firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 19 Sep 2022 09:57:37 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: XefS1s1XLi_9QeKBCNj-BMWCJcdoK1li0PNanDAJQZ0cpueL_rrtxQ==
Age: 1886
writingcenter.utahtech.edu/
144.38.31.68302 Found 169 B URL HTTP/1.1 writingcenter.utahtech.edu/
IP 144.38.31.68:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 3a924587a03eb36516ba715c384e5267
a05c222768c2b7049ea9d8a745c582438b748ea3
7b1c95f117802a1767416994cc254fdfd7d2a105b58f25de5f9bd3f4660718cc
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: writingcenter.utahtech.edu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Connection: close
Content-Type: text/html
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Location: https://writingcenter.utahtech.edu/
Content-Length: 169
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 861cfa99de956423d917ed0ddbea4b9c
ad65dbc394b48b04a45c205f56af296c8d008db4
5c706b2718b1698995f4feb91223779aef4bf6dc967c31f9ef9a93873197d5f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2349
Expires: Mon, 19 Sep 2022 11:08:12 GMT
Date: Mon, 19 Sep 2022 10:29:03 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 19 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9DhHhAmK13QqM3CjXhfRd8tYualkZnjoH5NX03OiwxiA5ueEYeAjXw==
age: 21230
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 10:29:03 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.usertrust.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 350934756dc41939ac6ce3ba62a007e1
fc2b58aa7cbd64e8ed760a516df27d3663a2820d
83dca6dd70babe379a26b469e64fdddb9abc6a7a999a5664e26e4ba5e0488d44
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 10:29:04 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 17 Sep 2022 06:04:01 GMT
Expires: Sat, 24 Sep 2022 06:04:00 GMT
Etag: "fc2b58aa7cbd64e8ed760a516df27d3663a2820d"
Cache-Control: max-age=416071,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74d1a35bcda5b524-OSL
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 19 Sep 2022 10:03:22 GMT
Cache-Control: max-age=3600
Expires: Mon, 19 Sep 2022 10:19:51 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: RVirvK0ZnZtMKn4feQVhlggwc-TDrtS-eiQzyFM1pZnSm9XYa3Mxsw==
Age: 1542
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5c817aa82ca8ed4a4257fd1e1628b423
7905c62b6bbc582860c07b75eddae371a4b8d02b
dce1783ecfe50c83d30878b48d60e1cf3fe42a3fa4090fb5d318194de73e53d6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1814
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:29:04 GMT
Last-Modified: Mon, 19 Sep 2022 09:58:50 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.41.252.32101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.252.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2HIfzOy1tA0Bk2hdr83jBA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: vFLa1dT40FAJLp58S34IN6+fD3c=
writingcenter.utahtech.edu/
144.38.31.68200 OK 11 kB URL HTTP/1.1 writingcenter.utahtech.edu/
IP 144.38.31.68:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (8305), with CRLF, LF line terminators
Hash f67d2babddb53b2b8687c20679b67340
ab1b008ed73380fe0dee7a8ec390ad2afed39555
b2c2340dcb65b8bb7cabd89e3f95e69d572e8303475a99c3c1250cb088217f9c
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: writingcenter.utahtech.edu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Cache-Control: no-cache, must-revalidate, max-age=0
Content-Type: text/html; charset=UTF-8
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: PHP/7.4.30
Link: <https://writingcenter.utahtech.edu/wp-json/>; rel="https://api.w.org/", <https://writingcenter.utahtech.edu/wp-json/wp/v2/pages/933>; rel="alternate"; type="application/json", <https://writingcenter.utahtech.edu/>; rel=shortlink
Date: Mon, 19 Sep 2022 10:29:34 GMT
Content-Length: 11241
Content-Encoding: gzip
Connection: keep-alive
X_Forwarded_Proto: https
cdnjs.cloudflare.com/ajax/libs/jQuery.mmenu/6.0.2/jquery.mmenu.all.min.js?ver=6.0.2
104.17.24.14200 OK 14 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jQuery.mmenu/6.0.2/jquery.mmenu.all.min.js?ver=6.0.2
IP 104.17.24.14:0
File type ASCII text, with very long lines (12346)
Hash aff1eb8487f627c0918c4341e2e2e643
7278075b50c8e8172cbca67c7f6d8a64064848d5
834abd603b6681392a2c5f120b259fe9efa0317c61a11bf9286cdd8f19176054
GET /ajax/libs/jQuery.mmenu/6.0.2/jquery.mmenu.all.min.js?ver=6.0.2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://writingcenter.utahtech.edu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 10:29:05 GMT
content-type: application/javascript; charset=utf-8
content-length: 13514
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ebd-f0b6"
last-modified: Mon, 04 May 2020 16:11:41 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 611123
expires: Sat, 09 Sep 2023 10:29:05 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0oP7LJl0QMXphdOndvloZe5DPgUEm4W%2F07n9olKyhgEZA7FydBE4xSTxwiN%2Bcham2X%2B%2BzlriIcaCYBaiva6%2F8uTqabSC7P9Uk8g4Kzfv4V6UCgHFWxWPgC906FIKJecLcpcOxt9b"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74d1a363098db506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eaa8b4aa123f9dd7237c5c51d2f848d9
1082f5f6ef7229ec76f94f3d236f273b26294563
d1ad33dae2fcab5c7d66875f0e7a01cc30e0b3a031606917fa5448c54f84e20d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:29:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eaa8b4aa123f9dd7237c5c51d2f848d9
1082f5f6ef7229ec76f94f3d236f273b26294563
d1ad33dae2fcab5c7d66875f0e7a01cc30e0b3a031606917fa5448c54f84e20d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:29:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js?ver=1.1
142.250.74.74200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js?ver=1.1
IP 142.250.74.74:0
File type ASCII text, with very long lines (32077)
Hash fd2b58574f9637ba7ef639267349d848
6eda5ea93f549ceb5693f6f1c038893fa56a510d
75627d4b97e5e6294a8f88f5eeaf9b616696dc8600db9701c47ef05f067880ec
GET /ajax/libs/jquery/1.12.4/jquery.min.js?ver=1.1 HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://writingcenter.utahtech.edu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33951
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 17 Sep 2022 11:45:55 GMT
expires: Sun, 17 Sep 2023 11:45:55 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 168190
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eaa8b4aa123f9dd7237c5c51d2f848d9
1082f5f6ef7229ec76f94f3d236f273b26294563
d1ad33dae2fcab5c7d66875f0e7a01cc30e0b3a031606917fa5448c54f84e20d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:29:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eaa8b4aa123f9dd7237c5c51d2f848d9
1082f5f6ef7229ec76f94f3d236f273b26294563
d1ad33dae2fcab5c7d66875f0e7a01cc30e0b3a031606917fa5448c54f84e20d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:29:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
writingcenter.utahtech.edu/wp-content/themes/dixie-state-university/assets/fonts/RBNo2.1a-Medium.woff2
144.38.31.68200 OK 21 kB URL HTTP/1.1 writingcenter.utahtech.edu/wp-content/themes/dixie-state-university/assets/fonts/RBNo2.1a-Medium.woff2
IP 144.38.31.68:0
File type Web Open Font Format (Version 2), TrueType, length 20908, version 1.0\012- data
Hash db06cc72479722b5a18a72a15efa83c1
d3a13b06fb8654df3628ba240b9b895dd1849153
333b633145fdeb37d0b0da65b35dd65fe44d031ba5aac40c4c81cc5581b53bd6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/dixie-state-university/assets/fonts/RBNo2.1a-Medium.woff2 HTTP/1.1
Host: writingcenter.utahtech.edu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://writingcenter.utahtech.edu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: public,max-age=604800
Content-Type: font/woff2
Last-Modified: Sat, 26 Jan 2019 00:35:29 GMT
Accept-Ranges: bytes
ETag: "e12d959fb5d41:0"
Server: Microsoft-IIS/10.0
Date: Mon, 19 Sep 2022 10:29:34 GMT
Content-Length: 20908
Connection: keep-alive
X_Forwarded_Proto: https
writingcenter.utahtech.edu/wp-content/themes/dixie-state-university/assets/js/templates/ekr_modules/scripts.js?ver=1.1
144.38.31.68200 OK 8.0 kB URL HTTP/1.1 writingcenter.utahtech.edu/wp-content/themes/dixie-state-university/assets/js/templates/ekr_modules/scripts.js?ver=1.1
