.blockUI.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:44 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 19 Jul 2022 19:16:40 GMT
content-encoding: br
expires: Fri, 15 Sep 2023 15:57:44 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d65b161562e9954cbbfa1fe751b894b6
b07c476e717ee82ebee32f34350b5a26b9dab949
4d6d53c250f858e6fb4c677243c0b04a520038455cfbb2f42ab4fb9fa7f07f76
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 15:57:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c0.wp.com/p/woocommerce/6.9.1/assets/js/js-cookie/js.cookie.min.js
192.0.77.37200 OK 23 kB URL HTTP/2 c0.wp.com/p/woocommerce/6.9.1/assets/js/js-cookie/js.cookie.min.js
IP 192.0.77.37:0
File type ASCII text, with very long lines (1668)
Hash 59bdce327ce40273351478742cdbf700
73f4e0ae312353c71caa28b6e4e55bc0b9839f15
60dc88b6c53bf3b908756aa0180e56b95e4270598c5cc6a1a0d573e18cb1ce92
GET /p/woocommerce/6.9.1/assets/js/js-cookie/js.cookie.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:44 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 19 Jan 2021 23:55:30 GMT
content-encoding: br
expires: Fri, 15 Sep 2023 15:57:44 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.2/wp-includes/js/jquery/jquery.min.js
192.0.77.37200 OK 53 kB URL HTTP/2 c0.wp.com/c/6.0.2/wp-includes/js/jquery/jquery.min.js
IP 192.0.77.37:0
File type ASCII text, with very long lines (65447)
Hash 02c58e1ac4b826ac3cdc0211f1f638cc
21d42483b11994f42d05879fb3fd309d1c9959f7
14615bd0b839025f630b30c8eec6c9b72ac9a05bb08096cfa5cc974320c203d0
GET /c/6.0.2/wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:44 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
content-encoding: br
expires: Fri, 15 Sep 2023 15:57:44 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/p/woocommerce/6.9.1/assets/js/frontend/add-to-cart.min.js
192.0.77.37200 OK 22 kB URL HTTP/2 c0.wp.com/p/woocommerce/6.9.1/assets/js/frontend/add-to-cart.min.js
IP 192.0.77.37:0
File type HTML document, ASCII text, with very long lines (3037), with no line terminators
Hash 3a2b3d1fa2ae1f94f765111df0806290
5987facc55c090c96c9bc9366883b8e48b565270
e7349039cc10a0c97ec7e44d004f31814ad5d3fed150dc832893e922c7d6ea38
GET /p/woocommerce/6.9.1/assets/js/frontend/add-to-cart.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:44 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 19 Jul 2022 19:16:40 GMT
content-encoding: br
expires: Fri, 15 Sep 2023 15:57:44 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0b4eed58b61d5b83ee76acc95859d7bf
e7b7cfeaa2c704cd6092846cbec314689d0504b3
f99e45e7102d04339cd5c11123d84714b27621e287633a4c18fa38ceb161eb59
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F99E45E7102D04339CD5C11123D84714B27621E287633A4C18FA38CEB161EB59"
Last-Modified: Thu, 15 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2639
Expires: Thu, 15 Sep 2022 16:41:43 GMT
Date: Thu, 15 Sep 2022 15:57:44 GMT
Connection: keep-alive
fonts.gstatic.com/s/gentiumbookbasic/v16/pe0xMJCbPYBVokB1LHA9bbyaQb8ZGjc4VYF466I.woff2
142.250.74.163200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/gentiumbookbasic/v16/pe0xMJCbPYBVokB1LHA9bbyaQb8ZGjc4VYF466I.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 23680, version 1.0\012- data
Hash f2cb123f268eb6d7317c9a2bf76f1ca0
3db85265cf3bed6677ad5474ad1101a77c742712
8ee5526373d124648968d54b9a5c44510ad001b14e9be0dc4c8a2a46c6b6842f
GET /s/gentiumbookbasic/v16/pe0xMJCbPYBVokB1LHA9bbyaQb8ZGjc4VYF466I.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sarahebott.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23680
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Sep 2022 01:08:25 GMT
expires: Sat, 09 Sep 2023 01:08:25 GMT
cache-control: public, max-age=31536000
age: 571759
last-modified: Thu, 21 Apr 2022 16:51:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d5a5d04d15c71a4e71821b6ddd4110e0
7c5495f9d4165a90ce681ddd1b330675e55a4993
545c765db5e55c1d89bc56d93a3cde1a3b6f5c9d741ad9b58253f9fd7ab24457
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 15:57:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1266c973-1bdd-4969-82ca-1106689fe929.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1266c973-1bdd-4969-82ca-1106689fe929.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f50c34bc30a732593e8fe465055a44ff
af100925cba1be716fd2200715d6136bd7f0c5bc
703049736ccc8815945d69634059c4cd39533417e0969107d460c36a6787c761
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1266c973-1bdd-4969-82ca-1106689fe929.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5078
x-amzn-requestid: b6177371-a8ba-4541-a48d-21bd806e866e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X0erUHT-IAMFWKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6311ab15-157ed5b700e0aad5481f5c0f;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 07:04:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MYJf90B8rX8_nPUl4stpbZcQeQDaZ2Hgyu6GmsfdqUh-0Nx5OJJThw==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 20:21:54 GMT
age: 70550
etag: "af100925cba1be716fd2200715d6136bd7f0c5bc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafb10f81-8409-401c-bd62-3ec01954600c.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafb10f81-8409-401c-bd62-3ec01954600c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2e5f57ba37fac4e6047a9a321a8ec084
f6b742549ea35a4b1345cffb937a8bbcceee08ef
f8c67c54806e47089b9ba297599e3e4cde1fd2e2e38b76acc9e8de0e99d7b77e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafb10f81-8409-401c-bd62-3ec01954600c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6770
x-amzn-requestid: b7c9513c-b8ba-41c7-9f9a-0a9d2266172d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X7FlpEVRIAMFygA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63144fbd-7a4408363cdc46c9355a9f47;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fqj5PljprRruE1jwYAVwKoHkjys-RakUjzuV67_Ued6T4et99JPxPg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:45:05 GMT
age: 65559
etag: "f6b742549ea35a4b1345cffb937a8bbcceee08ef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e9a2626-acb3-4c73-9ff9-e09ad82d489e.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e9a2626-acb3-4c73-9ff9-e09ad82d489e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5a6939786c9343412c9af87efd3f44e0
14131148fda4e8d85b582fd20e76bcc814341bf1
8412c50f0fdc131d9c4422f2d7307fc1ee062c3580a1d754ef71cf84f9727d49
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e9a2626-acb3-4c73-9ff9-e09ad82d489e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8447
x-amzn-requestid: 3237c2fa-bc17-4b8d-8afd-bacfaa90ca71
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X7FypF7KIAMFd7A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63145010-7052273b184685c83569c712;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 07:13:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wzi_WnjJW5XjIfj8kyVL4LcQEjcuw1_zwrDiJegEZ2r8GOZcQahPEw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 21:46:45 GMT
age: 65459
etag: "14131148fda4e8d85b582fd20e76bcc814341bf1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F706eea65-3ba8-43f4-85c3-967026936660.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F706eea65-3ba8-43f4-85c3-967026936660.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3ef9865421a37eae9a4df04083d27485
c7cf1f6a259cece60a34261ec83ee00736e1d72b
