thetruthtoledo.com/
64.92.125.43301 Moved Permanently 244 B IP 64.92.125.43:0
ASN #21777 MASSIVE-NETWORKS
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 694af0da543363ff816cfa525ca3782f
75265b11d6f425c12d0cfaea951187f5649f4925
338d8054c95b1a7f356faf1a6748ca01b2814becc451d1c2a8442a30a7da0d1b
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: thetruthtoledo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 29 Sep 2022 02:45:51 GMT
Server: Apache
Location: http://wordpress.thetruthtoledo.com/
Content-Length: 244
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6dd4587c98aef98ad0939030a6976a7f
92dc5966ac2deb0c3ac7fdd02bf8d28f9239801e
a382476d14b6ae14003333e7acdfbbd9ae8775d4c1a7d5c31116f33987043cff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A382476D14B6AE14003333E7ACDFBBD9AE8775D4C1A7D5C31116F33987043CFF"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15701
Expires: Thu, 29 Sep 2022 07:07:32 GMT
Date: Thu, 29 Sep 2022 02:45:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6ec20f9f285f7a980d7e219d2d18b2b8
0ed017ba85f8f6414c662360c79d7f96c0bdc98e
e7e43831932cf4111e564f2c9ed2f0027194611c676f8f0b5ecc05aa242d79ef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E7E43831932CF4111E564F2C9ED2F0027194611C676F8F0B5ECC05AA242D79EF"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11910
Expires: Thu, 29 Sep 2022 06:04:21 GMT
Date: Thu, 29 Sep 2022 02:45:51 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 28 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0YZgFPExECUBGzL37hMxSU53VcGwW5gaJXlWUMUg5yc1ID8MVLz97A==
age: 76645
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 02:45:51 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 29 Sep 2022 02:29:34 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Thu, 29 Sep 2022 02:32:59 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: pM3pmYThzoZUdS0bEHxL4yZl9B-azL_KZO9RAB04DA8LgHJQm5bx5w==
Age: 978
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3526d5ce1381ba26cbc553db057e1915
fe01c920696448e8bf12e6fff877bce8281d34a2
09604aed7cbca7971bfcb5afcb53591600b944f28eff21aa65dc601e78cdda53
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6432
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 02:45:52 GMT
Last-Modified: Thu, 29 Sep 2022 00:58:40 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.13.69.101101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.13.69.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: j1iAndgtdaJkse0YwtUM+Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9RD4HA1x6KK4POzRGOkT6UVsjJU=
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 29 Sep 2022 02:15:49 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: FFj4QQwOn_oTlBhR1grXZV_RPN19gfxjsSQa9JnDbCK5aCr4n573eQ==
Age: 1803
c0.wp.com/p/jetpack/11.3.2/css/jetpack.css
192.0.77.37200 OK 16 kB URL HTTP/2 c0.wp.com/p/jetpack/11.3.2/css/jetpack.css
IP 192.0.77.37:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 522fc35df8bc841b6e3d9e54306b2d7f
088c93b9a6a6381f9395d4fadb76c6854e910cc6
942c5c980b1bee912a45c7d47875be64ce755b2cc6acb1f7fe232a5ba139dbfd
GET /p/jetpack/11.3.2/css/jetpack.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 02:45:53 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Thu, 22 Sep 2022 16:22:40 GMT
content-encoding: br
expires: Fri, 29 Sep 2023 02:45:53 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3e9d3eab1fba386c4fdf3af9a757cfa9
b50127a1072c95ed71110b07dd58eab72747e6f8
869e09d135cff97a1073e32fa1808d0068195421369d138ad6bba86cfef18091
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 02:45:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i0.wp.com/wordpress.thetruthtoledo.com/wp-content/uploads/2021/05/AALP.gif?resize=432%2C103
192.0.77.2200 OK 36 kB URL HTTP/2 i0.wp.com/wordpress.thetruthtoledo.com/wp-content/uploads/2021/05/AALP.gif?resize=432%2C103
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 72a659ee70662e6c0765a045b8fa221f
282133a2dc60b745bbc349a6e4b821a394aa4533
6ef93f40a9ba46cccb12d088a2d66208ca390617e1ccda4a2555866ec06590dc
GET /wordpress.thetruthtoledo.com/wp-content/uploads/2021/05/AALP.gif?resize=432%2C103 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 02:45:53 GMT
content-type: image/webp
content-length: 36126
last-modified: Tue, 27 Sep 2022 00:32:13 GMT
expires: Thu, 26 Sep 2024 12:32:13 GMT
cache-control: public, max-age=63115200
link: <http://wordpress.thetruthtoledo.com/wp-content/uploads/2021/05/AALP.gif>; rel="canonical"
x-content-type-options: nosniff
etag: "b35845becf9131dd"
vary: Accept
x-nc: HIT arn 4
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/wordpress.thetruthtoledo.com/wp-content/uploads/2022/09/Ella-P.-Stewart-students-starting-the-new-school-year.jpg?resize=300%2C225
192.0.77.2200 OK 14 kB URL HTTP/2 i0.wp.com/wordpress.thetruthtoledo.com/wp-content/uploads/2022/09/Ella-P.-Stewart-students-starting-the-new-school-year.jpg?resize=300%2C225
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x225, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 642752bb9fccf135c59f90b335e00722
3f7a17be1e7456e5d6492dd30d4d23a944f84b47
c23edabe8ee971deee0ca0b8cf2147d10c8bdb999baf2a041faae4f6f17c3a18
GET /wordpress.thetruthtoledo.com/wp-content/uploads/2022/09/Ella-P.-Stewart-students-starting-the-new-school-year.jpg?resize=300%2C225 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 02:45:53 GMT
content-type: image/webp
content-length: 13572
last-modified: Tue, 27 Sep 2022 00:32:12 GMT
expires: Thu, 26 Sep 2024 12:32:12 GMT
cache-control: public, max-age=63115200
link: <http://wordpress.thetruthtoledo.com/wp-content/uploads/2022/09/Ella-P.-Stewart-students-starting-the-new-school-year.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "a41d2921937b5e9b"
vary: Accept
x-nc: HIT arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/wordpress.thetruthtoledo.com/wp-content/uploads/2021/04/thesojournerstruthlogo-copyblk.png?fit=230%2C115
192.0.77.2200 OK 22 kB URL HTTP/2 i0.wp.com/wordpress.thetruthtoledo.com/wp-content/uploads/2021/04/thesojournerstruthlogo-copyblk.png?fit=230%2C115
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 34662f1dcee5dec831a6d11e5fa15166
1609f839616ee4ad56b52c306c7d07759e29bbcb
b1f4e590de12bf67dab45eb4b1fbded5ed749bbbdfce0f66f31ca0162cf587e2
GET /wordpress.thetruthtoledo.com/wp-content/uploads/2021/04/thesojournerstruthlogo-copyblk.png?fit=230%2C115 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 02:45:53 GMT
content-type: image/webp
content-length: 21790
last-modified: Thu, 15 Sep 2022 11:29:16 GMT
expires: Sat, 14 Sep 2024 23:29:16 GMT
cache-control: public, max-age=63115200
link: <http://wordpress.thetruthtoledo.com/wp-content/uploads/2021/04/thesojournerstruthlogo-copyblk.png>; rel="canonical"
x-content-type-options: nosniff
etag: "fe582608b0f076cb"
vary: Accept
x-nc: HIT arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
wordpress.thetruthtoledo.com/wp-content/plugins/wp-google-search/wgs.css?ver=6.0.2
64.92.125.43200 OK 2.3 kB URL HTTP/1.1 wordpress.thetruthtoledo.com/wp-content/plugins/wp-google-search/wgs.css?ver=6.0.2
IP 64.92.125.43:0
ASN #21777 MASSIVE-NETWORKS
File type ASCII text, with very long lines (1064), with CRLF, LF line terminators
Hash 31face8929ef8bfacd6505e55076959b
8d76c88773ca51b44cd865cd8bb77fdce9d27164
76d8a940e9301888c636ac84f1e83eb0d709c092c3b517b0d38a0e3c84058536
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-google-search/wgs.css?ver=6.0.2 HTTP/1.1
Host: wordpress.thetruthtoledo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 02:45:53 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 03:31:35 GMT
Accept-Ranges: bytes
Content-Length: 2272
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
c0.wp.com/c/6.0.2/wp-includes/css/dist/block-library/style.min.css
192.0.77.37200 OK 22 kB URL HTTP/2 c0.wp.com/c/6.0.2/wp-includes/css/dist/block-library/style.min.css
IP 192.0.77.37:0
File type ASCII text, with very long lines (43771)
Hash aa134baa693c4159c8686517bd226f01
22fb8554c91c70b8d20a2552b992fbf490458471
990185846836b64e9faa9557c0792e1551d1bbc27c534857d81a39b77c5b05db
GET /c/6.0.2/wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 02:45:52 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 04 Jul 2022 12:10:37 GMT
content-encoding: br
expires: Fri, 29 Sep 2023 02:45:52 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
rss.bloople.net/?url=https%3A%2F%2Fthetruth857632249.wordpress.com%2Ffeed&detail=-1&limit=3&showtitle=false&type=js
213.188.217.146301 Moved Permanently 0 B URL HTTP/1.1 rss.bloople.net/?url=https%3A%2F%2Fthetruth857632249.wordpress.com%2Ffeed&detail=-1&limit=3&showtitle=false&type=js
IP 213.188.217.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?url=https%3A%2F%2Fthetruth857632249.wordpress.com%2Ffeed&detail=-1&limit=3&showtitle=false&type=js HTTP/1.1
Host: rss.bloople.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
HTTP/1.1 301 Moved Permanently
location: https://rss.bloople.net/?url=https%3A%2F%2Fthetruth857632249.wordpress.com%2Ffeed&detail=-1&limit=3&showtitle=false&type=js
server: Fly/dcd9677e (2022-09-22)
via: 1.1 fly.io
fly-request-id: 01GE3J5QZTP7KWPGW6MHGVEMD3-fra
content-length: 0
date: Thu, 29 Sep 2022 02:45:52 GMT
wordpress.thetruthtoledo.com/wp-content/themes/magazine-plus/css/blocks.css?ver=20220730-33128
64.92.125.43200 OK 14 kB URL HTTP/1.1 wordpress.thetruthtoledo.com/wp-content/themes/magazine-plus/css/blocks.css?ver=20220730-33128
IP 64.92.125.43:0
ASN #21777 MASSIVE-NETWORKS
Hash dc77bd7f28f8e8061e08814cbd03c23d
ac41655eb1d1198e5fee95c546c5cefbd5e8f1fb
48aa81f4e19cb717982638ee772cdaebfcaa6a491af66d9188ed8c8dd6914bcf
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/magazine-plus/css/blocks.css?ver=20220730-33128 HTTP/1.1
Host: wordpress.thetruthtoledo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 02:45:53 GMT
Server: Apache
Last-Modified: Sat, 30 Jul 2022 03:31:28 GMT
Accept-Ranges: bytes
Content-Length: 13548
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
wordpress.thetruthtoledo.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
64.92.125.43200 OK 19 kB URL HTTP/1.1 wordpress.thetruthtoledo.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP 64.92.125.43:0
ASN #21777 MASSIVE-NETWORKS
File type ASCII text, with very long lines (15660)
Hash 32beb68a374e3aeac00abdf9e12b84ea
b5d18aa625e8696dd9d07cd0869337717b211ae0
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: wordpress.thetruthtoledo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 02:45:53 GMT
Server: Apache
Last-Modified: Wed, 25 May 2022 03:35:24 GMT
Accept-Ranges: bytes
Content-Length: 18617
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
c0.wp.com/c/6.0.2/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
192.0.77.37200 OK 33 kB URL HTTP/2 c0.wp.com/c/6.0.2/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
IP 192.0.77.37:0
File type ASCII text, with very long lines (11256), with no line terminators
Hash 9b4d57e9977204be922654c1a2ef3fcc
07ab83133bdd313dc1e70c31b46805e1ca76b233
0e6639bec5a86cd237dc18b715f10053ff9dbc9a9bac7a74e6c5c578e3e3cb99
GET /c/6.0.2/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 02:45:52 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
content-encoding: br
expires: Fri, 29 Sep 2023 02:45:52 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 139d64e28724086d1d5ab6d2f534ff25
2c717905e83564a17bd8ca61dd934133416f629b
a37afafc8ee712ae7ae935d3ed564f3cf46dd09005debbc5e2650f8b434d1e00
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4519
Expires: Thu, 29 Sep 2022 04:01:12 GMT
Date: Thu, 29 Sep 2022 02:45:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 139d64e28724086d1d5ab6d2f534ff25
2c717905e83564a17bd8ca61dd934133416f629b
a37afafc8ee712ae7ae935d3ed564f3cf46dd09005debbc5e2650f8b434d1e00
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4519
Expires: Thu, 29 Sep 2022 04:01:12 GMT
Date: Thu, 29 Sep 2022 02:45:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 139d64e28724086d1d5ab6d2f534ff25
2c717905e83564a17bd8ca61dd934133416f629b
a37afafc8ee712ae7ae935d3ed564f3cf46dd09005debbc5e2650f8b434d1e00
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4519
Expires: Thu, 29 Sep 2022 04:01:12 GMT
Date: Thu, 29 Sep 2022 02:45:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 139d64e28724086d1d5ab6d2f534ff25
2c717905e83564a17bd8ca61dd934133416f629b
a37afafc8ee712ae7ae935d3ed564f3cf46dd09005debbc5e2650f8b434d1e00
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4519
Expires: Thu, 29 Sep 2022 04:01:12 GMT
Date: Thu, 29 Sep 2022 02:45:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbdb677db-4158-4190-afa5-c7e93c0604d3.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbdb677db-4158-4190-afa5-c7e93c0604d3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cfaeb2d7a9c2bcf18210ea632eef1863
f698793f7ac8acb44d968fd884e87409f8e25507
0f9d0a861e5893bed675b362153cb172a8431f39726f67f0ac18e8ee27b30738
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbdb677db-4158-4190-afa5-c7e93c0604d3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9376
x-amzn-requestid: 37494631-bb7b-46c8-bd5e-3fed853c0759
