www.cathybeesey.com/wp-content/plugins/wp-jalali/chase/Thanks.php
38.40.180.227200 OK 842 B URL HTTP/1.1 www.cathybeesey.com/wp-content/plugins/wp-jalali/chase/Thanks.php
IP 38.40.180.227:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2820), with no line terminators
Hash 4d3885cd87c16963f6ed68f92186d0d0
8cc1642224bf26bf00d4c1d01e7c222c11100dd6
8092be5ad9f82427c3c702bfa234660a87de744eb831261e30910a6d8820d920
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-jalali/chase/Thanks.php HTTP/1.1
Host: www.cathybeesey.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Feb 2023 13:29:21 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 408d1564e8f59e6626e41be4106ce2e6
4149a1f17e8f7c446e7aa4963f3a49b6a00b6164
46e2e79c7977854058dec9cde88f963dd498dd235c3bb15b39a9e5ce1027d7fe
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46E2E79C7977854058DEC9CDE88F963DD498DD235C3BB15B39A9E5CE1027D7FE"
Last-Modified: Thu, 09 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15789
Expires: Thu, 09 Feb 2023 17:51:09 GMT
Date: Thu, 09 Feb 2023 13:28:00 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3456
Expires: Thu, 09 Feb 2023 14:25:36 GMT
Date: Thu, 09 Feb 2023 13:28:00 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 50a2f8cdbbd1059f5318753155bba7ef
405e63ea4683be44f876feae34b5cb645ff751f2
f6ac743a5a17d64d2858fec5791050d2dc8074ddd823826c93e67bffdb2f0868
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6AC743A5A17D64D2858FEC5791050D2DC8074DDD823826C93E67BFFDB2F0868"
Last-Modified: Thu, 09 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15988
Expires: Thu, 09 Feb 2023 17:54:28 GMT
Date: Thu, 09 Feb 2023 13:28:00 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 09 Feb 2023 12:34:15 GMT
content-type: application/json
age: 3225
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: EZUqYUz/5frU7y8VXKg1JdmJOKhfU6uIkQn0+hboWnci3361+iigY34EW3QwHIf5moSCuGLCByo=
x-amz-request-id: 00GP62SZWX54AAHP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 09 Feb 2023 12:36:22 GMT
age: 3098
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 13:28:00 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.cathybeesey.com/static.js?2023020921
38.40.180.227200 OK 1.4 kB URL HTTP/1.1 www.cathybeesey.com/static.js?2023020921
IP 38.40.180.227:0
File type HTML document, Unicode text, UTF-8 text, with very long lines (523)
Hash 2645388ba9bd11bcc63977261244ab40
470a4812dd009ba1895c9cb3ea04135a4fedce7f
f96bc7b47bdba9a2c2fc01f1d0d67bc1e72655083b51fbc31f85e05ea4483272
GET /static.js?2023020921 HTTP/1.1
Host: www.cathybeesey.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cathybeesey.com/wp-content/plugins/wp-jalali/chase/Thanks.php
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Feb 2023 13:29:21 GMT
Content-Type: application/javascript
Last-Modified: Mon, 06 Feb 2023 05:21:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63e08e42-c1c"
Expires: Fri, 10 Feb 2023 01:29:21 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Content-Type, Pragma, ETag, Retry-After, Backoff, Expires, Alert, Cache-Control, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 09 Feb 2023 13:14:53 GMT
age: 787
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 248ce16379b12f11927ecc3142aec450
fa5b189f2d9182479170cb61cc1723571e437bd2
a8d259b331bdefb00625b9bf057d44d0b3290fda0734c57eda187b04e23d59d4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8D259B331BDEFB00625B9BF057D44D0B3290FDA0734C57EDA187B04E23D59D4"
Last-Modified: Wed, 08 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2603
Expires: Thu, 09 Feb 2023 14:11:23 GMT
Date: Thu, 09 Feb 2023 13:28:00 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f28c2383c8d62295c567413d635189b8