723b65ba660f22281f85d6caceea23e9cd932ee9084dc905a08a585746c4c4cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F706eea65-3ba8-43f4-85c3-967026936660.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9922
x-amzn-requestid: de1e3e45-74ff-41b2-986f-e78473cb6d98
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YVc1SGM7IAMFw0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631edb54-2099524d6f2c338b41eea101;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 07:10:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MtgQUzYMa3mT0lxPhQ5ZCp9XVVyBH8T0dlx_0wSLMZlaFEiCikTXMw==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 22:25:51 GMT
age: 63113
etag: "c7cf1f6a259cece60a34261ec83ee00736e1d72b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb035d64b-46a7-4c49-b95b-e454aa90f817.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb035d64b-46a7-4c49-b95b-e454aa90f817.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1633672fad0b564108cf81ad711dc881
d37ad0f40bc1f3f0022467dd0af2478980bd858a
cc7176a297f6009f07074fb9af796132b4452833be675bf378cc950fe81a582a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb035d64b-46a7-4c49-b95b-e454aa90f817.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9071
x-amzn-requestid: b450f7cf-6cc7-4d1f-aef3-4496f0971727
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeIxuEq6oAMF9jQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632254d7-6912ef8731d81fa43b805e5b;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:25:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 6LDUuDX1W8-Q88pDJma0xCAd5QuJ0YV-VpJ_8LVyDHX9YN1k0fQZ8Q==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 22:36:39 GMT
etag: "d37ad0f40bc1f3f0022467dd0af2478980bd858a"
content-type: image/jpeg
age: 62465
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86bf6a5e-a3e5-479d-a052-fa843c45a3d9.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86bf6a5e-a3e5-479d-a052-fa843c45a3d9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4833535b1650b0ac875704023b650e66
96ab8cd8e14350f730d26731f3445710324e24e2
d2b5a51e39a4890ba56e819d4d5d1d57d4d3cfc50dde42efdf23b8e9be17d1c7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86bf6a5e-a3e5-479d-a052-fa843c45a3d9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9400
x-amzn-requestid: 8cf35176-18a1-427b-870c-bdae465060c8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYM18E-iIAMFcmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ff4f2-427bc0ff6593e71e25b91589;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 03:11:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZVnPAYUOBCRUYD3wEx79lIMjBJCKyVB9CmnTqMJIaFPbQGPoHwB73w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Wed, 14 Sep 2022 20:21:37 GMT
age: 70567
etag: "96ab8cd8e14350f730d26731f3445710324e24e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
s.pinimg.com/ct/lib/main.55e552f9.js
23.38.200.197200 OK 19 kB URL HTTP/2 s.pinimg.com/ct/lib/main.55e552f9.js
IP 23.38.200.197:0
File type Unicode text, UTF-8 text, with very long lines (54284), with no line terminators
Hash 84c1602180f73853dc1e35f7296bdf7d
40aea44ea928e8d539381759b791f5c70f6d4c82
6b2faea09b5d5015a36ab4300e1034e1907895b40249e5fd11b42a66fbd21dac
GET /ct/lib/main.55e552f9.js HTTP/1.1
Host: s.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "84c1602180f73853dc1e35f7296bdf7d"
content-encoding: gzip
accept-ranges: bytes
content-type: application/javascript
content-length: 18601
cache-control: max-age=1209600
vary: Accept-Encoding, Origin
x-cdn: akamai
access-control-max-age: 86400
access-control-expose-headers: X-CDN
access-control-allow-methods: GET
access-control-allow-origin: *
X-Firefox-Spdy: h2
mc.us4.list-manage.com/subscribe/form-settings?u=3fae40bd2a892b7d9517541f2&id=4975235e0c&u=3fae40bd2a892b7d9517541f2&id=4975235e0c&c=dojo_request_script_callbacks.dojo_request_script0
104.110.24.122200 OK 870 B URL HTTP/2 mc.us4.list-manage.com/subscribe/form-settings?u=3fae40bd2a892b7d9517541f2&id=4975235e0c&u=3fae40bd2a892b7d9517541f2&id=4975235e0c&c=dojo_request_script_callbacks.dojo_request_script0
IP 104.110.24.122:0
File type ASCII text, with very long lines (1651), with no line terminators
Hash a217499321844e7427b254ace5c75722
cfeeb753f0a27226f16dcf34813f431eb00b5965
5bc7907771f8b742a1f35b02abc50c265223092196c0912991162f98dc24aac4
GET /subscribe/form-settings?u=3fae40bd2a892b7d9517541f2&id=4975235e0c&u=3fae40bd2a892b7d9517541f2&id=4975235e0c&c=dojo_request_script_callbacks.dojo_request_script0 HTTP/1.1
Host: mc.us4.list-manage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
content-type: application/json; charset=utf-8
content-length: 870
x-ua-compatible: IE=edge,chrome=1
referrer-policy: same-origin
content-encoding: gzip
cache-control: max-age=300
expires: Thu, 15 Sep 2022 16:02:45 GMT
date: Thu, 15 Sep 2022 15:57:45 GMT
vary: Accept-Encoding
set-cookie: _mcid=1.c096fd69f6609d350c77cc843f883867.4b9648ff5b8b6be7279086efa01031e30d9008ec57221a4f14d4a7b3e49b2aa2; expires=Fri, 15-Sep-2023 15:57:44 GMT; Max-Age=31536000; path=/
_mc_anon_id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
_abck=63E3DE4856FF2E6856AC5BCCD22EE2FB~-1~YAAQrU0kFx8BxzmDAQAArdDeQQhPgd7aeIlt3nZ9XYUPpT4eBUuyo+Hs9sebQoK9uLhljfnIts0Yuu9YV1/TGxBTXqmtsFgpYC1cHWG4vmW91ITzSDUlyI96fyf2KQjPxNH8LoKNAKz2anMKeErG+wYcKP/ADrIpRzuE57Vp7PANPh+lqSk9UBdUPMhP4uaYG85IfwHgnYCBmH6o0A5KZOrd+NeMXdleHU+hNKf1jPtur1ClV3azpWcs2iLDyyi6TWM6jmJR9nG6NiF219nZ/sh4ExRaA8Tf6RTWiqUr7e2iXynhaLwt//fePdZuyaeFP+sdx/Ue+KREPTVK9/8wRWv1HacA/SbmlVjaaJGM9Zju6fm9RtupUoS7DUSPvvRAkg==~-1~-1~-1; Domain=.list-manage.com; Path=/; Expires=Fri, 15 Sep 2023 15:57:45 GMT; Max-Age=31536000; SameSite=None; Secure
ak_bmsc=5C9666A2D5FB77290BF5503FCA058847~000000000000000000000000000000~YAAQrU0kFyABxzmDAQAArdDeQRHhI/oOWdxpi8jQu4QzlZx+xCwUbVGjqWdiHSNwWWc72VqNInE1v95C8hlwphAlXparIXS9cHuuM/1z/4x4kl+VE7AtN8NM/2n+fQznhTn+QSVdtmqrMO+5XCT7TCc1aiFtDFOSQfRabhd3VyNG7Ug0bRR0bAMkPJRc40rTo44tNU5FN+wERckr32uf4iMMl4RDpCxSCK0TsFdV9zI8pgRx41FjS9Nu1y+FAVI0eHMQJw0wDloXW9V4GjRRlMmf3JlJc4vOs2Pdhb5pOGsN01jW/ApyBRIDLy5Du6n2xmlDqQAV2ukU+4ug7A1mizXi31Umvdm9vkRueZhfSrYZn9TCRbUUX+zW1UgLsQPXXbNQKgO1SK9wB2bTHqZVDJAW; Domain=.us4.list-manage.com; Path=/; Expires=Thu, 15 Sep 2022 17:57:44 GMT; Max-Age=7199; SameSite=None; Secure; HttpOnly
bm_sz=144E28B2BADC52B1889B5FE840174C05~YAAQrU0kFyEBxzmDAQAArdDeQREohFTHskdnDNNOZX9ML7EvHQ8yo/2sKIOPxImFrgx8bS4SxRsSp+OQsemal0RulDqblZPgl2HLoJMDQT3/gJgVe3/9BHCHU1S+B5ko5sR3uKcIeHZVILP3VKUy1Vxsd7SD27HJgqxSagoBDT6iL+XWM1+7DmUSjHSgTaRTHRvVGDzijcEdwUER0YOPoC3c4cB3gvOENyhbRBFeAcL9aBcIyYXe+NBwDTHcWTsNNQkBm/FEvX0caA93c5cyyFSDpTjBaojJf1Q951AGpYjoBifz6MGaZg==~3289670~3225904; Domain=.list-manage.com; Path=/; Expires=Thu, 15 Sep 2022 19:57:44 GMT; Max-Age=14399; SameSite=None; Secure
X-Firefox-Spdy: h2
downloads.mailchimp.com/js/signup-forms/popup/unique-methods/079edf446cb10dc5225dfe31714cd182fefedaf3/popup.js
143.204.55.95200 OK 31 kB URL HTTP/1.1 downloads.mailchimp.com/js/signup-forms/popup/unique-methods/079edf446cb10dc5225dfe31714cd182fefedaf3/popup.js
IP 143.204.55.95:0
File type ASCII text, with very long lines (65526)
Hash 03ee4650564c8dd900086f7883f1c942
5d9b0369ca99814d2e324c07dc228500e68e4374
b1970ca35f1519863c528a60ecd9a7c453d6c1e60e478c6e19ba8ef6dfb54783
GET /js/signup-forms/popup/unique-methods/079edf446cb10dc5225dfe31714cd182fefedaf3/popup.js HTTP/1.1