IP 144.38.31.68:0
File type ASCII text, with very long lines (1655)
Hash 733e3fb25d223ec04eee5c0dddcc4e41
7ae63148b6ee818de095a61d8f167459221e3b6e
7e402617f5c2efa4b948a8eb6c6b6dc8f590b4e63c50622435495126fa09ac6c
GET /wp-content/themes/dixie-state-university/assets/js/templates/ekr_modules/scripts.js?ver=1.1 HTTP/1.1
Host: writingcenter.utahtech.edu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://writingcenter.utahtech.edu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: public,max-age=604800
Content-Type: application/javascript
Last-Modified: Wed, 10 Aug 2022 19:04:02 GMT
Accept-Ranges: bytes
ETag: "696077f4ebacd81:0"
Server: Microsoft-IIS/10.0
Date: Mon, 19 Sep 2022 10:29:34 GMT
Content-Length: 8040
Content-Encoding: gzip
Connection: keep-alive
X_Forwarded_Proto: https
writingcenter.utahtech.edu/wp-includes/js/hoverIntent.min.js?ver=1.10.2
144.38.31.68200 OK 714 B URL HTTP/1.1 writingcenter.utahtech.edu/wp-includes/js/hoverIntent.min.js?ver=1.10.2
IP 144.38.31.68:0
File type ASCII text, with very long lines (1465)
Hash 4a19db5ac4ce7655ad42d166ec6bd168
400230258a053a2f40aa37e39a5c6f13092fa208
49b872a94f8b6eea808fc165b333f1b6e16bebfc141b5b265a437d0378ca8d42
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/hoverIntent.min.js?ver=1.10.2 HTTP/1.1
Host: writingcenter.utahtech.edu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://writingcenter.utahtech.edu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: public,max-age=604800
Content-Type: application/javascript
Last-Modified: Mon, 03 Jan 2022 21:03:18 GMT
Accept-Ranges: bytes
ETag: "0aff054e50d81:0"
Server: Microsoft-IIS/10.0
Date: Mon, 19 Sep 2022 10:29:34 GMT
Content-Length: 714
Content-Encoding: gzip
Connection: keep-alive
X_Forwarded_Proto: https
writingcenter.utahtech.edu/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
144.38.31.68200 OK 4.4 kB URL HTTP/1.1 writingcenter.utahtech.edu/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 144.38.31.68:0
File type ASCII text, with very long lines (11126)
Hash 7f5be23ae0edfaab724babbc966af458
60a778014df9bf878a4d50d9755bcbb2c068fba4
b50fa6bf9814e8968da509e4a999b26e4b022e47b12b0bcbc1a9dccd5a54bc4c
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: writingcenter.utahtech.edu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://writingcenter.utahtech.edu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: public,max-age=604800
Content-Type: application/javascript
Last-Modified: Wed, 18 Nov 2020 15:06:06 GMT
Accept-Ranges: bytes
ETag: "0c3b156bcbdd61:0"
Server: Microsoft-IIS/10.0
Date: Mon, 19 Sep 2022 10:29:34 GMT
Content-Length: 4405
Content-Encoding: gzip
Connection: keep-alive
X_Forwarded_Proto: https
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9693
Expires: Mon, 19 Sep 2022 13:10:38 GMT
Date: Mon, 19 Sep 2022 10:29:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9693
Expires: Mon, 19 Sep 2022 13:10:38 GMT
Date: Mon, 19 Sep 2022 10:29:05 GMT
Connection: keep-alive
writingcenter.utahtech.edu/wp-content/themes/dixie-state-university/assets/js/slick/slick.min.js?ver=1.8.1
144.38.31.68200 OK 12 kB URL HTTP/1.1 writingcenter.utahtech.edu/wp-content/themes/dixie-state-university/assets/js/slick/slick.min.js?ver=1.8.1
IP 144.38.31.68:0
File type ASCII text, with very long lines (42862)
Hash 125aec8fadae034c715223a9188c4f24
6d33fefadfef40c36f6f7d6f4db2d540786e9b8c
79c844201edb4aeb215586b55396b97577806f9801c0e42bc1628cec1e81f933
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/dixie-state-university/assets/js/slick/slick.min.js?ver=1.8.1 HTTP/1.1
Host: writingcenter.utahtech.edu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://writingcenter.utahtech.edu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: public,max-age=604800
Content-Type: application/javascript
Last-Modified: Wed, 19 Jun 2019 18:00:23 GMT
Accept-Ranges: bytes
ETag: "3377b6ddc826d51:0"
Server: Microsoft-IIS/10.0
Date: Mon, 19 Sep 2022 10:29:34 GMT
Content-Length: 11829
Content-Encoding: gzip
Connection: keep-alive
X_Forwarded_Proto: https
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9693
Expires: Mon, 19 Sep 2022 13:10:38 GMT
Date: Mon, 19 Sep 2022 10:29:05 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd460ce9f-ea5c-436e-8b02-8ec8233b9681.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd460ce9f-ea5c-436e-8b02-8ec8233b9681.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e4098577adb98eae5ba4a8b5e143df71
b0ad467f2837d103f8a96fb732bd34176c4c7110
83aa54020ffc684690dfb58d78608411de38ab02fee50808a8243c6b388e77c0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd460ce9f-ea5c-436e-8b02-8ec8233b9681.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5064
x-amzn-requestid: 985dbd5b-3e8a-4e22-a974-1effa6c99112
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrOS8FyBoAMFrCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632790df-201df5494f1513b91eefe9d5;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:42:55 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: GIhj3a2-SwYu2w4mLx7JiIJzFfV82-Et89ORRsx5fsGOx9nttPlCxA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:57:13 GMT
etag: "b0ad467f2837d103f8a96fb732bd34176c4c7110"
content-type: image/jpeg
age: 45112
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F928a31e7-ade8-4c58-8c67-53db1e3d019e.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F928a31e7-ade8-4c58-8c67-53db1e3d019e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65ee14de38a7fcd768ede2f1915c74e4
85119aaf7195d59efc55e36d026bd026060195aa
62569b46e8af692f1d95d707ffdca24075ff6c68e68e13159ab7798b30a7755b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F928a31e7-ade8-4c58-8c67-53db1e3d019e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11712
x-amzn-requestid: d4547112-6faa-472e-ade1-bbbda9c3bea4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrOSTFiXIAMFiLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632790db-151bae0c351a94a40c48bfbc;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:42:51 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: uRrPwbwQ6oBOYhMmxs6YquvIEBKaAC51d98J_5MWYkh-Q8Qg1LVdiw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:53:39 GMT
etag: "85119aaf7195d59efc55e36d026bd026060195aa"
content-type: image/jpeg
age: 45326
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e5b5676-18df-4d43-8bbd-b85ffe4f1a94.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e5b5676-18df-4d43-8bbd-b85ffe4f1a94.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1105b56cf779b6df1cbd081bbd0cda50
58c5d6f8ba1d3236d788ac55ff7cb2ec7863fb5c
10c1f0433baf51e06565ff905688075aaba8fec0a8b3f9cef34168e297f94c2c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e5b5676-18df-4d43-8bbd-b85ffe4f1a94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5866
x-amzn-requestid: 3a7db39d-cd4f-486f-954b-39fc7464706c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrNeAE67IAMFSoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63278f8c-66a419ac7fbd977f5f41061b;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:37:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: TdVz72qdwMdsuW1WsOq1qEZk2vmbXJlbppLTTsZ9PlrmN7GEph0dyQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:53:39 GMT
etag: "58c5d6f8ba1d3236d788ac55ff7cb2ec7863fb5c"
content-type: image/jpeg
age: 45326
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F779fe432-124a-4d1a-8abf-cfb5054b48fd.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F779fe432-124a-4d1a-8abf-cfb5054b48fd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 87bddc1f919e51c976d5377040861ea6
f5bf6c28f20414c7dd3ac1098defc46d3d68fd99
28541ca828b6358c8e6081e9f2022e7ad18a8adcb3df09a3fa079f32c08fcda6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F779fe432-124a-4d1a-8abf-cfb5054b48fd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10721
x-amzn-requestid: 5c3a2647-0af8-4cd2-8b68-df6606c6362e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yi1NMHVfoAMF-3w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63243587-2b73a75b69570a1a144a5f73;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 08:36:23 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: SpK-J7OfVkg8Gn_-wiaIKrqVl6t14P13ax8TPtsKDRXAVtHj9GWSwg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 03:43:59 GMT