eb9790320d087768daaa186f289b432ed4dfbb01
3bbb36dc1ee0b36e8d67161a9bd22f239076a6db94282f191cf50f03ba7c55f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3BBB36DC1EE0B36E8D67161A9BD22F239076A6DB94282F191CF50F03BA7C55F9"
Last-Modified: Tue, 07 Feb 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 09 Feb 2023 19:28:00 GMT
Date: Thu, 09 Feb 2023 13:28:00 GMT
Connection: keep-alive
push.zhanzhang.baidu.com/push.js
182.61.201.93200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 182.61.201.93:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cathybeesey.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Thu, 09 Feb 2023 13:28:00 GMT
Etag: "4078521116"
Expires: Fri, 09 Feb 2024 13:28:00 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=CA2D24D783AFAE038B2803E77901F0EE:FG=1; max-age=31536000; expires=Fri, 09-Feb-24 13:28:00 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
img.alicdn.com/tps/TB1iyqBJVXXXXa8XFXXXXXXXXXX-58-51.png
47.246.44.252200 OK 3.9 kB URL HTTP/2 img.alicdn.com/tps/TB1iyqBJVXXXXa8XFXXXXXXXXXX-58-51.png
IP 47.246.44.252:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
File type PNG image data, 58 x 51, 8-bit/color RGB, non-interlaced\012- data
Hash 5adebc4ce29b9524698fd76e15f2f498
7404a59679b94b1bb9d89098062e99d38b4a7466
5309fa3ffc2ffc72957b3076fe55d7259c57377a980bca2a2c5ea1f28fe3a037
GET /tps/TB1iyqBJVXXXXa8XFXXXXXXXXXX-58-51.png HTTP/1.1
Host: img.alicdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jp.aliyuncdnjs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Tengine
content-type: image/png
content-length: 3866
date: Fri, 15 Apr 2022 10:35:12 GMT
last-modified: Tue, 03 Jan 2017 23:01:07 GMT
expires: Sat, 15 Apr 2023 10:35:12 GMT
cache-control: max-age=31536000
ali-swift-global-savetime: 1650018912
via: cache3.l2ot7-1[0,0,200-0,H], cache9.l2ot7-1[0,0], cache4.se1[0,0,200-0,H], cache4.se1[1,0]
access-control-allow-origin: *
age: 25930369
x-cache: HIT TCP_MEM_HIT dirn:11:243975486
x-swift-savetime: Wed, 11 Jan 2023 02:58:56 GMT
x-swift-cachetime: 8148976
s-rt: 1
timing-allow-origin: *
eagleid: 2ff62c9816759492811542052e
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.89.44.161101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.44.161:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Qc2x46v157SV8/mNcTT6qg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: cwCBvcB2lP3T1HBTrD++GzmQtsA=
ocsp.globalsign.com/gsrsaovsslca2018
151.101.130.133200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 151.101.130.133:0
Hash 6a59d9550f1f5367da04360bbc4c4f26
b58ede7be69332140e72fcf63226fbe578f09ee8
86f62f85265b5269cee88d62898ddfcf20b11bc569062eab67faa17856a2ab88
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1432
Server: nginx
Content-Type: application/ocsp-response
Expires: Mon, 13 Feb 2023 10:59:31 GMT
ETag: "b58ede7be69332140e72fcf63226fbe578f09ee8"
Last-Modified: Thu, 09 Feb 2023 10:59:32 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 09 Feb 2023 13:28:01 GMT
Age: 813
X-Served-By: cache-qpg1274-QPG, cache-bma1680-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 3, 1
X-Timer: S1675949281.201428,VS0,VE1
api.share.baidu.com/s.gif?l=http://www.cathybeesey.com/wp-content/plugins/wp-jalali/chase/Thanks.php
180.101.212.103200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.cathybeesey.com/wp-content/plugins/wp-jalali/chase/Thanks.php
IP 180.101.212.103:0
ASN #134770 CHINANET Jiangsu province Suzhou taihu IDC network
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.cathybeesey.com/wp-content/plugins/wp-jalali/chase/Thanks.php HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cathybeesey.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Thu, 09 Feb 2023 13:28:01 GMT