Host: downloads.mailchimp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 23 Jun 2022 13:56:31 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Wed, 14 Sep 2022 18:23:12 GMT
ETag: W/"fb8bd57028aa5fdb4ef666437e4717f7"
X-Cache: Hit from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: DzlfzmfK0lu_PRfM4DUM68KXV0uNKadXSsZvV-aD0vb8_U97P1FHeg==
Age: 77674
Vary: Accept-Encoding, Origin
ct.pinterest.com/user/?tid=2613843640639&pd=%7B%22np%22%3A%22woocommerce%22%7D&cb=1663257449753
151.101.84.84200 OK 377 B URL HTTP/2 ct.pinterest.com/user/?tid=2613843640639&pd=%7B%22np%22%3A%22woocommerce%22%7D&cb=1663257449753
IP 151.101.84.84:0
File type JSON data\012- , ASCII text, with very long lines (539), with no line terminators
Hash f6314a3333f750a090b7d16565b63b62
b071e68a3c67319a26ff36cd8a2758cc69e72377
341b6a8e9fc8f0cd98feb8442e1c01f066cf2b220749842c5be46d65786c3085
GET /user/?tid=2613843640639&pd=%7B%22np%22%3A%22woocommerce%22%7D&cb=1663257449753 HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sarahebott.org
Connection: keep-alive
Referer: https://sarahebott.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-expose-headers: Epik,Pin-Unauth
pin-unauth: dWlkPU1EQXdZV0k1TVdNdFpUTmtaQzAwWmpjNExXRTNOR1F0TVRKbFlXRmtaVGN4WVRSaA
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-origin: https://sarahebott.org
content-type: application/json; charset=utf-8
content-encoding: gzip
x-envoy-upstream-service-time: 2
referrer-policy: origin
x-pinterest-rid: 2608315754356850
date: Thu, 15 Sep 2022 15:57:45 GMT
x-cdn: fastly
content-length: 377
X-Firefox-Spdy: h2
downloads.mailchimp.com/css/signup-forms/popup/079edf446cb10dc5225dfe31714cd182fefedaf3/common.css
143.204.55.95200 OK 2.6 kB URL HTTP/1.1 downloads.mailchimp.com/css/signup-forms/popup/079edf446cb10dc5225dfe31714cd182fefedaf3/common.css
IP 143.204.55.95:0
Hash 037d39009eef3231b1ab6a4c700ee791
91e86308bfe31d40743a024a9b71e00a1bf29058
6a28c6f09a2b4d405bd6e6e578187781e4d49c5be599facce1a79623c894acdd
GET /css/signup-forms/popup/079edf446cb10dc5225dfe31714cd182fefedaf3/common.css HTTP/1.1
Host: downloads.mailchimp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 14 Sep 2022 23:42:43 GMT
Last-Modified: Thu, 23 Jun 2022 13:56:31 GMT
ETag: W/"82e72d627b04e1654282023cca1d1e69"
Server: AmazonS3
Content-Encoding: gzip
X-Cache: Hit from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 0VIWCwKXPSHMQdzJsDwduaXw0hMdu5PK-CCvnEZ9elNgu-5G2BTehQ==
Age: 58503
Vary: Accept-Encoding, Origin
downloads.mailchimp.com/css/signup-forms/popup/079edf446cb10dc5225dfe31714cd182fefedaf3/banner.css
143.204.55.95200 OK 434 B URL HTTP/1.1 downloads.mailchimp.com/css/signup-forms/popup/079edf446cb10dc5225dfe31714cd182fefedaf3/banner.css
IP 143.204.55.95:0
Hash 77e2ec850192780a802307067a5742a5
c9843c3c8575692c65f7fab5c86431301945c0d8
061b0574dc3176451ef412078330a632828153ea7bc134fdf6c98e2149e9f0ec
GET /css/signup-forms/popup/079edf446cb10dc5225dfe31714cd182fefedaf3/banner.css HTTP/1.1
Host: downloads.mailchimp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 23 Jun 2022 13:56:31 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Thu, 15 Sep 2022 05:15:26 GMT
ETag: W/"78d1bdd981816cfbeb6954a85f9efa58"
X-Cache: Hit from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: IPBAECGab6fqfRsVnKzKbNoAycI5W4Yq_Z3Uzwwbbr-jYRxhPbm3Tg==
Age: 38539
Vary: Accept-Encoding, Origin
ct.pinterest.com/v3/?tid=2613843640639&pd=%7B%22np%22%3A%22woocommerce%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fsarahebott.org%2Fwp-content%2Fuploads%2F2022%2F07%2Ffoundation_of_mems_chang_liu_free_pdf97_top.pdf%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%2255e552f9%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1663257449756
151.101.84.84200 OK 35 B URL HTTP/2 ct.pinterest.com/v3/?tid=2613843640639&pd=%7B%22np%22%3A%22woocommerce%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fsarahebott.org%2Fwp-content%2Fuploads%2F2022%2F07%2Ffoundation_of_mems_chang_liu_free_pdf97_top.pdf%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%2255e552f9%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1663257449756
IP 151.101.84.84:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9b8d19f4310c758344e40bf17fbc7e85
2290ef058812d5f5e398736e2316cba8cf8093cf
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
GET /v3/?tid=2613843640639&pd=%7B%22np%22%3A%22woocommerce%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fsarahebott.org%2Fwp-content%2Fuploads%2F2022%2F07%2Ffoundation_of_mems_chang_liu_free_pdf97_top.pdf%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%2255e552f9%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1663257449756 HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: image/gif
access-control-allow-origin: *
x-envoy-upstream-service-time: 1
referrer-policy: origin
x-pinterest-rid: 2022978436504605
date: Thu, 15 Sep 2022 15:57:45 GMT
x-cdn: fastly
content-length: 35
X-Firefox-Spdy: h2
ct.pinterest.com/v3/?event=pagevisit&tid=2613843640639&pd=%7B%22np%22%3A%22woocommerce%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fsarahebott.org%2Fwp-content%2Fuploads%2F2022%2F07%2Ffoundation_of_mems_chang_liu_free_pdf97_top.pdf%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%2255e552f9%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1663257449756
151.101.84.84200 OK 35 B URL HTTP/2 ct.pinterest.com/v3/?event=pagevisit&tid=2613843640639&pd=%7B%22np%22%3A%22woocommerce%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fsarahebott.org%2Fwp-content%2Fuploads%2F2022%2F07%2Ffoundation_of_mems_chang_liu_free_pdf97_top.pdf%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%2255e552f9%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1663257449756
IP 151.101.84.84:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9b8d19f4310c758344e40bf17fbc7e85
2290ef058812d5f5e398736e2316cba8cf8093cf
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
GET /v3/?event=pagevisit&tid=2613843640639&pd=%7B%22np%22%3A%22woocommerce%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fsarahebott.org%2Fwp-content%2Fuploads%2F2022%2F07%2Ffoundation_of_mems_chang_liu_free_pdf97_top.pdf%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1024%2C%22sw%22%3A1280%2C%22mh%22%3A%2255e552f9%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1663257449756 HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: image/gif
access-control-allow-origin: *
set-cookie: _pinterest_ct_ua="TWc9PSYzSzJwVk5SWDVXRHkxS2hadEk0bnlhZmt2RzFJZVFuWHAvMEhHTzRLTzdRVEJpcUVUQ1dORldBV05LWkJuaXdIZjByMmh1WVBkbXk0TEtnUmdqVjlTbWVPR096eHNNYmd3dmFNY1UzdzQ2QT0mczF2NmwvYjFVSzN1aFltZk4zVmw3ZTVVc0pVPQ=="; Expires=Fri, 15 Sep 2023 15:57:45 GMT; Path=/; Domain=ct.pinterest.com; Secure; SameSite=None
x-envoy-upstream-service-time: 2
referrer-policy: origin
x-pinterest-rid: 1414188739962094
date: Thu, 15 Sep 2022 15:57:45 GMT
x-cdn: fastly
content-length: 35
X-Firefox-Spdy: h2
downloads.mailchimp.com/css/signup-forms/popup/079edf446cb10dc5225dfe31714cd182fefedaf3/layout-2.css
143.204.55.95200 OK 378 B URL HTTP/1.1 downloads.mailchimp.com/css/signup-forms/popup/079edf446cb10dc5225dfe31714cd182fefedaf3/layout-2.css
IP 143.204.55.95:0
Hash cf3f32b87e7db0bc75850ee6a3971b0a
f2cd301fb0f02e3f0268ff23b654a239113e4fb2
79357138bcdc91233e5196ca82ef83bed0fdcb2468b4cd1a433c9cb859ac5fdd