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMKoZFfFoAMFvQw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be35-06a46811725781760d59c9a3;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:35:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: X3QGTrLrntdzYSlUXz-pxtHESRms7rVPEq7Fo-JQ-VPvnr4Jmn_MVg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:40:43 GMT
etag: "f698793f7ac8acb44d968fd884e87409f8e25507"
content-type: image/jpeg
age: 18310
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 30621a9d1839721bfed1828d25ac5f75
8b4874d6d4f150b3cf0e19bf2f507bfedefe5e4a
d8b9f6b0321e901f0a09a1a81a9ea10c6158527d8d5bd4e4982c806a615eb1f7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8B9F6B0321E901F0A09A1A81A9EA10C6158527D8D5BD4E4982C806A615EB1F7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16266
Expires: Thu, 29 Sep 2022 07:16:59 GMT
Date: Thu, 29 Sep 2022 02:45:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0734a230-932d-4bc0-bc12-9177b543b103.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0734a230-932d-4bc0-bc12-9177b543b103.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eece069cebb7039dbba50ec1cd73daab
4a35c50b5b16779582a75078b6df090892358d3b
41ad701a8ea3dcbfc38cb0701f3b24a6b833f6b1197014e10530c40496b6a13c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0734a230-932d-4bc0-bc12-9177b543b103.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5222
x-amzn-requestid: 984ed038-4b9b-4cd8-8d0b-084726359f13
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMK2pEnZoAMFycw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be90-6b2fd0fe12e08c1248390a42;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:37:20 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: v9NOwLEMmyw8fCaD0DnIq_KsIhhPQg6Og4auBAIPpEdENoWbI4JOrA==
via: 1.1 f4367b41311e3e9a490d7461b7b85490.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:41:45 GMT
age: 18248
etag: "4a35c50b5b16779582a75078b6df090892358d3b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a48a423-ea95-40fe-9f8b-55ca1ca874fc.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a48a423-ea95-40fe-9f8b-55ca1ca874fc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 28799c10f9ea39af55c7003f4254cc60
523da6aeec4cc23897fe01b0bc8b5da254edb3a8
2d1640fbd1f61aee3f2be670b37eb06e20bb265f702a428fadb550a4b51d64ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a48a423-ea95-40fe-9f8b-55ca1ca874fc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9688
x-amzn-requestid: 68e9fd78-af17-4a8f-ad4b-6fe563ae94fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMK4JHF5IAMFSXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be9a-603f13d3016d77fa2ca94492;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:37:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gIg0vR5I9vnA6Z7MJtTNaXn2TK8YeHWWcJEodiNJ6BEB7z7LUrcV1Q==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:45:26 GMT
age: 18027
etag: "523da6aeec4cc23897fe01b0bc8b5da254edb3a8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5cbaf6d-fc16-4449-8b54-1d55f68eff4f.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5cbaf6d-fc16-4449-8b54-1d55f68eff4f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 11594ce7500d8776bfd5162b17f87d72
72603efba82d649ce5a7a0ca45dc830c0d9ef012
511f5aa33750cd4a02cf3968bf165ffa521e77cb4fb7135b516d7ad14e8b9d01
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5cbaf6d-fc16-4449-8b54-1d55f68eff4f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14073
x-amzn-requestid: 4ff72590-e28d-4d4b-af1a-4d62e75e3d66
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMKnpEsJoAMFlBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be30-38b014a25551aa0a2ab04ccf;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:35:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: gP4V4fq53Z5BFfjDlx1LCR9AhUPTq0qusBaOY_UEXjJjM6SByqDgXg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:41:45 GMT
etag: "72603efba82d649ce5a7a0ca45dc830c0d9ef012"
content-type: image/jpeg
age: 18248
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22873375-e381-41ee-a4b6-18ad56172e59.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22873375-e381-41ee-a4b6-18ad56172e59.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 515e23ff5ef0fc336ac5ec7fd31dfacd
a98da6b6ce993bd8f3b58ba42915cd9c4b45946c
77c186eb00def4a978d1bfd9eac755f70bf465f622991aaf6681227aec3e118a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22873375-e381-41ee-a4b6-18ad56172e59.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8508
x-amzn-requestid: 5568f81c-2f99-44bf-9bd8-f015c604c513
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMJlzFywoAMFamw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334bc8b-1d335c5c536e895a19b5965f;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:28:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2RLqacSoBXtv1i-6fRV9nejJ5tulXVJ-VsKVDvsMqAgPqXKWe_2cJw==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:49:15 GMT
age: 17798
etag: "a98da6b6ce993bd8f3b58ba42915cd9c4b45946c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb46b76b4-e585-46c3-bf03-5bfe9273000c.jpeg
34.120.237.76200 OK 3.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb46b76b4-e585-46c3-bf03-5bfe9273000c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6ac86079d2901fb11bfaff81d91bb2d2
4fc0699c763f67a2602b4b3f46b8b4013d2049c6
8c25b9129fc01f6ffad911994e91436ab0026ed0b54568757a20ab7f92584467
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb46b76b4-e585-46c3-bf03-5bfe9273000c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3332
x-amzn-requestid: 34214e89-7232-4fd5-9257-adf231670681
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZDb3vGkOIAMFVhg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63314031-3056111d48a5027a2062ad1b;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 06:01:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: VosALWNOhCfUDfo2bXgYE0Cx2duyHRaLb5DCn9IydXtoIsYyg9vWhA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:49:13 GMT
age: 17800
etag: "4fc0699c763f67a2602b4b3f46b8b4013d2049c6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
wordpress.thetruthtoledo.com/
64.92.125.43200 OK 157 kB URL HTTP/1.1 wordpress.thetruthtoledo.com/
IP 64.92.125.43:0
ASN #21777 MASSIVE-NETWORKS
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8228), with CRLF, LF line terminators
Size 157 kB (157310 bytes)
Hash fd26a09a9c2c72782063276020a36a30
df45058edf31f2ab28822b62d756d205aff654e9
746833f7bab6d60233af71fa5c1f396a1c05de523a8c9c3477e1931650d03ede
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: wordpress.thetruthtoledo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 02:45:51 GMT
Server: Apache
Link: <http://wordpress.thetruthtoledo.com/index.php/wp-json/>; rel="https://api.w.org/", <http://wordpress.thetruthtoledo.com/index.php/wp-json/wp/v2/pages/111>; rel="alternate"; type="application/json", <http://wordpress.thetruthtoledo.com/>; rel=shortlink
Content-Length: 157310
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
wordpress.thetruthtoledo.com/wp-content/plugins/recent-posts-widget-extended/assets/css/rpwe-frontend.css?ver=2.0
64.92.125.43200 OK 1.2 kB URL HTTP/1.1 wordpress.thetruthtoledo.com/wp-content/plugins/recent-posts-widget-extended/assets/css/rpwe-frontend.css?ver=2.0
IP 64.92.125.43:0
ASN #21777 MASSIVE-NETWORKS
Hash bd42e94fe3b0c55b60a4f581f3422f3a
c253b4ac2aaad5189b7e7295f6b7c3df25ac99f2
923f700d9088240b25f850f4acddf1f40c76c047839d15846a632a664724a8b0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/recent-posts-widget-extended/assets/css/rpwe-frontend.css?ver=2.0 HTTP/1.1
Host: wordpress.thetruthtoledo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 02:45:53 GMT
Server: Apache
Last-Modified: Fri, 23 Sep 2022 03:32:24 GMT
Accept-Ranges: bytes
Content-Length: 1166
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
wordpress.thetruthtoledo.com/wp-content/plugins/wp-google-search/assets/js/google_cse_v2.js?ver=1
64.92.125.43200 OK 468 B URL HTTP/1.1 wordpress.thetruthtoledo.com/wp-content/plugins/wp-google-search/assets/js/google_cse_v2.js?ver=1
IP 64.92.125.43:0
ASN #21777 MASSIVE-NETWORKS
File type ASCII text, with CRLF line terminators
Hash 773192fef76228fb41b6af3e1c6da94f
829bf46d15ca9cefc239a305543951c5be6c2c90
fae2dc10eaa5b7644e8f58c84f7fa0641b6a12b0bea27684105675f6bc45895e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-google-search/assets/js/google_cse_v2.js?ver=1 HTTP/1.1
Host: wordpress.thetruthtoledo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 02:45:53 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 03:31:35 GMT
Accept-Ranges: bytes
Content-Length: 468
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
wordpress.thetruthtoledo.com/wp-content/plugins/paid-member-subscriptions/assets/css/style-front-end.css?ver=2.7.7
64.92.125.43200 OK 12 kB URL HTTP/1.1 wordpress.thetruthtoledo.com/wp-content/plugins/paid-member-subscriptions/assets/css/style-front-end.css?ver=2.7.7
IP 64.92.125.43:0
ASN #21777 MASSIVE-NETWORKS
Hash 2eb340dc0f4c38eeec43c91dcae3e7c2
664ebe13cbf6bf7dec392bff2ba9830dbdc06099
9efd4e1c50fff76afed86fe2f955c4d890f7d21c0655480c24f308a5178ce1db
GET /wp-content/plugins/paid-member-subscriptions/assets/css/style-front-end.css?ver=2.7.7 HTTP/1.1
Host: wordpress.thetruthtoledo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 02:45:53 GMT
Server: Apache
Last-Modified: Tue, 20 Sep 2022 03:30:43 GMT
Accept-Ranges: bytes
Content-Length: 11894
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
wordpress.thetruthtoledo.com/wp-content/themes/magazine-plus/js/navigation.min.js?ver=20200527
64.92.125.43200 OK 5.7 kB URL HTTP/1.1 wordpress.thetruthtoledo.com/wp-content/themes/magazine-plus/js/navigation.min.js?ver=20200527
IP 64.92.125.43:0
ASN #21777 MASSIVE-NETWORKS
File type ASCII text, with very long lines (5729), with no line terminators
Hash 53310394af46b7781fedf9822d7f1b35
aa315a241cbce634f0ce452b5039c08455e1fddf
3aea11422d47c024ee1643d4666977ebf1764b9e1bf5154539344c29164d0e91
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/magazine-plus/js/navigation.min.js?ver=20200527 HTTP/1.1
Host: wordpress.thetruthtoledo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 02:45:53 GMT
Server: Apache
Last-Modified: Sat, 30 Jul 2022 03:31:28 GMT
Accept-Ranges: bytes
Content-Length: 5729
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
wordpress.thetruthtoledo.com/wp-content/themes/magazine-plus/js/skip-link-focus-fix.min.js?ver=20130115
64.92.125.43200 OK 476 B URL HTTP/1.1 wordpress.thetruthtoledo.com/wp-content/themes/magazine-plus/js/skip-link-focus-fix.min.js?ver=20130115
IP 64.92.125.43:0
ASN #21777 MASSIVE-NETWORKS
File type ASCII text, with very long lines (476), with no line terminators
Hash 440cd4a8b97bac30932ac8f95d895c66
a375d446dd7a8c6565d705824c762c72b93f13df
73728002b28731643b00e30a44e109205709af56c24a82e479682542ca1c8428
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/magazine-plus/js/skip-link-focus-fix.min.js?ver=20130115 HTTP/1.1
Host: wordpress.thetruthtoledo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 02:45:53 GMT
Server: Apache
Last-Modified: Sat, 30 Jul 2022 03:31:28 GMT
Accept-Ranges: bytes
Content-Length: 476
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
wordpress.thetruthtoledo.com/wp-content/themes/magazine-plus/third-party/easytabs/js/jquery.easytabs.min.js?ver=3.2.0
64.92.125.43200 OK 8.7 kB URL HTTP/1.1 wordpress.thetruthtoledo.com/wp-content/themes/magazine-plus/third-party/easytabs/js/jquery.easytabs.min.js?ver=3.2.0
IP 64.92.125.43:0
ASN #21777 MASSIVE-NETWORKS
File type ASCII text, with very long lines (8699), with no line terminators
Hash 7c9011650d070c570ac75b547e473c76
10497b0f0097d784cfa73149810542a187f7b40b
3c352d5db86c97c77a758d707de9ac437349cfb69485fd56da17fe494bcbd205
GET /wp-content/themes/magazine-plus/third-party/easytabs/js/jquery.easytabs.min.js?ver=3.2.0 HTTP/1.1
Host: wordpress.thetruthtoledo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 02:45:53 GMT
Server: Apache
Last-Modified: Sat, 30 Jul 2022 03:31:28 GMT
Accept-Ranges: bytes
Content-Length: 8699
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
wordpress.thetruthtoledo.com/wp-content/themes/magazine-plus/style.css?ver=2.2
64.92.125.43200 OK 88 kB URL HTTP/1.1 wordpress.thetruthtoledo.com/wp-content/themes/magazine-plus/style.css?ver=2.2
IP 64.92.125.43:0
ASN #21777 MASSIVE-NETWORKS
File type ASCII text, with very long lines (722)
Hash 3111f3ebf394b347689737df801f1bbe
7185f2911a61da99a8570aa9abc352e8bba356cf
f0e3495b0e2799c81e6f57bc9d46aafba761e60894ad5fc0d2a7013e2927bbc7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/magazine-plus/style.css?ver=2.2 HTTP/1.1
Host: wordpress.thetruthtoledo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 02:45:53 GMT
Server: Apache
Last-Modified: Sat, 30 Jul 2022 03:31:28 GMT
Accept-Ranges: bytes
Content-Length: 88008
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
wordpress.thetruthtoledo.com/wp-content/themes/magazine-plus/js/custom.min.js?ver=1.0.4