hm.baidu.com/hm.js?cd5092f37491fa5f361143f26cd6f540
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?cd5092f37491fa5f361143f26cd6f540
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (620)
Hash de8fa0351d8bd1727e5858b56327c1ae
dcfd54e6e4482188968e389df218e62974aa196f
edb792065cc811f16f692f11654eaa7080e38e3e8243a3727e3a25d197795def
GET /hm.js?cd5092f37491fa5f361143f26cd6f540 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cathybeesey.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11258
Content-Type: application/javascript
Date: Thu, 09 Feb 2023 13:28:01 GMT
Etag: f742e0e9cf5b68a2bbd4e382291f5690
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=05642BDDAA14AE4C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4967
Expires: Thu, 09 Feb 2023 14:50:49 GMT
Date: Thu, 09 Feb 2023 13:28:02 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4967
Expires: Thu, 09 Feb 2023 14:50:49 GMT
Date: Thu, 09 Feb 2023 13:28:02 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4967
Expires: Thu, 09 Feb 2023 14:50:49 GMT
Date: Thu, 09 Feb 2023 13:28:02 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4967
Expires: Thu, 09 Feb 2023 14:50:49 GMT
Date: Thu, 09 Feb 2023 13:28:02 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e9ebfbd-8f55-4e32-8ea1-303aa280ea51.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e9ebfbd-8f55-4e32-8ea1-303aa280ea51.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b11f9f70f5e8af4de6d9fc5b9f50ccbe
753cb08c3f8c7c0750d113253790a08db01986bc
d4b77ba995ea274fd169fc9bc66919b23e72a8edb88d6184bf3d7f3ab398c645
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e9ebfbd-8f55-4e32-8ea1-303aa280ea51.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11036
x-amzn-requestid: 4bd4976c-9500-4d6d-a447-dd2873987d13
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fswexHCYIAMFzag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63db612b-61d430202cbbf52823f38c49;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 07:07:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1mDt4mKlkZG2_zBPhwB_lbzJ0Im0FlnjmJMa7gcopuv14gwqtwlA2w==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:34:37 GMT
age: 57205
etag: "753cb08c3f8c7c0750d113253790a08db01986bc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F718f24db-3c28-422f-953f-730a3ae78cb5.jpeg
34.120.237.76200 OK 3.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F718f24db-3c28-422f-953f-730a3ae78cb5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 28ae39b238f62d6c0aee7bb16ff863d5
3c2247e40747c3ca72dd7877facee9a9fecf0f59
c530ba92455ea45e14410f497d2df04cc1321e2937cc7e81aa75f4fc14206a7c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F718f24db-3c28-422f-953f-730a3ae78cb5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3014
x-amzn-requestid: bec40915-584b-48fc-94c2-293e96567474
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AChJKGrGoAMFelg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e4156d-2250ff00772341353151dd34;Sampled=0
x-amzn-remapped-date: Wed, 08 Feb 2023 21:34:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: lmJxNCnPKUD5O4HCWIjqeVaanXL50KZ60Xu1iOC6bisRBDJNkVXvww==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:34:37 GMT
etag: "3c2247e40747c3ca72dd7877facee9a9fecf0f59"
content-type: image/jpeg
age: 57205
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa565275-3a2e-4292-b935-18f8fc648689.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa565275-3a2e-4292-b935-18f8fc648689.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ebad32ed6e84736b26623ed3d9b6cfe7
f9ddc5333953bafc7de7c971a693771a179e8bab
