bessiesmith.work/
192.0.78.24301 Moved Permanently 162 B IP 192.0.78.24:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
NIDS Severity Alert suricata medium ET INFO HTTP Request to Suspicious *.work Domain
GET / HTTP/1.1
Host: bessiesmith.work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 05:11:29 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://bessiesmith.work/
X-ac: 3.arn _dca BYPASS
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 81713f952b51a865ad9764cde68e3fdb
278c3a9c4bb2a0ffb7375f90d89a1ba6e90a766a
c2eb0d8a24ecb51af28f1c71db4b9a95c568dcf6c94b41ee8c78787a4ebebcef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2EB0D8A24ECB51AF28F1C71DB4B9A95C568DCF6C94B41EE8C78787A4EBEBCEF"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16477
Expires: Sat, 04 Feb 2023 09:46:06 GMT
Date: Sat, 04 Feb 2023 05:11:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14305
Expires: Sat, 04 Feb 2023 09:09:55 GMT
Date: Sat, 04 Feb 2023 05:11:30 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 04:36:13 GMT
content-type: application/json
age: 2117
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7d2222d41721947297aaeb5a6e3d0714
04cc1ee417c8bf6338657fd4c2e4e1c1ddfd3065
de0e45969a2ad95e52f7e2fbd0d021d9075dd7b14666c929346efe111f648f7c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE0E45969A2AD95E52F7E2FBD0D021D9075DD7B14666C929346EFE111F648F7C"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7202
Expires: Sat, 04 Feb 2023 07:11:32 GMT
Date: Sat, 04 Feb 2023 05:11:30 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 34Vpso3GjIz2oAjRhk9RtbNS6KLcaVjrDcWZRBxy4VoPBEGYvYJQBlq0OPmSVY5odnaGNFcBCOI=
x-amz-request-id: KQ2PBT8G40Z8Z0EP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 04:52:42 GMT
age: 1128
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 05:11:30 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4a6f61a1390af211038a73a85c7ab9d0
c68a2db08fa8b6c6bc53bdca6019d44fd11b0382
97a5209ef1bb7b0eb5f4678f5ca6e1eba3b2093123491a09ae05f55c5ca1ba83
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "97A5209EF1BB7B0EB5F4678F5CA6E1EBA3B2093123491A09AE05F55C5CA1BA83"
Last-Modified: Thu, 02 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21552
Expires: Sat, 04 Feb 2023 11:10:42 GMT
Date: Sat, 04 Feb 2023 05:11:30 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 04:49:07 GMT
age: 1343
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15062
Expires: Sat, 04 Feb 2023 09:22:32 GMT
Date: Sat, 04 Feb 2023 05:11:30 GMT
Connection: keep-alive
push.services.mozilla.com/
54.187.31.159101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.187.31.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: uiPk9gvk6P1hZcwKcKvi7Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: yjYA939/7uloz1YBzKlDgnXZHWE=
fonts.wp.com/s/ebgaramond/v26/SlGUmQSNjdsmc35JDF1K5GR1SDk.woff2
192.0.77.32200 OK 40 kB URL HTTP/2 fonts.wp.com/s/ebgaramond/v26/SlGUmQSNjdsmc35JDF1K5GR1SDk.woff2
IP 192.0.77.32:0
File type Web Open Font Format (Version 2), TrueType, length 40144, version 1.0\012- data
Hash 0116041b31726cea3144332b673919e8
c6f0008edefdcf305498582fa145917b7ce420c2
306b0d4768246ba448fa14872f6b5d7dcfcf3734fb3c9b68f9041cf86884c6ce
GET /s/ebgaramond/v26/SlGUmQSNjdsmc35JDF1K5GR1SDk.woff2 HTTP/1.1
Host: fonts.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bessiesmithwork.wordpress.com
Connection: keep-alive
Referer: https://fonts-api.wp.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 05:11:31 GMT
content-type: font/woff2
content-length: 40144
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 20259
last-modified: Mon, 11 Jul 2022 19:16:41 GMT
x-nc: HIT arn 2
accept-ranges: bytes
X-Firefox-Spdy: h2
0.gravatar.com/js/gprofiles.js?ver=202305z
192.0.73.2200 OK 30 kB URL HTTP/2 0.gravatar.com/js/gprofiles.js?ver=202305z
IP 192.0.73.2:0
File type ASCII text, with very long lines (24043), with no line terminators
Hash 38a24b7ac1da7cf057923c33f54de820
274b0af050d6465e665db0ffaf9d3fc75ef4e71f
a6edd576780bf3556ef58328e7b7733079401b8ddd9168e4c4607652742c6a98
GET /js/gprofiles.js?ver=202305z HTTP/1.1
Host: 0.gravatar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bessiesmithwork.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 05:11:30 GMT
content-type: application/javascript
last-modified: Thu, 15 Sep 2022 11:48:47 GMT
etag: W/"6323111f-5deb"
content-encoding: br
expires: Sat, 11 Feb 2023 05:11:30 GMT
cache-control: max-age=604800
X-Firefox-Spdy: h2
s0.wp.com/wp-content/themes/pub/varia/print.css?m=1571655471h&cssminify=yes
192.0.77.32200 OK 25 kB URL HTTP/2 s0.wp.com/wp-content/themes/pub/varia/print.css?m=1571655471h&cssminify=yes
IP 192.0.77.32:0
File type ASCII text, with very long lines (2832), with no line terminators
Hash 13688e080473848fdc00ff0f67da1dd4
0da9d5f474d112e94537e14bfab82b9cda845478
38831005442f70ae0ce1239b51005eaed2f7b9ed7591b19db288938520a9670f
GET /wp-content/themes/pub/varia/print.css?m=1571655471h&cssminify=yes HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bessiesmithwork.wordpress.com
Connection: keep-alive
Referer: https://bessiesmithwork.wordpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 05:11:30 GMT
content-type: text/css
vary: Accept-Encoding
etag: W/"5dad8f47-eed"
content-encoding: br
expires: Fri, 10 Nov 2023 15:10:56 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca BYPASS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8176ac8bbb8fa05f36bdfa163da09e0c
b936c84c5fa7e781b12a17952c82bca546ca0575
1aa7e39fd02514a4023036a8a100d7e7898ee220063ebfb41c509264c81ed727
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 05:11:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pixel.wp.com/g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.04544488098755195
192.0.76.3200 OK 50 B URL HTTP/2 pixel.wp.com/g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.04544488098755195
IP 192.0.76.3:0
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.04544488098755195 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bessiesmithwork.wordpress.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 05:11:31 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
pixel.wp.com/g.gif?blog=193288590&v=wpcom&tz=-8&user_id=0&post=5&subd=bessiesmithwork&host=bessiesmithwork.wordpress.com&ref=&rand=0.9361826083896583
192.0.76.3200 OK 50 B URL HTTP/2 pixel.wp.com/g.gif?blog=193288590&v=wpcom&tz=-8&user_id=0&post=5&subd=bessiesmithwork&host=bessiesmithwork.wordpress.com&ref=&rand=0.9361826083896583
IP 192.0.76.3:0
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?blog=193288590&v=wpcom&tz=-8&user_id=0&post=5&subd=bessiesmithwork&host=bessiesmithwork.wordpress.com&ref=&rand=0.9361826083896583 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bessiesmithwork.wordpress.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 05:11:31 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8176ac8bbb8fa05f36bdfa163da09e0c
b936c84c5fa7e781b12a17952c82bca546ca0575
1aa7e39fd02514a4023036a8a100d7e7898ee220063ebfb41c509264c81ed727
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 05:11:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.wp.com/w.js?63
192.0.76.3200 OK 4.2 kB IP 192.0.76.3:0
File type ASCII text, with very long lines (10813), with no line terminators
Hash 4749024d060af9081c79de37cea065ec
f2fa53c6f3c6d22cd65a27c921075feaf66f0307
f0b9b496d19c78fd252687c24f36b4bbf6121e951a8506f11f93be40e9b5e950
GET /w.js?63 HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bessiesmithwork.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 05:11:30 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"61dc645f-2a3d"
content-encoding: br
expires: Fri, 10 Nov 2023 15:20:42 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
bessiesmithwork.files.wordpress.com/2021/05/bessies.jpg