GET /css/signup-forms/popup/079edf446cb10dc5225dfe31714cd182fefedaf3/layout-2.css HTTP/1.1
Host: downloads.mailchimp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 14 Sep 2022 22:45:19 GMT
Last-Modified: Thu, 23 Jun 2022 13:56:31 GMT
ETag: W/"38f50a83c6d5d15facb231447fa1ac56"
Server: AmazonS3
Content-Encoding: br
X-Cache: Hit from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 6o1Tb7g0EcIzOMqzcG7fC9_vhTEtPz4pBZghSY5j18MlwnXWjasp1A==
Age: 61947
Vary: Accept-Encoding, Origin
downloads.mailchimp.com/css/signup-forms/popup/079edf446cb10dc5225dfe31714cd182fefedaf3/modal.css
143.204.55.95200 OK 945 B URL HTTP/1.1 downloads.mailchimp.com/css/signup-forms/popup/079edf446cb10dc5225dfe31714cd182fefedaf3/modal.css
IP 143.204.55.95:0
Hash cff4710f863e85980b11cdc1a67e45e5
272b6b68af6d70bd7e1b69b251ac5821cf3daa25
8a3b8e717762c3e251de403a2f6b06da68e2fce957e10474b0a75c1f610799c3
GET /css/signup-forms/popup/079edf446cb10dc5225dfe31714cd182fefedaf3/modal.css HTTP/1.1
Host: downloads.mailchimp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 14 Sep 2022 22:43:34 GMT
Last-Modified: Thu, 23 Jun 2022 13:56:31 GMT
ETag: W/"aa6f4416185bd7f299dd89e11dac117f"
Server: AmazonS3
Content-Encoding: gzip
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ig0RWomW1mYOAcxvjX4TRT6QaRI2QqW-LqBvproRSQXgiee0E0FR_w==
Age: 62052
Vary: Accept-Encoding, Origin
ct.pinterest.com/ct.html
151.101.84.84200 OK 323 B IP 151.101.84.84:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (565), with no line terminators
Hash b49b45b63051915a8c657060651eb07f
acaddf8021f220d0e4d30e7c8b3d8330ff781af9
4b00fbca5db49c6e4b29a0c873c43671880bcea1b7b3007655183382a318c2dc
GET /ct.html HTTP/1.1
Host: ct.pinterest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=86400
content-type: text/html; charset=utf-8
content-encoding: gzip
x-envoy-upstream-service-time: 1
referrer-policy: origin
x-pinterest-rid: 5834145044828705
date: Thu, 15 Sep 2022 15:57:45 GMT
x-cdn: fastly
content-length: 323
X-Firefox-Spdy: h2
pixel.wp.com/boom.gif?bilmur=1&batcache_hit=0&provider=wordpress.com&service=atomic&host_name=sarahebott.org&url_path=%2Fwp-content%2Fuploads%2F2022%2F07%2Ffoundation_of_mems_chang_liu_free_pdf97_top.pdf&nt_fetchStart=318&nt_domainLookupStart=353&nt_domainLookupEnd=354&nt_connectStart=354&nt_connectEnd=672&nt_secureConnectionStart=365&nt_requestStart=672&nt_responseStart=1623&nt_responseEnd=1629&nt_domLoading=1634&nt_domInteractive=2126&nt_domContentLoadedEventStart=2131&nt_domContentLoadedEventEnd=2140&nt_domComplete=2856&nt_loadEventStart=2857&nt_loadEventEnd=2863&nt_redirectCount=0&nt_api_level=2&first_contentful_paint=2034&resource_size=886563&resource_transferred=208070&js_size=279437&js_transferred=105325&resource_cache_percent=0&js_cache_percent=0&last_resource_end=3183
192.0.76.3204 No Content 0 B URL HTTP/2 pixel.wp.com/boom.gif?bilmur=1&batcache_hit=0&provider=wordpress.com&service=atomic&host_name=sarahebott.org&url_path=%2Fwp-content%2Fuploads%2F2022%2F07%2Ffoundation_of_mems_chang_liu_free_pdf97_top.pdf&nt_fetchStart=318&nt_domainLookupStart=353&nt_domainLookupEnd=354&nt_connectStart=354&nt_connectEnd=672&nt_secureConnectionStart=365&nt_requestStart=672&nt_responseStart=1623&nt_responseEnd=1629&nt_domLoading=1634&nt_domInteractive=2126&nt_domContentLoadedEventStart=2131&nt_domContentLoadedEventEnd=2140&nt_domComplete=2856&nt_loadEventStart=2857&nt_loadEventEnd=2863&nt_redirectCount=0&nt_api_level=2&first_contentful_paint=2034&resource_size=886563&resource_transferred=208070&js_size=279437&js_transferred=105325&resource_cache_percent=0&js_cache_percent=0&last_resource_end=3183
IP 192.0.76.3:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /boom.gif?bilmur=1&batcache_hit=0&provider=wordpress.com&service=atomic&host_name=sarahebott.org&url_path=%2Fwp-content%2Fuploads%2F2022%2F07%2Ffoundation_of_mems_chang_liu_free_pdf97_top.pdf&nt_fetchStart=318&nt_domainLookupStart=353&nt_domainLookupEnd=354&nt_connectStart=354&nt_connectEnd=672&nt_secureConnectionStart=365&nt_requestStart=672&nt_responseStart=1623&nt_responseEnd=1629&nt_domLoading=1634&nt_domInteractive=2126&nt_domContentLoadedEventStart=2131&nt_domContentLoadedEventEnd=2140&nt_domComplete=2856&nt_loadEventStart=2857&nt_loadEventEnd=2863&nt_redirectCount=0&nt_api_level=2&first_contentful_paint=2034&resource_size=886563&resource_transferred=208070&js_size=279437&js_transferred=105325&resource_cache_percent=0&js_cache_percent=0&last_resource_end=3183 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 15 Sep 2022 15:57:47 GMT
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
stats.wp.com/e-202237.js
192.0.76.3200 OK 3.5 kB IP 192.0.76.3:0
File type ASCII text, with very long lines (2690)
Hash e8aaf7b1b2accbb590b2251c4a7572d7
df97f88e0091cb5e7b9fd1f6e232dc045495bbc5
d12284df33c0a575209db11fd6ef9eacd7302ea035c1ba4992ca7289ba041044
GET /e-202237.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:44 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"62f6b688-3508"
content-encoding: br
expires: Sun, 03 Sep 2023 22:56:03 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
downloads.mailchimp.com/images/signup-forms/popup/textBadge.svg
143.204.55.95200 OK 2.9 kB URL HTTP/1.1 downloads.mailchimp.com/images/signup-forms/popup/textBadge.svg
IP 143.204.55.95:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 8ccb03508055e57adb4cccc5f0d12922
e1eb2628d634cd2bd35d2801988569188a3874de
df434c9b18358d341df42cf1ed468fca285fd39089b9e4c0b6a6fae49a298046
GET /images/signup-forms/popup/textBadge.svg HTTP/1.1
Host: downloads.mailchimp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://downloads.mailchimp.com/css/signup-forms/popup/079edf446cb10dc5225dfe31714cd182fefedaf3/common.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 17 Aug 2022 13:26:30 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Wed, 14 Sep 2022 19:41:16 GMT
ETag: W/"08dce9f767c64a8247f61eb5897a5a7f"
X-Cache: Hit from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bNosMhBqoSXMN1sz3Mndz7-X9_awsp-W9bL-m0xxTRbQKJvJKmp7aA==
Age: 78971
Vary: Accept-Encoding, Origin
mcusercontent.com/3fae40bd2a892b7d9517541f2/images/29fa4414-a913-1609-fb6d-231125cd1914.jpg
34.96.122.219200 OK 193 kB URL HTTP/2 mcusercontent.com/3fae40bd2a892b7d9517541f2/images/29fa4414-a913-1609-fb6d-231125cd1914.jpg
IP 34.96.122.219:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 569x572, components 3\012- data
Size 193 kB (192846 bytes)
Hash ad875a0b9d5ad38153adffc592b57c36
ab1b54094926d762660fd221de25f4a31b6d5a84
2f9fd7cdab0e5ecf4ee0e9f81b94ff0f7dd5d4ede58b6055634fc8c771d17d2b
GET /3fae40bd2a892b7d9517541f2/images/29fa4414-a913-1609-fb6d-231125cd1914.jpg HTTP/1.1
Host: mcusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdscvBPi1V2bgKPssiPP9j3f5VCOGA6rg1ayxL7y_R872SpC6UEGc_pRa6a3nT3v0x24CbwQzES51XdNjV6yDxTrAy5WB5Ut
x-goog-generation: 1659577287637785
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 192846
x-goog-hash: crc32c=h7FJwQ==, md5=rYdaC51a04FTrf/FkrV8Ng==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 192846
server: UploadServer
date: Thu, 15 Sep 2022 15:57:50 GMT
expires: Thu, 15 Sep 2022 16:57:50 GMT
cache-control: public, max-age=3600
last-modified: Thu, 04 Aug 2022 01:41:27 GMT
etag: "ad875a0b9d5ad38153adffc592b57c36"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/Hjqn5zXy5ws