c8cc0ee6bcc93f226bcf774f1354e094bd6715c86e680be7523c84e457b7922d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa565275-3a2e-4292-b935-18f8fc648689.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8637
x-amzn-requestid: 4c5e9f29-7c4f-4cfa-88b1-8600082e85c1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fswg7GLaoAMFi6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63db6138-5a2a4dd242aff1ac3d8b11db;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 07:07:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: I2j2a4tlZ-MG2RAk67dXyHFki0WRjBCoUOjrt8vxlFn2RO79Hwv7kA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:34:45 GMT
age: 57197
etag: "f9ddc5333953bafc7de7c971a693771a179e8bab"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 95081172f8e19d19921acc802488e019
8531c150cb11de44361a95624b11cf46b9e0ba02
7a2d8f012c7d590f3f39ad834d4f3f9fb729143b7395bc588bd608b5bdee039b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15019
x-amzn-requestid: a615a5fa-a2d8-4cde-b315-a211c7f49bef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ACn9WEA4IAMFsFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e42055-7a6fbfa40614816b1c2e9fed;Sampled=0
x-amzn-remapped-date: Wed, 08 Feb 2023 22:21:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KITnAMHAS6sESZ2OenwNX5RYRsBMkaBRfcKyvvyB-Dq15o3zJEYPvg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Thu, 09 Feb 2023 12:41:30 GMT
age: 2792
etag: "8531c150cb11de44361a95624b11cf46b9e0ba02"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F049f3f10-52dc-41ec-990c-719ee36485c7.jpeg
34.120.237.76200 OK 3.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F049f3f10-52dc-41ec-990c-719ee36485c7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 10fd2f55fa0cfb8616ded6ddc2bb511a
996ed68f1b9770a19a97f6c8d359e338b8c8b3ca
e552d31a5e531386b9830bb58486f09bfcb3400676f726f93fdbea08336a09da
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F049f3f10-52dc-41ec-990c-719ee36485c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3599
x-amzn-requestid: 658f8678-b67d-4f98-b728-cf9cbad3aa86
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ABI38GUpIAMFY0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e38832-2ab19d0f2345fc7515775298;Sampled=0
x-amzn-remapped-date: Wed, 08 Feb 2023 11:32:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: d8ZayLRkBd16PmZsswU0N4ZLVFphVFlgPRloMdqF_U6WMcyvZptmpA==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:45:46 GMT
etag: "996ed68f1b9770a19a97f6c8d359e338b8c8b3ca"
content-type: image/jpeg
age: 56536
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9b1dd9f-46ec-46f2-834f-c34f99ef0176.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9b1dd9f-46ec-46f2-834f-c34f99ef0176.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 087325c404f5b0b8e1bc800c167d6213
da37e1568089cf3536a8fe8304623694b7897326
a21b9844ebaac9fb408fc4d557badfbff0715cee7b5f3c8b9c628cdd1286dbe6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9b1dd9f-46ec-46f2-834f-c34f99ef0176.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4928
x-amzn-requestid: 2d81ff60-65c6-4a7d-86d5-8853a961be0f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fwDm6GoOIAMF6Bw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dcb2f8-5acf67171c4b3ee87794ea02;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 07:08:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: udtvUr0tqVtI70L8glPQK3ePowPGstiizC9tb6U4kQg0JzsLqViUIg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:45:54 GMT
age: 56528