64.92.125.43200 OK 563 B URL HTTP/1.1 wordpress.thetruthtoledo.com/wp-content/themes/magazine-plus/js/custom.min.js?ver=1.0.4
IP 64.92.125.43:0
ASN #21777 MASSIVE-NETWORKS
File type ASCII text, with very long lines (563), with no line terminators
Hash bc9c1247f8a3f9419bad06b0bb353948
c9b64c81a8c60957daedb9019b7c4bb1d6248ff4
06936a5850ba823eae938a9dcde600d379dc397695e8b5750fa2a41b30cc9fbc
GET /wp-content/themes/magazine-plus/js/custom.min.js?ver=1.0.4 HTTP/1.1
Host: wordpress.thetruthtoledo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 02:45:53 GMT
Server: Apache
Last-Modified: Sat, 30 Jul 2022 03:31:28 GMT
Accept-Ranges: bytes
Content-Length: 563
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
wordpress.thetruthtoledo.com/wp-content/themes/magazine-plus/third-party/ticker/jquery.easy-ticker.min.js?ver=2.0
64.92.125.43200 OK 2.8 kB URL HTTP/1.1 wordpress.thetruthtoledo.com/wp-content/themes/magazine-plus/third-party/ticker/jquery.easy-ticker.min.js?ver=2.0
IP 64.92.125.43:0
ASN #21777 MASSIVE-NETWORKS
File type ASCII text, with very long lines (2709)
Hash 52383028795cabc648325291c0384659
5b23a1af773f4fc99baf0912fc028809064b9042
e708fe12174d8be13093cdb95f27dbb23e1c1f5ecf15cf06d18af852679acee7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/magazine-plus/third-party/ticker/jquery.easy-ticker.min.js?ver=2.0 HTTP/1.1
Host: wordpress.thetruthtoledo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 02:45:53 GMT
Server: Apache
Last-Modified: Sat, 30 Jul 2022 03:31:28 GMT
Accept-Ranges: bytes
Content-Length: 2810
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
wordpress.thetruthtoledo.com/wp-content/themes/magazine-plus/third-party/cycle2/js/jquery.cycle2.min.js?ver=2.1.6
64.92.125.43200 OK 22 kB URL HTTP/1.1 wordpress.thetruthtoledo.com/wp-content/themes/magazine-plus/third-party/cycle2/js/jquery.cycle2.min.js?ver=2.1.6
IP 64.92.125.43:0
ASN #21777 MASSIVE-NETWORKS
File type ASCII text, with very long lines (21941), with no line terminators
Hash 24e924fdd2d543c30312ce728b4f8716
9205f47873379a27807df0deb2631fd4c7cd1560
ae522c5a4bdfe196e35c445c7df3ecb05f31a7b8749c2f819bd840c68722d324
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/magazine-plus/third-party/cycle2/js/jquery.cycle2.min.js?ver=2.1.6 HTTP/1.1
Host: wordpress.thetruthtoledo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 02:45:53 GMT
Server: Apache
Last-Modified: Sat, 30 Jul 2022 03:31:28 GMT
Accept-Ranges: bytes
Content-Length: 21941
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
c0.wp.com/p/jetpack/11.3.2/_inc/build/photon/photon.min.js
192.0.77.37200 OK 36 kB URL HTTP/2 c0.wp.com/p/jetpack/11.3.2/_inc/build/photon/photon.min.js
IP 192.0.77.37:0
File type ASCII text, with very long lines (685), with no line terminators
Hash 55dc1066baecfd3920b71594d224d920
ce72155e2770af429a24e671870f5a30d1750573
b957d9498259eb4a7a08714f58d5c137b1f2fa71c65ccc3b7de8ae53d750cda0
GET /p/jetpack/11.3.2/_inc/build/photon/photon.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 02:45:53 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 07 Dec 2021 16:56:47 GMT
content-encoding: br
expires: Fri, 29 Sep 2023 02:45:53 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/wordpress.thetruthtoledo.com/wp-content/uploads/2022/09/Sept212022cover.jpg?resize=198%2C300
192.0.77.2200 OK 11 kB URL HTTP/2 i0.wp.com/wordpress.thetruthtoledo.com/wp-content/uploads/2022/09/Sept212022cover.jpg?resize=198%2C300
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 198x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8476bcff9640445f34db9f0d909debf0
1afd79fe1544be06ba6277ff377b6d82756d7162
47f10ea8aeb9b13486b3e9456e25b9e23c3e223b8b1f8f0d1ad2b49edf5a04c6
GET /wordpress.thetruthtoledo.com/wp-content/uploads/2022/09/Sept212022cover.jpg?resize=198%2C300 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 02:45:53 GMT
content-type: image/webp
content-length: 11208
last-modified: Tue, 27 Sep 2022 00:32:13 GMT
expires: Thu, 26 Sep 2024 12:32:13 GMT
cache-control: public, max-age=63115200
link: <http://wordpress.thetruthtoledo.com/wp-content/uploads/2022/09/Sept212022cover.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "aa249be0def35565"
vary: Accept
x-nc: HIT arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eb2f3cc13b8ab763c5f346d6fc23054d
1768cc61721a6a6624c1ccbf2c874342f53abd99
3faee940dd222a051862bc2a4e090ecd2cc1f2ead8b1a5c84e10241f31461c5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 02:45:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pixel.wp.com/g.gif?v=ext&j=1%3A11.3.2&blog=180010544&post=111&tz=0&srv=wordpress.thetruthtoledo.com&host=wordpress.thetruthtoledo.com&ref=&fcp=2855&rand=0.31001816655230496
192.0.76.3200 OK 50 B URL HTTP/1.1 pixel.wp.com/g.gif?v=ext&j=1%3A11.3.2&blog=180010544&post=111&tz=0&srv=wordpress.thetruthtoledo.com&host=wordpress.thetruthtoledo.com&ref=&fcp=2855&rand=0.31001816655230496
IP 192.0.76.3:0
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&j=1%3A11.3.2&blog=180010544&post=111&tz=0&srv=wordpress.thetruthtoledo.com&host=wordpress.thetruthtoledo.com&ref=&fcp=2855&rand=0.31001816655230496 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 29 Sep 2022 02:45:53 GMT
Content-Type: image/gif
Content-Length: 50
Connection: keep-alive
Cache-Control: no-cache
Access-Control-Allow-Origin: *
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 15dbf298fc5c3f79b34abf59118cc01c
c48dc908b9aa86adb5017683a23b625d8fd1b955
9061294bc67906630f52dfdb486941691a8b9291b938c032076cef3f7bf21ce7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 02:45:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash c51d9d0b0c12f57d03c7d0271eff825f
45de7b96c6fc462507ff22d4e49a080841044bc1
ad568c6c5114ff1a62ef056b7f9a0fdc4f8a9b8b489ad661e1fd43c1bf707be3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2165
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 02:45:53 GMT
Last-Modified: Thu, 29 Sep 2022 02:09:48 GMT
Server: ECS (amb/6BB6)
X-Cache: HIT
Content-Length: 280
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://wordpress.thetruthtoledo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:08 GMT
expires: Thu, 28 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 25905
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://wordpress.thetruthtoledo.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:34:08 GMT
expires: Thu, 28 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 25905
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 15dbf298fc5c3f79b34abf59118cc01c
c48dc908b9aa86adb5017683a23b625d8fd1b955
9061294bc67906630f52dfdb486941691a8b9291b938c032076cef3f7bf21ce7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 02:45:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash c51d9d0b0c12f57d03c7d0271eff825f
45de7b96c6fc462507ff22d4e49a080841044bc1
ad568c6c5114ff1a62ef056b7f9a0fdc4f8a9b8b489ad661e1fd43c1bf707be3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2166
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 02:45:54 GMT
Last-Modified: Thu, 29 Sep 2022 02:09:48 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 280
servedbyadbutler.com/adserve/;ID=168170;size=300x250;setID=421705;type=async;domid=placement_421705_0;place=0;pid=999557;sw=1280;sh=1024;spr=1;rnd=999557;referrer=http%3A%2F%2Fwordpress.thetruthtoledo.com%2F;click=CLICK_MACRO_PLACEHOLDER
162.55.246.61200 OK 1.9 kB URL HTTP/1.1 servedbyadbutler.com/adserve/;ID=168170;size=300x250;setID=421705;type=async;domid=placement_421705_0;place=0;pid=999557;sw=1280;sh=1024;spr=1;rnd=999557;referrer=http%3A%2F%2Fwordpress.thetruthtoledo.com%2F;click=CLICK_MACRO_PLACEHOLDER
IP 162.55.246.61:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1864)
Hash 1479088ce73d7be0620995a2e098a08f
e44d27c0761c1f438f004f34e0dfc3e65ce68b26
af6113270db6454c7b71e4d16a087743fa1e47b20a41218ec829eda63a235388
GET /adserve/;ID=168170;size=300x250;setID=421705;type=async;domid=placement_421705_0;place=0;pid=999557;sw=1280;sh=1024;spr=1;rnd=999557;referrer=http%3A%2F%2Fwordpress.thetruthtoledo.com%2F;click=CLICK_MACRO_PLACEHOLDER HTTP/1.1
Host: servedbyadbutler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 29 Sep 2022 02:45:54 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
servedbyadbutler.com/adserve/;ID=168170;size=160x600;setID=421709;type=async;domid=placement_421709_0;place=0;pid=999557;sw=1280;sh=1024;spr=1;rnd=999557;referrer=http%3A%2F%2Fwordpress.thetruthtoledo.com%2F;atf=1;click=CLICK_MACRO_PLACEHOLDER
162.55.246.61200 OK 1.9 kB URL HTTP/1.1 servedbyadbutler.com/adserve/;ID=168170;size=160x600;setID=421709;type=async;domid=placement_421709_0;place=0;pid=999557;sw=1280;sh=1024;spr=1;rnd=999557;referrer=http%3A%2F%2Fwordpress.thetruthtoledo.com%2F;atf=1;click=CLICK_MACRO_PLACEHOLDER
IP 162.55.246.61:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1864)
Hash 8ea54922104c4e2dd652874f535a7bc3
108ee5e856d989859807526567e6a32ca840573f
a5ea3324d155118ce098c15c4d3ac23990704748db630e598e53f3766371187c
GET /adserve/;ID=168170;size=160x600;setID=421709;type=async;domid=placement_421709_0;place=0;pid=999557;sw=1280;sh=1024;spr=1;rnd=999557;referrer=http%3A%2F%2Fwordpress.thetruthtoledo.com%2F;atf=1;click=CLICK_MACRO_PLACEHOLDER HTTP/1.1
Host: servedbyadbutler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 29 Sep 2022 02:45:54 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
wordpress.thetruthtoledo.com/wp-content/uploads/2022/09/American-Sirens-45x45.jpg
64.92.125.43200 OK 13 kB URL HTTP/1.1 wordpress.thetruthtoledo.com/wp-content/uploads/2022/09/American-Sirens-45x45.jpg
IP 64.92.125.43:0
ASN #21777 MASSIVE-NETWORKS
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2022:09:22 08:06:48], baseline, precision 8, 45x45, components 3\012- data
Hash 778d4257cbec3f99ec0354c948a22e43
73188b083b195e69b7659cb627635852dbc8edcc
3e175c1ba759586349c90f379b46fecfeabbf321b1430605415a3060818cffc4
GET /wp-content/uploads/2022/09/American-Sirens-45x45.jpg HTTP/1.1
Host: wordpress.thetruthtoledo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 02:45:54 GMT
Server: Apache
Last-Modified: Thu, 22 Sep 2022 12:49:31 GMT
Accept-Ranges: bytes
Content-Length: 13153
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
servedbyadbutler.com/adserve/;MID=168170;type=eligibleimpression;placementID=1891112;setID=421709;channelID=19714;CID=695160;BID=520772966;TAID=0;place=0;referrer=http%3A%2F%2Fwordpress.thetruthtoledo.com%2F;mt=1664419554080054;hc=59d6e8c37af7f09abae765d9ee7e0fa288ab9338
162.55.246.61200 OK 20 B URL HTTP/1.1 servedbyadbutler.com/adserve/;MID=168170;type=eligibleimpression;placementID=1891112;setID=421709;channelID=19714;CID=695160;BID=520772966;TAID=0;place=0;referrer=http%3A%2F%2Fwordpress.thetruthtoledo.com%2F;mt=1664419554080054;hc=59d6e8c37af7f09abae765d9ee7e0fa288ab9338
IP 162.55.246.61:0
ASN #24940 Hetzner Online GmbH
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /adserve/;MID=168170;type=eligibleimpression;placementID=1891112;setID=421709;channelID=19714;CID=695160;BID=520772966;TAID=0;place=0;referrer=http%3A%2F%2Fwordpress.thetruthtoledo.com%2F;mt=1664419554080054;hc=59d6e8c37af7f09abae765d9ee7e0fa288ab9338 HTTP/1.1
Host: servedbyadbutler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://wordpress.thetruthtoledo.com
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 29 Sep 2022 02:45:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
P3P: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
Access-Control-Allow-Origin: http://wordpress.thetruthtoledo.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 253e735983d6b98808235295de508f8b
e47aa9e4c679c5215cd2d20cd3dcd7ce58fde86d
c4e13af46f6ab54af9a8d5a68fe5c12d8a5c41ed829568380bdeca8c729f1da5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 02:45:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 253e735983d6b98808235295de508f8b
e47aa9e4c679c5215cd2d20cd3dcd7ce58fde86d
c4e13af46f6ab54af9a8d5a68fe5c12d8a5c41ed829568380bdeca8c729f1da5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 02:45:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
servedbyadbutler.com/adserve/;MID=168170;type=eligibleimpression;placementID=1891112;setID=421705;channelID=19714;CID=695160;BID=520772967;TAID=0;place=0;referrer=http%3A%2F%2Fwordpress.thetruthtoledo.com%2F;mt=1664419554079968;hc=76f69aa9e1b2a8fa7ab6597e374011d2f9e685c5
162.55.246.61200 OK 20 B URL HTTP/1.1 servedbyadbutler.com/adserve/;MID=168170;type=eligibleimpression;placementID=1891112;setID=421705;channelID=19714;CID=695160;BID=520772967;TAID=0;place=0;referrer=http%3A%2F%2Fwordpress.thetruthtoledo.com%2F;mt=1664419554079968;hc=76f69aa9e1b2a8fa7ab6597e374011d2f9e685c5
IP 162.55.246.61:0
ASN #24940 Hetzner Online GmbH
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /adserve/;MID=168170;type=eligibleimpression;placementID=1891112;setID=421705;channelID=19714;CID=695160;BID=520772967;TAID=0;place=0;referrer=http%3A%2F%2Fwordpress.thetruthtoledo.com%2F;mt=1664419554079968;hc=76f69aa9e1b2a8fa7ab6597e374011d2f9e685c5 HTTP/1.1
Host: servedbyadbutler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://wordpress.thetruthtoledo.com