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/Hjqn5zXy5ws
IP 142.250.74.3:0
Hash 2bf41890147db5a1422c1ff4f6da2208
a8c645fa3ff245b9e0fc989656b00e1d6e4d5aa7
a1d183c7e87cad431936d109165885390a7eeeef4daf2ddc3f385b7eb3e2ff4d
POST /s/gts1d4/Hjqn5zXy5ws HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 15:57:50 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sarahebott.org/wp-content/uploads/2022/07/foundation_of_mems_chang_liu_free_pdf97_top.pdf
192.0.78.150404 Not Found 0 B URL HTTP/2 sarahebott.org/wp-content/uploads/2022/07/foundation_of_mems_chang_liu_free_pdf97_top.pdf
IP 192.0.78.150:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/07/foundation_of_mems_chang_liu_free_pdf97_top.pdf HTTP/1.1
Host: sarahebott.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
server: nginx
date: Thu, 15 Sep 2022 15:57:43 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
host-header: WordPress.com
vary: Accept-Encoding, Cookie
set-cookie: mailchimp_landing_site=https%3A%2F%2Fsarahebott.org%2Fwp-content%2Fuploads%2F2022%2F07%2Ffoundation_of_mems_chang_liu_free_pdf97_top.pdf; expires=Thu, 13-Oct-2022 15:57:43 GMT; Max-Age=2419200; path=/; secure; SameSite=Strict
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://sarahebott.org/wp-json/>; rel="https://api.w.org/"
content-encoding: br
x-ac: 3.arn _atomic_ams
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.2/wp-includes/js/underscore.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.0.2/wp-includes/js/underscore.min.js
IP 192.0.77.37:0
GET /c/6.0.2/wp-includes/js/underscore.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:44 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 27 Apr 2022 14:39:21 GMT
content-encoding: br
expires: Fri, 15 Sep 2023 15:57:44 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/p/woocommerce/6.9.1/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/p/woocommerce/6.9.1/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css
IP 192.0.77.37:0
GET /p/woocommerce/6.9.1/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:44 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 24 Aug 2022 20:12:33 GMT
content-encoding: br
expires: Fri, 15 Sep 2023 15:57:44 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
s0.wp.com/wp-content/js/bilmur.min.js?m=202237
192.0.77.32200 OK 0 B URL HTTP/2 s0.wp.com/wp-content/js/bilmur.min.js?m=202237
IP 192.0.77.32:0
GET /wp-content/js/bilmur.min.js?m=202237 HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:44 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6246db7c-16da"
content-encoding: br
expires: Tue, 12 Sep 2023 00:00:00 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 1
X-Firefox-Spdy: h2
sarahebott.org/wp-content/plugins/rey-core/assets/css/general-components/general/general.css?ver=2.3.5.1
192.0.78.150200 OK 0 B URL HTTP/2 sarahebott.org/wp-content/plugins/rey-core/assets/css/general-components/general/general.css?ver=2.3.5.1
IP 192.0.78.150:0
GET /wp-content/plugins/rey-core/assets/css/general-components/general/general.css?ver=2.3.5.1 HTTP/1.1
Host: sarahebott.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/wp-content/uploads/2022/07/foundation_of_mems_chang_liu_free_pdf97_top.pdf
Cookie: mailchimp_landing_site=https%3A%2F%2Fsarahebott.org%2Fwp-content%2Fuploads%2F2022%2F07%2Ffoundation_of_mems_chang_liu_free_pdf97_top.pdf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:44 GMT
content-type: text/css
strict-transport-security: max-age=31536000
last-modified: Sun, 19 Jun 2022 11:12:52 GMT
vary: Accept-Encoding
etag: W/"62af04b4-1c5f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams
X-Firefox-Spdy: h2
sarahebott.org/wp-content/plugins/jetpack/_inc/build/tiled-gallery/tiled-gallery/tiled-gallery.min.js?ver=11.4-a.3
192.0.78.150200 OK 0 B URL HTTP/2 sarahebott.org/wp-content/plugins/jetpack/_inc/build/tiled-gallery/tiled-gallery/tiled-gallery.min.js?ver=11.4-a.3
IP 192.0.78.150:0
GET /wp-content/plugins/jetpack/_inc/build/tiled-gallery/tiled-gallery/tiled-gallery.min.js?ver=11.4-a.3 HTTP/1.1
Host: sarahebott.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/wp-content/uploads/2022/07/foundation_of_mems_chang_liu_free_pdf97_top.pdf
Cookie: mailchimp_landing_site=https%3A%2F%2Fsarahebott.org%2Fwp-content%2Fuploads%2F2022%2F07%2Ffoundation_of_mems_chang_liu_free_pdf97_top.pdf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:44 GMT
content-type: application/javascript
strict-transport-security: max-age=31536000
last-modified: Tue, 07 Dec 2021 16:56:48 GMT
vary: Accept-Encoding
etag: W/"61af9250-c54"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams
X-Firefox-Spdy: h2
c0.wp.com/p/woocommerce/6.9.1/packages/woocommerce-blocks/build/wc-blocks-style.css
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/p/woocommerce/6.9.1/packages/woocommerce-blocks/build/wc-blocks-style.css
IP 192.0.77.37:0
GET /p/woocommerce/6.9.1/packages/woocommerce-blocks/build/wc-blocks-style.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:44 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 24 Aug 2022 20:12:33 GMT
content-encoding: br
expires: Fri, 15 Sep 2023 15:57:44 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
sarahebott.org/wp-content/plugins/woo-variation-swatches/assets/css/frontend.min.css?ver=1655637177
192.0.78.150200 OK 0 B URL HTTP/2 sarahebott.org/wp-content/plugins/woo-variation-swatches/assets/css/frontend.min.css?ver=1655637177
IP 192.0.78.150:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woo-variation-swatches/assets/css/frontend.min.css?ver=1655637177 HTTP/1.1
Host: sarahebott.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/wp-content/uploads/2022/07/foundation_of_mems_chang_liu_free_pdf97_top.pdf
Cookie: mailchimp_landing_site=https%3A%2F%2Fsarahebott.org%2Fwp-content%2Fuploads%2F2022%2F07%2Ffoundation_of_mems_chang_liu_free_pdf97_top.pdf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:44 GMT
content-type: text/css
strict-transport-security: max-age=31536000
last-modified: Sun, 19 Jun 2022 11:12:57 GMT
vary: Accept-Encoding
etag: W/"62af04b9-8b39"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams
X-Firefox-Spdy: h2
sarahebott.org/wp-content/themes/rey/assets/css/components/header/style.css?ver=2.1.0
192.0.78.150200 OK 0 B URL HTTP/2 sarahebott.org/wp-content/themes/rey/assets/css/components/header/style.css?ver=2.1.0
IP 192.0.78.150:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/rey/assets/css/components/header/style.css?ver=2.1.0 HTTP/1.1
Host: sarahebott.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/wp-content/uploads/2022/07/foundation_of_mems_chang_liu_free_pdf97_top.pdf
Cookie: mailchimp_landing_site=https%3A%2F%2Fsarahebott.org%2Fwp-content%2Fuploads%2F2022%2F07%2Ffoundation_of_mems_chang_liu_free_pdf97_top.pdf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:44 GMT
content-type: text/css
strict-transport-security: max-age=31536000
last-modified: Sun, 15 Aug 2021 20:04:50 GMT
vary: Accept-Encoding
etag: W/"61197362-e87"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams
X-Firefox-Spdy: h2
sarahebott.org/wp-content/mu-plugins/wpcomsh/vendor/automattic/wc-calypso-bridge/store-on-wpcom/assets/css/masterbar.css?ver=1.9.3
192.0.78.150200 OK 0 B URL HTTP/2 sarahebott.org/wp-content/mu-plugins/wpcomsh/vendor/automattic/wc-calypso-bridge/store-on-wpcom/assets/css/masterbar.css?ver=1.9.3