192.0.72.21200 OK 20 kB URL HTTP/2 bessiesmithwork.files.wordpress.com/2021/05/bessies.jpg
IP 192.0.72.21:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=2], baseline, precision 8, 348x450, components 3\012- data
Hash 09492c5ced7f34bb37f99d5047a82395
d50bfbe92623e80b209351833f03ede616ae6f03
498be05efcc1cfbb2a54b8ed668471f68c53f914f5ac3301bd40becf4fe261f1
GET /2021/05/bessies.jpg HTTP/1.1
Host: bessiesmithwork.files.wordpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bessiesmithwork.wordpress.com/
Cookie: __utma=11735858.960179978.1654051761.1654283748.1654515678.4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 05:11:31 GMT
content-type: image/jpeg
content-length: 20083
last-modified: Thu, 20 May 2021 19:33:02 GMT
expires: Wed, 08 Mar 2023 17:32:56 GMT
x-orig-src: 01_mogdir
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: https://bessiesmithwork.wordpress.com
vary: Origin
x-nc: MISS arn 21 np
x-content-type-options: nosniff
X-Firefox-Spdy: h2
bessiesmithwork.files.wordpress.com/2021/05/bess.jpg
192.0.72.21200 OK 182 kB URL HTTP/2 bessiesmithwork.files.wordpress.com/2021/05/bess.jpg
IP 192.0.72.21:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1200x1498, components 3\012- data
Size 182 kB (181576 bytes)
Hash 3b539001592ae825f1f407c14336f7ee
7dbd0ea907904555c25a4c27bfe6262259f9e58e
6e497941171cd86d608d851556039b5d716ce3b1fd0402b27d2ab2946b56ccb4
GET /2021/05/bess.jpg HTTP/1.1
Host: bessiesmithwork.files.wordpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bessiesmithwork.wordpress.com/
Cookie: __utma=11735858.960179978.1654051761.1654283748.1654515678.4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 05:11:31 GMT
content-type: image/jpeg
content-length: 181576
last-modified: Thu, 20 May 2021 19:32:53 GMT
expires: Fri, 24 Feb 2023 19:32:30 GMT
x-orig-src: 01_mogdir
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: https://bessiesmithwork.wordpress.com
vary: Origin
x-nc: MISS arn 21 np
x-content-type-options: nosniff
X-Firefox-Spdy: h2
bessiesmithwork.files.wordpress.com/2021/05/bessie-blues.jpg
192.0.72.21200 OK 21 kB URL HTTP/2 bessiesmithwork.files.wordpress.com/2021/05/bessie-blues.jpg
IP 192.0.72.21:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 250x250, components 3\012- data
Hash 50441bd9bc5ca1963a357978fbf4020a
d7203326fea305d34482ffabf05c10fe3d049294
0bb98a3926f4d858b7c8e50f86725cddd2beeaba864c7bdf07c3ded2846b136e
GET /2021/05/bessie-blues.jpg HTTP/1.1
Host: bessiesmithwork.files.wordpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bessiesmithwork.wordpress.com/
Cookie: __utma=11735858.960179978.1654051761.1654283748.1654515678.4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 05:11:31 GMT
content-type: image/jpeg
content-length: 20941
last-modified: Thu, 20 May 2021 19:32:36 GMT
expires: Sun, 26 Feb 2023 17:18:47 GMT
x-orig-src: 01_mogdir
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: https://bessiesmithwork.wordpress.com
vary: Origin
x-nc: MISS arn 21 np
x-content-type-options: nosniff
X-Firefox-Spdy: h2
bessiesmithwork.files.wordpress.com/2021/05/cover-bessie.jpg
192.0.72.21200 OK 118 kB URL HTTP/2 bessiesmithwork.files.wordpress.com/2021/05/cover-bessie.jpg
IP 192.0.72.21:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1400x787, components 1\012- data
Size 118 kB (117566 bytes)
Hash a677f51b56d76ce2eeea910f7d9670a9
02b27b8f6e23e1b996fe860d8a74c3af37e42f6a
9ce6043cd59ae873bad880df437e9b5a6a3e3d68ae2aafcca8edb3e5f10779cb
GET /2021/05/cover-bessie.jpg HTTP/1.1
Host: bessiesmithwork.files.wordpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bessiesmithwork.wordpress.com/
Cookie: __utma=11735858.960179978.1654051761.1654283748.1654515678.4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 05:11:31 GMT
content-type: image/jpeg
content-length: 117566
last-modified: Thu, 20 May 2021 19:32:44 GMT
expires: Sun, 26 Feb 2023 20:18:08 GMT
x-orig-src: 01_mogdir
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: https://bessiesmithwork.wordpress.com
vary: Origin
x-nc: MISS arn 21 np
x-content-type-options: nosniff
X-Firefox-Spdy: h2
bessiesmithwork.wordpress.com/
192.0.78.12200 OK 22 kB URL HTTP/2 bessiesmithwork.wordpress.com/
IP 192.0.78.12:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (10072)
Hash 8321ad33e4a5285373120c22f6e69a14
875b03514157d1f2ec0eacba79eda3bac51a8b3a
2c20b8c80ebb97ea04ee1120d94f010ae21c6dc13d6daaf3bbf649110132e137
GET / HTTP/1.1
Host: bessiesmithwork.wordpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __utma=11735858.960179978.1654051761.1654283748.1654515678.4
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 05:11:30 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Cookie
x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
host-header: WordPress.com
link: <https://wp.me/Pd51bU-5>; rel=shortlink
last-modified: Sat, 04 Feb 2023 05:11:30 GMT
cache-control: max-age=300, must-revalidate
x-nananana: Batcache-Set
content-encoding: br
x-ac: 1.arn _dca MISS
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
s0.wp.com/_static/??-eJytzFEKwkAMBNALuYYWsfohHkXabNC02WRpdt3rq2APIPg3MwwPWg5oWkgLpBqy1Durw0wlj7h8O+TVYsXCpnBjRZjEcHFw4Uj+sAZPprZH9x386qV3EnLAcbXqJOCNM61hqhqF/mRu1234sNd06Y5Dfz4MfXeaX7IZZDk=?cssminify=yes
192.0.77.32200 OK 86 kB URL HTTP/2 s0.wp.com/_static/??-eJytzFEKwkAMBNALuYYWsfohHkXabNC02WRpdt3rq2APIPg3MwwPWg5oWkgLpBqy1Durw0wlj7h8O+TVYsXCpnBjRZjEcHFw4Uj+sAZPprZH9x386qV3EnLAcbXqJOCNM61hqhqF/mRu1234sNd06Y5Dfz4MfXeaX7IZZDk=?cssminify=yes
IP 192.0.77.32:0
File type ASCII text, with very long lines (43752), with no line terminators
Hash cfa9e89355b3e3c82c6cec90dacc2457
00d72060a1dbf7630d52850e0b328d2a09a95430
ef05dc844945a50e20a1e4b703b9e7cf152d439f6a295a5f73060f9dc150bbd6
GET /_static/??-eJytzFEKwkAMBNALuYYWsfohHkXabNC02WRpdt3rq2APIPg3MwwPWg5oWkgLpBqy1Durw0wlj7h8O+TVYsXCpnBjRZjEcHFw4Uj+sAZPprZH9x386qV3EnLAcbXqJOCNM61hqhqF/mRu1234sNd06Y5Dfz4MfXeaX7IZZDk=?cssminify=yes HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bessiesmithwork.wordpress.com
Connection: keep-alive
Referer: https://bessiesmithwork.wordpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 05:11:30 GMT
content-type: text/css;charset=utf-8
vary: Accept-Encoding
last-modified: Thu, 05 Jan 2023 19:33:48 GMT
etag: W/"63b7261c-aae8"
content-encoding: br
expires: Fri, 05 Jan 2024 19:41:27 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca BYPASS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2
www.youtube.com/s/player/97ea7458/www-embed-player.vflset/www-embed-player.js
142.250.74.110200 OK 110 kB URL HTTP/2 www.youtube.com/s/player/97ea7458/www-embed-player.vflset/www-embed-player.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (679)
Size 110 kB (110070 bytes)
Hash ebe79d652346a39f78ba70ecfb911269
b996db460e2862473018d11947ac7711bc8ca537
445ae1b45376bf82466aa698c16011ea0781d16f3e25653713d935a9bc39fda9
GET /s/player/97ea7458/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/go6TiLIeVZA?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en&autohide=2&wmode=transparent
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 110070
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 15:53:23 GMT
expires: Thu, 01 Feb 2024 15:53:23 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 01 Feb 2023 01:21:00 GMT
content-type: text/javascript
age: 220688
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/s/player/97ea7458/player_ias.vflset/en_US/base.js
142.250.74.110200 OK 613 kB URL HTTP/2 www.youtube.com/s/player/97ea7458/player_ias.vflset/en_US/base.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (517)
Size 613 kB (612749 bytes)
Hash 83c1c7c77b3e875a13d9caa902b9faa3
3da245b3aa77682c47e0fc016a536bbd827189ad
254753ab92f0e04763ce89d741819cf20ce5281f10ee7ace7444ac8b4d07e98c