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 29 Sep 2022 02:45:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
P3P: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
Access-Control-Allow-Origin: http://wordpress.thetruthtoledo.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
www.googletagservices.com/dcm/dcmads.js
142.250.74.130200 OK 11 kB URL HTTP/2 www.googletagservices.com/dcm/dcmads.js
IP 142.250.74.130:0
File type ASCII text, with very long lines (2230)
Hash 9e929cd875599cac6f3bd7cbe3d4f74e
7006d90433bd5a088b03c59b7ede6ab2af95aac7
95a8e7623cd640377baafaf9397f644c6f101c3d84c714c83a4436ce4d7db5ff
GET /dcm/dcmads.js HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-length: 10831
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Sep 2022 02:36:59 GMT
expires: Thu, 29 Sep 2022 03:36:59 GMT
cache-control: public, max-age=3600
age: 535
last-modified: Wed, 21 Sep 2022 13:41:52 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagservices.com/dcm/impl_v91.js
142.250.74.130200 OK 24 kB URL HTTP/2 www.googletagservices.com/dcm/impl_v91.js
IP 142.250.74.130:0
File type ASCII text, with very long lines (1494)
Hash 2da7d2dc0db4b6479960a646f11b6bf4
57fb57bf5ede5a5107321f482df20614911c70bb
0b5e7599abb6883dc6f3410f8482cd0866621c1de149a97db7400c2d9ff9d77b
GET /dcm/impl_v91.js HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-length: 23646
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 00:48:05 GMT
expires: Tue, 26 Sep 2023 00:48:05 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 14:32:19 GMT
content-type: text/javascript
age: 266269
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 253e735983d6b98808235295de508f8b
e47aa9e4c679c5215cd2d20cd3dcd7ce58fde86d
c4e13af46f6ab54af9a8d5a68fe5c12d8a5c41ed829568380bdeca8c729f1da5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 02:45:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 3499488d099934e02c894c15f11025ed
f0436afc962b71d22959b7607dd9e19ee53b99cb
c1375cff21e4f3c7bf53c8938829342f4901e48ff190080e6995f73c82c06460
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 02:45:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
weatherwidget.io/js/widget.min.js
172.64.200.38200 OK 1.3 kB URL HTTP/2 weatherwidget.io/js/widget.min.js
IP 172.64.200.38:0
File type ASCII text, with very long lines (2638), with no line terminators
Hash 5cb59f9105524c9832c4b12aa2df316d
36e64201617a5e26dea5b3935396f0770d6d4fc6
f687ea0da8f5ddfc9891831a89fde7980b2e91fdcce3f77655252fccc0315d1a
GET /js/widget.min.js HTTP/1.1
Host: weatherwidget.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 29 Sep 2022 02:45:53 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 08 Oct 2019 21:35:32 GMT
vary: Accept-Encoding
etag: W/"5d9d0124-a4e"
cache-control: public; max-age=14400
cf-cache-status: HIT
age: 342
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pIUsCXO5fT7Zp7M9c49h34EeY7dfdKfrKoLI3FpIddPtKuIWU3tfoyEeAK0jEdwLOnW07ud8A9QXdcDT2Ikk9S15X27QO2VdGvVd1EC2OVT22BV5vL5EDlbVwEkkoxRpXFfT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 752162a4493e0091-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wordpress.thetruthtoledo.com/wp-content/themes/magazine-plus/third-party/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
64.92.125.43200 OK 77 kB URL HTTP/1.1 wordpress.thetruthtoledo.com/wp-content/themes/magazine-plus/third-party/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 64.92.125.43:0
ASN #21777 MASSIVE-NETWORKS
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/magazine-plus/third-party/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: wordpress.thetruthtoledo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/wp-content/themes/magazine-plus/third-party/font-awesome/css/font-awesome.min.css?ver=4.7.0
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 02:45:53 GMT
Server: Apache
Last-Modified: Sat, 30 Jul 2022 03:31:28 GMT
Accept-Ranges: bytes
Content-Length: 77160
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: font/woff2
ad.doubleclick.net/ddm/adj/N6049.3318028NNPA/B28342164.342731447;dc_ver=91.268;sz=160x600;u_sd=1;dc_adk=1633536228;ord=ges9ft;click0=http%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D168170%26plid%3D1891112%26setID%3D421709%26channelID%3D19714%26CID%3D695160%26banID%3D520772966%26PID%3D0%26textadID%3D0%26tc%3D1%26adSize%3D160x600%26mt%3D1664419554080022%26sw%3D1280%26sh%3D1024%26spr%3D1%26referrer%3Dhttp%253A%252F%252Fwordpress.thetruthtoledo.com%252F%26hc%3Db725958054972ec408cae8949d502f083c60bcf7%26location%3D;dc_rfl=2,,http%3A%2F%2Fwordpress.thetruthtoledo.com%2F$0;xdt=0;crlt=icXD7csJlS;stc=1;sttr=61;prcl=s
142.250.74.102200 OK 28 kB URL HTTP/2 ad.doubleclick.net/ddm/adj/N6049.3318028NNPA/B28342164.342731447;dc_ver=91.268;sz=160x600;u_sd=1;dc_adk=1633536228;ord=ges9ft;click0=http%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D168170%26plid%3D1891112%26setID%3D421709%26channelID%3D19714%26CID%3D695160%26banID%3D520772966%26PID%3D0%26textadID%3D0%26tc%3D1%26adSize%3D160x600%26mt%3D1664419554080022%26sw%3D1280%26sh%3D1024%26spr%3D1%26referrer%3Dhttp%253A%252F%252Fwordpress.thetruthtoledo.com%252F%26hc%3Db725958054972ec408cae8949d502f083c60bcf7%26location%3D;dc_rfl=2,,http%3A%2F%2Fwordpress.thetruthtoledo.com%2F$0;xdt=0;crlt=icXD7csJlS;stc=1;sttr=61;prcl=s
IP 142.250.74.102:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 49802434a4716cf529f0d7f45ffd4ebd
72dd02a2b1734771868222db2512d87814b07b04
86a75f968127489dbed89261651eaf20813f9be77175cae70fcbde451c631df5
GET /ddm/adj/N6049.3318028NNPA/B28342164.342731447;dc_ver=91.268;sz=160x600;u_sd=1;dc_adk=1633536228;ord=ges9ft;click0=http%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D168170%26plid%3D1891112%26setID%3D421709%26channelID%3D19714%26CID%3D695160%26banID%3D520772966%26PID%3D0%26textadID%3D0%26tc%3D1%26adSize%3D160x600%26mt%3D1664419554080022%26sw%3D1280%26sh%3D1024%26spr%3D1%26referrer%3Dhttp%253A%252F%252Fwordpress.thetruthtoledo.com%252F%26hc%3Db725958054972ec408cae8949d502f083c60bcf7%26location%3D;dc_rfl=2,,http%3A%2F%2Fwordpress.thetruthtoledo.com%2F$0;xdt=0;crlt=icXD7csJlS;stc=1;sttr=61;prcl=s HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 02:45:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 28300
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 29-Sep-2022 03:00:54 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ad.doubleclick.net/ddm/adj/N6049.3318028NNPA/B28342164.342998593;dc_ver=91.268;sz=300x250;u_sd=1;dc_adk=1703049611;ord=ejb7x4;click0=http%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D168170%26plid%3D1891112%26setID%3D421705%26channelID%3D19714%26CID%3D695160%26banID%3D520772967%26PID%3D0%26textadID%3D0%26tc%3D1%26adSize%3D300x250%26mt%3D1664419554079933%26sw%3D1280%26sh%3D1024%26spr%3D1%26referrer%3Dhttp%253A%252F%252Fwordpress.thetruthtoledo.com%252F%26hc%3D8d7d037363ab9e4d7eb5097ff014291bfa759c8b%26location%3D;dc_rfl=2,,http%3A%2F%2Fwordpress.thetruthtoledo.com%2F$0;xdt=0;crlt=icXD7csJlS;stc=1;sttr=55;prcl=s
142.250.74.102200 OK 28 kB URL HTTP/2 ad.doubleclick.net/ddm/adj/N6049.3318028NNPA/B28342164.342998593;dc_ver=91.268;sz=300x250;u_sd=1;dc_adk=1703049611;ord=ejb7x4;click0=http%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D168170%26plid%3D1891112%26setID%3D421705%26channelID%3D19714%26CID%3D695160%26banID%3D520772967%26PID%3D0%26textadID%3D0%26tc%3D1%26adSize%3D300x250%26mt%3D1664419554079933%26sw%3D1280%26sh%3D1024%26spr%3D1%26referrer%3Dhttp%253A%252F%252Fwordpress.thetruthtoledo.com%252F%26hc%3D8d7d037363ab9e4d7eb5097ff014291bfa759c8b%26location%3D;dc_rfl=2,,http%3A%2F%2Fwordpress.thetruthtoledo.com%2F$0;xdt=0;crlt=icXD7csJlS;stc=1;sttr=55;prcl=s
IP 142.250.74.102:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 6f276a4ef8b3de00fa4ac3c1f435832d
6c1abbf636282d48f90df6b2c1bfc6058acca418
a5239972f900b347e0d3bf495e3ba962b20018873505772111dc7bc4d8c02ace
GET /ddm/adj/N6049.3318028NNPA/B28342164.342998593;dc_ver=91.268;sz=300x250;u_sd=1;dc_adk=1703049611;ord=ejb7x4;click0=http%3A%2F%2Fservedbyadbutler.com%2Fredirect.spark%3FMID%3D168170%26plid%3D1891112%26setID%3D421705%26channelID%3D19714%26CID%3D695160%26banID%3D520772967%26PID%3D0%26textadID%3D0%26tc%3D1%26adSize%3D300x250%26mt%3D1664419554079933%26sw%3D1280%26sh%3D1024%26spr%3D1%26referrer%3Dhttp%253A%252F%252Fwordpress.thetruthtoledo.com%252F%26hc%3D8d7d037363ab9e4d7eb5097ff014291bfa759c8b%26location%3D;dc_rfl=2,,http%3A%2F%2Fwordpress.thetruthtoledo.com%2F$0;xdt=0;crlt=icXD7csJlS;stc=1;sttr=55;prcl=s HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 02:45:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 28234
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 29-Sep-2022 03:00:54 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 3499488d099934e02c894c15f11025ed
f0436afc962b71d22959b7607dd9e19ee53b99cb
c1375cff21e4f3c7bf53c8938829342f4901e48ff190080e6995f73c82c06460
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 02:45:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/UFYwWwmt.js
142.250.74.65200 OK 15 kB URL HTTP/1.1 tpc.googlesyndication.com/sodar/UFYwWwmt.js
IP 142.250.74.65:0
File type ASCII text, with very long lines (2289)
Hash 4a6eb6cff1bd687798eb64e7f232bc14
658dfe0797ee4c158c4d80e673be9bbf026da600
1e6b2901d07bf87aba54476c62459a6faeaf3c67fd1d13a329e6cf6a663a5006
GET /sodar/UFYwWwmt.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="adspam-signals-scs"
Report-To: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
Timing-Allow-Origin: *
Content-Length: 15207
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 28 Sep 2022 09:24:37 GMT
Expires: Thu, 28 Sep 2023 09:24:37 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 03 Mar 2020 20:15:00 GMT
Content-Type: text/javascript
Age: 62477
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash afa078b70d80b6b5afcd913b9a626159
ccce4ced1c0e2aacb3c9de29c995e69084fdd851
b39fd4ba1a0a96216d68eaddf1ce8dd67c4cceae45f90c29e4b3093300873d08
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 02:45:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/Enqz_20U.html
142.250.74.65200 OK 8.4 kB URL HTTP/1.1 tpc.googlesyndication.com/sodar/Enqz_20U.html
IP 142.250.74.65:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1572)
Hash 1f9fad7314bb487966fd7a9b78cdb4d3
e91e30f9df2eb23f64dc24adf2a154329d2a5dd4
ca76b66cd7d1e0c949c4e96a1f3307f6ba4238cea55009174ce14505fd77a15f
GET /sodar/Enqz_20U.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="adspam-signals-scs"
Report-To: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
Timing-Allow-Origin: *
Content-Length: 8395
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 28 Sep 2022 09:24:37 GMT
Expires: Thu, 28 Sep 2023 09:24:37 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 03 Mar 2020 20:15:00 GMT
Content-Type: text/html
Age: 62477
tpc.googlesyndication.com/sodar/Enqz_20U.html
142.250.74.65200 OK 8.4 kB URL HTTP/1.1 tpc.googlesyndication.com/sodar/Enqz_20U.html
IP 142.250.74.65:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1572)
Hash 1f9fad7314bb487966fd7a9b78cdb4d3
e91e30f9df2eb23f64dc24adf2a154329d2a5dd4
ca76b66cd7d1e0c949c4e96a1f3307f6ba4238cea55009174ce14505fd77a15f
GET /sodar/Enqz_20U.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="adspam-signals-scs"
Report-To: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
Timing-Allow-Origin: *
Content-Length: 8395
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 28 Sep 2022 09:24:37 GMT
Expires: Thu, 28 Sep 2023 09:24:37 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 03 Mar 2020 20:15:00 GMT
Content-Type: text/html
Age: 62477
pagead2.googlesyndication.com/pagead/js/r20220927/r20110914/elements/html/omrhp.js
142.250.74.162200 OK 3.2 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/r20220927/r20110914/elements/html/omrhp.js
IP 142.250.74.162:0
File type ASCII text, with very long lines (2812)
Hash 4d25fcd5db1b3e587056df29eceda987
f39f02656e6d83d8c5d56d9a2dc7dd503c8dfb08
c1ea615501bde8bb26af7731ca7118379c587f2f799c13d7b76b11434b502ffc
GET /pagead/js/r20220927/r20110914/elements/html/omrhp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 3181
x-xss-protection: 0
date: Thu, 29 Sep 2022 01:51:34 GMT
expires: Thu, 13 Oct 2022 01:51:34 GMT
cache-control: public, max-age=1209600
etag: 10699485926258732851
content-type: text/javascript; charset=UTF-8
age: 3260
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s0.2mdn.net/simgad/10375444108453822691
216.58.211.6200 OK 49 kB URL HTTP/2 s0.2mdn.net/simgad/10375444108453822691
IP 216.58.211.6:0
File type JPEG image data, progressive, precision 8, 160x600, components 3\012- data
Hash 051d1e2cf505ea1ed0de25cbfa995a47
b0e08a348935d4603f552f53292f47af8b9963cb
45cd17877d12f8918697c389f1834f1c82496faa70911807271f3aec280487cb
GET /simgad/10375444108453822691 HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 48946
x-content-type-options: nosniff
x-dns-prefetch-control: off
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 13:50:34 GMT
expires: Mon, 25 Sep 2023 13:50:34 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 08 Sep 2022 14:05:10 GMT
content-type: image/jpeg