etag: "da37e1568089cf3536a8fe8304623694b7897326"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=505268121&si=cd5092f37491fa5f361143f26cd6f540&v=1.3.0&lv=1&sn=22787&r=0&ww=1280&u=http%3A%2F%2Fwww.cathybeesey.com%2Fwp-content%2Fplugins%2Fwp-jalali%2Fchase%2FThanks.php&tt=%E5%9B%BD%E4%BA%A7%E6%97%A5%E6%9C%AC%E5%8D%A1%E4%BA%8C%E5%8D%A1%E4%B8%89%E5%8D%A1%E5%9B%9B%E5%8D%A1_91%E9%A6%99%E7%84%A6%E5%9B%BD%E4%BA%A7%E4%BA%BA%E5%A6%96%E7%BA%BF%E8%A7%82%E7%9C%8B%E5%85%8D%E8%B4%B9_1769%E5%9B%BD%E4%BA%A7%E7%B2%BE%E5%93%81%E4%B8%80%E5%8C%BA%E4%BA%8C%E5%8C%BA_%E4%BA%9A%E6%B4%B2%E5%9B%BD%E4%BA%A7%E7%B2%BE%E5%93%81%E4%B9%85%E4%B9%85%E4%B9%85%E4%B9%85%E7%B2%BE%E5%93%81
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=505268121&si=cd5092f37491fa5f361143f26cd6f540&v=1.3.0&lv=1&sn=22787&r=0&ww=1280&u=http%3A%2F%2Fwww.cathybeesey.com%2Fwp-content%2Fplugins%2Fwp-jalali%2Fchase%2FThanks.php&tt=%E5%9B%BD%E4%BA%A7%E6%97%A5%E6%9C%AC%E5%8D%A1%E4%BA%8C%E5%8D%A1%E4%B8%89%E5%8D%A1%E5%9B%9B%E5%8D%A1_91%E9%A6%99%E7%84%A6%E5%9B%BD%E4%BA%A7%E4%BA%BA%E5%A6%96%E7%BA%BF%E8%A7%82%E7%9C%8B%E5%85%8D%E8%B4%B9_1769%E5%9B%BD%E4%BA%A7%E7%B2%BE%E5%93%81%E4%B8%80%E5%8C%BA%E4%BA%8C%E5%8C%BA_%E4%BA%9A%E6%B4%B2%E5%9B%BD%E4%BA%A7%E7%B2%BE%E5%93%81%E4%B9%85%E4%B9%85%E4%B9%85%E4%B9%85%E7%B2%BE%E5%93%81
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=505268121&si=cd5092f37491fa5f361143f26cd6f540&v=1.3.0&lv=1&sn=22787&r=0&ww=1280&u=http%3A%2F%2Fwww.cathybeesey.com%2Fwp-content%2Fplugins%2Fwp-jalali%2Fchase%2FThanks.php&tt=%E5%9B%BD%E4%BA%A7%E6%97%A5%E6%9C%AC%E5%8D%A1%E4%BA%8C%E5%8D%A1%E4%B8%89%E5%8D%A1%E5%9B%9B%E5%8D%A1_91%E9%A6%99%E7%84%A6%E5%9B%BD%E4%BA%A7%E4%BA%BA%E5%A6%96%E7%BA%BF%E8%A7%82%E7%9C%8B%E5%85%8D%E8%B4%B9_1769%E5%9B%BD%E4%BA%A7%E7%B2%BE%E5%93%81%E4%B8%80%E5%8C%BA%E4%BA%8C%E5%8C%BA_%E4%BA%9A%E6%B4%B2%E5%9B%BD%E4%BA%A7%E7%B2%BE%E5%93%81%E4%B9%85%E4%B9%85%E4%B9%85%E4%B9%85%E7%B2%BE%E5%93%81 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cathybeesey.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 09 Feb 2023 13:28:02 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=2291D0DEE576EF89; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
www.cathybeesey.com/favicon.ico
38.40.180.227404 Not Found 20 B URL HTTP/1.1 www.cathybeesey.com/favicon.ico
IP 38.40.180.227:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /favicon.ico HTTP/1.1
Host: www.cathybeesey.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cathybeesey.com/wp-content/plugins/wp-jalali/chase/Thanks.php
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 09 Feb 2023 13:29:24 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
hm.baidu.com/hm.js?d88a6f3baded3d3a9c6155bb515beb74
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?d88a6f3baded3d3a9c6155bb515beb74
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (617)
Hash b955146c173d0c6f52298aeced4add48
b0062a7c1178943c4d42f5a23cc946f699362510
55e1af87524d7c0249e5b24bbe1f2af4df66b51eed7fd1d86c13e4d1d2dc0783
GET /hm.js?d88a6f3baded3d3a9c6155bb515beb74 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jp.aliyuncdnjs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11255
Content-Type: application/javascript
Date: Thu, 09 Feb 2023 13:28:02 GMT
Etag: 8829789476a628902f4379849493214c
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=8456B9C8656B948B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1910671300&si=d88a6f3baded3d3a9c6155bb515beb74&su=http%3A%2F%2Fwww.cathybeesey.com%2F&v=1.3.0&lv=1&sn=22788&r=0&ww=1268&u=https%3A%2F%2Fjp.aliyuncdnjs.com%2F404.html&tt=%E5%9F%9F%E5%90%8D%E5%81%9C%E9%9D%A0
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1910671300&si=d88a6f3baded3d3a9c6155bb515beb74&su=http%3A%2F%2Fwww.cathybeesey.com%2F&v=1.3.0&lv=1&sn=22788&r=0&ww=1268&u=https%3A%2F%2Fjp.aliyuncdnjs.com%2F404.html&tt=%E5%9F%9F%E5%90%8D%E5%81%9C%E9%9D%A0