GET /s/player/97ea7458/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/go6TiLIeVZA?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en&autohide=2&wmode=transparent
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 612749
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 15:53:23 GMT
expires: Thu, 01 Feb 2024 15:53:23 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 01 Feb 2023 01:21:00 GMT
content-type: text/javascript
age: 220688
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
0.gravatar.com/dist/css/services.min.css?ver=202305z
192.0.73.2200 OK 7.3 kB URL HTTP/2 0.gravatar.com/dist/css/services.min.css?ver=202305z
IP 192.0.73.2:0
File type ASCII text, with very long lines (3236)
Hash ff8015c54b1cf87b1ebda93a7d75976d
6c2bbd8097b1e2ba6b34a7390e352a4f2fee25b3
3ea57d037e9b68bf202d7d555daca4a80031898f0974346dd1d026b65dde357e
GET /dist/css/services.min.css?ver=202305z HTTP/1.1
Host: 0.gravatar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bessiesmithwork.wordpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 05:11:31 GMT
content-type: text/css
last-modified: Tue, 03 Jan 2023 09:10:35 GMT
etag: W/"63b3f10b-ca5"
content-encoding: br
expires: Sat, 11 Feb 2023 05:11:31 GMT
cache-control: max-age=604800
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 05:11:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 05:11:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 05:11:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 21:48:03 GMT
expires: Fri, 02 Feb 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 113008
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 16:40:43 GMT
expires: Fri, 02 Feb 2024 16:40:43 GMT
cache-control: public, max-age=31536000
age: 131448
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
bessiesmithwork.files.wordpress.com/2021/05/book.jpg
192.0.72.21200 OK 14 kB URL HTTP/2 bessiesmithwork.files.wordpress.com/2021/05/book.jpg
IP 192.0.72.21:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=2], baseline, precision 8, 224x346, components 3\012- data
Hash 9431a181cd63b54a7715f0357f9bd22c
2ba3acedd570d29deb9cc57607370bbe50774694
ad444731ea70ea5de3e7a6718226df30bd9613469da662b565918f4a60c4f5e4
GET /2021/05/book.jpg HTTP/1.1
Host: bessiesmithwork.files.wordpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bessiesmithwork.wordpress.com/
Cookie: __utma=11735858.960179978.1654051761.1654283748.1654515678.4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 05:11:31 GMT
content-type: image/jpeg
content-length: 13707
last-modified: Fri, 21 May 2021 03:20:15 GMT
expires: Sun, 26 Feb 2023 01:58:04 GMT
x-orig-src: 01_mogdir
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: https://bessiesmithwork.wordpress.com
vary: Origin
x-nc: MISS arn 21 np
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 05:11:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 05:11:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bessiesmithwork.files.wordpress.com/2021/05/bessie-2.jpg
192.0.72.21200 OK 39 kB URL HTTP/2 bessiesmithwork.files.wordpress.com/2021/05/bessie-2.jpg
IP 192.0.72.21:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x390, components 3\012- data
Hash 7a58a65d72a6e9eb2c521367c7261954
eb2a466d388b843ecd9fa02dc61bec5036a9e576
55d7788e1a1393b867d692f98373373253c1a4244f4816cd6e28f52ab3d7d395
GET /2021/05/bessie-2.jpg HTTP/1.1
Host: bessiesmithwork.files.wordpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bessiesmithwork.wordpress.com/
Cookie: __utma=11735858.960179978.1654051761.1654283748.1654515678.4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 05:11:31 GMT
content-type: image/jpeg
content-length: 39399
last-modified: Fri, 21 May 2021 04:40:34 GMT
expires: Fri, 10 Mar 2023 08:08:27 GMT
x-orig-src: 01_mogdir
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: https://bessiesmithwork.wordpress.com
vary: Origin
x-nc: MISS arn 21 np
x-content-type-options: nosniff
X-Firefox-Spdy: h2
1.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=25&d=identicon&forcedefault=y&r=G
192.0.73.2200 OK 1.5 kB URL HTTP/2 1.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=25&d=identicon&forcedefault=y&r=G
IP 192.0.73.2:0
File type PNG image data, 25 x 25, 8-bit/color RGBA, non-interlaced\012- data
Hash 35ae01986c22c5ecdd7155733a5f49a3
5f34f1573357f1b71213e1eeb1615a9712ef6239
3086aaa2e8d2138d1ef45b3747e966b8f0056f2edb6786616da1a8928cf1c018
GET /avatar/ad516503a11cd5ca435acc9bb6523536?s=25&d=identicon&forcedefault=y&r=G HTTP/1.1
Host: 1.gravatar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bessiesmithwork.wordpress.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 05:11:31 GMT
content-type: image/png
content-length: 1485
last-modified: Sat, 01 Mar 2008 02:44:06 GMT
link: <https://www.gravatar.com/avatar/ad516503a11cd5ca435acc9bb6523536?s=25&d=identicon&forcedefault=y&r=G>; rel="canonical"
access-control-allow-origin: *
expires: Sat, 04 Feb 2023 05:16:31 GMT
cache-control: max-age=300
x-nc: HIT arn 4
accept-ranges: bytes
X-Firefox-Spdy: h2
bessiesmithwork.files.wordpress.com/2021/05/cropped-bessie.jpg?w=32
192.0.72.21200 OK 882 B URL HTTP/2 bessiesmithwork.files.wordpress.com/2021/05/cropped-bessie.jpg?w=32
IP 192.0.72.21:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 01625220d515f47bdb993d695b55ce04
0fdb403d3cf6624a3a570f5826a7d8c660f8b0a1
a44f311e8d89ea00175a9fa24f1d6f57c07a0b577721b9199bf13ffd6769611a
GET /2021/05/cropped-bessie.jpg?w=32 HTTP/1.1
Host: bessiesmithwork.files.wordpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bessiesmithwork.wordpress.com/
Cookie: __utma=11735858.960179978.1654051761.1654283748.1654515678.4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 05:11:31 GMT
content-type: image/webp
content-length: 882
last-modified: Thu, 20 May 2021 19:18:19 GMT
expires: Wed, 01 Mar 2023 19:30:26 GMT
x-orig-src: 0_imageresize
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: https://bessiesmithwork.wordpress.com
vary: Accept, Origin
x-nc: MISS arn 21 np
x-content-type-options: nosniff
X-Firefox-Spdy: h2
bessiesmithwork.files.wordpress.com/2021/05/cropped-bessie.jpg?w=192
192.0.72.21200 OK 24 kB URL HTTP/2 bessiesmithwork.files.wordpress.com/2021/05/cropped-bessie.jpg?w=192
IP 192.0.72.21:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 9af00e6dd8b1891156fcfe624d319d97
5ad3e0212bd3814c5907438f98b6769485d2b058
55d5ecf9529ecae3bd83f7afb597780b5eef6f19fae81f2145968089bf8bc2a8
GET /2021/05/cropped-bessie.jpg?w=192 HTTP/1.1
Host: bessiesmithwork.files.wordpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bessiesmithwork.wordpress.com/
Cookie: __utma=11735858.960179978.1654051761.1654283748.1654515678.4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 05:11:31 GMT
content-type: image/webp
content-length: 23598
last-modified: Thu, 20 May 2021 19:18:19 GMT
expires: Sat, 04 Mar 2023 04:34:42 GMT
x-orig-src: 0_imageresize
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: https://bessiesmithwork.wordpress.com
vary: Accept, Origin
x-nc: MISS arn 21 np
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash d2e174531b474d26a32c11aaa9965c69
6356e52468c57397bd01afe8c7cb861b4fe931ee
5eefef5a21ca2e611d0904b3adcff0005053a0d1f23a024808b436141cadd6b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 05:11:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 42f7bb86070a306c0902a2947bfd5db1
679751d86f7520d1e5e30b5bc050015450de75a7
ebccfef4e98d659e8e275dd6b2797b1154e42572695aefc916825bc0819e96dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 05:11:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.102200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.102:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 Feb 2023 04:58:12 GMT
expires: Sat, 04 Feb 2023 05:13:12 GMT
cache-control: public, max-age=900
age: 800