age: 305720
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.2/wp-includes/js/jquery/jquery.min.js
192.0.77.37200 OK 30 kB URL HTTP/2 c0.wp.com/c/6.0.2/wp-includes/js/jquery/jquery.min.js
IP 192.0.77.37:0
File type ASCII text, with very long lines (65447)
Hash b4760b677aac4851687f43034c5b7f04
53869e5ca6c8b775c1f1296b118287b35616048f
1f358bdef72ff115dfd95bd211b8d8b1d48fdc637dbb9fe03b94da9063c354ff
GET /c/6.0.2/wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 02:45:53 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
content-encoding: br
expires: Fri, 29 Sep 2023 02:45:53 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/wordpress.thetruthtoledo.com/wp-content/uploads/2020/07/cropped-T-truth-1.jpg?fit=192%2C192
192.0.77.2200 OK 3.8 kB URL HTTP/2 i0.wp.com/wordpress.thetruthtoledo.com/wp-content/uploads/2020/07/cropped-T-truth-1.jpg?fit=192%2C192
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 192x192, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3a206f727d366a3ab39d4ad9289801ec
99cc04ce0e2a39cad1bebfb53693455375b63ecb
245dfbab69ff0e4cefaecbd426a90fbc849d30beab0c8597c34767ee8d950751
GET /wordpress.thetruthtoledo.com/wp-content/uploads/2020/07/cropped-T-truth-1.jpg?fit=192%2C192 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 02:45:54 GMT
content-type: image/webp
content-length: 3782
last-modified: Tue, 27 Sep 2022 20:06:32 GMT
expires: Fri, 27 Sep 2024 08:06:32 GMT
cache-control: public, max-age=63115200
link: <http://wordpress.thetruthtoledo.com/wp-content/uploads/2020/07/cropped-T-truth-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "238e96b0970c5853"
vary: Accept
x-nc: HIT arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuQUaGkRf7smJ05dNdhRopSq1Wy-e9epCAXxo0TwaLO2e-y7uYhjkPXZ3pZwBDoNYmA0qDNf0pwA9BYlBDCQXbOMiDAMhfVrdCKVVOub5v5-1ddW2SXGqR15PwLwFYBKBrgvvwviYiX1KUCRg49g9m13N1cXdq5MQ&sig=Cg0ArKJSzPMxhGg3bofAEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220927.15717&adurl=
216.58.211.2200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuQUaGkRf7smJ05dNdhRopSq1Wy-e9epCAXxo0TwaLO2e-y7uYhjkPXZ3pZwBDoNYmA0qDNf0pwA9BYlBDCQXbOMiDAMhfVrdCKVVOub5v5-1ddW2SXGqR15PwLwFYBKBrgvvwviYiX1KUCRg49g9m13N1cXdq5MQ&sig=Cg0ArKJSzPMxhGg3bofAEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220927.15717&adurl=
IP 216.58.211.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjsuQUaGkRf7smJ05dNdhRopSq1Wy-e9epCAXxo0TwaLO2e-y7uYhjkPXZ3pZwBDoNYmA0qDNf0pwA9BYlBDCQXbOMiDAMhfVrdCKVVOub5v5-1ddW2SXGqR15PwLwFYBKBrgvvwviYiX1KUCRg49g9m13N1cXdq5MQ&sig=Cg0ArKJSzPMxhGg3bofAEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220927.15717&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control: private
access-control-allow-origin: *
content-type: image/gif
x-content-type-options: nosniff
date: Thu, 29 Sep 2022 02:45:54 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 29-Sep-2022 03:00:54 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 29 Sep 2022 02:45:54 GMT
X-Firefox-Spdy: h2
i0.wp.com/wordpress.thetruthtoledo.com/wp-content/uploads/2020/07/cropped-T-truth-1.jpg?fit=32%2C32
192.0.77.2200 OK 466 B URL HTTP/2 i0.wp.com/wordpress.thetruthtoledo.com/wp-content/uploads/2020/07/cropped-T-truth-1.jpg?fit=32%2C32
IP 192.0.77.2:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 32x32, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a2f6541d15f73eabca92d66bc9415fe7
1a761a8f174004c9ad5f250f9305af51ab336b15
bca8f79b8c72ae1973e333679b58b0121a97c0c89807ecadcb03bdf4a58b1478
GET /wordpress.thetruthtoledo.com/wp-content/uploads/2020/07/cropped-T-truth-1.jpg?fit=32%2C32 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 02:45:54 GMT
content-type: image/webp
content-length: 466
last-modified: Wed, 21 Sep 2022 02:42:56 GMT
expires: Fri, 20 Sep 2024 14:42:56 GMT
cache-control: public, max-age=63115200
link: <http://wordpress.thetruthtoledo.com/wp-content/uploads/2020/07/cropped-T-truth-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "91da23d3887e1adb"
vary: Accept
x-nc: HIT arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
s0.2mdn.net/simgad/10663783779959786614
216.58.211.6200 OK 80 kB URL HTTP/2 s0.2mdn.net/simgad/10663783779959786614
IP 216.58.211.6:0
File type JPEG image data, progressive, precision 8, 300x250, components 3\012- data
Hash 6448fb076d0841348cdba594a783c9c4
2dd8d36fc8d799a993c5a284a9d3b5510322be3a
9b5baa3e576acfdf4b92d4dd985ea6af7ad516378bf7d5027acf1907d4245536
GET /simgad/10663783779959786614 HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 80197
x-content-type-options: nosniff
x-dns-prefetch-control: off
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 09:11:33 GMT
expires: Mon, 25 Sep 2023 09:11:33 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 08 Sep 2022 14:05:15 GMT
content-type: image/jpeg
age: 322461
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
wordpress.thetruthtoledo.com/wp-content/uploads/2020/07/background.jpg
64.92.125.43200 OK 336 kB URL HTTP/1.1 wordpress.thetruthtoledo.com/wp-content/uploads/2020/07/background.jpg
IP 64.92.125.43:0
ASN #21777 MASSIVE-NETWORKS
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2020:07:22 10:10:09], baseline, precision 8, 1342x1080, components 3\012- data
Size 336 kB (335519 bytes)
Hash 5868c00f1f322339b3c1f1da320e4f68
53c10c32d6a0cd9661e185f2467c0a6ff43ad503
c575dfbebac59133c31319d691914ee2a6b0a108857c13ed564b1d641d953dd6
GET /wp-content/uploads/2020/07/background.jpg HTTP/1.1
Host: wordpress.thetruthtoledo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 02:45:53 GMT
Server: Apache
Last-Modified: Wed, 22 Jul 2020 14:10:00 GMT
Accept-Ranges: bytes
Content-Length: 335519
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash afa078b70d80b6b5afcd913b9a626159
ccce4ced1c0e2aacb3c9de29c995e69084fdd851
b39fd4ba1a0a96216d68eaddf1ce8dd67c4cceae45f90c29e4b3093300873d08
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 02:45:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/cse/cse.js?cx=008381501898357944100:ys8yxitpo4g
142.250.74.164301 Moved Permanently 267 B URL HTTP/1.1 www.google.com/cse/cse.js?cx=008381501898357944100:ys8yxitpo4g
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 589c6c8437a06d8f28be9e3a908e0bd3
5c04dace77ba6ecf0694fe6b69eaad2c3fd5a8f3
87fb67dd63dcf3631962fe844384bbd8a02aa9730aff6b8d2dbe41b3f96bfd38
GET /cse/cse.js?cx=008381501898357944100:ys8yxitpo4g HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
HTTP/1.1 301 Moved Permanently
Location: https://cse.google.com/cse/cse.js?cx=008381501898357944100:ys8yxitpo4g
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Thu, 29 Sep 2022 02:45:54 GMT
Expires: Thu, 29 Sep 2022 03:15:54 GMT
Cache-Control: public, max-age=1800
Server: sffe
Content-Length: 267
X-XSS-Protection: 0
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 09e1355655d834662068429c7e624abe
059b15ae096927e5c981bdeb0d55f573e1c5bb62
767a28e32f36f5b04daf52bde1e379e1293afb00d60e1375e41f78a549a6e16c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 02:45:54 GMT
Last-Modified: Thu, 29 Sep 2022 02:22:05 GMT
Server: ECS (nyb/1D0E)
X-Cache: Miss from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 3YOKinjbnrjsncT8IzF0r9J9Gnelp40XKYqi1Omv0SM1B_UOswZPBA==
Age: 1429
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 09e1355655d834662068429c7e624abe
059b15ae096927e5c981bdeb0d55f573e1c5bb62
767a28e32f36f5b04daf52bde1e379e1293afb00d60e1375e41f78a549a6e16c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 02:45:54 GMT
Last-Modified: Thu, 29 Sep 2022 02:12:04 GMT
Server: ECS (nyb/1D05)
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: AMLpUskorE3npKyiUd59NrbvpRwTrPzB__RQNGgMBzbb8uEmagDa8g==
Age: 2030
pagead2.googlesyndication.com/bg/bD2V1yF27SqeqYvgyYYSPdiNu290SHC9vzB8BmtCvBI.js
142.250.74.162200 OK 16 kB URL HTTP/1.1 pagead2.googlesyndication.com/bg/bD2V1yF27SqeqYvgyYYSPdiNu290SHC9vzB8BmtCvBI.js
IP 142.250.74.162:0
File type ASCII text, with very long lines (36204)
Hash 932bce18db198e8c556344b8a0690932
9d93840fd4279cf153d699ed8701b84ca7a49d0e
d518317e1c6766c5d9620e3e568b9635453682b81ee39eda9cb89254219067cf
GET /bg/bD2V1yF27SqeqYvgyYYSPdiNu290SHC9vzB8BmtCvBI.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tpc.googlesyndication.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="botguard-scs"
Report-To: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
Content-Length: 16064
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 27 Sep 2022 10:37:22 GMT
Expires: Wed, 27 Sep 2023 10:37:22 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 19 Sep 2022 14:48:00 GMT
Content-Type: text/javascript
Age: 144512
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7f6c1bbbde940ad17ceda150b7b1664d
7273da22f182d9540784068537cc678ec27800d3
4d8a6cd94e298a71543331248750230237a56a67cef251c7a204291612dbb569
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 02:45:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
wordpress.thetruthtoledo.com/wp-content/uploads/2021/04/bridge-copy.jpg
64.92.125.43200 OK 306 kB URL HTTP/1.1 wordpress.thetruthtoledo.com/wp-content/uploads/2021/04/bridge-copy.jpg
IP 64.92.125.43:0
ASN #21777 MASSIVE-NETWORKS
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=14, height=108, bps=182, compression=none, PhotometricIntepretation=RGB, orientation=upper-left, width=800], baseline, precision 8, 1065x302, components 3\012- data
Size 306 kB (306428 bytes)
Hash 5cc3878f1d60d08e014acd824e2aa434
67e0507cd22441169678f4d6787be5540a633f05
be2e5d2546b3158eac170d70f9a24ad98d53f336bc1eedcc22bc97ba5aee32bd
GET /wp-content/uploads/2021/04/bridge-copy.jpg HTTP/1.1
Host: wordpress.thetruthtoledo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 02:45:53 GMT
Server: Apache
Last-Modified: Mon, 26 Apr 2021 18:40:34 GMT
Accept-Ranges: bytes
Content-Length: 306428
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
cse.google.com/cse/cse.js?cx=008381501898357944100:ys8yxitpo4g
142.250.74.78200 OK 3.6 kB URL HTTP/2 cse.google.com/cse/cse.js?cx=008381501898357944100:ys8yxitpo4g
IP 142.250.74.78:0
File type ASCII text, with very long lines (3486)
Hash 0f86e4cb0dff252ba26ad569182e83c6
0946b50ec9e7e31871d17c58e70c2379a6f0411f
37ca91ae0e17153bdad4caab103ace7fd2aad0c57687f21dea93bcc113174a81
GET /cse/cse.js?cx=008381501898357944100:ys8yxitpo4g HTTP/1.1
Host: cse.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://wordpress.thetruthtoledo.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Thu, 29 Sep 2022 02:45:54 GMT
server: gws
content-length: 3550
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+703; expires=Sat, 28-Sep-2024 02:45:54 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 29 Sep 2022 02:45:54 GMT
cache-control: private
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7f6c1bbbde940ad17ceda150b7b1664d
7273da22f182d9540784068537cc678ec27800d3
4d8a6cd94e298a71543331248750230237a56a67cef251c7a204291612dbb569
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 02:45:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fw.adsafeprotected.com/rfw/st/1117097/65672864/skeleton.js?adsafe_url=http%3A%2F%2Fwordpress.thetruthtoledo.com%2F&adsafe_type=abdf&adsafe_jsinfo=,id:570be69b-ec6e-d80f-92c1-7cd4cd882714,c:pzgc4T,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-experiment-primary-97f9cf44-qfdk7,rg:ie,pt:1-5-15,wc:0.0.1280.939,ac:..300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,mu:10000,br:g,bru:g,an:n,oam:0,mtim:125,mot:0,app:0,maw:0,fm:tiMSOOQ+11*.1117097-65672864%7C111%7C1211%7C13,idMap:11*,pl:,rmeas:1,rend:1,renddet:IMG.qs,e:a,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:136,oid:d6abbe2e-3fa0-11ed-93a4-8e3b24d9e75a,v:19.8.353,sp:1,st:0,fwm:1,wr:1280.939,sr:1280.1024,ov:0
34.241.76.101302 Found 0 B URL HTTP/2 fw.adsafeprotected.com/rfw/st/1117097/65672864/skeleton.js?adsafe_url=http%3A%2F%2Fwordpress.thetruthtoledo.com%2F&adsafe_type=abdf&adsafe_jsinfo=,id:570be69b-ec6e-d80f-92c1-7cd4cd882714,c:pzgc4T,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-experiment-primary-97f9cf44-qfdk7,rg:ie,pt:1-5-15,wc:0.0.1280.939,ac:..300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,mu:10000,br:g,bru:g,an:n,oam:0,mtim:125,mot:0,app:0,maw:0,fm:tiMSOOQ+11*.1117097-65672864%7C111%7C1211%7C13,idMap:11*,pl:,rmeas:1,rend:1,renddet:IMG.qs,e:a,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:136,oid:d6abbe2e-3fa0-11ed-93a4-8e3b24d9e75a,v:19.8.353,sp:1,st:0,fwm:1,wr:1280.939,sr:1280.1024,ov:0
IP 34.241.76.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rfw/st/1117097/65672864/skeleton.js?adsafe_url=http%3A%2F%2Fwordpress.thetruthtoledo.com%2F&adsafe_type=abdf&adsafe_jsinfo=,id:570be69b-ec6e-d80f-92c1-7cd4cd882714,c:pzgc4T,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-experiment-primary-97f9cf44-qfdk7,rg:ie,pt:1-5-15,wc:0.0.1280.939,ac:..300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,mu:10000,br:g,bru:g,an:n,oam:0,mtim:125,mot:0,app:0,maw:0,fm:tiMSOOQ+11*.1117097-65672864%7C111%7C1211%7C13,idMap:11*,pl:,rmeas:1,rend:1,renddet:IMG.qs,e:a,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:136,oid:d6abbe2e-3fa0-11ed-93a4-8e3b24d9e75a,v:19.8.353,sp:1,st:0,fwm:1,wr:1280.939,sr:1280.1024,ov:0 HTTP/1.1
