r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8088
Expires: Tue, 13 Sep 2022 02:37:40 GMT
Date: Tue, 13 Sep 2022 00:22:52 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 12 Sep 2022 23:30:03 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: So0azJEoDNud2TAS9U2mehUHOkQaZQZ5Vqj9z78mfBBNF_7MvW5zkg==
Age: 3169
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 12 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: R4NL1DtjfMqSMgxHQv_50E1BghzbBiK2fO0CtR2xR3B_RCjMXMAxkA==
age: 61540
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 00:22:52 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.theconservativedispatch.com/2020/10/06/new-video-supports-our-initial-observations-that-blm-is-connected-to-democrats-communists-terrorists-and-china/
132.148.41.74301 Moved Permanently 0 B URL HTTP/1.1 www.theconservativedispatch.com/2020/10/06/new-video-supports-our-initial-observations-that-blm-is-connected-to-democrats-communists-terrorists-and-china/
IP 132.148.41.74:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /2020/10/06/new-video-supports-our-initial-observations-that-blm-is-connected-to-democrats-communists-terrorists-and-china/ HTTP/1.1
Host: www.theconservativedispatch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 13 Sep 2022 00:22:52 GMT
Server: Apache
X-Powered-By: PHP/7.3.33
Pragma: no-cache
X-Pingback: http://theconservativedispatch.com/xmlrpc.php
Expires: Tue, 13 Sep 2022 01:22:52 GMT
Cache-Control: max-age=3600
X-Redirect-By: WordPress
Set-Cookie: JykSQtVY_XbHfpsN=9PJ%40%5D0VdZe; expires=Wed, 14-Sep-2022 00:22:52 GMT; Max-Age=86400; path=/
vWPkrI=XjEH0NaM2Lk96C7; expires=Wed, 14-Sep-2022 00:22:52 GMT; Max-Age=86400; path=/
OLYTeqj=O%2A3bAJZnE7c; expires=Wed, 14-Sep-2022 00:22:52 GMT; Max-Age=86400; path=/
ehDIEzWbKZO=o9gGki2I; expires=Wed, 14-Sep-2022 00:22:52 GMT; Max-Age=86400; path=/
PHPSESSID=592ede1ae935ba133b902a9bbf0f0b33; path=/
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://www.theconservativedispatch.com/2020/10/06/new-video-supports-our-initial-observations-that-blm-is-connected-to-democrats-communists-terrorists-and-china/
Vary: Accept-Encoding
Content-Length: 0
Keep-Alive: timeout=5
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Mon, 12 Sep 2022 23:56:07 GMT
Expires: Tue, 13 Sep 2022 00:55:14 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: TRtPMrxdbkArdFJwtKmFptxz-f9wUyWdlxzV-xKBzd1DkcCtZs7k2A==
Age: 1606
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cb674936db4af4be99c3c397eff8c6ae
de79d76bac3fae5799b0ff35ecc19360595dfb06
992b884b64f9f6fdb76a6ba91c48fed329325b95b99d8003b282879a52093c08
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4293
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 00:22:53 GMT
Last-Modified: Mon, 12 Sep 2022 23:11:20 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
44.237.163.41101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.237.163.41:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: HKueL+9hFv0Ts1J1rTIkSQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Jl8P11LulVuKvClqg2G0WFxpdDM=
www.theconservativedispatch.com/2020/10/06/new-video-supports-our-initial-observations-that-blm-is-connected-to-democrats-communists-terrorists-and-china/
132.148.41.74301 Moved Permanently 1 B URL HTTP/2 www.theconservativedispatch.com/2020/10/06/new-video-supports-our-initial-observations-that-blm-is-connected-to-democrats-communists-terrorists-and-china/
IP 132.148.41.74:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash eccbc87e4b5ce2fe28308fd9f2a7baf3
77de68daecd823babbb58edb1c8e14d7106e83bb
4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce
Analyzer Verdict Alert fortinet Phishing