age: 24306
etag: "f5bf6c28f20414c7dd3ac1098defc46d3d68fd99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6582596-5079-44f5-a869-65c8766f7d1a.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6582596-5079-44f5-a869-65c8766f7d1a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da8b8819fc21dcfb224ce0e7ecdc6772
e460ad4376cd118a6fe8b6b050af9398117d9531
9d0cf5fe17040e6c494d1596c24f01501babff37c95caa47d048b5e1aefa7697
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6582596-5079-44f5-a869-65c8766f7d1a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9901
x-amzn-requestid: e1792a3b-1893-48a6-8d01-463050259dc2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YiGMYE3IoAMFgvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6323ea4f-42ab13411e65943538101b11;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 03:15:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: XmcyJv7bahHB4wMjFmgvh2fEkJJYLPhRrISZ_DczSErdEQjXIxWUvg==
via: 1.1 0800f067ff646622f3e8e507cb9b52e8.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 03:54:31 GMT
age: 23674
etag: "e460ad4376cd118a6fe8b6b050af9398117d9531"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e998cc5-16fd-41d0-80c4-f7b6ce93932c.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e998cc5-16fd-41d0-80c4-f7b6ce93932c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5b174f977a78acf5f28935f44cac702d
7deb4e0fc838bcfffb532ff1f92f4036b35571f2
7e87fe13d3127a1c8e89f72c1455349d9edcb89eeb2a9b103d191095ddc69751
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e998cc5-16fd-41d0-80c4-f7b6ce93932c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5570
x-amzn-requestid: a20f5fb2-9c4a-4124-bc27-6b7cf99c5a73
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn64FEKXoAMFbzw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263e99-0edcfdf505c4467b31355e71;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:39:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Jp6TEMqaAAIs3jUsysER2sqaEob7LrzeR0vwp5I-gWSZsPxaFW4Vlg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:54:26 GMT
age: 45279
etag: "7deb4e0fc838bcfffb532ff1f92f4036b35571f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
writingcenter.utahtech.edu/wp-content/themes/dixie-state-university/assets/js/script.js?ver=1.1
144.38.31.68200 OK 54 B URL HTTP/1.1 writingcenter.utahtech.edu/wp-content/themes/dixie-state-university/assets/js/script.js?ver=1.1
IP 144.38.31.68:0
Hash 5d6a9fd1743b5fdbc74cb1d8c3990862
3bbf3e6e29c099041cd3a5f78cf77912f8ca0907
56b629f1fb03827c1a07552cd46810872ea7fcffc9cf46a0caaa24dae08c22a0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/dixie-state-university/assets/js/script.js?ver=1.1 HTTP/1.1
Host: writingcenter.utahtech.edu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://writingcenter.utahtech.edu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: public,max-age=604800
Content-Type: application/javascript
Last-Modified: Wed, 19 Jun 2019 18:00:41 GMT
Accept-Ranges: bytes
ETag: "bf28a3e8c826d51:0"
Server: Microsoft-IIS/10.0
Date: Mon, 19 Sep 2022 10:29:34 GMT
Content-Length: 54
X_Forwarded_Proto: https
writingcenter.utahtech.edu/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
144.38.31.68200 OK 31 kB URL HTTP/1.1 writingcenter.utahtech.edu/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 144.38.31.68:0
File type ASCII text, with very long lines (65447)
Hash 7be9738dc88e39fc481041335a4a42b4
5fbe17481029d4e344d3700ecd2320ccb3690e89
249b0a1c63da96a7cc4c6bf2ff777b2164cce977f935713d967d46e5bfa319af
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: writingcenter.utahtech.edu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://writingcenter.utahtech.edu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: public,max-age=604800
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 01 Jun 2022 15:29:29 GMT
Accept-Ranges: bytes
ETag: "80924662cc75d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Date: Mon, 19 Sep 2022 10:29:34 GMT
Content-Length: 30989
X_Forwarded_Proto: https
writingcenter.utahtech.edu/wp-content/themes/dixie-state-university/assets/js/sitewide/lazyLoading.js?ver=1.1
144.38.31.68200 OK 730 B URL HTTP/1.1 writingcenter.utahtech.edu/wp-content/themes/dixie-state-university/assets/js/sitewide/lazyLoading.js?ver=1.1
IP 144.38.31.68:0
File type ASCII text, with CRLF line terminators
Hash 327bab18b8ff228fa9e24e08250b615d
55e3107f6da7f63964708c39e5bccdecfa15e0d5
75312c62d1dd1b63913c16ce83ce802631e054bbb5cbb57bcf466b453c3c2219
GET /wp-content/themes/dixie-state-university/assets/js/sitewide/lazyLoading.js?ver=1.1 HTTP/1.1
Host: writingcenter.utahtech.edu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://writingcenter.utahtech.edu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: public,max-age=604800
Content-Type: application/javascript
Last-Modified: Fri, 18 Mar 2022 14:09:43 GMT
Accept-Ranges: bytes
ETag: "96bde6d0d13ad81:0"
Server: Microsoft-IIS/10.0
Date: Mon, 19 Sep 2022 10:29:34 GMT
Content-Length: 730
Content-Encoding: gzip
Connection: keep-alive
X_Forwarded_Proto: https
writingcenter.utahtech.edu/wp-content/themes/dixie-state-university/assets/fonts/fontawesome6/css/all.min.css
144.38.31.68200 OK 115 kB URL HTTP/1.1 writingcenter.utahtech.edu/wp-content/themes/dixie-state-university/assets/fonts/fontawesome6/css/all.min.css
IP 144.38.31.68:0
File type ASCII text, with very long lines (65360)
Size 115 kB (115243 bytes)
Hash 97bd2561a84d6aadbe49381194302d1f
d46cb05bdeb0b3509358c9a134821a8a4e1f668c
7c290614e366239b7ae58db17d950ebfaf53cd3ae8426b3986d46c911f6ef9e5
GET /wp-content/themes/dixie-state-university/assets/fonts/fontawesome6/css/all.min.css HTTP/1.1
Host: writingcenter.utahtech.edu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://writingcenter.utahtech.edu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: public,max-age=604800
Content-Type: text/css
Last-Modified: Tue, 30 Aug 2022 21:47:10 GMT
Accept-Ranges: bytes
ETag: "04376ebabcd81:0"
Server: Microsoft-IIS/10.0
Date: Mon, 19 Sep 2022 10:29:34 GMT
Content-Length: 115243
Content-Encoding: gzip
Connection: keep-alive
X_Forwarded_Proto: https
writingcenter.utahtech.edu/wp-content/themes/dixie-state-university/assets/js/sitewide/angular.js?ver=1.0.0
144.38.31.68200 OK 68 kB URL HTTP/1.1 writingcenter.utahtech.edu/wp-content/themes/dixie-state-university/assets/js/sitewide/angular.js?ver=1.0.0
IP 144.38.31.68:0
File type ASCII text, with very long lines (647), with CRLF line terminators
Hash cfa909aa2d0d32d6961ae4592d86972c
8297b29fb99a6298854e8486070ec6c99b6d308d
8fed083454be226bfb1e289379c983c8109c9c21a12c6567909fbcbf2d64c447
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/dixie-state-university/assets/js/sitewide/angular.js?ver=1.0.0 HTTP/1.1
Host: writingcenter.utahtech.edu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://writingcenter.utahtech.edu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: public,max-age=604800
Content-Type: application/javascript
Last-Modified: Tue, 16 Aug 2022 23:49:15 GMT
Accept-Ranges: bytes
ETag: "89e93cbcab1d81:0"
Server: Microsoft-IIS/10.0
Date: Mon, 19 Sep 2022 10:29:34 GMT
Content-Length: 67871
Content-Encoding: gzip
Connection: keep-alive
X_Forwarded_Proto: https
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 45f95aa258ab932ac2f8a33ff7944ffe
8f52b66e897dab7cb160d481886805ea216f407f
de4fd2aaa566b601e82c38806ec8ea84110b1d63f15efe48186f5bcf70847488
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:29:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
writingcenter.utahtech.edu/wp-content/themes/dixie-state-university/assets/images/logo.png
144.38.31.68200 OK 8.1 kB URL HTTP/1.1 writingcenter.utahtech.edu/wp-content/themes/dixie-state-university/assets/images/logo.png
IP 144.38.31.68:0
File type PNG image data, 300 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash ba5ed33158306cbfc8f25733b07afd16
7235bedd0b23d08a44f517839a61b86ba17944fb
d7b98c82ee3d314f496f9c950addc8aa3846e4c1530348c3cb7c7c8c740195d4
GET /wp-content/themes/dixie-state-university/assets/images/logo.png HTTP/1.1