Host: fw.adsafeprotected.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 29 Sep 2022 02:45:54 GMT
content-length: 0
location: https://static.adsafeprotected.com/skeleton.js
server: nginx
p3p: CP="COM NAV INT STA NID OUR IND NOI"
pragma: no-cache
cache-control: no-cache
x-server-name: app03.ie.303net.net
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0acb404c6e5e614b2b45960b66540566
9dd62de9f34b30f89ff0fbe054affd8114562b65
78195875441b18f2c34830e59c85bfba8aa9e4afb3953ea232352b49d67d76bd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 02:45:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0acb404c6e5e614b2b45960b66540566
9dd62de9f34b30f89ff0fbe054affd8114562b65
78195875441b18f2c34830e59c85bfba8aa9e4afb3953ea232352b49d67d76bd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 02:45:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/cse/static/style/look/v4/default.css
142.250.74.164200 OK 1.3 kB URL HTTP/2 www.google.com/cse/static/style/look/v4/default.css
IP 142.250.74.164:0
Hash b33c65c5c815696bed8292c172185bcc
d2c0eceacad1f57b25621dcdb32659c5dc6b8d9b
f5ab6924cf65ae4dc61dca35d096fa272f8b4937b733b5eb46d36af396884132
GET /cse/static/style/look/v4/default.css HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-length: 1345
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Sep 2022 02:27:36 GMT
expires: Thu, 29 Sep 2022 03:17:36 GMT
cache-control: public, max-age=3000
age: 1099
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.adsafeprotected.com/main.19.8.353.js
54.230.111.33200 OK 70 kB URL HTTP/2 static.adsafeprotected.com/main.19.8.353.js
IP 54.230.111.33:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 068bad954ea1a8f7afc7d7a094a8d448
e4829b5c0d52f10c606d23c84bea002c6de640af
1952596986882d3b3cefc6a43a69d62114f3a0084f840fa3a9c309abcdc85d89
GET /main.19.8.353.js HTTP/1.1
Host: static.adsafeprotected.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 28 Sep 2022 16:45:53 GMT
x-amz-replication-status: COMPLETED
last-modified: Wed, 28 Sep 2022 15:57:16 GMT
etag: W/"7376f82218abde1fb9e5d07b89fef3d0"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: 1Z36T6o6k8e3vPmdb1canJE8cWkrgUoe
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sEg1wIXnZlzk0H59g9G03OmCEHaNt6DzY-D8-HhUIueV5R8Q_3P9kQ==
age: 36001
X-Firefox-Spdy: h2
fw.adsafeprotected.com/rfw/st/1117097/65672862/skeleton.js?adsafe_url=http%3A%2F%2Fwordpress.thetruthtoledo.com%2F&adsafe_type=abdf&adsafe_jsinfo=,id:7fe6e3a9-6007-7d10-52ba-08d39d3ae46f,c:pzgc5V,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-56cccd4d78-7qmj8,rg:ie,pt:1-5-15,wc:0.0.1280.939,ac:..160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:l,mu:10000,br:g,bru:g,an:n,oam:0,mtim:186,mot:0,app:0,maw:0,fm:tiMSOOS+111%7C112%7C12*.1117097-65672862%7C121%7C13,idMap:12*,pl:,rmeas:1,rend:1,renddet:IMG.qs,e:a,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:197,oid:d6abbd9d-3fa0-11ed-a375-161b8e86fe5b,v:19.8.353,sp:1,st:0,fwm:1,wr:1280.939,sr:1280.1024,ov:0
34.241.76.101302 Found 0 B URL HTTP/2 fw.adsafeprotected.com/rfw/st/1117097/65672862/skeleton.js?adsafe_url=http%3A%2F%2Fwordpress.thetruthtoledo.com%2F&adsafe_type=abdf&adsafe_jsinfo=,id:7fe6e3a9-6007-7d10-52ba-08d39d3ae46f,c:pzgc5V,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-56cccd4d78-7qmj8,rg:ie,pt:1-5-15,wc:0.0.1280.939,ac:..160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:l,mu:10000,br:g,bru:g,an:n,oam:0,mtim:186,mot:0,app:0,maw:0,fm:tiMSOOS+111%7C112%7C12*.1117097-65672862%7C121%7C13,idMap:12*,pl:,rmeas:1,rend:1,renddet:IMG.qs,e:a,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:197,oid:d6abbd9d-3fa0-11ed-a375-161b8e86fe5b,v:19.8.353,sp:1,st:0,fwm:1,wr:1280.939,sr:1280.1024,ov:0
IP 34.241.76.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rfw/st/1117097/65672862/skeleton.js?adsafe_url=http%3A%2F%2Fwordpress.thetruthtoledo.com%2F&adsafe_type=abdf&adsafe_jsinfo=,id:7fe6e3a9-6007-7d10-52ba-08d39d3ae46f,c:pzgc5V,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-56cccd4d78-7qmj8,rg:ie,pt:1-5-15,wc:0.0.1280.939,ac:..160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:l,mu:10000,br:g,bru:g,an:n,oam:0,mtim:186,mot:0,app:0,maw:0,fm:tiMSOOS+111%7C112%7C12*.1117097-65672862%7C121%7C13,idMap:12*,pl:,rmeas:1,rend:1,renddet:IMG.qs,e:a,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:197,oid:d6abbd9d-3fa0-11ed-a375-161b8e86fe5b,v:19.8.353,sp:1,st:0,fwm:1,wr:1280.939,sr:1280.1024,ov:0 HTTP/1.1
Host: fw.adsafeprotected.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 29 Sep 2022 02:45:55 GMT
content-length: 0
location: https://static.adsafeprotected.com/skeleton.js
server: nginx
p3p: CP="COM NAV INT STA NID OUR IND NOI"
pragma: no-cache
cache-control: no-cache
x-server-name: app05.ie.303net.net
X-Firefox-Spdy: h2
static.adsafeprotected.com/skeleton.js
54.230.111.33200 OK 17 B URL HTTP/2 static.adsafeprotected.com/skeleton.js
IP 54.230.111.33:0
File type ASCII text, with no line terminators
Hash 53fab767ecbd3bf07990b10246befbd4
49044085bb137d175d261b5fb9617c6f0f302c49
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
GET /skeleton.js HTTP/1.1
Host: static.adsafeprotected.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://wordpress.thetruthtoledo.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 17
date: Fri, 01 Jul 2022 02:01:00 GMT
x-amz-replication-status: COMPLETED
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
etag: "53fab767ecbd3bf07990b10246befbd4"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: v7CTGzq1n8yBztqBYEOi1voJxC5h-IQw1g2aP_SaV8U8R9AsUmdD5g==
age: 7778696
X-Firefox-Spdy: h2
www.google.com/cse/static/element/f275a300093f201a/cse_element__en.js?usqp=CAM%3D
142.250.74.164200 OK 103 kB URL HTTP/2 www.google.com/cse/static/element/f275a300093f201a/cse_element__en.js?usqp=CAM%3D
IP 142.250.74.164:0
File type ASCII text, with very long lines (2726)
Size 103 kB (103180 bytes)
Hash 311146bbad17634bd137d5aaeeb36d9a
86dc32a97f3306b43512adb2170aecac5d28a4a5
fc84833fbcdcb2c93a1ce95aeb2f5fe09dce4c5639ba09b1d768218acd4b7026
GET /cse/static/element/f275a300093f201a/cse_element__en.js?usqp=CAM%3D HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-length: 103180
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 05:24:38 GMT
expires: Mon, 25 Sep 2023 05:24:38 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 14:37:00 GMT
content-type: text/javascript
age: 336077
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BN1li4gY1Y-eJFs6CiQbrz4LQBwAAAAA4AeAEAg&bg=!0tGl0ZXNAAYIxsuQKMY7ACkAdvg8Wk5O_EHXh1_xYc0QlJGk7LQiUYjEZZM9IopCDSMaRE4t7Sn90wIAAADPUgAAAAJoAQeZAoGTuHsEdsJX37gsYQ8Zi1G31ULfQMSk_Y5_MPlkHlg4ynJvjZ1o3gJqeqx0ckoZWrz3KvWoxIBt05JayQVHg8fiwtyYB30_fRHnfoyvLLmVd3wwJJBZP513tphtIA428ZBg0Hv4QfGTZw2a-INyZUzlYHbB11yZSlBNS6P6407m3zmTtcxUgF-2J1qLNt-BShHBhCfQdnT_-n31fGCgoaOtGSmZKxImwzeOvTlkXEYpi6zQ3r4zpBXGLP3r1VoxIxusVJ2H3-A75G3XUjq1GqGdlrfn250dXD5s8PtNJLqdDmuKDER3uYyyE9qVq4RjF8khVG9rY_2sbD3w1uNCVvrIf1_zOz3MZKClnIJ3NwkaW12v-JoF747st4owtR9zUsRMcFCXO4vI6sbinP_kW2lNM_SWkwhVv534CoP_0cRgF2zRYqcQzlR209Xumy9jNZPzmlmhmI3KTgjXmTq7Bz1-n5FrG2joOskCmIRNmj7yLxMYeTjY5hdUkkqDrgpOx2n0mtW6SI_aCLn_VY8KEdu-n0DdiThBU80Olkd5c5tEcsTf0T8jauhtS99IIzTZZLlC-9A1oQ5DkyXouWSkMM_YmvphaCgdnxqa5SKO1Ke3f-DL_5LlZUyVO1mMMuGGjLF4SlHVZXjKq5w4vmW3MVbsxBJBeBTOruzo6VF2nnmK3mQWf6v1TuN4ID8vZGZDzYbdgPb9UmR9h8zVAqtCnYJk37iwjaqW4iEtAyRyvxR7DoJtjeZA465RLW7SuyzR3MIZOFD16x6koE9ZHohlvHeCH88zXpDVWQ3NgH0quEDddx4309-Cgef7qiLxcP3x4G3SwADxwg21FcELE94q_IOxUg
142.250.74.162204 No Content 0 B URL HTTP/1.1 pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BN1li4gY1Y-eJFs6CiQbrz4LQBwAAAAA4AeAEAg&bg=!0tGl0ZXNAAYIxsuQKMY7ACkAdvg8Wk5O_EHXh1_xYc0QlJGk7LQiUYjEZZM9IopCDSMaRE4t7Sn90wIAAADPUgAAAAJoAQeZAoGTuHsEdsJX37gsYQ8Zi1G31ULfQMSk_Y5_MPlkHlg4ynJvjZ1o3gJqeqx0ckoZWrz3KvWoxIBt05JayQVHg8fiwtyYB30_fRHnfoyvLLmVd3wwJJBZP513tphtIA428ZBg0Hv4QfGTZw2a-INyZUzlYHbB11yZSlBNS6P6407m3zmTtcxUgF-2J1qLNt-BShHBhCfQdnT_-n31fGCgoaOtGSmZKxImwzeOvTlkXEYpi6zQ3r4zpBXGLP3r1VoxIxusVJ2H3-A75G3XUjq1GqGdlrfn250dXD5s8PtNJLqdDmuKDER3uYyyE9qVq4RjF8khVG9rY_2sbD3w1uNCVvrIf1_zOz3MZKClnIJ3NwkaW12v-JoF747st4owtR9zUsRMcFCXO4vI6sbinP_kW2lNM_SWkwhVv534CoP_0cRgF2zRYqcQzlR209Xumy9jNZPzmlmhmI3KTgjXmTq7Bz1-n5FrG2joOskCmIRNmj7yLxMYeTjY5hdUkkqDrgpOx2n0mtW6SI_aCLn_VY8KEdu-n0DdiThBU80Olkd5c5tEcsTf0T8jauhtS99IIzTZZLlC-9A1oQ5DkyXouWSkMM_YmvphaCgdnxqa5SKO1Ke3f-DL_5LlZUyVO1mMMuGGjLF4SlHVZXjKq5w4vmW3MVbsxBJBeBTOruzo6VF2nnmK3mQWf6v1TuN4ID8vZGZDzYbdgPb9UmR9h8zVAqtCnYJk37iwjaqW4iEtAyRyvxR7DoJtjeZA465RLW7SuyzR3MIZOFD16x6koE9ZHohlvHeCH88zXpDVWQ3NgH0quEDddx4309-Cgef7qiLxcP3x4G3SwADxwg21FcELE94q_IOxUg
IP 142.250.74.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/gen_204?id=sodar&v=30&t=2&bgai=BN1li4gY1Y-eJFs6CiQbrz4LQBwAAAAA4AeAEAg&bg=!0tGl0ZXNAAYIxsuQKMY7ACkAdvg8Wk5O_EHXh1_xYc0QlJGk7LQiUYjEZZM9IopCDSMaRE4t7Sn90wIAAADPUgAAAAJoAQeZAoGTuHsEdsJX37gsYQ8Zi1G31ULfQMSk_Y5_MPlkHlg4ynJvjZ1o3gJqeqx0ckoZWrz3KvWoxIBt05JayQVHg8fiwtyYB30_fRHnfoyvLLmVd3wwJJBZP513tphtIA428ZBg0Hv4QfGTZw2a-INyZUzlYHbB11yZSlBNS6P6407m3zmTtcxUgF-2J1qLNt-BShHBhCfQdnT_-n31fGCgoaOtGSmZKxImwzeOvTlkXEYpi6zQ3r4zpBXGLP3r1VoxIxusVJ2H3-A75G3XUjq1GqGdlrfn250dXD5s8PtNJLqdDmuKDER3uYyyE9qVq4RjF8khVG9rY_2sbD3w1uNCVvrIf1_zOz3MZKClnIJ3NwkaW12v-JoF747st4owtR9zUsRMcFCXO4vI6sbinP_kW2lNM_SWkwhVv534CoP_0cRgF2zRYqcQzlR209Xumy9jNZPzmlmhmI3KTgjXmTq7Bz1-n5FrG2joOskCmIRNmj7yLxMYeTjY5hdUkkqDrgpOx2n0mtW6SI_aCLn_VY8KEdu-n0DdiThBU80Olkd5c5tEcsTf0T8jauhtS99IIzTZZLlC-9A1oQ5DkyXouWSkMM_YmvphaCgdnxqa5SKO1Ke3f-DL_5LlZUyVO1mMMuGGjLF4SlHVZXjKq5w4vmW3MVbsxBJBeBTOruzo6VF2nnmK3mQWf6v1TuN4ID8vZGZDzYbdgPb9UmR9h8zVAqtCnYJk37iwjaqW4iEtAyRyvxR7DoJtjeZA465RLW7SuyzR3MIZOFD16x6koE9ZHohlvHeCH88zXpDVWQ3NgH0quEDddx4309-Cgef7qiLxcP3x4G3SwADxwg21FcELE94q_IOxUg HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tpc.googlesyndication.com/
HTTP/1.1 204 No Content
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Thu, 29 Sep 2022 02:45:55 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: image/gif
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 0
X-XSS-Protection: 0
cse.google.com/adsense/search/async-ads.js
142.250.74.78200 OK 53 kB URL HTTP/1.1 cse.google.com/adsense/search/async-ads.js
IP 142.250.74.78:0
File type ASCII text, with very long lines (1885)
Hash 87acd1ce8c777c74981d0e53533748d0
d12c56e8cebbd816aed55978588326e5265ac496
bbb009d62b73d00fbb3dd2d74e1b74882d522fbcdda1515b1a57143cce272d3b
GET /adsense/search/async-ads.js HTTP/1.1
Host: cse.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Date: Thu, 29 Sep 2022 02:45:55 GMT
Expires: Thu, 29 Sep 2022 02:45:55 GMT
Cache-Control: private, max-age=3600
ETag: "3678804962680144132"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: sffe
X-XSS-Protection: 0
clients1.google.com/generate_204
142.250.74.174204 No Content 0 B URL HTTP/1.1 clients1.google.com/generate_204
IP 142.250.74.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /generate_204 HTTP/1.1
Host: clients1.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
HTTP/1.1 204 No Content
Content-Length: 0
Cross-Origin-Resource-Policy: cross-origin
Date: Thu, 29 Sep 2022 02:45:55 GMT
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 622093b77910adb39ec922204fc82dce
403d9993b8161c273063cefab83e6d1a8117f5f1
a6540204f0b64ab6b0fe95fe3940f079e1d662278341079f5d1c1234f51c3858
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 29 Sep 2022 02:45:55 GMT
Last-Modified: Thu, 29 Sep 2022 01:54:00 GMT
Server: ECS (nyb/1D1F)
X-Cache: Miss from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: UN6OyHAaGwf9OpKb2LCQi5EkEvEZLjzxU5T-4-JASi2Z_SULCmdu_A==
Age: 3115
pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B2OvR4gY1Y_GaFt6Y78EPk4uIuAoAAAAAOAHgBAI&bg=!vb6lvvrNAAYIxsuQKMY7ACkAdvg8Wsxaw3WloQQPdwGdDoaBj5AN2yc2JOqz4epoP-XZeZDTZ5sVdwIAAADmUgAAAAFoAQcKAG4-5ZHDWDQ40Pf1WE8p8kM5Ky9q0V3RtRA1_vTpygFuLFZOEiki-7_NmidY7TKJyvVQrvXbThVIAwqWeVv8ddoeEkIdMvft98P4dJ1A5nFHwGhhJbSA6BEkfRc7QijcM-9lS5jcXP7J_jZAbD4f4JkCg2q1C-zoDKnfxcZoXyEUPnKHVeAEq8VDfR0uAV41g-USAuY3Wq7WZiAm7vWUMgVEJ7IxEHOAEhFdMmGFFC0DkgEMEU7mRvMUrNhaLg8AFz9DRPkJDXZNvzWjRt8J4tR3mEy_Ch6j3V10axbYXr3jpc0tx0DWP3dlQJ1TAVGL05uDe3Nxne4zwTi8EPPD8KLplEbS14R5uCgRHuRMGPIYaTCmvrmTrLL0KkI5mufwk4GUQ_MVFqkMfLHDW4FMkRwQiupDdIsJtIJ-ZQAyF3oDcHeYN_xQIxFsjXiOc-OohUb8tiRzaMoHtq2OhyEF0p2kgRf1pIPEjexvrqKTpKzgFR6Yvrc_IQ7TFoLeV4IYpCTXabUKyLMlRamcD4e4aJ_TSHTLjjI9m8Mx6dP2V_M4wW0nyzv2duwwvt4S9tkvHxI0n7umDz98T1gAWaUrqLaS_MdwYq0PBBdx6fD6Bgak9rumi3ZHgpx2yHvj8qXIwkmqWGCPGX0tU-P7G4MlIE8qoCZLzFrGlFD16aTz-znts4u3QXGtJc3jeF1DhYrvPK1lM8r28Yn3AUHE4dnnndXnZxrs_wPRV_pbYkwxMz8796C5YnWGRkNshMu6o0XvuBBDbMfzweW2CEePV3YZ6EHeZu5p6BkmhIXjKWI1xgDD5s8SNDkduL1eU42mcQp4gzeiBYibTu_OAb-kRnacEhTERFOa1RhAnidvC7SkTgXVZkz12mXn1UYO8i7U19M03Ba0TJIcS1hkhZJUTS6QzNNUYq9f7QjE9JyWhrlcOHG9L3N_IAWQhuAYh7haUZmPV8ObJo_2dsXMjXtYvE6bMhndaxrnFbZxNvufXQyO8bLkc5oke6M