GET /2020/10/06/new-video-supports-our-initial-observations-that-blm-is-connected-to-democrats-communists-terrorists-and-china/ HTTP/1.1
Host: www.theconservativedispatch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
x-powered-by: PHP/7.3.33
pragma: no-cache
x-pingback: https://theconservativedispatch.com/xmlrpc.php
expires: Tue, 13 Sep 2022 01:22:53 GMT
cache-control: max-age=3600
x-redirect-by: WordPress
set-cookie: JykSQtVY_XbHfpsN=9PJ%40%5D0VdZe; expires=Wed, 14-Sep-2022 00:22:53 GMT; Max-Age=86400; path=/; secure
vWPkrI=XjEH0NaM2Lk96C7; expires=Wed, 14-Sep-2022 00:22:53 GMT; Max-Age=86400; path=/; secure
OLYTeqj=O%2A3bAJZnE7c; expires=Wed, 14-Sep-2022 00:22:53 GMT; Max-Age=86400; path=/; secure
ehDIEzWbKZO=o9gGki2I; expires=Wed, 14-Sep-2022 00:22:53 GMT; Max-Age=86400; path=/; secure
PHPSESSID=43ca6a00fc6cb6d3f3223422808577fe; path=/; secure
location: https://theconservativedispatch.com/2020/10/06/new-video-supports-our-initial-observations-that-blm-is-connected-to-democrats-communists-terrorists-and-china/
vary: Accept-Encoding
content-encoding: br
content-length: 1
content-type: text/html; charset=UTF-8
date: Tue, 13 Sep 2022 00:22:53 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3342
Expires: Tue, 13 Sep 2022 01:18:36 GMT
Date: Tue, 13 Sep 2022 00:22:54 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3342
Expires: Tue, 13 Sep 2022 01:18:36 GMT
Date: Tue, 13 Sep 2022 00:22:54 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3342
Expires: Tue, 13 Sep 2022 01:18:36 GMT
Date: Tue, 13 Sep 2022 00:22:54 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3342
Expires: Tue, 13 Sep 2022 01:18:36 GMT
Date: Tue, 13 Sep 2022 00:22:54 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3342
Expires: Tue, 13 Sep 2022 01:18:36 GMT
Date: Tue, 13 Sep 2022 00:22:54 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa53d9b2d-779c-43d7-b0fb-41855d1192cd.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa53d9b2d-779c-43d7-b0fb-41855d1192cd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 30cec409792503d3d6aa6f2f0d3f88da
5356b0f4f09626d23a16c950143a76f2e3dbff69
22c9ce5a29779a9851f305a7c386d758f1e2a186941be29961cf7fe5053571ff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa53d9b2d-779c-43d7-b0fb-41855d1192cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7831
x-amzn-requestid: 65494896-277e-420e-9697-3b0fe44ca01f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XtmBUHmZIAMFc0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630eea08-17755f842fb9aff80aae3124;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 04:56:40 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qhuq_KUvFJeRPGpKxHE8-ULZ0ep0nUhoOsLfsX6q7cAeOY9oiTOv2A==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 22:22:48 GMT
age: 7206
etag: "5356b0f4f09626d23a16c950143a76f2e3dbff69"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f56b68b-fb6b-46aa-8beb-0f89d14a52e9.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f56b68b-fb6b-46aa-8beb-0f89d14a52e9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 024f2b686d27f71b12fabd3acf81898f
737a9379824ccc3e211a0ec048026ab2fb2c972e
167438064a07630eba319a22be43299e520521458e66b0d129d4f27f2a75bee9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f56b68b-fb6b-46aa-8beb-0f89d14a52e9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8964
x-amzn-requestid: 40fc21d4-d600-4867-9e30-7d4348b780a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XxMYkHbdIAMFfDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63105a9d-07ea06b965d15d11536b72bf;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 07:09:17 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: 0OkU_8yVfPhq71fMaAvxRWq6RGSlUZWrLaD_I5_uzmwTwNzynU6EOw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 09:01:55 GMT