Host: writingcenter.utahtech.edu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://writingcenter.utahtech.edu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: public,max-age=604800
Content-Type: image/png
Last-Modified: Sun, 15 May 2022 02:57:13 GMT
Accept-Ranges: bytes
ETag: "706e987a768d81:0"
Server: Microsoft-IIS/10.0
Date: Mon, 19 Sep 2022 10:29:35 GMT
Content-Length: 8143
X_Forwarded_Proto: https
www.googletagmanager.com/gtm.js?id=GTM-TV63ZMG
142.250.74.72200 OK 66 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-TV63ZMG
IP 142.250.74.72:0
File type ASCII text, with very long lines (21708)
Hash 91fc38cb38bfb87e727f08bc90cea4d6
48780751c5264ff0bb7ee3577119f8e0e1774115
c2fbd922a75a8eca28dad12712ed2526aa8cbfd49b06be51d8d712a34a573e9e
GET /gtm.js?id=GTM-TV63ZMG HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://writingcenter.utahtech.edu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 19 Sep 2022 10:29:06 GMT
expires: Mon, 19 Sep 2022 10:29:06 GMT
cache-control: private, max-age=900
last-modified: Mon, 19 Sep 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 66258
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 45f95aa258ab932ac2f8a33ff7944ffe
8f52b66e897dab7cb160d481886805ea216f407f
de4fd2aaa566b601e82c38806ec8ea84110b1d63f15efe48186f5bcf70847488
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:29:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
writingcenter.utahtech.edu/wp-content/plugins/column-shortcodes//assets/css/shortcodes.css?ver=1.0.1
144.38.31.68200 OK 733 B URL HTTP/1.1 writingcenter.utahtech.edu/wp-content/plugins/column-shortcodes//assets/css/shortcodes.css?ver=1.0.1
IP 144.38.31.68:0
File type ASCII text, with CRLF line terminators
Hash 5700dae01eea665b3c73e701c229ec3d
5308f2e6e915a6b798d0d826f48d6812f60186dc
7b4a7882ea026c8e5cc28db31c3ac9d8985229e97a50e74e9e1c0106b94661c3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/column-shortcodes//assets/css/shortcodes.css?ver=1.0.1 HTTP/1.1
Host: writingcenter.utahtech.edu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://writingcenter.utahtech.edu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: public,max-age=604800
Content-Type: text/css
Last-Modified: Sat, 15 Aug 2020 13:30:05 GMT
Accept-Ranges: bytes
ETag: "1946c92f873d61:0"
Server: Microsoft-IIS/10.0
Date: Mon, 19 Sep 2022 10:29:35 GMT
Content-Length: 733
Content-Encoding: gzip
Connection: keep-alive
X_Forwarded_Proto: https
writingcenter.utahtech.edu/wp-includes/css/dist/block-library/style.min.css?ver=5.9.4
144.38.31.68200 OK 13 kB URL HTTP/1.1 writingcenter.utahtech.edu/wp-includes/css/dist/block-library/style.min.css?ver=5.9.4
IP 144.38.31.68:0
File type ASCII text, with very long lines (39791)
Hash 44a26901640f5408fa97c3ae05476b94
756b405e64efebae043d310d250c5babb51d5c27
3881329fc94306e731889e1dff669bc7fdbec451122001a703fda7fe707e56df
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.9.4 HTTP/1.1
Host: writingcenter.utahtech.edu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://writingcenter.utahtech.edu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: public,max-age=604800
Content-Type: text/css
Last-Modified: Wed, 30 Mar 2022 17:30:26 GMT
Accept-Ranges: bytes
ETag: "0a5c2d75b44d81:0"
Server: Microsoft-IIS/10.0
Date: Mon, 19 Sep 2022 10:29:35 GMT
Content-Length: 13391
Content-Encoding: gzip
Connection: keep-alive
X_Forwarded_Proto: https
writingcenter.utahtech.edu/wp-content/themes/dixie-state-university/assets/js/slick/slick.css?ver=1.8.1
144.38.31.68200 OK 607 B URL HTTP/1.1 writingcenter.utahtech.edu/wp-content/themes/dixie-state-university/assets/js/slick/slick.css?ver=1.8.1
IP 144.38.31.68:0
Hash 45155730f19076bbab57533ce4ab4f9d
e845abf79960a28879cf995138395e762010f623
f599926352e1daf91aa0966d19732c7f81933309df33a73d4f05e6d1e5390784
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/dixie-state-university/assets/js/slick/slick.css?ver=1.8.1 HTTP/1.1
Host: writingcenter.utahtech.edu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://writingcenter.utahtech.edu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: public,max-age=604800
Content-Type: text/css
Last-Modified: Wed, 19 Jun 2019 18:00:23 GMT
Accept-Ranges: bytes
ETag: "3a3d9cddc826d51:0"
Server: Microsoft-IIS/10.0
Date: Mon, 19 Sep 2022 10:29:35 GMT
Content-Length: 607
Content-Encoding: gzip
Connection: keep-alive
X_Forwarded_Proto: https
writingcenter.utahtech.edu/wp-content/themes/dixie-state-university/assets/js/slick/slick-theme.css?ver=1.8.1
144.38.31.68200 OK 944 B URL HTTP/1.1 writingcenter.utahtech.edu/wp-content/themes/dixie-state-university/assets/js/slick/slick-theme.css?ver=1.8.1
IP 144.38.31.68:0
Hash 40abb2302726d9af5f7d1e62aedc1022
67137c54e2341dd831c334f1fe32f76a04e1f755
96bd47b0173f49f76197a19834f9ab8564d1d4fef251298af85c5078e5641eaf
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/dixie-state-university/assets/js/slick/slick-theme.css?ver=1.8.1 HTTP/1.1
Host: writingcenter.utahtech.edu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://writingcenter.utahtech.edu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: public,max-age=604800
Content-Type: text/css
Last-Modified: Thu, 22 Aug 2019 23:05:28 GMT
Accept-Ranges: bytes
ETag: "1a20d5163e59d51:0"
Server: Microsoft-IIS/10.0
Date: Mon, 19 Sep 2022 10:29:35 GMT
Content-Length: 944
Content-Encoding: gzip
Connection: keep-alive
X_Forwarded_Proto: https
writingcenter.utahtech.edu/wp-content/themes/dixie-state-university/assets/css/sprites.css?ver=1.1
144.38.31.68200 OK 571 B URL HTTP/1.1 writingcenter.utahtech.edu/wp-content/themes/dixie-state-university/assets/css/sprites.css?ver=1.1
IP 144.38.31.68:0
Hash 819f12d23f4d0ffdc76dd5f0ac1eed41
661f1aee3cc6c77519a6b3f5daf4547146efe6f1
5d217a534880d46ec450880e22a233f98f9ed27f0fd4486cdd82ab188d6fe4b8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/dixie-state-university/assets/css/sprites.css?ver=1.1 HTTP/1.1
Host: writingcenter.utahtech.edu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://writingcenter.utahtech.edu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: public,max-age=604800
Content-Type: text/css
Last-Modified: Mon, 28 Oct 2019 15:54:54 GMT
Accept-Ranges: bytes
ETag: "c4ed2baa88dd51:0"
Server: Microsoft-IIS/10.0
Date: Mon, 19 Sep 2022 10:29:35 GMT
Content-Length: 571
Content-Encoding: gzip
Connection: keep-alive
X_Forwarded_Proto: https
writingcenter.utahtech.edu/wp-content/themes/dixie-state-university/assets/css/templates/ekr_modules/forms.css?ver=1.1
144.38.31.68200 OK 2.2 kB URL HTTP/1.1 writingcenter.utahtech.edu/wp-content/themes/dixie-state-university/assets/css/templates/ekr_modules/forms.css?ver=1.1
IP 144.38.31.68:0
File type ASCII text, with very long lines (15806), with no line terminators
Hash e6c6e6b584646637b65ba9f11cb9ac2d
426265956a92592fb642a0c9c79a4295d2210b50
664d5e0becec0fd37503e1e1287a9941c4b4c88c383ff51bdaed52ea7343b484
GET /wp-content/themes/dixie-state-university/assets/css/templates/ekr_modules/forms.css?ver=1.1 HTTP/1.1
Host: writingcenter.utahtech.edu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://writingcenter.utahtech.edu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: public,max-age=604800
Content-Type: text/css
Last-Modified: Thu, 10 Jun 2021 18:40:03 GMT
Accept-Ranges: bytes
ETag: "98776b6285ed71:0"
Server: Microsoft-IIS/10.0
Date: Mon, 19 Sep 2022 10:29:35 GMT
Content-Length: 2190
Content-Encoding: gzip
Connection: keep-alive
X_Forwarded_Proto: https
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ef491d15a0bde5279fa4fc8b426a9941
efd17fcc768356192e7ff660ecf77b5ca845ef77
43b144675694707debd0125a8e2a0acbc2a53ab34e33df0071ae8f0a2d0bfc05
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:29:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
9822731.fls.doubleclick.net/activityi;src=9822731;type=globa0;cat=dixie0;ord=6229373108925;gtm=2wg9e0;auiddc=798752595.1663583327;~oref=https%3A%2F%2Fwritingcenter.utahtech.edu%2F?
142.250.74.70200 OK 362 B URL HTTP/2 9822731.fls.doubleclick.net/activityi;src=9822731;type=globa0;cat=dixie0;ord=6229373108925;gtm=2wg9e0;auiddc=798752595.1663583327;~oref=https%3A%2F%2Fwritingcenter.utahtech.edu%2F?