142.250.74.162204 No Content 0 B URL HTTP/1.1 pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B2OvR4gY1Y_GaFt6Y78EPk4uIuAoAAAAAOAHgBAI&bg=!vb6lvvrNAAYIxsuQKMY7ACkAdvg8Wsxaw3WloQQPdwGdDoaBj5AN2yc2JOqz4epoP-XZeZDTZ5sVdwIAAADmUgAAAAFoAQcKAG4-5ZHDWDQ40Pf1WE8p8kM5Ky9q0V3RtRA1_vTpygFuLFZOEiki-7_NmidY7TKJyvVQrvXbThVIAwqWeVv8ddoeEkIdMvft98P4dJ1A5nFHwGhhJbSA6BEkfRc7QijcM-9lS5jcXP7J_jZAbD4f4JkCg2q1C-zoDKnfxcZoXyEUPnKHVeAEq8VDfR0uAV41g-USAuY3Wq7WZiAm7vWUMgVEJ7IxEHOAEhFdMmGFFC0DkgEMEU7mRvMUrNhaLg8AFz9DRPkJDXZNvzWjRt8J4tR3mEy_Ch6j3V10axbYXr3jpc0tx0DWP3dlQJ1TAVGL05uDe3Nxne4zwTi8EPPD8KLplEbS14R5uCgRHuRMGPIYaTCmvrmTrLL0KkI5mufwk4GUQ_MVFqkMfLHDW4FMkRwQiupDdIsJtIJ-ZQAyF3oDcHeYN_xQIxFsjXiOc-OohUb8tiRzaMoHtq2OhyEF0p2kgRf1pIPEjexvrqKTpKzgFR6Yvrc_IQ7TFoLeV4IYpCTXabUKyLMlRamcD4e4aJ_TSHTLjjI9m8Mx6dP2V_M4wW0nyzv2duwwvt4S9tkvHxI0n7umDz98T1gAWaUrqLaS_MdwYq0PBBdx6fD6Bgak9rumi3ZHgpx2yHvj8qXIwkmqWGCPGX0tU-P7G4MlIE8qoCZLzFrGlFD16aTz-znts4u3QXGtJc3jeF1DhYrvPK1lM8r28Yn3AUHE4dnnndXnZxrs_wPRV_pbYkwxMz8796C5YnWGRkNshMu6o0XvuBBDbMfzweW2CEePV3YZ6EHeZu5p6BkmhIXjKWI1xgDD5s8SNDkduL1eU42mcQp4gzeiBYibTu_OAb-kRnacEhTERFOa1RhAnidvC7SkTgXVZkz12mXn1UYO8i7U19M03Ba0TJIcS1hkhZJUTS6QzNNUYq9f7QjE9JyWhrlcOHG9L3N_IAWQhuAYh7haUZmPV8ObJo_2dsXMjXtYvE6bMhndaxrnFbZxNvufXQyO8bLkc5oke6M
IP 142.250.74.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/gen_204?id=sodar&v=30&t=2&bgai=B2OvR4gY1Y_GaFt6Y78EPk4uIuAoAAAAAOAHgBAI&bg=!vb6lvvrNAAYIxsuQKMY7ACkAdvg8Wsxaw3WloQQPdwGdDoaBj5AN2yc2JOqz4epoP-XZeZDTZ5sVdwIAAADmUgAAAAFoAQcKAG4-5ZHDWDQ40Pf1WE8p8kM5Ky9q0V3RtRA1_vTpygFuLFZOEiki-7_NmidY7TKJyvVQrvXbThVIAwqWeVv8ddoeEkIdMvft98P4dJ1A5nFHwGhhJbSA6BEkfRc7QijcM-9lS5jcXP7J_jZAbD4f4JkCg2q1C-zoDKnfxcZoXyEUPnKHVeAEq8VDfR0uAV41g-USAuY3Wq7WZiAm7vWUMgVEJ7IxEHOAEhFdMmGFFC0DkgEMEU7mRvMUrNhaLg8AFz9DRPkJDXZNvzWjRt8J4tR3mEy_Ch6j3V10axbYXr3jpc0tx0DWP3dlQJ1TAVGL05uDe3Nxne4zwTi8EPPD8KLplEbS14R5uCgRHuRMGPIYaTCmvrmTrLL0KkI5mufwk4GUQ_MVFqkMfLHDW4FMkRwQiupDdIsJtIJ-ZQAyF3oDcHeYN_xQIxFsjXiOc-OohUb8tiRzaMoHtq2OhyEF0p2kgRf1pIPEjexvrqKTpKzgFR6Yvrc_IQ7TFoLeV4IYpCTXabUKyLMlRamcD4e4aJ_TSHTLjjI9m8Mx6dP2V_M4wW0nyzv2duwwvt4S9tkvHxI0n7umDz98T1gAWaUrqLaS_MdwYq0PBBdx6fD6Bgak9rumi3ZHgpx2yHvj8qXIwkmqWGCPGX0tU-P7G4MlIE8qoCZLzFrGlFD16aTz-znts4u3QXGtJc3jeF1DhYrvPK1lM8r28Yn3AUHE4dnnndXnZxrs_wPRV_pbYkwxMz8796C5YnWGRkNshMu6o0XvuBBDbMfzweW2CEePV3YZ6EHeZu5p6BkmhIXjKWI1xgDD5s8SNDkduL1eU42mcQp4gzeiBYibTu_OAb-kRnacEhTERFOa1RhAnidvC7SkTgXVZkz12mXn1UYO8i7U19M03Ba0TJIcS1hkhZJUTS6QzNNUYq9f7QjE9JyWhrlcOHG9L3N_IAWQhuAYh7haUZmPV8ObJo_2dsXMjXtYvE6bMhndaxrnFbZxNvufXQyO8bLkc5oke6M HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://tpc.googlesyndication.com/
HTTP/1.1 204 No Content
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Thu, 29 Sep 2022 02:45:55 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Content-Type: image/gif
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 0
X-XSS-Protection: 0
forecast7.com/en/41d66n83d56/toledo/?format=json
104.21.71.89200 OK 3.3 kB URL HTTP/2 forecast7.com/en/41d66n83d56/toledo/?format=json
IP 104.21.71.89:0
File type ASCII text, with very long lines (17059), with no line terminators
Hash 6a3f15dd0f366a94ec1bdc2e9c1abdb5
d5f435175618c60c37afc073281e5443a4387a32
262a400f5a773a2736016257b4ec4ba25c1dbee18716fcf2e1c73d26f25e51a8
GET /en/41d66n83d56/toledo/?format=json HTTP/1.1
Host: forecast7.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://weatherwidget.io
Connection: keep-alive
Referer: https://weatherwidget.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 29 Sep 2022 02:45:54 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Origin
access-control-allow-origin: https://weatherwidget.io
expires: Thu, 29 Sep 2022 03:11:33 GMT
etag: W/"12c1-Y5K2W2OpnBpPWH3R1xM3bqE3qIo"
x-proxy-cache: MISS
cache-control: public
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jkl8LtjyGY9E50niTU%2FQ8b6pe%2FF9P7i8RsfMGdGyhqMpIl5rLh7gAj%2FT9PUGzJSW8eewEHaN0qGCFU5T8SBxqgE97yP8zIn%2FsUftKW110mqBujwpgYrDwSoePTuLL%2Bgb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 752162a6fc160afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dt.adsafeprotected.com/dt?advEntityId=1117097&asId=7fe6e3a9-6007-7d10-52ba-08d39d3ae46f&tv=%7Bc:pzgc7g,pingTime:-2,time:280,type:a,im:%7Bsf:0,pom:0,prf:%7BbdA:322,bdZ:655,beA:680,beZ:680,mfA:866,cmA:868,inA:868,inZ:869,prA:869,prZ:874,si:877,poA:879,poZ:888,cmZ:889,mfZ:889,loA:911,loZ:914,ltA:960,ltZ:960,mdA:680,mdZ:726%7D%7D,sca:%7Bdfp:%7Bdf:2,sz:160.600,dom:img%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:160,h:600,t:196%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:281,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:196,wc:0.0.1280.939,ac:..160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B93~0%5D,as:%5B93~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:a,tt:rjss,dtt:0,fm:tiMSOOS+111%7C112%7C12*.1117097-65672862%7C121%7C13,idMap:12*,rmeas:1,rend:1,renddet:IMG.qs,siq:198,slid:%5Bplacement_421709_0_iframe,placement_421709_0,custom_html-4,sidebar-primary,content,page%5D,sinceFw:80,readyFired:true%7D&br=g
52.88.187.127200 OK 43 B URL HTTP/2 dt.adsafeprotected.com/dt?advEntityId=1117097&asId=7fe6e3a9-6007-7d10-52ba-08d39d3ae46f&tv=%7Bc:pzgc7g,pingTime:-2,time:280,type:a,im:%7Bsf:0,pom:0,prf:%7BbdA:322,bdZ:655,beA:680,beZ:680,mfA:866,cmA:868,inA:868,inZ:869,prA:869,prZ:874,si:877,poA:879,poZ:888,cmZ:889,mfZ:889,loA:911,loZ:914,ltA:960,ltZ:960,mdA:680,mdZ:726%7D%7D,sca:%7Bdfp:%7Bdf:2,sz:160.600,dom:img%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:160,h:600,t:196%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:281,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:196,wc:0.0.1280.939,ac:..160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B93~0%5D,as:%5B93~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:a,tt:rjss,dtt:0,fm:tiMSOOS+111%7C112%7C12*.1117097-65672862%7C121%7C13,idMap:12*,rmeas:1,rend:1,renddet:IMG.qs,siq:198,slid:%5Bplacement_421709_0_iframe,placement_421709_0,custom_html-4,sidebar-primary,content,page%5D,sinceFw:80,readyFired:true%7D&br=g
IP 52.88.187.127:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /dt?advEntityId=1117097&asId=7fe6e3a9-6007-7d10-52ba-08d39d3ae46f&tv=%7Bc:pzgc7g,pingTime:-2,time:280,type:a,im:%7Bsf:0,pom:0,prf:%7BbdA:322,bdZ:655,beA:680,beZ:680,mfA:866,cmA:868,inA:868,inZ:869,prA:869,prZ:874,si:877,poA:879,poZ:888,cmZ:889,mfZ:889,loA:911,loZ:914,ltA:960,ltZ:960,mdA:680,mdZ:726%7D%7D,sca:%7Bdfp:%7Bdf:2,sz:160.600,dom:img%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:160,h:600,t:196%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:281,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:196,wc:0.0.1280.939,ac:..160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B93~0%5D,as:%5B93~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:a,tt:rjss,dtt:0,fm:tiMSOOS+111%7C112%7C12*.1117097-65672862%7C121%7C13,idMap:12*,rmeas:1,rend:1,renddet:IMG.qs,siq:198,slid:%5Bplacement_421709_0_iframe,placement_421709_0,custom_html-4,sidebar-primary,content,page%5D,sinceFw:80,readyFired:true%7D&br=g HTTP/1.1
Host: dt.adsafeprotected.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 29 Sep 2022 02:45:55 GMT
content-type: image/gif
content-length: 43
server: nginx
p3p: CP="COM NAV INT STA NID OUR IND NOI"
pragma: no-cache
cache-control: no-cache
x-server-name: dt13.or.303net.net
X-Firefox-Spdy: h2
dt.adsafeprotected.com/dt?advEntityId=1117097&asId=570be69b-ec6e-d80f-92c1-7cd4cd882714&tv=%7Bc:pzgccG,pingTime:-10,time:618,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEwMDJ8fDEyODB8fDF8fDF8fDI0fHwxMDI0fHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDUvNHx8NS80fHwwfHwxMjgw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDEwMDEwMXx8MHx8TW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjB8fDF8fDF8fG58fG4-,ch:n,fsc:17.6.2v222220222000022202200000220000000220002002220000200202000222000220200000000000202202200002202222200000000000020020000022000000022220022200000222202022200002020222002222202202222202022222022220000220200000022222222220222222222222202222222222222222222222222222222222222200000022022020020202222222202002020022222222000000000020222202022222020002220022020000220000000002000022202220000022200202202220022000200222022220200022020222200222222020002200200022222222202222002002022002222200000000020200000000000000202220,asp:1664419552721%7C%7C3eab66f3f8e7583ed83860fb159b2d20%7C%7C9df76ce1ec81221482cf5ba7f1d27150%7C%7Cbaa18ecdfd19c9049959ebd59dffe0cb%7C%7C7461976abca2b920e54d803cc190bc2e%7C%7Cdbc396cfd9a3e9dd8eb17ff52eb39e20%7C%7Cc69b165f2b884ba0d7ceadd0c81cbc0d%7C%7C08c3aef92490d7cd13b7a5155f33c19b%7C%7C1663701684%7D
52.88.187.127200 OK 43 B URL HTTP/2 dt.adsafeprotected.com/dt?advEntityId=1117097&asId=570be69b-ec6e-d80f-92c1-7cd4cd882714&tv=%7Bc:pzgccG,pingTime:-10,time:618,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEwMDJ8fDEyODB8fDF8fDF8fDI0fHwxMDI0fHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDUvNHx8NS80fHwwfHwxMjgw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDEwMDEwMXx8MHx8TW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjB8fDF8fDF8fG58fG4-,ch:n,fsc:17.6.2v222220222000022202200000220000000220002002220000200202000222000220200000000000202202200002202222200000000000020020000022000000022220022200000222202022200002020222002222202202222202022222022220000220200000022222222220222222222222202222222222222222222222222222222222222200000022022020020202222222202002020022222222000000000020222202022222020002220022020000220000000002000022202220000022200202202220022000200222022220200022020222200222222020002200200022222222202222002002022002222200000000020200000000000000202220,asp:1664419552721%7C%7C3eab66f3f8e7583ed83860fb159b2d20%7C%7C9df76ce1ec81221482cf5ba7f1d27150%7C%7Cbaa18ecdfd19c9049959ebd59dffe0cb%7C%7C7461976abca2b920e54d803cc190bc2e%7C%7Cdbc396cfd9a3e9dd8eb17ff52eb39e20%7C%7Cc69b165f2b884ba0d7ceadd0c81cbc0d%7C%7C08c3aef92490d7cd13b7a5155f33c19b%7C%7C1663701684%7D
IP 52.88.187.127:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /dt?advEntityId=1117097&asId=570be69b-ec6e-d80f-92c1-7cd4cd882714&tv=%7Bc:pzgccG,pingTime:-10,time:618,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEwMDJ8fDEyODB8fDF8fDF8fDI0fHwxMDI0fHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDUvNHx8NS80fHwwfHwxMjgw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDEwMDEwMXx8MHx8TW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjB8fDF8fDF8fG58fG4-,ch:n,fsc:17.6.2v222220222000022202200000220000000220002002220000200202000222000220200000000000202202200002202222200000000000020020000022000000022220022200000222202022200002020222002222202202222202022222022220000220200000022222222220222222222222202222222222222222222222222222222222222200000022022020020202222222202002020022222222000000000020222202022222020002220022020000220000000002000022202220000022200202202220022000200222022220200022020222200222222020002200200022222222202222002002022002222200000000020200000000000000202220,asp:1664419552721%7C%7C3eab66f3f8e7583ed83860fb159b2d20%7C%7C9df76ce1ec81221482cf5ba7f1d27150%7C%7Cbaa18ecdfd19c9049959ebd59dffe0cb%7C%7C7461976abca2b920e54d803cc190bc2e%7C%7Cdbc396cfd9a3e9dd8eb17ff52eb39e20%7C%7Cc69b165f2b884ba0d7ceadd0c81cbc0d%7C%7C08c3aef92490d7cd13b7a5155f33c19b%7C%7C1663701684%7D HTTP/1.1
Host: dt.adsafeprotected.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 29 Sep 2022 02:45:55 GMT
content-type: image/gif
content-length: 43
server: nginx
p3p: CP="COM NAV INT STA NID OUR IND NOI"
pragma: no-cache
cache-control: no-cache
x-server-name: dt12.or.303net.net
X-Firefox-Spdy: h2
dt.adsafeprotected.com/dt?advEntityId=1117097&asId=7fe6e3a9-6007-7d10-52ba-08d39d3ae46f&tv=%7Bc:pzgccQ,pingTime:-10,time:626,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEwMDJ8fDEyODB8fDF8fDF8fDI0fHwxMDI0fHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDUvNHx8NS80fHwwfHwxMjgw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDEwMDEwMXx8MHx8TW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjB8fDF8fDF8fG58fG4-,ch:n,fsc:17.6.2v222220222000022202200000220000000220002002220000200202000222000220200000000000202202200002202222200000000000020020000022000000022220022200000222202022200002020222002222202202222202022222022220000220200000022222222220222222222222202222222222222222222222222222222222222200000022022020020202222222202002020022222222000000000020222202022222020002220022020000220000000002000022202220000022200202202220022000200222022220200022020222200222222020002200200022222222202222002002022002222200000000020200000000000000202220,asp:1664419552731%7C%7C17ec6b17aacce2a5eff6c28322ba47da%7C%7C9df76ce1ec81221482cf5ba7f1d27150%7C%7C9b0a5cac6122457cc6c3478d5f292269%7C%7C0a6937a20bbd7b90b3eaeab526f263fb%7C%7C740cf32225b8cd85eff9c547d0740c9d%7C%7Cccf2edb10a1b6e741a5c6a26ee093ad8%7C%7C3fc43bf46d08f9a981c415aa63426062%7C%7C1663701684%7D
52.88.187.127200 OK 43 B URL HTTP/2 dt.adsafeprotected.com/dt?advEntityId=1117097&asId=7fe6e3a9-6007-7d10-52ba-08d39d3ae46f&tv=%7Bc:pzgccQ,pingTime:-10,time:626,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEwMDJ8fDEyODB8fDF8fDF8fDI0fHwxMDI0fHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDUvNHx8NS80fHwwfHwxMjgw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDEwMDEwMXx8MHx8TW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjB8fDF8fDF8fG58fG4-,ch:n,fsc:17.6.2v222220222000022202200000220000000220002002220000200202000222000220200000000000202202200002202222200000000000020020000022000000022220022200000222202022200002020222002222202202222202022222022220000220200000022222222220222222222222202222222222222222222222222222222222222200000022022020020202222222202002020022222222000000000020222202022222020002220022020000220000000002000022202220000022200202202220022000200222022220200022020222200222222020002200200022222222202222002002022002222200000000020200000000000000202220,asp:1664419552731%7C%7C17ec6b17aacce2a5eff6c28322ba47da%7C%7C9df76ce1ec81221482cf5ba7f1d27150%7C%7C9b0a5cac6122457cc6c3478d5f292269%7C%7C0a6937a20bbd7b90b3eaeab526f263fb%7C%7C740cf32225b8cd85eff9c547d0740c9d%7C%7Cccf2edb10a1b6e741a5c6a26ee093ad8%7C%7C3fc43bf46d08f9a981c415aa63426062%7C%7C1663701684%7D