age: 55259
etag: "737a9379824ccc3e211a0ec048026ab2fb2c972e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e0f3eee-c6ea-4181-897c-ab998b1e8a08.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e0f3eee-c6ea-4181-897c-ab998b1e8a08.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f61e17a6a82bd58058fa3d2a0122207a
35814ff49d8309281c2cf8153688bb32b3f835c2
78cb7d05097cbb8f4b03e554af0e665bac92e46231a144cc05848a3f54560d9b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e0f3eee-c6ea-4181-897c-ab998b1e8a08.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6741
x-amzn-requestid: f1373ac4-6b9a-49bc-8f07-6f85baa0f92c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X7FC8GmQIAMF7Mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63144edf-68fa8db9336e27e923066ee1;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 07:08:15 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 6JTPbEGBm4EN5-7fI0oCDp65BKlTD3kx_6JzNbBaEegvtVuc_TklfQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 22:18:18 GMT
age: 7476
etag: "35814ff49d8309281c2cf8153688bb32b3f835c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106eeeca-4365-4ffc-b701-f952d0b09dcb.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106eeeca-4365-4ffc-b701-f952d0b09dcb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 47e1f64348aa12d707bf070f39877c7e
7a1f13d32de956fd50fccba0f813fb71bda79f63
9b3cee8039a2adb1291006a9ad55cd5032a2a6c10de3c5f57222692b02c0faac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106eeeca-4365-4ffc-b701-f952d0b09dcb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7965
x-amzn-requestid: c0ddd7c6-9709-4251-8e7b-4a551f9a7d2f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YBro8EjxIAMFi0g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6316f305-26023e0714937dca063dcbfa;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 07:13:09 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: M8hApWUPiRtGNRAjsaGnjo2w9myX6knC1Rk0-reejbUO7aVqYPttRw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 23:23:42 GMT
age: 3552
etag: "7a1f13d32de956fd50fccba0f813fb71bda79f63"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2fa3e758-893f-4e13-94ae-85209a30089e.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2fa3e758-893f-4e13-94ae-85209a30089e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c3057080b51e9f8360222d0bba39807f
0c9cdc03cf2b5a60542cdb91de6b7b37866254cc
303c7c2f54dd0ef80f6a7b2cc050ff118f8907a79334dcab7e8fa4d4cab3b7bb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2fa3e758-893f-4e13-94ae-85209a30089e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6670
x-amzn-requestid: 6f0e9fd2-a2a3-4b89-a109-e0ada80efb41
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X_Y9vFPHoAMFkBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63160857-3c8f54b87e1e502e2308a204;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 14:31:51 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: nfLjMEzh5cygwX91VZ8DCa_wD5a-KMQPz8xXFFDZc9qlDa-TCAiX2A==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:58:24 GMT
age: 8670
etag: "0c9cdc03cf2b5a60542cdb91de6b7b37866254cc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77296a12-991a-4ab6-9ce0-05b3a82d6664.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77296a12-991a-4ab6-9ce0-05b3a82d6664.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c1314c7778ea0d32e8c69dae0c38b6d
c4772b9b182f9f905fead84f3761fe296073ca65
5fc8dc23f9b4d150b834aa69b358edd9f9f5f449607df07d579df66098d8aac6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77296a12-991a-4ab6-9ce0-05b3a82d6664.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10366