IP 192.0.78.150:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/mu-plugins/wpcomsh/vendor/automattic/wc-calypso-bridge/store-on-wpcom/assets/css/masterbar.css?ver=1.9.3 HTTP/1.1
Host: sarahebott.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/wp-content/uploads/2022/07/foundation_of_mems_chang_liu_free_pdf97_top.pdf
Cookie: mailchimp_landing_site=https%3A%2F%2Fsarahebott.org%2Fwp-content%2Fuploads%2F2022%2F07%2Ffoundation_of_mems_chang_liu_free_pdf97_top.pdf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:44 GMT
content-type: text/css
strict-transport-security: max-age=31536000
last-modified: Wed, 31 Aug 2022 15:22:56 GMT
vary: Accept-Encoding
etag: W/"630f7cd0-2d8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams
X-Firefox-Spdy: h2
sarahebott.org/wp-content/themes/rey/assets/js/rey.js?ver=2.1.0
192.0.78.150200 OK 0 B URL HTTP/2 sarahebott.org/wp-content/themes/rey/assets/js/rey.js?ver=2.1.0
IP 192.0.78.150:0
GET /wp-content/themes/rey/assets/js/rey.js?ver=2.1.0 HTTP/1.1
Host: sarahebott.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/wp-content/uploads/2022/07/foundation_of_mems_chang_liu_free_pdf97_top.pdf
Cookie: mailchimp_landing_site=https%3A%2F%2Fsarahebott.org%2Fwp-content%2Fuploads%2F2022%2F07%2Ffoundation_of_mems_chang_liu_free_pdf97_top.pdf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:44 GMT
content-type: application/javascript
strict-transport-security: max-age=31536000
last-modified: Sun, 15 Aug 2021 20:04:50 GMT
vary: Accept-Encoding
etag: W/"61197362-284c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams
X-Firefox-Spdy: h2
c0.wp.com/p/woocommerce/6.9.1/assets/js/frontend/cart-fragments.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/p/woocommerce/6.9.1/assets/js/frontend/cart-fragments.min.js
IP 192.0.77.37:0
GET /p/woocommerce/6.9.1/assets/js/frontend/cart-fragments.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:44 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 23 Nov 2021 22:30:13 GMT
content-encoding: br
expires: Fri, 15 Sep 2023 15:57:44 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.2/wp-includes/js/wp-util.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.0.2/wp-includes/js/wp-util.min.js
IP 192.0.77.37:0
GET /c/6.0.2/wp-includes/js/wp-util.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:44 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 25 Jun 2021 14:50:58 GMT
content-encoding: br
expires: Fri, 15 Sep 2023 15:57:44 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
sarahebott.org/wp-content/themes/rey/style.min.css?ver=2.1.0
192.0.78.150200 OK 0 B URL HTTP/2 sarahebott.org/wp-content/themes/rey/style.min.css?ver=2.1.0
IP 192.0.78.150:0
GET /wp-content/themes/rey/style.min.css?ver=2.1.0 HTTP/1.1
Host: sarahebott.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/wp-content/uploads/2022/07/foundation_of_mems_chang_liu_free_pdf97_top.pdf
Cookie: mailchimp_landing_site=https%3A%2F%2Fsarahebott.org%2Fwp-content%2Fuploads%2F2022%2F07%2Ffoundation_of_mems_chang_liu_free_pdf97_top.pdf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:44 GMT
content-type: text/css
strict-transport-security: max-age=31536000
last-modified: Sun, 15 Aug 2021 20:04:50 GMT
vary: Accept-Encoding
etag: W/"61197362-2d6a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams
X-Firefox-Spdy: h2
sarahebott.org/wp-content/themes/rey/assets/css/components/general/style.css?ver=2.1.0
192.0.78.150200 OK 0 B URL HTTP/2 sarahebott.org/wp-content/themes/rey/assets/css/components/general/style.css?ver=2.1.0
IP 192.0.78.150:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/rey/assets/css/components/general/style.css?ver=2.1.0 HTTP/1.1
Host: sarahebott.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/wp-content/uploads/2022/07/foundation_of_mems_chang_liu_free_pdf97_top.pdf
Cookie: mailchimp_landing_site=https%3A%2F%2Fsarahebott.org%2Fwp-content%2Fuploads%2F2022%2F07%2Ffoundation_of_mems_chang_liu_free_pdf97_top.pdf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:44 GMT
content-type: text/css
strict-transport-security: max-age=31536000
last-modified: Sun, 15 Aug 2021 20:04:50 GMT
vary: Accept-Encoding
etag: W/"61197362-39a5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams
X-Firefox-Spdy: h2
sarahebott.org/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?minify=false&ver=54eb31dc971b63b49278
192.0.78.150200 OK 0 B URL HTTP/2 sarahebott.org/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?minify=false&ver=54eb31dc971b63b49278
IP 192.0.78.150:0
GET /wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-lazy-images/dist/lazy-images.js?minify=false&ver=54eb31dc971b63b49278 HTTP/1.1
Host: sarahebott.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/wp-content/uploads/2022/07/foundation_of_mems_chang_liu_free_pdf97_top.pdf
Cookie: mailchimp_landing_site=https%3A%2F%2Fsarahebott.org%2Fwp-content%2Fuploads%2F2022%2F07%2Ffoundation_of_mems_chang_liu_free_pdf97_top.pdf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:44 GMT
content-type: application/javascript
strict-transport-security: max-age=31536000
last-modified: Tue, 14 Jun 2022 17:23:52 GMT
vary: Accept-Encoding
etag: W/"62a8c428-939"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams
X-Firefox-Spdy: h2
sarahebott.org/wp-content/themes/rey/assets/css/components/animations/style.css?ver=2.1.0
192.0.78.150200 OK 0 B URL HTTP/2 sarahebott.org/wp-content/themes/rey/assets/css/components/animations/style.css?ver=2.1.0
IP 192.0.78.150:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/rey/assets/css/components/animations/style.css?ver=2.1.0 HTTP/1.1
Host: sarahebott.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/wp-content/uploads/2022/07/foundation_of_mems_chang_liu_free_pdf97_top.pdf
Cookie: mailchimp_landing_site=https%3A%2F%2Fsarahebott.org%2Fwp-content%2Fuploads%2F2022%2F07%2Ffoundation_of_mems_chang_liu_free_pdf97_top.pdf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:44 GMT
content-type: text/css
strict-transport-security: max-age=31536000
last-modified: Sun, 15 Aug 2021 20:04:50 GMT
vary: Accept-Encoding
etag: W/"61197362-8f0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams
X-Firefox-Spdy: h2
sarahebott.org/wp-content/plugins/woo-variation-swatches/assets/js/frontend.min.js?ver=1655637177
192.0.78.150200 OK 0 B URL HTTP/2 sarahebott.org/wp-content/plugins/woo-variation-swatches/assets/js/frontend.min.js?ver=1655637177
IP 192.0.78.150:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woo-variation-swatches/assets/js/frontend.min.js?ver=1655637177 HTTP/1.1
Host: sarahebott.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/wp-content/uploads/2022/07/foundation_of_mems_chang_liu_free_pdf97_top.pdf
Cookie: mailchimp_landing_site=https%3A%2F%2Fsarahebott.org%2Fwp-content%2Fuploads%2F2022%2F07%2Ffoundation_of_mems_chang_liu_free_pdf97_top.pdf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:44 GMT
content-type: application/javascript
strict-transport-security: max-age=31536000
last-modified: Sun, 19 Jun 2022 11:12:57 GMT
vary: Accept-Encoding
etag: W/"62af04b9-3b59"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams
X-Firefox-Spdy: h2
sarahebott.org/?wc-ajax=get_refreshed_fragments