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash d2e174531b474d26a32c11aaa9965c69
6356e52468c57397bd01afe8c7cb861b4fe931ee
5eefef5a21ca2e611d0904b3adcff0005053a0d1f23a024808b436141cadd6b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 05:11:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/id
142.250.74.98302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Sat, 04 Feb 2023 05:11:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 42f7bb86070a306c0902a2947bfd5db1
679751d86f7520d1e5e30b5bc050015450de75a7
ebccfef4e98d659e8e275dd6b2797b1154e42572695aefc916825bc0819e96dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 05:11:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s0.wp.com/wp-includes/js/dist/vendor/lodash.min.js?m=1653325678h&ver=4.17.19
192.0.77.32200 OK 26 kB URL HTTP/2 s0.wp.com/wp-includes/js/dist/vendor/lodash.min.js?m=1653325678h&ver=4.17.19
IP 192.0.77.32:0
File type Unicode text, UTF-8 text, with very long lines (65004)
Hash 926f5658c6145ea05aff0febf30448d5
ae4082c1e71040b40ce8e6656f8e5942d151e336
603916f0d73e42cf78ae35846a4774ac3dc141cd8a1fa89ce6dd4c4fcb771bd6
GET /wp-includes/js/dist/vendor/lodash.min.js?m=1653325678h&ver=4.17.19 HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bessiesmithwork.wordpress.com
Connection: keep-alive
Referer: https://bessiesmithwork.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 05:11:30 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"628bbf97-115ba"
content-encoding: br
expires: Tue, 23 May 2023 17:09:43 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.98302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Sat, 04 Feb 2023 05:11:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
s0.wp.com/wp-content/mu-plugins/jetpack-plugin/production/_inc/blocks/177.js?minify=false&ver=cf7bf246d750273ba1a9
192.0.77.32200 OK 40 kB URL HTTP/2 s0.wp.com/wp-content/mu-plugins/jetpack-plugin/production/_inc/blocks/177.js?minify=false&ver=cf7bf246d750273ba1a9
IP 192.0.77.32:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0101ceae49bdb1634d14d484ffb2ebb9
840d8c3f33b0e6d4cf0080a2380c030dcbdfac98
8934cdae8c4077714f425801caa1f119928b25a9444d65339668e5957cedb421
GET /wp-content/mu-plugins/jetpack-plugin/production/_inc/blocks/177.js?minify=false&ver=cf7bf246d750273ba1a9 HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bessiesmithwork.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 05:11:31 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"63bf2e9b-23995"
content-encoding: br
expires: Thu, 11 Jan 2024 21:56:41 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca MISS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 1
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash c181c51a9326d56e60915a792c306c2c
de1cc0ce1384905e65a9fa9575743091d785e528
b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 05:11:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash c181c51a9326d56e60915a792c306c2c
de1cc0ce1384905e65a9fa9575743091d785e528
b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 05:11:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 42f7bb86070a306c0902a2947bfd5db1
679751d86f7520d1e5e30b5bc050015450de75a7
ebccfef4e98d659e8e275dd6b2797b1154e42572695aefc916825bc0819e96dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 05:11:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/embed/go6TiLIeVZA?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en&autohide=2&wmode=transparent
142.250.74.110200 OK 26 kB URL HTTP/2 www.youtube.com/embed/go6TiLIeVZA?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en&autohide=2&wmode=transparent
IP 142.250.74.110:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (55392)
Hash cf9dcb769c80c1d7f27febeb677a6690
bb28b5d6800e1b6757f0ef19d856755adbef9365
0c559351bcafdd52af1c47bbe181369a068411fb2d4d6d7a5088ab1cdf34843f
GET /embed/go6TiLIeVZA?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en&autohide=2&wmode=transparent HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bessiesmithwork.wordpress.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 04 Feb 2023 05:11:31 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=2J39bQUlmp4; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TmpFMk16azRNRGN4TXpVeU1UWXdNQT09EIPS954GGIPS954G; Domain=.youtube.com; Expires=Thu, 03-Aug-2023 05:11:31 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=BnERLa9_YrM; Domain=.youtube.com; Expires=Thu, 03-Aug-2023 05:11:31 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+531; expires=Mon, 03-Feb-2025 05:11:31 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3887
Expires: Sat, 04 Feb 2023 06:16:19 GMT
Date: Sat, 04 Feb 2023 05:11:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3887
Expires: Sat, 04 Feb 2023 06:16:19 GMT
Date: Sat, 04 Feb 2023 05:11:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3887
Expires: Sat, 04 Feb 2023 06:16:19 GMT
Date: Sat, 04 Feb 2023 05:11:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3887
Expires: Sat, 04 Feb 2023 06:16:19 GMT
Date: Sat, 04 Feb 2023 05:11:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3887
Expires: Sat, 04 Feb 2023 06:16:19 GMT
Date: Sat, 04 Feb 2023 05:11:32 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72a06bff-2a3c-4fc8-9c7a-5649a696581e.png
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72a06bff-2a3c-4fc8-9c7a-5649a696581e.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a032104cf4ccc6ea31f163ca16386487
a0573916c3d72f0554928963c0a74413fdcb3558
8ba7b6e9b3fa28f6fd27f5f006cedac10f50d7da6c109155a2476cf04f4df932
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72a06bff-2a3c-4fc8-9c7a-5649a696581e.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8909
x-amzn-requestid: 29f57721-99ae-4927-b324-b0a40668e2f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyDqqEPuIAMFqpg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd7fdd-156c25027894630b61e5770c;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:42:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 6-RtedWR4ubEBwe85bNcobzqb2Cy9aEUzyT3tlhJ95zD5SgiuS7coA==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:11:43 GMT
age: 25189
etag: "a0573916c3d72f0554928963c0a74413fdcb3558"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.207.234200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.207.234:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 27bd163055f5a6acd52a7b54339c7681
3515fa08fb3fcdb0a50b0833e11ff1d4c660448d
8a315ed709566ae386d06453fab46f99e9c668447a78f38473d4db20ae9bf69e
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 04 Feb 2023 05:11:32 GMT
server: ESF
cache-control: private
content-length: 30918
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b2d6920-2a79-45a8-b007-d36cc875c52f.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b2d6920-2a79-45a8-b007-d36cc875c52f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3ac51fd6789cbe19c2d484c9022b0e39
bcba22a7b7f5dd1f59fffd1027e5d7002cecb6e9
300b5e50cb910f9f4905ee7313d98763b68f85f5874db499cc94469fb14cabfe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b2d6920-2a79-45a8-b007-d36cc875c52f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9500
x-amzn-requestid: 8fe94388-e8d9-4329-b73a-e9a356df76bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD9QEA1IAMF3Ug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8054-51f954ac4bec16d1055e38f5;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FkTJ6wQ4eFYBPDyS0l5vLeWvHHiQIx-cYyFzT4ggHJ8M5Gg3dozFxQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:59:51 GMT
age: 25901
etag: "bcba22a7b7f5dd1f59fffd1027e5d7002cecb6e9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c030376-7935-4601-969c-86a91f4f5e85.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c030376-7935-4601-969c-86a91f4f5e85.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7afd5ce8fb9ec7b62e528bf97705e49