x-amzn-requestid: e4d41ba8-41c5-4350-bacb-850136434eaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YEw28GD7IAMFjCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63182e92-4098031d1475d45f4899654b;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 05:39:30 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TPtgXtWkeCrsnGE_G-_MZj1U046kUiGsRaoGg-xCCavcQqt7p6jdwg==
via: 1.1 7d01bcfcfe27ce0b8979cf621dd081de.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:56:25 GMT
age: 8789
etag: "c4772b9b182f9f905fead84f3761fe296073ca65"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css?ver=6.0.2
104.17.25.14200 OK 5.9 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css?ver=6.0.2
IP 104.17.25.14:0
File type troff or preprocessor input, ASCII text, with very long lines (372)
Hash aa712f2a9ab349290ddbc871138b13ba
2be3765114dbce70c84786dd7d2838c7edce486c
84dce905b67560d91a9993771337d6e5946c7f1e502b5bf06fb0ef6d34b97b57
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.css?ver=6.0.2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 00:22:55 GMT
content-type: text/css; charset=utf-8
content-length: 5884
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-9226"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 975471
expires: Sun, 03 Sep 2023 00:22:55 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PC8SbDdHJdOEQQeh6aNoiuVP%2FuKgfdP0Wj4Q%2BcxAJW%2FM7D3ainrIy14t5j%2F0Q9bnum7goteUHMuNLrXvBAwk7ejsa0hCPTgUXuhT%2FgEmwtk4rZzhorLqcPaocI5nBmJOqWMwPCj6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 749cbb31ef6fb512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
theconservativedispatch.com/2020/10/06/new-video-supports-our-initial-observations-that-blm-is-connected-to-democrats-communists-terrorists-and-china/
132.148.41.74200 OK 21 kB URL HTTP/2 theconservativedispatch.com/2020/10/06/new-video-supports-our-initial-observations-that-blm-is-connected-to-democrats-communists-terrorists-and-china/
IP 132.148.41.74:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash b787a6307ecc3ed69140944685f3f3f3
ce782f9660870012ae1f285b2772ff5bfe975141
09498b54095a352bcf87d7d79b5ea60eabd0242061436e4635320b7ad5ff002e
Analyzer Verdict Alert fortinet Phishing
GET /2020/10/06/new-video-supports-our-initial-observations-that-blm-is-connected-to-democrats-communists-terrorists-and-china/ HTTP/1.1
Host: theconservativedispatch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/7.3.33
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-pingback: https://theconservativedispatch.com/xmlrpc.php
link: <https://theconservativedispatch.com/wp-json/>; rel="https://api.w.org/", <https://theconservativedispatch.com/wp-json/wp/v2/posts/23746>; rel="alternate"; type="application/json", <https://theconservativedispatch.com/?p=23746>; rel=shortlink
set-cookie: JykSQtVY_XbHfpsN=9PJ%40%5D0VdZe; expires=Wed, 14-Sep-2022 00:22:54 GMT; Max-Age=86400; path=/; secure
vWPkrI=XjEH0NaM2Lk96C7; expires=Wed, 14-Sep-2022 00:22:54 GMT; Max-Age=86400; path=/; secure
OLYTeqj=O%2A3bAJZnE7c; expires=Wed, 14-Sep-2022 00:22:54 GMT; Max-Age=86400; path=/; secure
ehDIEzWbKZO=o9gGki2I; expires=Wed, 14-Sep-2022 00:22:54 GMT; Max-Age=86400; path=/; secure
PHPSESSID=7ee28676eb66058fa56a95944cca7512; path=/; secure
vary: Accept-Encoding
content-encoding: br
content-length: 20764
content-type: text/html; charset=UTF-8
date: Tue, 13 Sep 2022 00:22:54 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6526c70eb74c821b7a95487ad9a4e13d
0b8c610a7755437ab815b845f52cbb27e6c95008
059d15ca6ac7cb1830286ae635731e03b56c01d7d050291dabe2b3f3db866c9a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 00:22:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6526c70eb74c821b7a95487ad9a4e13d