192.0.78.150200 OK 0 B URL HTTP/2 sarahebott.org/?wc-ajax=get_refreshed_fragments
IP 192.0.78.150:0
Analyzer Verdict Alert fortinet Phishing
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: sarahebott.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://sarahebott.org
Connection: keep-alive
Referer: https://sarahebott.org/wp-content/uploads/2022/07/foundation_of_mems_chang_liu_free_pdf97_top.pdf
Cookie: mailchimp_landing_site=https%3A%2F%2Fsarahebott.org%2Fwp-content%2Fuploads%2F2022%2F07%2Ffoundation_of_mems_chang_liu_free_pdf97_top.pdf; tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:45 GMT
content-type: application/json; charset=UTF-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
host-header: WordPress.com
access-control-allow-origin: https://sarahebott.org
access-control-allow-credentials: true
x-content-type-options: nosniff
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-encoding: br
x-ac: 3.arn _atomic_ams
X-Firefox-Spdy: h2
c0.wp.com/p/woocommerce/6.9.1/assets/js/frontend/woocommerce.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/p/woocommerce/6.9.1/assets/js/frontend/woocommerce.min.js
IP 192.0.77.37:0
GET /p/woocommerce/6.9.1/assets/js/frontend/woocommerce.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:44 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 18 May 2021 17:00:20 GMT
content-encoding: br
expires: Fri, 15 Sep 2023 15:57:44 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
sarahebott.org/wp-content/plugins/jetpack/css/jetpack.css?ver=11.4-a.3
192.0.78.150200 OK 0 B URL HTTP/2 sarahebott.org/wp-content/plugins/jetpack/css/jetpack.css?ver=11.4-a.3
IP 192.0.78.150:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/jetpack/css/jetpack.css?ver=11.4-a.3 HTTP/1.1
Host: sarahebott.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/wp-content/uploads/2022/07/foundation_of_mems_chang_liu_free_pdf97_top.pdf
Cookie: mailchimp_landing_site=https%3A%2F%2Fsarahebott.org%2Fwp-content%2Fuploads%2F2022%2F07%2Ffoundation_of_mems_chang_liu_free_pdf97_top.pdf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:44 GMT
content-type: text/css
strict-transport-security: max-age=31536000
last-modified: Tue, 13 Sep 2022 18:51:00 GMT
vary: Accept-Encoding
etag: W/"6320d114-14ef8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams
X-Firefox-Spdy: h2
sarahebott.org/wp-content/plugins/ti-woocommerce-wishlist/assets/js/public.min.js?ver=1.47.0
192.0.78.150200 OK 0 B URL HTTP/2 sarahebott.org/wp-content/plugins/ti-woocommerce-wishlist/assets/js/public.min.js?ver=1.47.0
IP 192.0.78.150:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ti-woocommerce-wishlist/assets/js/public.min.js?ver=1.47.0 HTTP/1.1
Host: sarahebott.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/wp-content/uploads/2022/07/foundation_of_mems_chang_liu_free_pdf97_top.pdf
Cookie: mailchimp_landing_site=https%3A%2F%2Fsarahebott.org%2Fwp-content%2Fuploads%2F2022%2F07%2Ffoundation_of_mems_chang_liu_free_pdf97_top.pdf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:44 GMT
content-type: application/javascript
strict-transport-security: max-age=31536000
last-modified: Sun, 19 Jun 2022 11:12:55 GMT
vary: Accept-Encoding
etag: W/"62af04b7-45ea"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.2/wp-includes/js/jquery/jquery-migrate.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.0.2/wp-includes/js/jquery/jquery-migrate.min.js
IP 192.0.77.37:0
GET /c/6.0.2/wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:44 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
content-encoding: br
expires: Fri, 15 Sep 2023 15:57:44 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
stats.wp.com/s-202237.js
192.0.76.3200 OK 0 B IP 192.0.76.3:0
GET /s-202237.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:44 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-2494"
content-encoding: br
expires: Mon, 11 Sep 2023 14:14:22 GMT
cache-control: max-age=31536000
x-nc: HIT arn
X-Firefox-Spdy: h2
sarahebott.org/wp-content/themes/rey/assets/css/components/forms/style.css?ver=2.1.0
192.0.78.150200 OK 0 B URL HTTP/2 sarahebott.org/wp-content/themes/rey/assets/css/components/forms/style.css?ver=2.1.0
IP 192.0.78.150:0
GET /wp-content/themes/rey/assets/css/components/forms/style.css?ver=2.1.0 HTTP/1.1
Host: sarahebott.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/wp-content/uploads/2022/07/foundation_of_mems_chang_liu_free_pdf97_top.pdf
Cookie: mailchimp_landing_site=https%3A%2F%2Fsarahebott.org%2Fwp-content%2Fuploads%2F2022%2F07%2Ffoundation_of_mems_chang_liu_free_pdf97_top.pdf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:44 GMT
content-type: text/css
strict-transport-security: max-age=31536000
last-modified: Sun, 15 Aug 2021 20:04:50 GMT
vary: Accept-Encoding
etag: W/"61197362-2eb6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams
X-Firefox-Spdy: h2
sarahebott.org/wp-content/themes/rey/assets/css/components/gutenberg/style.css?ver=2.1.0
192.0.78.150200 OK 0 B URL HTTP/2 sarahebott.org/wp-content/themes/rey/assets/css/components/gutenberg/style.css?ver=2.1.0
IP 192.0.78.150:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/rey/assets/css/components/gutenberg/style.css?ver=2.1.0 HTTP/1.1
Host: sarahebott.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/wp-content/uploads/2022/07/foundation_of_mems_chang_liu_free_pdf97_top.pdf
Cookie: mailchimp_landing_site=https%3A%2F%2Fsarahebott.org%2Fwp-content%2Fuploads%2F2022%2F07%2Ffoundation_of_mems_chang_liu_free_pdf97_top.pdf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:44 GMT
content-type: text/css
strict-transport-security: max-age=31536000
last-modified: Sun, 15 Aug 2021 20:04:50 GMT
vary: Accept-Encoding
etag: W/"61197362-3316"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams
X-Firefox-Spdy: h2
sarahebott.org/wp-content/plugins/wp-content-copy-protection/assets/js/script.min.js?ver=1628456048
192.0.78.150200 OK 0 B URL HTTP/2 sarahebott.org/wp-content/plugins/wp-content-copy-protection/assets/js/script.min.js?ver=1628456048
IP 192.0.78.150:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-content-copy-protection/assets/js/script.min.js?ver=1628456048 HTTP/1.1
Host: sarahebott.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/wp-content/uploads/2022/07/foundation_of_mems_chang_liu_free_pdf97_top.pdf
Cookie: mailchimp_landing_site=https%3A%2F%2Fsarahebott.org%2Fwp-content%2Fuploads%2F2022%2F07%2Ffoundation_of_mems_chang_liu_free_pdf97_top.pdf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:44 GMT
content-type: application/javascript
strict-transport-security: max-age=31536000
last-modified: Sun, 08 Aug 2021 20:54:08 GMT
vary: Accept-Encoding
etag: W/"61104470-501"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.2/wp-includes/css/dist/block-library/style.min.css
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.0.2/wp-includes/css/dist/block-library/style.min.css
IP 192.0.77.37:0
GET /c/6.0.2/wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:44 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 04 Jul 2022 12:10:37 GMT
content-encoding: br
expires: Fri, 15 Sep 2023 15:57:44 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.2/wp-includes/js/mediaelement/wp-mediaelement.min.css
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.0.2/wp-includes/js/mediaelement/wp-mediaelement.min.css