afbf22f5d8f54adcb00e8980a9b22f2c5b6703c3
b2d93ba6c0ed2c858d91afba1c81251afbffa41c779be2e9203994dcfb7bbc9d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c030376-7935-4601-969c-86a91f4f5e85.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7249
x-amzn-requestid: 007ce521-ed5c-4074-a314-684ad0df2e22
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD9GH5goAMF_ag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8053-7060f02b767c90371991a190;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5fTV_e56nzjiXo4Guu67WXDDvp3nrjB0Yfyy6ByjcDSx23J-8r0fmQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:21 GMT
age: 25271
etag: "afbf22f5d8f54adcb00e8980a9b22f2c5b6703c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e5b4e4f15da3323c73974c3f1cdb5d74
1f14971d0cf979cc34ff191849dc43d86e8ac463
5893d7e5b2fd9de92829b303c42d0c07ff32b3f6b8705b6f5b4a784315c8808e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5174
x-amzn-requestid: 35630c70-3bad-47b4-94bb-09c873632194
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EFAHIAMFQQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-317b1fbb3bee0f377697bf3d;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OD5cy75AkNMwTIvIool2nKbKgr5Jpo1Plm_X_YPr3rdPbg86_V2fdA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:00:26 GMT
age: 25866
etag: "1f14971d0cf979cc34ff191849dc43d86e8ac463"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4c16006-34b0-45cb-bb9f-46fe6dd44e3c.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4c16006-34b0-45cb-bb9f-46fe6dd44e3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cf80667db0c35c9c6139eca4ba5d12fd
4c4cfdc2463e8704a7bf8e1477c43b6adf7c7590
d63e69f4b6ea16333d242bf33d4f02a4a6c96a739ca018d86afc5741d85b774d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4c16006-34b0-45cb-bb9f-46fe6dd44e3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13065
x-amzn-requestid: 20c6f462-0f1f-44d1-9b6b-6afbc4e79e8b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fpYpcELtIAMFvFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63da07d5-44cd803c0feba28919b0a9ec;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 06:33:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T3PhGRcHX1X2hn8K_4587fXBrEyuY5Em-b9Jg41uH4uyQXeFoRBIYg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:55:01 GMT
age: 26191
etag: "4c4cfdc2463e8704a7bf8e1477c43b6adf7c7590"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e245a51-5c03-4b84-b42a-29fa3a7806e9.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e245a51-5c03-4b84-b42a-29fa3a7806e9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65cd12302c9ca5468dbc9a98155970e0
a0c63213c3021e40f8ea54f2da6a5c165ed5cfd1
8463155faca74f13ec4500fed98289d8bfbdc4a989d1cb7580736018eadf1000
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4e245a51-5c03-4b84-b42a-29fa3a7806e9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7992
x-amzn-requestid: ba4f95d9-6081-4b34-955c-bbe8e7b2335c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEEjGsdIAMF84w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8083-7666baa66ccdec9b5fec8736;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: A3c6sSs_b8KkREPa26a8X9NTEZpHGDjElR9hT-NXwg6dYpeuRNZXfA==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:21 GMT
age: 25271
etag: "a0c63213c3021e40f8ea54f2da6a5c165ed5cfd1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash c181c51a9326d56e60915a792c306c2c
de1cc0ce1384905e65a9fa9575743091d785e528
b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 05:11:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.207.234200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.207.234:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 362945acaf10de2219b279223c5b7bd3
c6b3c63009d6fe92c23794757b473095faeb1fda
a64edea661ac73eac602f0fad110ac76748137cd6e242eeb88dd631963f2eeb4
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 04 Feb 2023 05:11:32 GMT
server: ESF
cache-control: private
content-length: 31037
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 621b586028d5acaf29b8777ca0872ce1
9d2a358576d0acab58e2eacf7765b686cee9181f
a7c99a5217e394c715679780ae1e3e60202653547212b0a4fd2efab0e1a01015
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 05:11:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/wBNXk7Q6V2dkHawik5TUb6id0fydDqlxfrWFyJdQ6Xw.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/wBNXk7Q6V2dkHawik5TUb6id0fydDqlxfrWFyJdQ6Xw.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (36000)
Hash b40bdd235c7883921e2b18743b3aea21
9aaa96e2ec231327ba976911513989568c56c7c1
8b00f3a7d9b7acabf6b991926d7543944771ce1431efd342dea743192ec667e3
GET /js/th/wBNXk7Q6V2dkHawik5TUb6id0fydDqlxfrWFyJdQ6Xw.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14173
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 22:19:19 GMT
expires: Sat, 03 Feb 2024 22:19:19 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Jan 2023 15:00:00 GMT
content-type: text/javascript
age: 24733
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
s0.wp.com/wp-content/mu-plugins/actionbar/actionbar.js?v=20220329
192.0.77.32200 OK 3.5 kB URL HTTP/2 s0.wp.com/wp-content/mu-plugins/actionbar/actionbar.js?v=20220329
IP 192.0.77.32:0
File type ASCII text, with very long lines (1015)
Hash 92a1be6628db63ab79aa15a7ad826081
05f94c09e4fd0e27158aa15e6d85818c51609dbf
e4f822a3d8322614ac30f5c93bd83b02149fa2a7e47e0045dec5ea98fd5b8620
GET /wp-content/mu-plugins/actionbar/actionbar.js?v=20220329 HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bessiesmithwork.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 05:11:32 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"624b18ae-346d"
content-encoding: br
expires: Tue, 04 Apr 2023 16:11:34 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 1
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.207.234200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.207.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sat, 04 Feb 2023 05:11:32 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
i.ytimg.com/vi/22fYNs8_HRE/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AHUBoAC4AOKAgwIABABGF0gXShdMA8=&rs=AOn4CLDtvf6DjuzHLKfnSBeMjn1gnrWmbA
142.250.74.182200 OK 13 kB URL HTTP/2 i.ytimg.com/vi/22fYNs8_HRE/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AHUBoAC4AOKAgwIABABGF0gXShdMA8=&rs=AOn4CLDtvf6DjuzHLKfnSBeMjn1gnrWmbA
IP 142.250.74.182:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x480, components 3\012- data
Hash c60628aec4485c44671d249cf7af43eb
80b04308e17ab0866622f1406e8f9d85e3e7a3c5
76b9ca64335b2f716549ea0001d35bed3cfdd5c47524c25b9db9df2e63eaee12
GET /vi/22fYNs8_HRE/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AHUBoAC4AOKAgwIABABGF0gXShdMA8=&rs=AOn4CLDtvf6DjuzHLKfnSBeMjn1gnrWmbA HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 13346
date: Sat, 04 Feb 2023 05:11:32 GMT
expires: Sat, 04 Feb 2023 07:11:32 GMT
cache-control: public, max-age=7200
etag: "1609343548"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.207.234200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.207.234:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 049622f7ce23b48a3df7ca49c229f88b
568cfca0200ac8aaae09a76aea50af36f25f9230
3825cfc4b42dcc59af354c4bd56d151621f5468356d8b6eeea60075eaecb288e
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 940
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 04 Feb 2023 05:11:32 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash f32763d17ee930a84421656330650bd1
688473a7c570a6e84406eef1927df94bfccd1870
33f1a840a87b8ef5136065f9be370aa640573ab68d82e8a822d48bbd2eb837c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 05:11:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash e16924e677b1cf77abc2c90c36b01b58