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1910671300&si=d88a6f3baded3d3a9c6155bb515beb74&su=http%3A%2F%2Fwww.cathybeesey.com%2F&v=1.3.0&lv=1&sn=22788&r=0&ww=1268&u=https%3A%2F%2Fjp.aliyuncdnjs.com%2F404.html&tt=%E5%9F%9F%E5%90%8D%E5%81%9C%E9%9D%A0 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jp.aliyuncdnjs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 09 Feb 2023 13:28:03 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=EDDE553D51DDA61C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.js?19c73821e2ceb87819f3cc8bc3164742
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?19c73821e2ceb87819f3cc8bc3164742
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash cd2a6b7f5e31598402e662ed3c5a3ee3
3587fe6f217c3e8c310e199bbb1c42c210fac4c5
66eb2ffd20e1cfdbbca8bcec32a2a3103cc1b5e70324d9ffe1c68ef957ec5b02
GET /hm.js?19c73821e2ceb87819f3cc8bc3164742 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cathybeesey.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Thu, 09 Feb 2023 13:28:02 GMT
Etag: 6337b82a0b3c9c93c96144818a972192
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=22541CF15BEE3ADF; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=713940243&si=19c73821e2ceb87819f3cc8bc3164742&v=1.3.0&lv=1&sn=22788&r=0&ww=1280&u=http%3A%2F%2Fwww.cathybeesey.com%2Fwp-content%2Fplugins%2Fwp-jalali%2Fchase%2FThanks.php&tt=%E5%9B%BD%E4%BA%A7%E6%97%A5%E6%9C%AC%E5%8D%A1%E4%BA%8C%E5%8D%A1%E4%B8%89%E5%8D%A1%E5%9B%9B%E5%8D%A1_91%E9%A6%99%E7%84%A6%E5%9B%BD%E4%BA%A7%E4%BA%BA%E5%A6%96%E7%BA%BF%E8%A7%82%E7%9C%8B%E5%85%8D%E8%B4%B9_1769%E5%9B%BD%E4%BA%A7%E7%B2%BE%E5%93%81%E4%B8%80%E5%8C%BA%E4%BA%8C%E5%8C%BA_%E4%BA%9A%E6%B4%B2%E5%9B%BD%E4%BA%A7%E7%B2%BE%E5%93%81%E4%B9%85%E4%B9%85%E4%B9%85%E4%B9%85%E7%B2%BE%E5%93%81
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=713940243&si=19c73821e2ceb87819f3cc8bc3164742&v=1.3.0&lv=1&sn=22788&r=0&ww=1280&u=http%3A%2F%2Fwww.cathybeesey.com%2Fwp-content%2Fplugins%2Fwp-jalali%2Fchase%2FThanks.php&tt=%E5%9B%BD%E4%BA%A7%E6%97%A5%E6%9C%AC%E5%8D%A1%E4%BA%8C%E5%8D%A1%E4%B8%89%E5%8D%A1%E5%9B%9B%E5%8D%A1_91%E9%A6%99%E7%84%A6%E5%9B%BD%E4%BA%A7%E4%BA%BA%E5%A6%96%E7%BA%BF%E8%A7%82%E7%9C%8B%E5%85%8D%E8%B4%B9_1769%E5%9B%BD%E4%BA%A7%E7%B2%BE%E5%93%81%E4%B8%80%E5%8C%BA%E4%BA%8C%E5%8C%BA_%E4%BA%9A%E6%B4%B2%E5%9B%BD%E4%BA%A7%E7%B2%BE%E5%93%81%E4%B9%85%E4%B9%85%E4%B9%85%E4%B9%85%E7%B2%BE%E5%93%81
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=713940243&si=19c73821e2ceb87819f3cc8bc3164742&v=1.3.0&lv=1&sn=22788&r=0&ww=1280&u=http%3A%2F%2Fwww.cathybeesey.com%2Fwp-content%2Fplugins%2Fwp-jalali%2Fchase%2FThanks.php&tt=%E5%9B%BD%E4%BA%A7%E6%97%A5%E6%9C%AC%E5%8D%A1%E4%BA%8C%E5%8D%A1%E4%B8%89%E5%8D%A1%E5%9B%9B%E5%8D%A1_91%E9%A6%99%E7%84%A6%E5%9B%BD%E4%BA%A7%E4%BA%BA%E5%A6%96%E7%BA%BF%E8%A7%82%E7%9C%8B%E5%85%8D%E8%B4%B9_1769%E5%9B%BD%E4%BA%A7%E7%B2%BE%E5%93%81%E4%B8%80%E5%8C%BA%E4%BA%8C%E5%8C%BA_%E4%BA%9A%E6%B4%B2%E5%9B%BD%E4%BA%A7%E7%B2%BE%E5%93%81%E4%B9%85%E4%B9%85%E4%B9%85%E4%B9%85%E7%B2%BE%E5%93%81 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cathybeesey.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 09 Feb 2023 13:28:04 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=4FAD4495F100462D; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
jp.aliyuncdnjs.com/404.html
108.187.217.46200 OK 0 B URL HTTP/2 jp.aliyuncdnjs.com/404.html
IP 108.187.217.46:0
ASN #395954 LEASEWEB-USA-LAX-11
GET /404.html HTTP/1.1
Host: jp.aliyuncdnjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cathybeesey.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 13:28:01 GMT
content-type: text/html
last-modified: Tue, 13 Sep 2022 15:16:16 GMT
vary: Accept-Encoding
etag: W/"63209ec0-660"
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2