IP 192.0.77.37:0
GET /c/6.0.2/wp-includes/js/mediaelement/wp-mediaelement.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:44 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
content-encoding: br
expires: Fri, 15 Sep 2023 15:57:44 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
sarahebott.org/wp-content/themes/rey/assets/css/components/buttons/style.css?ver=2.1.0
192.0.78.150200 OK 0 B URL HTTP/2 sarahebott.org/wp-content/themes/rey/assets/css/components/buttons/style.css?ver=2.1.0
IP 192.0.78.150:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/rey/assets/css/components/buttons/style.css?ver=2.1.0 HTTP/1.1
Host: sarahebott.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/wp-content/uploads/2022/07/foundation_of_mems_chang_liu_free_pdf97_top.pdf
Cookie: mailchimp_landing_site=https%3A%2F%2Fsarahebott.org%2Fwp-content%2Fuploads%2F2022%2F07%2Ffoundation_of_mems_chang_liu_free_pdf97_top.pdf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:44 GMT
content-type: text/css
strict-transport-security: max-age=31536000
last-modified: Sun, 15 Aug 2021 20:04:50 GMT
vary: Accept-Encoding
etag: W/"61197362-4ae3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.2/wp-includes/js/imagesloaded.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.0.2/wp-includes/js/imagesloaded.min.js
IP 192.0.77.37:0
GET /c/6.0.2/wp-includes/js/imagesloaded.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:44 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 13 Jun 2020 18:53:27 GMT
content-encoding: br
expires: Fri, 15 Sep 2023 15:57:44 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
sarahebott.org/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=6.0.5
192.0.78.150200 OK 0 B URL HTTP/2 sarahebott.org/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=6.0.5
IP 192.0.78.150:0
GET /wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=6.0.5 HTTP/1.1
Host: sarahebott.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/wp-content/uploads/2022/07/foundation_of_mems_chang_liu_free_pdf97_top.pdf
Cookie: mailchimp_landing_site=https%3A%2F%2Fsarahebott.org%2Fwp-content%2Fuploads%2F2022%2F07%2Ffoundation_of_mems_chang_liu_free_pdf97_top.pdf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:44 GMT
content-type: text/css
strict-transport-security: max-age=31536000
last-modified: Sun, 19 Jun 2022 11:12:54 GMT
vary: Accept-Encoding
etag: W/"62af04b6-5fb9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams
X-Firefox-Spdy: h2
sarahebott.org/wp-content/plugins/ti-woocommerce-wishlist/assets/css/webfont.min.css?ver=1.47.0
192.0.78.150200 OK 0 B URL HTTP/2 sarahebott.org/wp-content/plugins/ti-woocommerce-wishlist/assets/css/webfont.min.css?ver=1.47.0
IP 192.0.78.150:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ti-woocommerce-wishlist/assets/css/webfont.min.css?ver=1.47.0 HTTP/1.1
Host: sarahebott.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/wp-content/uploads/2022/07/foundation_of_mems_chang_liu_free_pdf97_top.pdf
Cookie: mailchimp_landing_site=https%3A%2F%2Fsarahebott.org%2Fwp-content%2Fuploads%2F2022%2F07%2Ffoundation_of_mems_chang_liu_free_pdf97_top.pdf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:44 GMT
content-type: text/css
strict-transport-security: max-age=31536000
last-modified: Sun, 19 Jun 2022 11:12:55 GMT
vary: Accept-Encoding
etag: W/"62af04b7-d50"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams
X-Firefox-Spdy: h2
sarahebott.org/wp-content/plugins/ti-woocommerce-wishlist/assets/css/public.min.css?ver=1.47.0
192.0.78.150200 OK 0 B URL HTTP/2 sarahebott.org/wp-content/plugins/ti-woocommerce-wishlist/assets/css/public.min.css?ver=1.47.0
IP 192.0.78.150:0
GET /wp-content/plugins/ti-woocommerce-wishlist/assets/css/public.min.css?ver=1.47.0 HTTP/1.1
Host: sarahebott.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/wp-content/uploads/2022/07/foundation_of_mems_chang_liu_free_pdf97_top.pdf
Cookie: mailchimp_landing_site=https%3A%2F%2Fsarahebott.org%2Fwp-content%2Fuploads%2F2022%2F07%2Ffoundation_of_mems_chang_liu_free_pdf97_top.pdf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:44 GMT
content-type: text/css
strict-transport-security: max-age=31536000
last-modified: Sun, 19 Jun 2022 11:12:55 GMT
vary: Accept-Encoding
etag: W/"62af04b7-7dcc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams
X-Firefox-Spdy: h2
sarahebott.org/wp-content/themes/rey/assets/css/components/page404/style.css?ver=2.1.0
192.0.78.150200 OK 0 B URL HTTP/2 sarahebott.org/wp-content/themes/rey/assets/css/components/page404/style.css?ver=2.1.0
IP 192.0.78.150:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/rey/assets/css/components/page404/style.css?ver=2.1.0 HTTP/1.1
Host: sarahebott.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/wp-content/uploads/2022/07/foundation_of_mems_chang_liu_free_pdf97_top.pdf
Cookie: mailchimp_landing_site=https%3A%2F%2Fsarahebott.org%2Fwp-content%2Fuploads%2F2022%2F07%2Ffoundation_of_mems_chang_liu_free_pdf97_top.pdf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:44 GMT
content-type: text/css
strict-transport-security: max-age=31536000
last-modified: Sun, 15 Aug 2021 20:04:50 GMT
vary: Accept-Encoding
etag: W/"61197362-20d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams
X-Firefox-Spdy: h2
sarahebott.org/wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20191001
192.0.78.150200 OK 0 B URL HTTP/2 sarahebott.org/wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20191001
IP 192.0.78.150:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/jetpack/_inc/build/photon/photon.min.js?ver=20191001 HTTP/1.1
Host: sarahebott.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/wp-content/uploads/2022/07/foundation_of_mems_chang_liu_free_pdf97_top.pdf
Cookie: mailchimp_landing_site=https%3A%2F%2Fsarahebott.org%2Fwp-content%2Fuploads%2F2022%2F07%2Ffoundation_of_mems_chang_liu_free_pdf97_top.pdf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:44 GMT
content-type: application/javascript
strict-transport-security: max-age=31536000
last-modified: Tue, 07 Dec 2021 16:56:48 GMT
vary: Accept-Encoding
etag: W/"61af9250-2ad"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams
X-Firefox-Spdy: h2
sarahebott.org/wp-content/plugins/mailchimp-for-woocommerce/public/js/mailchimp-woocommerce-public.min.js?ver=2.7.5.01
192.0.78.150200 OK 0 B URL HTTP/2 sarahebott.org/wp-content/plugins/mailchimp-for-woocommerce/public/js/mailchimp-woocommerce-public.min.js?ver=2.7.5.01
IP 192.0.78.150:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/mailchimp-for-woocommerce/public/js/mailchimp-woocommerce-public.min.js?ver=2.7.5.01 HTTP/1.1
Host: sarahebott.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sarahebott.org/wp-content/uploads/2022/07/foundation_of_mems_chang_liu_free_pdf97_top.pdf
Cookie: mailchimp_landing_site=https%3A%2F%2Fsarahebott.org%2Fwp-content%2Fuploads%2F2022%2F07%2Ffoundation_of_mems_chang_liu_free_pdf97_top.pdf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 15:57:44 GMT
content-type: application/javascript
strict-transport-security: max-age=31536000
last-modified: Tue, 13 Sep 2022 17:36:04 GMT
vary: Accept-Encoding
etag: W/"6320bf84-1ac6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-encoding: br
x-ac: 3.arn _atomic_ams
X-Firefox-Spdy: h2