7608b4371357596c60d3ff2aed7fa181a3e8fefc
485a64335baac7fd3bfcc0063493c27ab58a8fe46e0873fc64f619c19cd8c59b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 05:11:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AL5GRJUXVsXUUGa8XHOYzRL0-EoCOuC_4HNhleoB5CIS=s68-c-k-c0x00ffffff-no-rj
142.250.74.97200 OK 1.1 kB URL HTTP/2 yt3.ggpht.com/ytc/AL5GRJUXVsXUUGa8XHOYzRL0-EoCOuC_4HNhleoB5CIS=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 108fd24b7721d99850564ac0fee17449
aa3787836d07289e9e41ac2cdffd650b749e518a
b59e93073681cf0e76c6a4a659541dcb7a6e448b4b7dd41a5677db82bc3e8784
GET /ytc/AL5GRJUXVsXUUGa8XHOYzRL0-EoCOuC_4HNhleoB5CIS=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Sun, 05 Feb 2023 05:11:32 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 04 Feb 2023 05:11:32 GMT
server: fife
content-length: 1089
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.207.234200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.207.234:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 3406d2d3470cfc8cb11b7cd6186cf4cd
04a399e8879edb89e1341636c2a54228a6853849
f464fad37c379221b5fa2c1027dddb5c578f17e910221e98f19531bb82d6f765
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 980
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 04 Feb 2023 05:11:32 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash f32763d17ee930a84421656330650bd1
688473a7c570a6e84406eef1927df94bfccd1870
33f1a840a87b8ef5136065f9be370aa640573ab68d82e8a822d48bbd2eb837c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 05:11:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bessiesmithwork.wordpress.com/wp-admin/admin-ajax.php
192.0.78.12200 OK 32 B URL HTTP/2 bessiesmithwork.wordpress.com/wp-admin/admin-ajax.php
IP 192.0.78.12:0
Hash 844ba3b38ffb0b9940ebb21ad5ec7ddc
b4139fb4f0ee64c30a84a3fb7c6deca95d07ddfa
a32518fc092aed88e4e0955f085bca096e5a390877fe9a12d9a0c974e6045ca3
POST /wp-admin/admin-ajax.php HTTP/1.1
Host: bessiesmithwork.wordpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bessiesmithwork.wordpress.com/
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Origin: https://bessiesmithwork.wordpress.com
Content-Length: 44
Connection: keep-alive
Cookie: __utma=11735858.960179978.1654051761.1654283748.1654515678.4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 05:11:32 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-hacker: If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
host-header: WordPress.com
access-control-allow-origin: https://bessiesmithwork.wordpress.com
access-control-allow-credentials: true
x-robots-tag: noindex
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
content-encoding: br
x-ac: 1.arn _dca BYPASS
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
pixel.wp.com/boom.gif?bilmur=1&batcache_hit=0&provider=wordpress.com&service=simple&custom_properties=%7B%22enq_lodash%22%3A%221%22%2C%22logged_in%22%3A%220%22%2C%22wptheme%22%3A%22pub%2Fhever%22%7D&host_name=bessiesmithwork.wordpress.com&url_path=%2F&nt_fetchStart=583&nt_domainLookupStart=587&nt_domainLookupEnd=629&nt_connectStart=629&nt_connectEnd=659&nt_secureConnectionStart=640&nt_requestStart=660&nt_responseStart=919&nt_responseEnd=926&nt_domLoading=936&nt_domInteractive=1341&nt_domContentLoadedEventStart=1405&nt_domContentLoadedEventEnd=1432&nt_domComplete=2568&nt_loadEventStart=2568&nt_loadEventEnd=2570&nt_redirectCount=0&nt_nextHopProtocol=h2&nt_api_level=2&first_contentful_paint=1238&resource_size=1081749&resource_transferred=298408&js_size=324487&js_transferred=103019&resource_cache_percent=3&js_cache_percent=0&last_resource_end=3034
192.0.76.3204 No Content 0 B URL HTTP/2 pixel.wp.com/boom.gif?bilmur=1&batcache_hit=0&provider=wordpress.com&service=simple&custom_properties=%7B%22enq_lodash%22%3A%221%22%2C%22logged_in%22%3A%220%22%2C%22wptheme%22%3A%22pub%2Fhever%22%7D&host_name=bessiesmithwork.wordpress.com&url_path=%2F&nt_fetchStart=583&nt_domainLookupStart=587&nt_domainLookupEnd=629&nt_connectStart=629&nt_connectEnd=659&nt_secureConnectionStart=640&nt_requestStart=660&nt_responseStart=919&nt_responseEnd=926&nt_domLoading=936&nt_domInteractive=1341&nt_domContentLoadedEventStart=1405&nt_domContentLoadedEventEnd=1432&nt_domComplete=2568&nt_loadEventStart=2568&nt_loadEventEnd=2570&nt_redirectCount=0&nt_nextHopProtocol=h2&nt_api_level=2&first_contentful_paint=1238&resource_size=1081749&resource_transferred=298408&js_size=324487&js_transferred=103019&resource_cache_percent=3&js_cache_percent=0&last_resource_end=3034
IP 192.0.76.3:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /boom.gif?bilmur=1&batcache_hit=0&provider=wordpress.com&service=simple&custom_properties=%7B%22enq_lodash%22%3A%221%22%2C%22logged_in%22%3A%220%22%2C%22wptheme%22%3A%22pub%2Fhever%22%7D&host_name=bessiesmithwork.wordpress.com&url_path=%2F&nt_fetchStart=583&nt_domainLookupStart=587&nt_domainLookupEnd=629&nt_connectStart=629&nt_connectEnd=659&nt_secureConnectionStart=640&nt_requestStart=660&nt_responseStart=919&nt_responseEnd=926&nt_domLoading=936&nt_domInteractive=1341&nt_domContentLoadedEventStart=1405&nt_domContentLoadedEventEnd=1432&nt_domComplete=2568&nt_loadEventStart=2568&nt_loadEventEnd=2570&nt_redirectCount=0&nt_nextHopProtocol=h2&nt_api_level=2&first_contentful_paint=1238&resource_size=1081749&resource_transferred=298408&js_size=324487&js_transferred=103019&resource_cache_percent=3&js_cache_percent=0&last_resource_end=3034 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bessiesmithwork.wordpress.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 04 Feb 2023 05:11:34 GMT
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f8fa6a-620a-4d0c-aec7-0863ae11b871.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f8fa6a-620a-4d0c-aec7-0863ae11b871.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 83ac46e378ad452aeb212d709ab70232
7514ed93fd2f256e5aad386fdd0ebc723785291b
e199498691268526a6ecfe58abb88ced8661272cd7ad8270811c84fb15dbb547
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62f8fa6a-620a-4d0c-aec7-0863ae11b871.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 14221
x-amzn-requestid: a74ee3d4-6163-4dec-ab62-97279cf52282
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEC3ERhIAMFh1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8078-3e5d4b3d39919497215866df;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3TIbnpwYk9CIeoXeW4T-ouwV7X1y-LgKV7wB4XJwFKSKx248jIJyBQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:08:39 GMT
age: 25380
etag: "7514ed93fd2f256e5aad386fdd0ebc723785291b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
s0.wp.com/wp-content/mu-plugins/gravatar-hovercards/wpgroho.js?m=1610363240h
192.0.77.32200 OK 0 B URL HTTP/2 s0.wp.com/wp-content/mu-plugins/gravatar-hovercards/wpgroho.js?m=1610363240h
IP 192.0.77.32:0
GET /wp-content/mu-plugins/gravatar-hovercards/wpgroho.js?m=1610363240h HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bessiesmithwork.wordpress.com
Connection: keep-alive
Referer: https://bessiesmithwork.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 05:11:30 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"5ffc31a9-465"
content-encoding: br
expires: Thu, 23 Nov 2023 13:57:44 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca BYPASS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2
s0.wp.com/_static/??-eJx9UOtWwjAMfiG7OEGUHx6epWvDyOjtpOlkb28ncJw76K+m+W5J4DMpE4NgEPBFJVd6ChkGlKTN+faHxNEWIxQD+Fo5zDCLtBF1jOxhyDC/KstUsWbIT7DwrajFkQymyxpaRJrofW0pR+dqP6waa+GPqnPRnDO8NO1706pMPjlUjGOzAUtZrk5XUrXqT9LFS+Mp3B0pGFfs70jG5KYl6R4rJ/SVmkoHo2bSsygxec2TCnqkXs9H+mdLbaur6jSD11mQa6WE66nzo3m+Fxgx2MjA2GNA1hJZcQlCHh9NeA/qS/12yH1FGGFsX5vnpoWukLM3ywxUDUWl6KYjOffXVZZTVGhFP/iPdve23e73u007fAF9htvv