0b8c610a7755437ab815b845f52cbb27e6c95008
059d15ca6ac7cb1830286ae635731e03b56c01d7d050291dabe2b3f3db866c9a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 00:22:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6526c70eb74c821b7a95487ad9a4e13d
0b8c610a7755437ab815b845f52cbb27e6c95008
059d15ca6ac7cb1830286ae635731e03b56c01d7d050291dabe2b3f3db866c9a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 00:22:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
theconservativedispatch.com/wp-content/plugins/arscode-ninja-popups/themes/reset.min.css?ver=6.0.2
132.148.41.74200 OK 1.1 kB URL HTTP/2 theconservativedispatch.com/wp-content/plugins/arscode-ninja-popups/themes/reset.min.css?ver=6.0.2
IP 132.148.41.74:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (4119), with no line terminators
Hash 2d2f7ad5b15e8ef7bb18ad0beb9a952f
e058a1f4009870530c6d8cd194ae3642b831ece4
6ec4b126630c7e9cb36eaa607eaa1289d382bf911459a594de7571cab83073b5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/arscode-ninja-popups/themes/reset.min.css?ver=6.0.2 HTTP/1.1
Host: theconservativedispatch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/2020/10/06/new-video-supports-our-initial-observations-that-blm-is-connected-to-democrats-communists-terrorists-and-china/
Cookie: JykSQtVY_XbHfpsN=9PJ%40%5D0VdZe; vWPkrI=XjEH0NaM2Lk96C7; OLYTeqj=O%2A3bAJZnE7c; ehDIEzWbKZO=o9gGki2I; PHPSESSID=7ee28676eb66058fa56a95944cca7512
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 12 Apr 2020 19:24:03 GMT
etag: "6e170e-1017-5a31ce8c21ac0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1070
content-type: text/css
date: Tue, 13 Sep 2022 00:22:55 GMT
server: Apache
X-Firefox-Spdy: h2
theconservativedispatch.com/wp-content/plugins/arscode-ninja-popups/themes/builder/style.css?ver=6.0.2
132.148.41.74200 OK 903 B URL HTTP/2 theconservativedispatch.com/wp-content/plugins/arscode-ninja-popups/themes/builder/style.css?ver=6.0.2
IP 132.148.41.74:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 6038dd46a5f04520f4b03d75f394c597
1157c618de4c1d5ced266c7589edcbc9b4239cb0
4434b976643f263a5459024c45c2f9b916359805a64708c5b3f0703eafaf4ffe
GET /wp-content/plugins/arscode-ninja-popups/themes/builder/style.css?ver=6.0.2 HTTP/1.1
Host: theconservativedispatch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/2020/10/06/new-video-supports-our-initial-observations-that-blm-is-connected-to-democrats-communists-terrorists-and-china/
Cookie: JykSQtVY_XbHfpsN=9PJ%40%5D0VdZe; vWPkrI=XjEH0NaM2Lk96C7; OLYTeqj=O%2A3bAJZnE7c; ehDIEzWbKZO=o9gGki2I; PHPSESSID=7ee28676eb66058fa56a95944cca7512
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 12 Apr 2020 19:24:03 GMT
etag: "74163d-1173-5a31ce8c21ac0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 903
content-type: text/css
date: Tue, 13 Sep 2022 00:22:55 GMT
server: Apache
X-Firefox-Spdy: h2
theconservativedispatch.com/wp-content/plugins/wp-autonomous-rss/public/css/wp-autonomous-rss-public.css?ver=1.0.0
132.148.41.74200 OK 172 B URL HTTP/2 theconservativedispatch.com/wp-content/plugins/wp-autonomous-rss/public/css/wp-autonomous-rss-public.css?ver=1.0.0
IP 132.148.41.74:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 564015ee0c794fa793efaca6c99fd85b
eba4c0d512498fec33d53ff5cfd878d425d69dec
04cb71bb79d3a848c5e749c007081bcfac75a77a9ad3aa03336a62eb5964b740
GET /wp-content/plugins/wp-autonomous-rss/public/css/wp-autonomous-rss-public.css?ver=1.0.0 HTTP/1.1
Host: theconservativedispatch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/2020/10/06/new-video-supports-our-initial-observations-that-blm-is-connected-to-democrats-communists-terrorists-and-china/