IP 142.250.74.70:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (456), with no line terminators
Hash 053cb710d7478d3cbfc55bca4ae7eea1
f40cdea880f4e1b6f11ffc37cfcb5f2e2216c438
0931c60a649185a91a4542e6ca12b4387751184d7ad89df176d3c28703a70a77
GET /activityi;src=9822731;type=globa0;cat=dixie0;ord=6229373108925;gtm=2wg9e0;auiddc=798752595.1663583327;~oref=https%3A%2F%2Fwritingcenter.utahtech.edu%2F? HTTP/1.1
Host: 9822731.fls.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://writingcenter.utahtech.edu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 10:29:06 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 362
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 19-Sep-2022 10:44:06 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ef491d15a0bde5279fa4fc8b426a9941
efd17fcc768356192e7ff660ecf77b5ca845ef77
43b144675694707debd0125a8e2a0acbc2a53ab34e33df0071ae8f0a2d0bfc05
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:29:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 56433b6932f28a949ac82fec1caa9e99
017c5a1ccc0f6e68fd60a9d0658c0526b81b4156
a6fe9208db3d30b3a81378a59aa588480ab2080c33f1d0921752c2dfdc76d1fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:29:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
writingcenter.utahtech.edu/wp-content/themes/dixie-state-university/assets/css/templates/ekr_modules/ekr_modules.min.css?v=19091902
144.38.31.68200 OK 20 kB URL HTTP/1.1 writingcenter.utahtech.edu/wp-content/themes/dixie-state-university/assets/css/templates/ekr_modules/ekr_modules.min.css?v=19091902
IP 144.38.31.68:0
File type ASCII text, with very long lines (428), with CRLF line terminators
Hash f826fcd1dc6a8466b1adfac188ff072d
056647977b52f1ed083138ff841368dc1f96bffe
0af50508cb9ba3d30e19951deea18cb960ceed1c269bb0731620f66cfc528a69
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/dixie-state-university/assets/css/templates/ekr_modules/ekr_modules.min.css?v=19091902 HTTP/1.1
Host: writingcenter.utahtech.edu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://writingcenter.utahtech.edu/
Cookie: _gcl_au=1.1.798752595.1663583327
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: public,max-age=604800
Content-Type: text/css
Last-Modified: Fri, 16 Sep 2022 15:15:35 GMT
Accept-Ranges: bytes
ETag: "78b4a12bdfc9d81:0"
Server: Microsoft-IIS/10.0
Date: Mon, 19 Sep 2022 10:29:35 GMT
Content-Length: 20202
Content-Encoding: gzip
Connection: keep-alive
X_Forwarded_Proto: https
adservice.google.com/ddm/fls/i/src=9822731;type=globa0;cat=dixie0;ord=6229373108925;gtm=2wg9e0;auiddc=798752595.1663583327;~oref=https%3A%2F%2Fwritingcenter.utahtech.edu%2F
142.250.74.34200 OK 361 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=9822731;type=globa0;cat=dixie0;ord=6229373108925;gtm=2wg9e0;auiddc=798752595.1663583327;~oref=https%3A%2F%2Fwritingcenter.utahtech.edu%2F
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (455), with no line terminators
Hash 44705d366bc89fd71fd177a1a2a6f47b
c44701fcbd0a5d07376436db2dd860442bde4475
c1979537c24884953f839afa393ffea9ac697273d7ee893e6d060c9d34e20685
GET /ddm/fls/i/src=9822731;type=globa0;cat=dixie0;ord=6229373108925;gtm=2wg9e0;auiddc=798752595.1663583327;~oref=https%3A%2F%2Fwritingcenter.utahtech.edu%2F HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9822731.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 10:29:06 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 361
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 56433b6932f28a949ac82fec1caa9e99
017c5a1ccc0f6e68fd60a9d0658c0526b81b4156
a6fe9208db3d30b3a81378a59aa588480ab2080c33f1d0921752c2dfdc76d1fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:29:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash fd6f5d48a8eb6a76f7c699a235f6ed95
6dfe5af37fa0c7a6ed073d73d8be6e23ec4e1cc4
a7239c791a93ecf634d1afef2a09feae30f46decdbfa039403bd10394e444d56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:29:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a9323cf0781cad0d5ac23f0c81c105b1
772d0218be53da9f875bb96a287c904976c296da
5c808b03cd8dd26275f12a850d8a36b467246c1461ea65a4c717acb04f2ca722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:29:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/ddm/fls/i/src=9822731;type=globa0;cat=dixie0;ord=6229373108925;gtm=2wg9e0;auiddc=798752595.1663583327;~oref=https%3A%2F%2Fwritingcenter.utahtech.edu%2F
142.250.74.2200 OK 177 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=9822731;type=globa0;cat=dixie0;ord=6229373108925;gtm=2wg9e0;auiddc=798752595.1663583327;~oref=https%3A%2F%2Fwritingcenter.utahtech.edu%2F
IP 142.250.74.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 9393b28661a65a763699c108887882eb
c237ba6491e6fb9ca57da33dd9d048ca8e86cfda
2bdce28c6fb3cb210861d4aba734ab7aedfc979a8fa273512a61d8cf8afc78b0
GET /ddm/fls/i/src=9822731;type=globa0;cat=dixie0;ord=6229373108925;gtm=2wg9e0;auiddc=798752595.1663583327;~oref=https%3A%2F%2Fwritingcenter.utahtech.edu%2F HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 10:29:06 GMT
expires: Mon, 19 Sep 2022 10:29:06 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a9323cf0781cad0d5ac23f0c81c105b1
772d0218be53da9f875bb96a287c904976c296da
5c808b03cd8dd26275f12a850d8a36b467246c1461ea65a4c717acb04f2ca722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:29:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
142.250.74.163200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://writingcenter.utahtech.edu
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Sep 2022 16:40:18 GMT
expires: Fri, 15 Sep 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 323328
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
142.250.74.163200 OK 32 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 31760, version 1.0\012- data
Hash fda4d0b623999af43148ba34c3b1ff73
ca5496af89720cc3e94e6279132f252b7cd471a6
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38
GET /s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://writingcenter.utahtech.edu
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31760
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Sep 2022 22:18:58 GMT
expires: Tue, 12 Sep 2023 22:18:58 GMT
cache-control: public, max-age=31536000
age: 562208
last-modified: Mon, 11 Jul 2022 18:54:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a9323cf0781cad0d5ac23f0c81c105b1
772d0218be53da9f875bb96a287c904976c296da
5c808b03cd8dd26275f12a850d8a36b467246c1461ea65a4c717acb04f2ca722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:29:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash fd6f5d48a8eb6a76f7c699a235f6ed95
6dfe5af37fa0c7a6ed073d73d8be6e23ec4e1cc4
a7239c791a93ecf634d1afef2a09feae30f46decdbfa039403bd10394e444d56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:29:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
writingcenter.utahtech.edu/wp-content/themes/dixie-state-university/assets/fonts/RBNo2.1a-Medium.woff
144.38.31.68200 OK 27 kB URL HTTP/1.1 writingcenter.utahtech.edu/wp-content/themes/dixie-state-university/assets/fonts/RBNo2.1a-Medium.woff
IP 144.38.31.68:0
File type Web Open Font Format, TrueType, length 27048, version 1.0\012- data
Hash c63463d4c51e50a5d55381d2d7b17299
d1815bc99cee278b9eb2ae5806f5124ecc049e8c
4237ab0907c46d5727a975c69c29e32b5f30ed150b9411020a013b764525798d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/dixie-state-university/assets/fonts/RBNo2.1a-Medium.woff HTTP/1.1
Host: writingcenter.utahtech.edu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://writingcenter.utahtech.edu/wp-content/themes/dixie-state-university/assets/css/templates/ekr_modules/ekr_modules.min.css?v=19091902
Cookie: _gcl_au=1.1.798752595.1663583327; _ga_39SSZ4SLHW=GS1.1.1663583327.1.0.1663583327.0.0.0; _ga=GA1.1.1645594319.1663583327
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: public,max-age=604800
Content-Type: application/x-font-woff
Last-Modified: Sat, 26 Jan 2019 00:35:29 GMT
Accept-Ranges: bytes
ETag: "73ea9afb5d41:0"
Server: Microsoft-IIS/10.0
Date: Mon, 19 Sep 2022 10:29:35 GMT
Content-Length: 27048
X_Forwarded_Proto: https
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1b763f4e9a431f2251b4abe67de22b02