192.0.77.32200 OK 0 B URL HTTP/2 s0.wp.com/_static/??-eJx9UOtWwjAMfiG7OEGUHx6epWvDyOjtpOlkb28ncJw76K+m+W5J4DMpE4NgEPBFJVd6ChkGlKTN+faHxNEWIxQD+Fo5zDCLtBF1jOxhyDC/KstUsWbIT7DwrajFkQymyxpaRJrofW0pR+dqP6waa+GPqnPRnDO8NO1706pMPjlUjGOzAUtZrk5XUrXqT9LFS+Mp3B0pGFfs70jG5KYl6R4rJ/SVmkoHo2bSsygxec2TCnqkXs9H+mdLbaur6jSD11mQa6WE66nzo3m+Fxgx2MjA2GNA1hJZcQlCHh9NeA/qS/12yH1FGGFsX5vnpoWukLM3ywxUDUWl6KYjOffXVZZTVGhFP/iPdve23e73u007fAF9htvv
IP 192.0.77.32:0
GET /_static/??-eJx9UOtWwjAMfiG7OEGUHx6epWvDyOjtpOlkb28ncJw76K+m+W5J4DMpE4NgEPBFJVd6ChkGlKTN+faHxNEWIxQD+Fo5zDCLtBF1jOxhyDC/KstUsWbIT7DwrajFkQymyxpaRJrofW0pR+dqP6waa+GPqnPRnDO8NO1706pMPjlUjGOzAUtZrk5XUrXqT9LFS+Mp3B0pGFfs70jG5KYl6R4rJ/SVmkoHo2bSsygxec2TCnqkXs9H+mdLbaur6jSD11mQa6WE66nzo3m+Fxgx2MjA2GNA1hJZcQlCHh9NeA/qS/12yH1FGGFsX5vnpoWukLM3ywxUDUWl6KYjOffXVZZTVGhFP/iPdve23e73u007fAF9htvv HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bessiesmithwork.wordpress.com
Connection: keep-alive
Referer: https://bessiesmithwork.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 05:11:30 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 23 Jan 2023 18:47:25 GMT
etag: W/"63ced63d-1701f"
content-encoding: br
expires: Tue, 30 Jan 2024 19:48:12 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca BYPASS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2
s0.wp.com/wp-content/themes/pub/hever/style.css?m=1668595807h&cssminify=yes
192.0.77.32200 OK 0 B URL HTTP/2 s0.wp.com/wp-content/themes/pub/hever/style.css?m=1668595807h&cssminify=yes
IP 192.0.77.32:0
GET /wp-content/themes/pub/hever/style.css?m=1668595807h&cssminify=yes HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bessiesmithwork.wordpress.com
Connection: keep-alive
Referer: https://bessiesmithwork.wordpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 05:11:30 GMT
content-type: text/css
vary: Accept-Encoding
etag: W/"6374c397-1d881"
content-encoding: br
expires: Thu, 16 Nov 2023 11:04:01 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca BYPASS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2
s0.wp.com/_static/??/wp-content/mu-plugins/comment-likes/css/comment-likes.css,/i/noticons/noticons.css?m=1436783281j&cssminify=yes
192.0.77.32200 OK 0 B URL HTTP/2 s0.wp.com/_static/??/wp-content/mu-plugins/comment-likes/css/comment-likes.css,/i/noticons/noticons.css?m=1436783281j&cssminify=yes
IP 192.0.77.32:0
GET /_static/??/wp-content/mu-plugins/comment-likes/css/comment-likes.css,/i/noticons/noticons.css?m=1436783281j&cssminify=yes HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bessiesmithwork.wordpress.com
Connection: keep-alive
Referer: https://bessiesmithwork.wordpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 05:11:30 GMT
content-type: text/css;charset=utf-8
vary: Accept-Encoding
last-modified: Thu, 29 Nov 2018 13:53:31 GMT
etag: W/"5bffef5b-9278"
content-encoding: br
expires: Fri, 10 Nov 2023 15:10:56 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca BYPASS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2
s0.wp.com/_static/??-eJyVjUEKwjAQRS9kHCo10IV4FImTkKROZkInQby9bXEjrty9B5/34VkNCrfADUo3lXrMrDCHVh0+Pg51Ed+xZWEoK1FQ0OSW4J33rx0zxyOqHuDf3i0zggpmR4Ykin7JT7OlUNb3NEIkuTvaBtdyGezZjqdpssP8Bj+XTks=?cssminify=yes
192.0.77.32200 OK 0 B URL HTTP/2 s0.wp.com/_static/??-eJyVjUEKwjAQRS9kHCo10IV4FImTkKROZkInQby9bXEjrty9B5/34VkNCrfADUo3lXrMrDCHVh0+Pg51Ed+xZWEoK1FQ0OSW4J33rx0zxyOqHuDf3i0zggpmR4Ykin7JT7OlUNb3NEIkuTvaBtdyGezZjqdpssP8Bj+XTks=?cssminify=yes
IP 192.0.77.32:0
GET /_static/??-eJyVjUEKwjAQRS9kHCo10IV4FImTkKROZkInQby9bXEjrty9B5/34VkNCrfADUo3lXrMrDCHVh0+Pg51Ed+xZWEoK1FQ0OSW4J33rx0zxyOqHuDf3i0zggpmR4Ykin7JT7OlUNb3NEIkuTvaBtdyGezZjqdpssP8Bj+XTks=?cssminify=yes HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bessiesmithwork.wordpress.com
Connection: keep-alive
Referer: https://bessiesmithwork.wordpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 05:11:30 GMT
content-type: text/css;charset=utf-8
vary: Accept-Encoding
last-modified: Tue, 28 Jun 2022 15:26:26 GMT
etag: W/"62bb1da2-7086"
content-encoding: br
expires: Sat, 21 Oct 2023 18:28:16 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca BYPASS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2
bessiesmithwork.wordpress.com/wp-content/js/bilmur.min.js?i=7&m=202305
192.0.78.12200 OK 0 B URL HTTP/2 bessiesmithwork.wordpress.com/wp-content/js/bilmur.min.js?i=7&m=202305
IP 192.0.78.12:0
GET /wp-content/js/bilmur.min.js?i=7&m=202305 HTTP/1.1
Host: bessiesmithwork.wordpress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bessiesmithwork.wordpress.com/
Cookie: __utma=11735858.960179978.1654051761.1654283748.1654515678.4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 05:11:30 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"63bbf1d2-1a69"
content-encoding: br
expires: Sun, 04 Feb 2024 05:11:30 GMT
cache-control: max-age=31536000
x-ac: 1.arn _dca MISS
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
s0.wp.com/_static/??-eJylkNuOwjAMRH+IxC2I2wPiU1CaeFu3SRzlQtm/3wq2PCCxK9THGc8cW4YxCM0+o88QbGnJJ2jLJBuM7TSJCNd6KytZQ1PIGuiYhwTkDd6kIy/7tIJPGVQf/EKEYSciKvO9kINJq4Ciy86+J7kiZliPOSg9/GoIkU3RmdjDhbyGxrKe3pMsGUwdj3AlHBfg7jdqFbkktM/0bPxzqxooOcxiI6sHbja+4j1s/ujOK8QYNLsXOfXO7lTv9tt1tT4ejv0Pz+LVTw==
192.0.77.32200 OK 0 B URL HTTP/2 s0.wp.com/_static/??-eJylkNuOwjAMRH+IxC2I2wPiU1CaeFu3SRzlQtm/3wq2PCCxK9THGc8cW4YxCM0+o88QbGnJJ2jLJBuM7TSJCNd6KytZQ1PIGuiYhwTkDd6kIy/7tIJPGVQf/EKEYSciKvO9kINJq4Ciy86+J7kiZliPOSg9/GoIkU3RmdjDhbyGxrKe3pMsGUwdj3AlHBfg7jdqFbkktM/0bPxzqxooOcxiI6sHbja+4j1s/ujOK8QYNLsXOfXO7lTv9tt1tT4ejv0Pz+LVTw==
IP 192.0.77.32:0
GET /_static/??-eJylkNuOwjAMRH+IxC2I2wPiU1CaeFu3SRzlQtm/3wq2PCCxK9THGc8cW4YxCM0+o88QbGnJJ2jLJBuM7TSJCNd6KytZQ1PIGuiYhwTkDd6kIy/7tIJPGVQf/EKEYSciKvO9kINJq4Ciy86+J7kiZliPOSg9/GoIkU3RmdjDhbyGxrKe3pMsGUwdj3AlHBfg7jdqFbkktM/0bPxzqxooOcxiI6sHbja+4j1s/ujOK8QYNLsXOfXO7lTv9tt1tT4ejv0Pz+LVTw== HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bessiesmithwork.wordpress.com
Connection: keep-alive
Referer: https://bessiesmithwork.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 05:11:30 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 31 Jan 2023 22:09:58 GMT
etag: W/"63d991b6-116c8"
content-encoding: br
expires: Wed, 31 Jan 2024 22:31:09 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca BYPASS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2
s0.wp.com/_static/??-eJx9i0EOwjAMwD5ECRw2xgHxli4KXVGaVE27ab9niAsIxM2WbFiyQ5VKUqFOlMggtxEmmqmA1ZVpj2Y7+J3NvkQPUfCVuiWjpq8hNZe5hSgGgdSxoq9R5UPcjX0s/9ZCI2vYMMBWvelzuqbLse+H7twNh9P9AY19TtE=?cssminify=yes
192.0.77.32200 OK 0 B URL HTTP/2 s0.wp.com/_static/??-eJx9i0EOwjAMwD5ECRw2xgHxli4KXVGaVE27ab9niAsIxM2WbFiyQ5VKUqFOlMggtxEmmqmA1ZVpj2Y7+J3NvkQPUfCVuiWjpq8hNZe5hSgGgdSxoq9R5UPcjX0s/9ZCI2vYMMBWvelzuqbLse+H7twNh9P9AY19TtE=?cssminify=yes
IP 192.0.77.32:0
GET /_static/??-eJx9i0EOwjAMwD5ECRw2xgHxli4KXVGaVE27ab9niAsIxM2WbFiyQ5VKUqFOlMggtxEmmqmA1ZVpj2Y7+J3NvkQPUfCVuiWjpq8hNZe5hSgGgdSxoq9R5UPcjX0s/9ZCI2vYMMBWvelzuqbLse+H7twNh9P9AY19TtE=?cssminify=yes HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bessiesmithwork.wordpress.com
Connection: keep-alive
Referer: https://bessiesmithwork.wordpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 05:11:30 GMT
content-type: text/css;charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 16 Nov 2022 11:03:51 GMT
etag: W/"6374c397-17d80"
content-encoding: br
expires: Thu, 16 Nov 2023 11:04:01 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca BYPASS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2
bessiesmith.work/
192.0.78.25301 Moved Permanently 0 B IP 192.0.78.25:0
NIDS Severity Alert suricata medium ET INFO HTTP Request to Suspicious *.work Domain
GET / HTTP/1.1
Host: bessiesmith.work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 04 Feb 2023 05:11:30 GMT
content-type: text/html; charset=utf-8
location: https://bessiesmithwork.wordpress.com/