Cookie: JykSQtVY_XbHfpsN=9PJ%40%5D0VdZe; vWPkrI=XjEH0NaM2Lk96C7; OLYTeqj=O%2A3bAJZnE7c; ehDIEzWbKZO=o9gGki2I; PHPSESSID=7ee28676eb66058fa56a95944cca7512
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 04 Jan 2021 16:02:30 GMT
etag: "15e092c-1c0-5b8153796b180-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 172
content-type: text/css
date: Tue, 13 Sep 2022 00:22:55 GMT
server: Apache
X-Firefox-Spdy: h2
theconservativedispatch.com/wp-content/plugins/wp-autonomous-youtube/public/css/wp-autonomous-youtube-public.css?ver=1.0.0
132.148.41.74200 OK 195 B URL HTTP/2 theconservativedispatch.com/wp-content/plugins/wp-autonomous-youtube/public/css/wp-autonomous-youtube-public.css?ver=1.0.0
IP 132.148.41.74:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash b78bf1f591f6ff5ad7dca0ad7f6b53d1
379a93f640de099afc43150d82d3a540e6812ab2
0e74b27ce3c1728ba75faee99f0260c98d84b61b2f140277388a98f1b8490f6b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-autonomous-youtube/public/css/wp-autonomous-youtube-public.css?ver=1.0.0 HTTP/1.1
Host: theconservativedispatch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/2020/10/06/new-video-supports-our-initial-observations-that-blm-is-connected-to-democrats-communists-terrorists-and-china/
Cookie: JykSQtVY_XbHfpsN=9PJ%40%5D0VdZe; vWPkrI=XjEH0NaM2Lk96C7; OLYTeqj=O%2A3bAJZnE7c; ehDIEzWbKZO=o9gGki2I; PHPSESSID=7ee28676eb66058fa56a95944cca7512
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 04 Jan 2021 16:02:55 GMT
etag: "7c1647-221-5b815391429c0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 195
content-type: text/css
date: Tue, 13 Sep 2022 00:22:55 GMT
server: Apache
X-Firefox-Spdy: h2
image.cnbcfm.com/api/v1/image/106979937-1637758641413-gettyimages-1236759347-877435-LA-ME-Holliday-travel-LAX_2_AJS.jpeg?v=1663002286&w=1920&h=1080
23.32.109.200200 OK 273 kB URL HTTP/2 image.cnbcfm.com/api/v1/image/106979937-1637758641413-gettyimages-1236759347-877435-LA-ME-Holliday-travel-LAX_2_AJS.jpeg?v=1663002286&w=1920&h=1080
IP 23.32.109.200:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3\012- data
Size 273 kB (272688 bytes)
Hash 602c291f4b1c18e213493e57c596b7ea
f7d14ba89d1fc61525732b666bc876bdb02330ec
02eaaafc1d98b6f797eb23caca1e56909ee48244cf1ac7a38a92b6b69a6763f3
GET /api/v1/image/106979937-1637758641413-gettyimages-1236759347-877435-LA-ME-Holliday-travel-LAX_2_AJS.jpeg?v=1663002286&w=1920&h=1080 HTTP/1.1
Host: image.cnbcfm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 272688
x-application-context: application:prod:18089
imageservice-release-version: 2.0.14
imageservice-application-version: v1
imageservice-revision: c1a8a89529ee421fc42b922163fec3878653a4d1
imageservice-requestid: H-1663002423001-40194415
access-control-allow-origin: *
access-control-allow-credentials: *
x-aicache-os: xxx.xx.4.65:18089
cache-control: max-age=2592000
expires: Thu, 13 Oct 2022 00:22:55 GMT
date: Tue, 13 Sep 2022 00:22:55 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 9dc277657a2613fb752e8066f46f43d8
e299e12dd4c56810905bc119b71b64873256dd7d
f74b179d73826646adb3463b5b4354473aaca636f1c53af3ec910f38f1be0b2f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 13 Sep 2022 00:22:55 GMT
Last-Modified: Mon, 12 Sep 2022 23:28:32 GMT
Server: ECS (bsa/EB1D)
X-Cache: Miss from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: XeNAodxNmF7-v-5fswLwUCEkQDRKWHWhCFXFZt_8ed4DRSttAQoFdA==
Age: 3263
theconservativedispatch.com/wp-content/themes/disruptpress/css/responsive-menu.css?ver=6.0.2
132.148.41.74200 OK 1.4 kB URL HTTP/2 theconservativedispatch.com/wp-content/themes/disruptpress/css/responsive-menu.css?ver=6.0.2
IP 132.148.41.74:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (554)