07f7d29612bedbe27cc8fda003fd06016e7d3eb8
913b595319998e7fd87012120b61c0e2e165dd94276ad834cb0406da77955af5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3872
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:29:06 GMT
Last-Modified: Mon, 19 Sep 2022 09:24:34 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
bh.contextweb.com/cp?p=5397
198.148.27.139200 OK 6.7 kB URL HTTP/2 bh.contextweb.com/cp?p=5397
IP 198.148.27.139:0
File type ASCII text, with very long lines (6717), with no line terminators
Hash 0abb89ab4596cc108edbe9973e63b6b3
c50b560255b037ae0c44a907d20dff9fcaae88f0
c68c7f5ed15464004de356c3a29be588c28274d2db32be8b4d771c2bf648e0dc
GET /cp?p=5397 HTTP/1.1
Host: bh.contextweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://writingcenter.utahtech.edu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server: bh-deployment-75d8c985f8-6j72g
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
content-length: 6717
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000
set-cookie: V=5T1zqsgaoxbn;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Thu, 14-Sep-2023 10:29:06 GMT;Max-Age=31104000;SameSite=None
INGRESSCOOKIE=ba0d6838f902a639; path=/; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 4f4534da7ecd94b63a0d5e71254665cf
cb4f4cd2df5031b02470636ca585fbfa21e2ec1b
ab7637f2eb01e1b76bf669f0191754bff4fa483471bf1476d7a53e4c6cb586c1
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 10:29:06 GMT
Last-Modified: Mon, 19 Sep 2022 10:02:21 GMT
Server: ECS (nyb/1D18)
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: pPMeQ856pIKnwexwFVmhHuWcpDwqD73mtuMiudgX13locO1vuyRjsA==
Age: 1605
writingcenter.utahtech.edu/wp-content/uploads/sites/107/2021/05/Learning-Center-2021-4927-scaled.jpg
144.38.31.68200 OK 392 kB URL HTTP/1.1 writingcenter.utahtech.edu/wp-content/uploads/sites/107/2021/05/Learning-Center-2021-4927-scaled.jpg
IP 144.38.31.68:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=10, manufacturer=Canon, model=Canon EOS 5D Mark IV, xresolution=162, yresolution=170, resolutionunit=2, software=Adobe Photoshop Lightroom Classic 10.1.1 (Macintosh), datetime=2021:03:04 07:53:10], baseline, precision 8, 2560x1707, components 3\012- data
Size 392 kB (392467 bytes)
Hash fd73b170e18e39ade2f33c7ab765a7f2
35a8f60175cea5597c9c7214ee5c85f7e1137a73
382f866686d728537c48d7fa15cc6e3552d3e3d3354cce2a1ebf85c835f8fc7e
GET /wp-content/uploads/sites/107/2021/05/Learning-Center-2021-4927-scaled.jpg HTTP/1.1
Host: writingcenter.utahtech.edu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://writingcenter.utahtech.edu/
Cookie: _gcl_au=1.1.798752595.1663583327; _ga_39SSZ4SLHW=GS1.1.1663583327.1.0.1663583327.0.0.0; _ga=GA1.1.1645594319.1663583327
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: public,max-age=604800
Content-Type: image/jpeg
Last-Modified: Mon, 17 May 2021 16:21:05 GMT
Accept-Ranges: bytes
ETag: "f2a8d6a2384bd71:0"
Server: Microsoft-IIS/10.0
Date: Mon, 19 Sep 2022 10:29:35 GMT
Content-Length: 392467
X_Forwarded_Proto: https
region1.google-analytics.com/g/collect?v=2&tid=G-39SSZ4SLHW>m=2oe9e0&_p=1543460044&cid=1645594319.1663583327&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663583327&sct=1&seg=0&dl=https%3A%2F%2Fwritingcenter.utahtech.edu%2F&dt=Writing%20Center%20%7C%20Utah%20Tech%20University&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-39SSZ4SLHW>m=2oe9e0&_p=1543460044&cid=1645594319.1663583327&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663583327&sct=1&seg=0&dl=https%3A%2F%2Fwritingcenter.utahtech.edu%2F&dt=Writing%20Center%20%7C%20Utah%20Tech%20University&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-39SSZ4SLHW>m=2oe9e0&_p=1543460044&cid=1645594319.1663583327&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663583327&sct=1&seg=0&dl=https%3A%2F%2Fwritingcenter.utahtech.edu%2F&dt=Writing%20Center%20%7C%20Utah%20Tech%20University&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://writingcenter.utahtech.edu
Connection: keep-alive
Referer: https://writingcenter.utahtech.edu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://writingcenter.utahtech.edu
date: Mon, 19 Sep 2022 10:29:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.storygize.net/a/53d024df-28cc-4eac-86d2-45c7a7b50aba/abdo.js
35.164.104.229200 OK 0 B URL HTTP/1.1 www.storygize.net/a/53d024df-28cc-4eac-86d2-45c7a7b50aba/abdo.js
IP 35.164.104.229:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a/53d024df-28cc-4eac-86d2-45c7a7b50aba/abdo.js HTTP/1.1
Host: www.storygize.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://writingcenter.utahtech.edu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
cache-control: no-cache, no-store, must-revalidate
Content-Type: text/javascript
expires: 0
P3P: CP ALL ADM DEV PSAi COM OUR OTRo STP IND ONL
Pragma: no-cache
set-cookie: U=acf47e5b-2a29-46ce-8845-8d700f93e661; Max-Age=63072000; Expires=Wed, 18 Sep 2024 10:29:07 GMT; Path=/; Domain=.storygize.net; Secure
Content-Length: 0
Connection: keep-alive
writingcenter.utahtech.edu/wp-content/themes/dixie-state-university/assets/fonts/fontawesome6/webfonts/fa-solid-900.woff2
144.38.31.68200 OK 318 kB URL HTTP/1.1 writingcenter.utahtech.edu/wp-content/themes/dixie-state-university/assets/fonts/fontawesome6/webfonts/fa-solid-900.woff2
IP 144.38.31.68:0
File type Web Open Font Format (Version 2), TrueType, length 318036, version 770.256\012- data
Size 318 kB (318036 bytes)
Hash 750e40b51d2b5c96c9a1901d9a0f7a45
d76fa973391599233bd5da26ed3ca5edb17b26a1
c5d9c49183cdd250b5282ddf8e8e9272b26fb15348ac8aea037ec45dfbdc53aa
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/dixie-state-university/assets/fonts/fontawesome6/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: writingcenter.utahtech.edu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://writingcenter.utahtech.edu/wp-content/themes/dixie-state-university/assets/fonts/fontawesome6/css/all.min.css
Cookie: _gcl_au=1.1.798752595.1663583327; _ga_39SSZ4SLHW=GS1.1.1663583327.1.0.1663583327.0.0.0; _ga=GA1.1.1645594319.1663583327
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: public,max-age=604800
Content-Type: font/woff2
Last-Modified: Tue, 30 Aug 2022 21:47:12 GMT
Accept-Ranges: bytes
ETag: "070a7fbabcd81:0"
Server: Microsoft-IIS/10.0
Date: Mon, 19 Sep 2022 10:29:35 GMT
Content-Length: 318036
X_Forwarded_Proto: https
writingcenter.utahtech.edu/wp-content/themes/dixie-state-university/assets/fonts/fontawesome6/webfonts/fa-brands-400.woff2
144.38.31.68200 OK 108 kB URL HTTP/1.1 writingcenter.utahtech.edu/wp-content/themes/dixie-state-university/assets/fonts/fontawesome6/webfonts/fa-brands-400.woff2
IP 144.38.31.68:0
File type Web Open Font Format (Version 2), TrueType, length 108332, version 770.256\012- data
Size 108 kB (108332 bytes)
Hash f84deb5cbb52c286836ae01e9add3faa
9bb8d0726cf4183d92ed4278def2ccb2781ac031
cb0b7d24404b10cb5cbdc891ab5789ac7d00d2e241c26db64422d5437bc383b7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/dixie-state-university/assets/fonts/fontawesome6/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: writingcenter.utahtech.edu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://writingcenter.utahtech.edu/wp-content/themes/dixie-state-university/assets/fonts/fontawesome6/css/all.min.css
Cookie: _gcl_au=1.1.798752595.1663583327; _ga_39SSZ4SLHW=GS1.1.1663583327.1.0.1663583327.0.0.0; _ga=GA1.1.1645594319.1663583327
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: public,max-age=604800
Content-Type: font/woff2
Last-Modified: Tue, 30 Aug 2022 21:47:12 GMT
Accept-Ranges: bytes
ETag: "070a7fbabcd81:0"
Server: Microsoft-IIS/10.0
Date: Mon, 19 Sep 2022 10:29:35 GMT
Content-Length: 108332
X_Forwarded_Proto: https
z.moatads.com/pulsepoint395aRVe22/moatcontent.js
23.38.201.146200 OK 0 B URL HTTP/2 z.moatads.com/pulsepoint395aRVe22/moatcontent.js
IP 23.38.201.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pulsepoint395aRVe22/moatcontent.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://writingcenter.utahtech.edu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: EytTDNuWANCgYGE8YZ6vfNXYXzMTNqitV/WJ9iRoy1s8hlokRqvrCwWjJ3kF0ihQIR3cIDSZ1Yk=