strict-transport-security: max-age=31536000
vary: Cookie
x-ac: 3.arn _dca MISS
X-Firefox-Spdy: h2
s0.wp.com/wp-content/mu-plugins/highlander-comments/style.css?m=1663315160h&cssminify=yes
192.0.77.32200 OK 0 B URL HTTP/2 s0.wp.com/wp-content/mu-plugins/highlander-comments/style.css?m=1663315160h&cssminify=yes
IP 192.0.77.32:0
GET /wp-content/mu-plugins/highlander-comments/style.css?m=1663315160h&cssminify=yes HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bessiesmithwork.wordpress.com
Connection: keep-alive
Referer: https://bessiesmithwork.wordpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 05:11:30 GMT
content-type: text/css
vary: Accept-Encoding
etag: W/"63242ce6-45a9"
content-encoding: br
expires: Sat, 16 Sep 2023 07:59:40 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2
s0.wp.com/wp-content/mu-plugins/actionbar/actionbar.css?v=20210915
192.0.77.32200 OK 0 B URL HTTP/2 s0.wp.com/wp-content/mu-plugins/actionbar/actionbar.css?v=20210915
IP 192.0.77.32:0
GET /wp-content/mu-plugins/actionbar/actionbar.css?v=20210915 HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bessiesmithwork.wordpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 05:11:32 GMT
content-type: text/css
vary: Accept-Encoding
etag: W/"61439ab3-4620"
content-encoding: br
expires: Fri, 10 Nov 2023 15:10:54 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca BYPASS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 1
X-Firefox-Spdy: h2
0.gravatar.com/dist/css/hovercard.min.css?ver=202305z
192.0.73.2200 OK 0 B URL HTTP/2 0.gravatar.com/dist/css/hovercard.min.css?ver=202305z
IP 192.0.73.2:0
GET /dist/css/hovercard.min.css?ver=202305z HTTP/1.1
Host: 0.gravatar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bessiesmithwork.wordpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 05:11:31 GMT
content-type: text/css
last-modified: Tue, 03 Jan 2023 09:10:35 GMT
etag: W/"63b3f10b-1f86"
content-encoding: br
expires: Sat, 11 Feb 2023 05:11:31 GMT
cache-control: max-age=604800
X-Firefox-Spdy: h2
s0.wp.com/_static/??-eJytkt1SAyEMhV9IiGtrtReOzwJsBlMDyxBoh7eXVlu39adeeMPMSfgOSQjsknJTLBgLhKoSV09RYJfcFJQEYmwXSjuRG5hhR8bXLi1m3zMZYTvc61s9gK3EI1ie3KtistnkBlIa438YlRcMn0YUHdcRBTYCAUcyyD2972wmEpuGWTF645oOFK/jPTfXZ9DPxR8q7WZYktmXbNpUi/KZxj/3f2GRTaHo5Qrupg/sTg+PelBCITGqjFu9gJGknG6oc6NT/z0Ajo0IOXWYsHzb8mxf9h/V4yGZr9P6BXtfLGtTRhHVz0A1HJ/s3HN4GlYPy+V6vVoMmzf3/P8W?cssminify=yes
192.0.77.32200 OK 0 B URL HTTP/2 s0.wp.com/_static/??-eJytkt1SAyEMhV9IiGtrtReOzwJsBlMDyxBoh7eXVlu39adeeMPMSfgOSQjsknJTLBgLhKoSV09RYJfcFJQEYmwXSjuRG5hhR8bXLi1m3zMZYTvc61s9gK3EI1ie3KtistnkBlIa438YlRcMn0YUHdcRBTYCAUcyyD2972wmEpuGWTF645oOFK/jPTfXZ9DPxR8q7WZYktmXbNpUi/KZxj/3f2GRTaHo5Qrupg/sTg+PelBCITGqjFu9gJGknG6oc6NT/z0Ajo0IOXWYsHzb8mxf9h/V4yGZr9P6BXtfLGtTRhHVz0A1HJ/s3HN4GlYPy+V6vVoMmzf3/P8W?cssminify=yes
IP 192.0.77.32:0
GET /_static/??-eJytkt1SAyEMhV9IiGtrtReOzwJsBlMDyxBoh7eXVlu39adeeMPMSfgOSQjsknJTLBgLhKoSV09RYJfcFJQEYmwXSjuRG5hhR8bXLi1m3zMZYTvc61s9gK3EI1ie3KtistnkBlIa438YlRcMn0YUHdcRBTYCAUcyyD2972wmEpuGWTF645oOFK/jPTfXZ9DPxR8q7WZYktmXbNpUi/KZxj/3f2GRTaHo5Qrupg/sTg+PelBCITGqjFu9gJGknG6oc6NT/z0Ajo0IOXWYsHzb8mxf9h/V4yGZr9P6BXtfLGtTRhHVz0A1HJ/s3HN4GlYPy+V6vVoMmzf3/P8W?cssminify=yes HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bessiesmithwork.wordpress.com
Connection: keep-alive
Referer: https://bessiesmithwork.wordpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 05:11:30 GMT
content-type: text/css;charset=utf-8
vary: Accept-Encoding
last-modified: Mon, 23 Jan 2023 18:47:27 GMT
etag: W/"63ced63f-404e3"
content-encoding: br
expires: Tue, 23 Jan 2024 19:03:34 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca BYPASS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2
s0.wp.com/_static/??/wp-content/js/textarea-autosize.min.js,/wp-content/mu-plugins/highlander-comments/script.js?m=1663141412j
192.0.77.32200 OK 0 B URL HTTP/2 s0.wp.com/_static/??/wp-content/js/textarea-autosize.min.js,/wp-content/mu-plugins/highlander-comments/script.js?m=1663141412j
IP 192.0.77.32:0
GET /_static/??/wp-content/js/textarea-autosize.min.js,/wp-content/mu-plugins/highlander-comments/script.js?m=1663141412j HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bessiesmithwork.wordpress.com
Connection: keep-alive
Referer: https://bessiesmithwork.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 05:11:30 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 14 Sep 2022 07:43:45 GMT
etag: W/"63218631-a4f5"
content-encoding: br
expires: Thu, 14 Sep 2023 07:43:50 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2
s0.wp.com/_static/??/wp-content/js/mobile-useragent-info.js,/wp-content/js/rlt-proxy.js?m=1637704497j
192.0.77.32200 OK 0 B URL HTTP/2 s0.wp.com/_static/??/wp-content/js/mobile-useragent-info.js,/wp-content/js/rlt-proxy.js?m=1637704497j
IP 192.0.77.32:0
GET /_static/??/wp-content/js/mobile-useragent-info.js,/wp-content/js/rlt-proxy.js?m=1637704497j HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bessiesmithwork.wordpress.com
Connection: keep-alive
Referer: https://bessiesmithwork.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 05:11:30 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 23 Nov 2021 21:55:38 GMT
etag: W/"619d635a-4b6b"
content-encoding: br
expires: Wed, 09 Aug 2023 21:35:02 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 2
X-Firefox-Spdy: h2
s0.wp.com/wp-includes/js/wp-emoji-release.min.js?m=1652185836h&ver=6.2-alpha-55134
192.0.77.32200 OK 0 B URL HTTP/2 s0.wp.com/wp-includes/js/wp-emoji-release.min.js?m=1652185836h&ver=6.2-alpha-55134
IP 192.0.77.32:0
GET /wp-includes/js/wp-emoji-release.min.js?m=1652185836h&ver=6.2-alpha-55134 HTTP/1.1
Host: s0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bessiesmithwork.wordpress.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 05:11:30 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"627a5af9-48b9"
content-encoding: br
expires: Thu, 25 Jan 2024 13:48:31 GMT
cache-control: max-age=31536000
x-ac: 4.arn _dca MISS
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
timing-allow-origin: *
x-nc: HIT arn 1
X-Firefox-Spdy: h2
fonts-api.wp.com/css?family=PT+Sans%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext&display=swap
192.0.77.32200 OK 0 B URL HTTP/2 fonts-api.wp.com/css?family=PT+Sans%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext&display=swap
IP 192.0.77.32:0
GET /css?family=PT+Sans%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext&display=swap HTTP/1.1
Host: fonts-api.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bessiesmithwork.wordpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 05:11:30 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
vary: Accept-Encoding, Accept-Encoding
x-nc: BYPASS arn 1
content-encoding: gzip
X-Firefox-Spdy: h2
fonts-api.wp.com/css?family=Fira%20Sans:thin,extralight,light,regular,medium,semibold,bold,italic,bolditalic,extrabold,black|EB%20Garamond:thin,extralight,light,regular,medium,semibold,bold,italic,bolditalic,extrabold,black|
192.0.77.32200 OK 0 B URL HTTP/2 fonts-api.wp.com/css?family=Fira%20Sans:thin,extralight,light,regular,medium,semibold,bold,italic,bolditalic,extrabold,black|EB%20Garamond:thin,extralight,light,regular,medium,semibold,bold,italic,bolditalic,extrabold,black|
IP 192.0.77.32:0
GET /css?family=Fira%20Sans:thin,extralight,light,regular,medium,semibold,bold,italic,bolditalic,extrabold,black|EB%20Garamond:thin,extralight,light,regular,medium,semibold,bold,italic,bolditalic,extrabold,black| HTTP/1.1
Host: fonts-api.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bessiesmithwork.wordpress.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 05:11:30 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
vary: Accept-Encoding, Accept-Encoding
x-nc: BYPASS arn 1
content-encoding: gzip
X-Firefox-Spdy: h2