IP 52.88.187.127:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /dt?advEntityId=1117097&asId=7fe6e3a9-6007-7d10-52ba-08d39d3ae46f&tv=%7Bc:pzgccQ,pingTime:-10,time:626,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEwMDJ8fDEyODB8fDF8fDF8fDI0fHwxMDI0fHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDUvNHx8NS80fHwwfHwxMjgw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDEwMDEwMXx8MHx8TW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjo5Ni4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94Lzk2LjB8fDF8fDF8fG58fG4-,ch:n,fsc:17.6.2v222220222000022202200000220000000220002002220000200202000222000220200000000000202202200002202222200000000000020020000022000000022220022200000222202022200002020222002222202202222202022222022220000220200000022222222220222222222222202222222222222222222222222222222222222200000022022020020202222222202002020022222222000000000020222202022222020002220022020000220000000002000022202220000022200202202220022000200222022220200022020222200222222020002200200022222222202222002002022002222200000000020200000000000000202220,asp:1664419552731%7C%7C17ec6b17aacce2a5eff6c28322ba47da%7C%7C9df76ce1ec81221482cf5ba7f1d27150%7C%7C9b0a5cac6122457cc6c3478d5f292269%7C%7C0a6937a20bbd7b90b3eaeab526f263fb%7C%7C740cf32225b8cd85eff9c547d0740c9d%7C%7Cccf2edb10a1b6e741a5c6a26ee093ad8%7C%7C3fc43bf46d08f9a981c415aa63426062%7C%7C1663701684%7D HTTP/1.1
Host: dt.adsafeprotected.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 29 Sep 2022 02:45:55 GMT
content-type: image/gif
content-length: 43
server: nginx
p3p: CP="COM NAV INT STA NID OUR IND NOI"
pragma: no-cache
cache-control: no-cache
x-server-name: dt09.or.303net.net
X-Firefox-Spdy: h2
static.adsafeprotected.com/sca.17.6.2.js
54.230.111.33200 OK 23 kB URL HTTP/2 static.adsafeprotected.com/sca.17.6.2.js
IP 54.230.111.33:0
Hash aed398586440ec9726d44912bfa4a5a4
73c6ece9201bcaf49ce893bbc3781ca86f9f67c1
919fb9029f7a4451bbfc752d34bc12f78a89e1db378e2862ae079614b3b7644f
GET /sca.17.6.2.js HTTP/1.1
Host: static.adsafeprotected.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8PRgalkBiXLzsbF_oubmwpcFZWC4DvA47_OBzATR6HkoYxAALP9fxQ==
age: 644978
X-Firefox-Spdy: h2
dt.adsafeprotected.com/dt?advEntityId=1117097&asId=570be69b-ec6e-d80f-92c1-7cd4cd882714&tv=%7Bc:pzgc98,time:398,type:e,im:%7Bimprf:%7Bttecl:619,ecd:102,tsecr:18%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:399,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:135,wc:0.0.1280.939,ac:..300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B272~0%5D,as:%5B272~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:a,tt:rjss,dtt:0,fm:tiMSOOQ+11*.1117097-65672864%7C111%7C1211%7C13,idMap:11*,rmeas:1,rend:1,renddet:IMG.qs,siq:137,sis:274%7D&br=g
52.88.187.127200 OK 43 B URL HTTP/2 dt.adsafeprotected.com/dt?advEntityId=1117097&asId=570be69b-ec6e-d80f-92c1-7cd4cd882714&tv=%7Bc:pzgc98,time:398,type:e,im:%7Bimprf:%7Bttecl:619,ecd:102,tsecr:18%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:399,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:135,wc:0.0.1280.939,ac:..300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B272~0%5D,as:%5B272~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:a,tt:rjss,dtt:0,fm:tiMSOOQ+11*.1117097-65672864%7C111%7C1211%7C13,idMap:11*,rmeas:1,rend:1,renddet:IMG.qs,siq:137,sis:274%7D&br=g
IP 52.88.187.127:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /dt?advEntityId=1117097&asId=570be69b-ec6e-d80f-92c1-7cd4cd882714&tv=%7Bc:pzgc98,time:398,type:e,im:%7Bimprf:%7Bttecl:619,ecd:102,tsecr:18%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:399,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:135,wc:0.0.1280.939,ac:..300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B272~0%5D,as:%5B272~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:a,tt:rjss,dtt:0,fm:tiMSOOQ+11*.1117097-65672864%7C111%7C1211%7C13,idMap:11*,rmeas:1,rend:1,renddet:IMG.qs,siq:137,sis:274%7D&br=g HTTP/1.1
Host: dt.adsafeprotected.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 29 Sep 2022 02:45:55 GMT
content-type: image/gif
content-length: 43
server: nginx
p3p: CP="COM NAV INT STA NID OUR IND NOI"
pragma: no-cache
cache-control: no-cache
x-server-name: dt05.or.303net.net
X-Firefox-Spdy: h2
dt.adsafeprotected.com/dt?advEntityId=1117097&asId=7fe6e3a9-6007-7d10-52ba-08d39d3ae46f&tv=%7Bc:pzgc96,time:394,type:e,im:%7Bimprf:%7Bttecl:676,ecd:73,tsecr:43%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:394,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:196,wc:0.0.1280.939,ac:..160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B206~0%5D,as:%5B206~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:a,tt:rjss,dtt:0,fm:tiMSOOS+111%7C112%7C12*.1117097-65672862%7C121%7C13,idMap:12*,rmeas:1,rend:1,renddet:IMG.qs,siq:198,sis:318%7D&br=g
52.88.187.127200 OK 43 B URL HTTP/2 dt.adsafeprotected.com/dt?advEntityId=1117097&asId=7fe6e3a9-6007-7d10-52ba-08d39d3ae46f&tv=%7Bc:pzgc96,time:394,type:e,im:%7Bimprf:%7Bttecl:676,ecd:73,tsecr:43%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:394,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:196,wc:0.0.1280.939,ac:..160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B206~0%5D,as:%5B206~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:a,tt:rjss,dtt:0,fm:tiMSOOS+111%7C112%7C12*.1117097-65672862%7C121%7C13,idMap:12*,rmeas:1,rend:1,renddet:IMG.qs,siq:198,sis:318%7D&br=g
IP 52.88.187.127:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /dt?advEntityId=1117097&asId=7fe6e3a9-6007-7d10-52ba-08d39d3ae46f&tv=%7Bc:pzgc96,time:394,type:e,im:%7Bimprf:%7Bttecl:676,ecd:73,tsecr:43%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:394,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:196,wc:0.0.1280.939,ac:..160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B206~0%5D,as:%5B206~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:a,tt:rjss,dtt:0,fm:tiMSOOS+111%7C112%7C12*.1117097-65672862%7C121%7C13,idMap:12*,rmeas:1,rend:1,renddet:IMG.qs,siq:198,sis:318%7D&br=g HTTP/1.1
Host: dt.adsafeprotected.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 29 Sep 2022 02:45:55 GMT
content-type: image/gif
content-length: 43
server: nginx
p3p: CP="COM NAV INT STA NID OUR IND NOI"
pragma: no-cache
cache-control: no-cache
x-server-name: dt07.or.303net.net
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F783cca30-851d-4c3b-97b3-dfc92f711d23.jpeg
34.120.237.76200 OK 4.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F783cca30-851d-4c3b-97b3-dfc92f711d23.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aed4d25286420a1405c3274931194002
c17c7bdfa4b40f9a0634da65c610869e5c410bf1
f32058bdd49930b927d1f9fdfd204ed054b4f85e0d679eff067d522d42ac504a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F783cca30-851d-4c3b-97b3-dfc92f711d23.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4093
x-amzn-requestid: 4275d743-8507-4fbe-83d1-cc0da2adef7b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMKoPHCMIAMF7wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be34-5ddb717430e7b38e3ee53657;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:35:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: H713oiiX6wslZytV_P5NblH5vT7KZ2fv1G3DLKLrH5nw0lHOquia4w==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:40:48 GMT
etag: "c17c7bdfa4b40f9a0634da65c610869e5c410bf1"
content-type: image/jpeg
age: 18312
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fw.adsafeprotected.com/rjss/st/1117097/65672862/skeleton.js
34.241.76.101200 OK 0 B URL HTTP/2 fw.adsafeprotected.com/rjss/st/1117097/65672862/skeleton.js
IP 34.241.76.101:0
GET /rjss/st/1117097/65672862/skeleton.js HTTP/1.1
Host: fw.adsafeprotected.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 29 Sep 2022 02:45:54 GMT
content-type: application/javascript;charset=utf-8
pragma: no-cache
cache-control: no-cache
expires: Wed, 31 Dec 1969 23:59:59 GMT
access-control-allow-origin: fw.adsafeprotected.com
access-control-allow-credentials: true
vary: accept-encoding
content-encoding: gzip
X-Firefox-Spdy: h2
servedbyadbutler.com/app.js
162.55.246.61200 OK 0 B URL HTTP/2 servedbyadbutler.com/app.js
IP 162.55.246.61:0
ASN #24940 Hetzner Online GmbH
GET /app.js HTTP/1.1
Host: servedbyadbutler.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 02:45:53 GMT
content-type: application/javascript
last-modified: Fri, 09 Sep 2022 15:50:10 GMT
vary: Accept-Encoding
etag: W/"631b60b2-10987"
expires: Thu, 29 Sep 2022 03:15:53 GMT
cache-control: max-age=1800
content-encoding: gzip
X-Firefox-Spdy: h2
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
34.120.5.221200 OK 0 B URL HTTP/2 getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
IP 34.120.5.221:0
GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 02:45:51 GMT
content-type: application/json
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Miss from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: oGfeZoCWKLcv8cHv76PZrFBA6oZ93-dUBtJbZpxfll1M5MYR8xnHyQ==
content-encoding: gzip
via: 1.1 5abfab33f248090bb0f31ca137ce9464.cloudfront.net (CloudFront), 1.1 google
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
fw.adsafeprotected.com/rjss/st/1117097/65672864/skeleton.js
34.241.76.101200 OK 0 B URL HTTP/2 fw.adsafeprotected.com/rjss/st/1117097/65672864/skeleton.js
IP 34.241.76.101:0
GET /rjss/st/1117097/65672864/skeleton.js HTTP/1.1
Host: fw.adsafeprotected.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 29 Sep 2022 02:45:54 GMT
content-type: application/javascript;charset=utf-8
pragma: no-cache
cache-control: no-cache
expires: Wed, 31 Dec 1969 23:59:59 GMT
access-control-allow-origin: fw.adsafeprotected.com
access-control-allow-credentials: true
vary: accept-encoding
content-encoding: gzip
X-Firefox-Spdy: h2
rss.bloople.net/?url=https%3A%2F%2Fthetruth857632249.wordpress.com%2Ffeed&detail=-1&limit=3&showtitle=false&type=js
213.188.217.146200 OK 0 B URL HTTP/2 rss.bloople.net/?url=https%3A%2F%2Fthetruth857632249.wordpress.com%2Ffeed&detail=-1&limit=3&showtitle=false&type=js
IP 213.188.217.146:0
GET /?url=https%3A%2F%2Fthetruth857632249.wordpress.com%2Ffeed&detail=-1&limit=3&showtitle=false&type=js HTTP/1.1
Host: rss.bloople.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://wordpress.thetruthtoledo.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Fly/dcd9677e (2022-09-22)
date: Thu, 29 Sep 2022 02:45:53 GMT
content-type: text/javascript; charset=utf-8
content-encoding: gzip
x-runtime: 0.008670
x-xss-protection: 0
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: max-age=300, public
etag: W/"e7f012da0ca3b0ad2b5eace4e453ba92"
x-request-id: ba1c2fc4-caa2-4ba7-b569-dfffb991fc16
via: 2 fly.io
fly-request-id: 01GE3J5R6M1AG4Z0RQD3JY85V7-fra
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.2/wp-includes/js/mediaelement/wp-mediaelement.min.css
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.0.2/wp-includes/js/mediaelement/wp-mediaelement.min.css
IP 192.0.77.37:0
GET /c/6.0.2/wp-includes/js/mediaelement/wp-mediaelement.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 02:45:52 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
content-encoding: br
expires: Fri, 29 Sep 2023 02:45:52 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.0.2/wp-includes/js/jquery/jquery-migrate.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.0.2/wp-includes/js/jquery/jquery-migrate.min.js
IP 192.0.77.37:0
GET /c/6.0.2/wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 02:45:53 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
content-encoding: br
expires: Fri, 29 Sep 2023 02:45:53 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/11.3.2/_inc/build/carousel/jetpack-carousel.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/p/jetpack/11.3.2/_inc/build/carousel/jetpack-carousel.min.js
IP 192.0.77.37:0
GET /p/jetpack/11.3.2/_inc/build/carousel/jetpack-carousel.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 02:45:53 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 06 Sep 2022 17:22:56 GMT
content-encoding: br
expires: Fri, 29 Sep 2023 02:45:53 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
stats.wp.com/e-202239.js
192.0.76.3200 OK 0 B IP 192.0.76.3:0
GET /e-202239.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wordpress.thetruthtoledo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 02:45:53 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-3508"
content-encoding: br
expires: Sun, 17 Sep 2023 22:04:35 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2