x-amz-request-id: FYG13J7Z661DVHTB
last-modified: Tue, 24 May 2022 20:42:21 GMT
etag: "d41d8cd98f00b204e9800998ecf8427e"
accept-ranges: bytes
content-type: application/javascript
server: AmazonS3
content-length: 0
date: Mon, 19 Sep 2022 10:29:07 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 38e7657af6b426db96e62cd44eeac911
b4d04a3abfd994a7eec215cbf57a08f060cea29d
24b0ee3343ba885318db8e2fc0bdbb63bad3c1bd81c09042c21a5aa93db98487
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4626
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:29:07 GMT
Last-Modified: Mon, 19 Sep 2022 09:12:01 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://writingcenter.utahtech.edu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Mon, 19 Sep 2022 08:41:12 GMT
expires: Mon, 19 Sep 2022 10:41:12 GMT
cache-control: public, max-age=7200
age: 6475
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
157.240.200.14200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (64348)
Hash 15b9233fcd7c01a9d8c6743210c73423
2cbaf00b402c3610b3ed77f16efb721e20479e60
adc14cf0689696fd301c9249fb19d387725b5b6263b8a08443b0ca113ed1033d
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://writingcenter.utahtech.edu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: mPHJwny23BpGfgz898ZrTBO3VNuXHu02Bku0poUKgNeu0YazL7TOLMHZKDekvGkQijiQ3b+oLZGjxu4eKtRDHQ==
content-length: 27315
x-fb-trip-id: 1679558926
date: Mon, 19 Sep 2022 10:29:07 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 38e7657af6b426db96e62cd44eeac911
b4d04a3abfd994a7eec215cbf57a08f060cea29d
24b0ee3343ba885318db8e2fc0bdbb63bad3c1bd81c09042c21a5aa93db98487
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4626
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:29:07 GMT
Last-Modified: Mon, 19 Sep 2022 09:12:01 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
writingcenter.utahtech.edu/wp-content/themes/dixie-state-university/assets/media/favicons/android-icon-192x192.png
144.38.31.68200 OK 1.8 kB URL HTTP/1.1 writingcenter.utahtech.edu/wp-content/themes/dixie-state-university/assets/media/favicons/android-icon-192x192.png
IP 144.38.31.68:0
File type PNG image data, 192 x 192, 8-bit colormap, non-interlaced\012- data
Hash 0cb4c37fabbc52ef00e7a6abde6d4c32
6c9b36d287f4f9a170db225c209b356f3c86c968
383082f1bd497d344b3408c724ba879df4ed41c4ba3333c149f7e79c2ff35af6
GET /wp-content/themes/dixie-state-university/assets/media/favicons/android-icon-192x192.png HTTP/1.1
Host: writingcenter.utahtech.edu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://writingcenter.utahtech.edu/
Cookie: _gcl_au=1.1.798752595.1663583327; _ga_39SSZ4SLHW=GS1.1.1663583327.1.0.1663583327.0.0.0; _ga=GA1.1.1645594319.1663583327
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: public,max-age=604800
Content-Type: image/png
Last-Modified: Fri, 13 May 2022 14:01:56 GMT
Accept-Ranges: bytes
ETag: "7eaca81d266d81:0"
Server: Microsoft-IIS/10.0
Date: Mon, 19 Sep 2022 10:29:37 GMT
Content-Length: 1839
X_Forwarded_Proto: https
writingcenter.utahtech.edu/wp-content/themes/dixie-state-university/assets/media/favicons/favicon-16x16.png
144.38.31.68200 OK 1.2 kB URL HTTP/1.1 writingcenter.utahtech.edu/wp-content/themes/dixie-state-university/assets/media/favicons/favicon-16x16.png
IP 144.38.31.68:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 046b2bfb620c9af8bc406325a58db0af
bd7dd36451f157cd41e2e2d9c0a39c664d903892
aa5ebccccb3c362802ebea270ee04ba060cbc56d100f6779e20f6fe8ee522826
GET /wp-content/themes/dixie-state-university/assets/media/favicons/favicon-16x16.png HTTP/1.1
Host: writingcenter.utahtech.edu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://writingcenter.utahtech.edu/
Cookie: _gcl_au=1.1.798752595.1663583327; _ga_39SSZ4SLHW=GS1.1.1663583327.1.0.1663583327.0.0.0; _ga=GA1.1.1645594319.1663583327
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: public,max-age=604800
Content-Type: image/png
Last-Modified: Fri, 13 May 2022 14:01:56 GMT
Accept-Ranges: bytes
ETag: "dd498e1d266d81:0"
Server: Microsoft-IIS/10.0
Date: Mon, 19 Sep 2022 10:29:37 GMT
Content-Length: 1151
X_Forwarded_Proto: https
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6f0747f732f05e110f9fe9938de620d3
d4e9a55014187d0d2af174e5c27d03cc10c6cb05
32a866308c9d930c425a8ced1974039a409528cb4a0bd07bfbe4d8cd39be9742
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:29:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-1727441-8&cid=1645594319.1663583327&jid=1636091898&gjid=1527163232&_gid=1065011629.1663583328&_u=YADAAEAAAAAAAC~&z=1971317500
142.251.1.155200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-1727441-8&cid=1645594319.1663583327&jid=1636091898&gjid=1527163232&_gid=1065011629.1663583328&_u=YADAAEAAAAAAAC~&z=1971317500
IP 142.251.1.155:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-1727441-8&cid=1645594319.1663583327&jid=1636091898&gjid=1527163232&_gid=1065011629.1663583328&_u=YADAAEAAAAAAAC~&z=1971317500 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://writingcenter.utahtech.edu
Connection: keep-alive
Referer: https://writingcenter.utahtech.edu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://writingcenter.utahtech.edu
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 19 Sep 2022 10:29:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-147250513-23&cid=1645594319.1663583327&jid=537842014&gjid=577262786&_gid=1065011629.1663583328&_u=YADAAUABAAAAAC~&z=303782847
142.251.1.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-147250513-23&cid=1645594319.1663583327&jid=537842014&gjid=577262786&_gid=1065011629.1663583328&_u=YADAAUABAAAAAC~&z=303782847
IP 142.251.1.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-147250513-23&cid=1645594319.1663583327&jid=537842014&gjid=577262786&_gid=1065011629.1663583328&_u=YADAAUABAAAAAC~&z=303782847 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://writingcenter.utahtech.edu
Connection: keep-alive
Referer: https://writingcenter.utahtech.edu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://writingcenter.utahtech.edu
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 19 Sep 2022 10:29:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6f0747f732f05e110f9fe9938de620d3
d4e9a55014187d0d2af174e5c27d03cc10c6cb05
32a866308c9d930c425a8ced1974039a409528cb4a0bd07bfbe4d8cd39be9742
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:29:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 0464ff14fe9f0259e6eb8c721ad9046e
ac4d34b381931f00d401302e9573b7736ffe81f8
3ca6f48ce2850f0d28199c393972c876c71fa6ed74b54fc8b0e6f3a9f2be5afa
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 10:29:07 GMT
Last-Modified: Mon, 19 Sep 2022 09:50:51 GMT
Server: ECS (bsa/EB17)
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Qth6ZzvD2EsVPC86EFDQK9kK2CUMTJSkvr9aub4P0iK2l4V6Ado7dw==
Age: 2296
tags.srv.stackadapt.com/events.js
54.80.191.48200 OK 5.4 kB URL HTTP/1.1 tags.srv.stackadapt.com/events.js
IP 54.80.191.48:0
File type ASCII text, with very long lines (16677)
Hash 718230b38bbc5b488ce957d217eb4fdb
731e6d518761fc862409ea349ef68d3f92db3f26
5db2d8a7a087bdaacb522821442b05149154063fe4ebfc9f494c1af5dcadde49
GET /events.js HTTP/1.1
Host: tags.srv.stackadapt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://writingcenter.utahtech.edu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: max-age=5
Content-Encoding: gzip
Content-Type: text/javascript
Date: Mon, 19 Sep 2022 10:29:07 GMT
Set-Cookie: sa-user-id=s%3A0-10dbc0bf-11d0-4291-4ef5-8001ba36450e.V1jzJinSZG5oE0yHeA%2BhTLjdGaMr4%2BERUJj86XHjdUo; Max-Age=31536000; Secure; SameSite=None
sa-user-id-v2=s%3AENvAvxHQQpFO9YABujZFDltaKpo.pJz%2BPIGeYbilH5nKhvHUPNDUkIwzWW5nNVJo89vWp0c; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length: 5404
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4ee5c6443c11da4a5cf7ea801cd0c62f
e742a7ee1cbedf1a23a82361f3873dbc165f927c
e3682e49ed03efcf590a500154380807b54433f8344923e9017994bdf0d46924
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 10:29:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-147250513-23&cid=1645594319.1663583327&jid=537842014&_u=YADAAUABAAAAAC~&z=1362750769
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-147250513-23&cid=1645594319.1663583327&jid=537842014&_u=YADAAUABAAAAAC~&z=1362750769
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-147250513-23&cid=1645594319.1663583327&jid=537842014&_u=YADAAUABAAAAAC~&z=1362750769 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://writingcenter.utahtech.edu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 10:29:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-147250513-23&cid=1645594319.1663583327&jid=537842014&_u=YADAAUABAAAAAC~&z=1362750769
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-147250513-23&cid=1645594319.1663583327&jid=537842014&_u=YADAAUABAAAAAC~&z=1362750769
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-147250513-23&cid=1645594319.1663583327&jid=537842014&_u=YADAAUABAAAAAC~&z=1362750769 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://writingcenter.utahtech.edu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 10:29:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tags.srv.stackadapt.com/sa.css
54.80.191.48200 OK 27 B URL HTTP/1.1 tags.srv.stackadapt.com/sa.css
IP 54.80.191.48:0
Hash 83f5ba33314db5f218488a5a51da1455
87a21689afa235c4c65437334085be4bf5cca170
3f100e5e6ff270dadb43b44878f0118a2389dee0d844acc102b5179d70a824dc
GET /sa.css HTTP/1.1
Host: tags.srv.stackadapt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://writingcenter.utahtech.edu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Content-Type: text/css
Date: Mon, 19 Sep 2022 10:29:07 GMT
Content-Length: 27
Connection: keep-alive
www.facebook.com/tr/?id=735808633724485&ev=PageView&dl=https%3A%2F%2Fwritingcenter.utahtech.edu%2F&rl=&if=false&ts=1663583328425&sw=1280&sh=1024&v=2.9.83&r=canary&a=tmgoogletagmanager&ec=0&o=30&ttf=4059&tts=3753&ttse=4056&fbp=fb.1.1663583328423.1815001586&it=1663583328119&coo=false&rqm=GET
157.240.200.35200 OK 44 B URL HTTP/2 www.facebook.com/tr/?id=735808633724485&ev=PageView&dl=https%3A%2F%2Fwritingcenter.utahtech.edu%2F&rl=&if=false&ts=1663583328425&sw=1280&sh=1024&v=2.9.83&r=canary&a=tmgoogletagmanager&ec=0&o=30&ttf=4059&tts=3753&ttse=4056&fbp=fb.1.1663583328423.1815001586&it=1663583328119&coo=false&rqm=GET
IP 157.240.200.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b798f4ce7359fd815df4bdf76503b295
f8cc6addf1707ad236ad9970b0a48f9733d07da5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
GET /tr/?id=735808633724485&ev=PageView&dl=https%3A%2F%2Fwritingcenter.utahtech.edu%2F&rl=&if=false&ts=1663583328425&sw=1280&sh=1024&v=2.9.83&r=canary&a=tmgoogletagmanager&ec=0&o=30&ttf=4059&tts=3753&ttse=4056&fbp=fb.1.1663583328423.1815001586&it=1663583328119&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://writingcenter.utahtech.edu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
date: Mon, 19 Sep 2022 10:29:07 GMT
expires: Mon, 19 Sep 2022 10:29:07 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tags.srv.stackadapt.com/sa.jpeg
54.80.191.48200 OK 651 B URL HTTP/1.1 tags.srv.stackadapt.com/sa.jpeg
IP 54.80.191.48:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1x1, components 3\012- data
Hash f36b65faf17b1d5c14bc7c0f5bfbe4bb
c0910d83244e2362ca300d21137866a0c50d6210
4b9feefa67da6750bca30e6577255e0a3fde11c8c4ea6483278c85f49659aa84
GET /sa.jpeg HTTP/1.1
Host: tags.srv.stackadapt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://writingcenter.utahtech.edu/
Origin: https://writingcenter.utahtech.edu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Content-Type: image/jpeg
Date: Mon, 19 Sep 2022 10:29:08 GMT
Content-Length: 651
Connection: keep-alive
tags.srv.stackadapt.com/saq_pxl?uid=fgeKiVON85alcO6VJi8L1Q&is_js=true&landing_url=https%3A%2F%2Fwritingcenter.utahtech.edu%2F&t=Writing%20Center%20%7C%20Utah%20Tech%20University&tip=aoK32C7IvMaN_e1ED3vqKMPlBD3qHmwPeIKS7JuIKBE&host=https://writingcenter.utahtech.edu&sa-user-id-v2=s%253A0-10dbc0bf-11d0-4291-4ef5-8001ba36450e%2524ip%252491.90.42.154.KR2ZCRNxeM8ztZw4v%252BimcoTpTB5iuFogedyUTtLmZ9s&sa-user-id=s%253A0-10dbc0bf-11d0-4291-4ef5-8001ba36450e.V1jzJinSZG5oE0yHeA%252BhTLjdGaMr4%252BERUJj86XHjdUo
54.80.191.48200 OK 94 B URL HTTP/1.1 tags.srv.stackadapt.com/saq_pxl?uid=fgeKiVON85alcO6VJi8L1Q&is_js=true&landing_url=https%3A%2F%2Fwritingcenter.utahtech.edu%2F&t=Writing%20Center%20%7C%20Utah%20Tech%20University&tip=aoK32C7IvMaN_e1ED3vqKMPlBD3qHmwPeIKS7JuIKBE&host=https://writingcenter.utahtech.edu&sa-user-id-v2=s%253A0-10dbc0bf-11d0-4291-4ef5-8001ba36450e%2524ip%252491.90.42.154.KR2ZCRNxeM8ztZw4v%252BimcoTpTB5iuFogedyUTtLmZ9s&sa-user-id=s%253A0-10dbc0bf-11d0-4291-4ef5-8001ba36450e.V1jzJinSZG5oE0yHeA%252BhTLjdGaMr4%252BERUJj86XHjdUo
IP 54.80.191.48:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 2d12c1129f6ff37622d03db4a2a5949e
bc44653c4a06e671ce423600755fed86fad8ec24
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4
GET /saq_pxl?uid=fgeKiVON85alcO6VJi8L1Q&is_js=true&landing_url=https%3A%2F%2Fwritingcenter.utahtech.edu%2F&t=Writing%20Center%20%7C%20Utah%20Tech%20University&tip=aoK32C7IvMaN_e1ED3vqKMPlBD3qHmwPeIKS7JuIKBE&host=https://writingcenter.utahtech.edu&sa-user-id-v2=s%253A0-10dbc0bf-11d0-4291-4ef5-8001ba36450e%2524ip%252491.90.42.154.KR2ZCRNxeM8ztZw4v%252BimcoTpTB5iuFogedyUTtLmZ9s&sa-user-id=s%253A0-10dbc0bf-11d0-4291-4ef5-8001ba36450e.V1jzJinSZG5oE0yHeA%252BhTLjdGaMr4%252BERUJj86XHjdUo HTTP/1.1
Host: tags.srv.stackadapt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://writingcenter.utahtech.edu
Connection: keep-alive
Referer: https://writingcenter.utahtech.edu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://writingcenter.utahtech.edu
Content-Type: text/plain; charset=utf-8
Date: Mon, 19 Sep 2022 10:29:08 GMT
Content-Length: 94
Connection: keep-alive
action.dstillery.com/orbserv/nsjs?adv=cl1028422&ns=5013&nc=dixiestateuniversity&ncv=25&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
104.18.10.79302 Found 0 B URL HTTP/2 action.dstillery.com/orbserv/nsjs?adv=cl1028422&ns=5013&nc=dixiestateuniversity&ncv=25&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
IP 104.18.10.79:0
GET /orbserv/nsjs?adv=cl1028422&ns=5013&nc=dixiestateuniversity&ncv=25&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount] HTTP/1.1
Host: action.dstillery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://writingcenter.utahtech.edu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 19 Sep 2022 10:29:06 GMT
content-type: text/html; charset=iso-8859-1
location: https://action.media6degrees.com/orbserv/nsjs?adv=cl1028422&ns=5013&nc=dixiestateuniversity&ncv=25&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
access-control-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74d1a36bbe780b41-OSL
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat:400,400i,600,600i&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:400,400i,600,600i&display=swap
IP 142.250.74.10:0
GET /css?family=Montserrat:400,400i,600,600i&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://writingcenter.utahtech.edu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 19 Sep 2022 10:29:05 GMT
date: Mon, 19 Sep 2022 10:29:05 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
action.media6degrees.com/orbserv/nsjs?adv=cl1028422&ns=5013&nc=dixiestateuniversity&ncv=25&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
104.18.10.79200 OK 0 B URL HTTP/2 action.media6degrees.com/orbserv/nsjs?adv=cl1028422&ns=5013&nc=dixiestateuniversity&ncv=25&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
IP 104.18.10.79:0
GET /orbserv/nsjs?adv=cl1028422&ns=5013&nc=dixiestateuniversity&ncv=25&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount] HTTP/1.1
Host: action.media6degrees.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://writingcenter.utahtech.edu/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 10:29:07 GMT
content-type: text/html;charset=ISO-8859-1
p3p: CP="COM NAV INT STA NID OUR IND NOI"
pragma: no-cache
cache-control: no-cache
content-language: en-US
set-cookie: JSESSIONID=912F7FD1E71C6032D4FAD90973F4CD8F; Path=/orbserv/; HttpOnly
access-control-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74d1a373ff560b41-OSL
content-encoding: gzip
X-Firefox-Spdy: h2