Hash 366b8644eb66c449bec788b8c9870fa4
70cb81bf20833256196cf6115ae3e26dd0abcdc6
c2eb99cba2c3fcc75f6845b535fc45c381ac0f95685d6f6b4709e49fc502ccd3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/disruptpress/css/responsive-menu.css?ver=6.0.2 HTTP/1.1
Host: theconservativedispatch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/2020/10/06/new-video-supports-our-initial-observations-that-blm-is-connected-to-democrats-communists-terrorists-and-china/
Cookie: JykSQtVY_XbHfpsN=9PJ%40%5D0VdZe; vWPkrI=XjEH0NaM2Lk96C7; OLYTeqj=O%2A3bAJZnE7c; ehDIEzWbKZO=o9gGki2I; PHPSESSID=7ee28676eb66058fa56a95944cca7512
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 18 May 2020 12:13:32 GMT
etag: "803c20-1206-5a5eb1765d300-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1423
content-type: text/css
date: Tue, 13 Sep 2022 00:22:55 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6526c70eb74c821b7a95487ad9a4e13d
0b8c610a7755437ab815b845f52cbb27e6c95008
059d15ca6ac7cb1830286ae635731e03b56c01d7d050291dabe2b3f3db866c9a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 00:22:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
platform.twitter.com/widgets.js?ver=3
151.101.84.157200 OK 29 kB URL HTTP/2 platform.twitter.com/widgets.js?ver=3
IP 151.101.84.157:0
File type Unicode text, UTF-8 text, with very long lines (33915)
Hash 8f378d26acad29e3c7e0980df0f09106
e10d14b287d22786ad0ae0a59e578282d700fba9
da23fe862ea27708533fc25453d57676907259c6dced22bd591493b323ef8d57
GET /widgets.js?ver=3 HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Wed, 31 Aug 2022 20:41:50 GMT
cache-control: public, max-age=1800
content-type: application/javascript; charset=utf-8
etag: "f116c7e6b28e2aebeb60ade5bdc8e2b4+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Tue, 13 Sep 2022 00:22:55 GMT
x-served-by: cache-iad-kjyo7100118-IAD, cache-bma1639-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 29220
X-Firefox-Spdy: h2
e3.365dm.com/22/09/1600x900/skynews-jay-albert-stevens_5896718.jpg?20220912172640
23.33.119.16200 OK 92 kB URL HTTP/2 e3.365dm.com/22/09/1600x900/skynews-jay-albert-stevens_5896718.jpg?20220912172640
IP 23.33.119.16:0
ASN #20940 Akamai International B.V.
File type JPEG image data, baseline, precision 8, 1600x900, components 3\012- data
Hash 59d8ba781ed3aa89f9b47c707b8cb8e4
6c0daa15b52491b0547336a66a55dec5a39c8c46
777846cb5239ba5f8ab0007c9b14bcfffb00a6be73f09a929a8e31f17770599b
GET /22/09/1600x900/skynews-jay-albert-stevens_5896718.jpg?20220912172640 HTTP/1.1
Host: e3.365dm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 92112
server: none
cache-control: public, max-age=576663, s-maxage=15552000
expires: Mon, 19 Sep 2022 16:33:58 GMT
date: Tue, 13 Sep 2022 00:22:55 GMT
X-Firefox-Spdy: h2
theconservativedispatch.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
132.148.41.74200 OK 11 kB URL HTTP/2 theconservativedispatch.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP 132.148.41.74:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (43771)
Hash 069a79d16ded6a02071f286cd2025c44
dd5970e01b8a10dadcf074f72a1c8095f25e947a
78261bccee805c6913bf7e23e2e25314f05f690300a77a40ca36e1e516b20203
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: theconservativedispatch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/2020/10/06/new-video-supports-our-initial-observations-that-blm-is-connected-to-democrats-communists-terrorists-and-china/
Cookie: JykSQtVY_XbHfpsN=9PJ%40%5D0VdZe; vWPkrI=XjEH0NaM2Lk96C7; OLYTeqj=O%2A3bAJZnE7c; ehDIEzWbKZO=o9gGki2I; PHPSESSID=7ee28676eb66058fa56a95944cca7512
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 12 Jul 2022 19:39:38 GMT
etag: "1600ad8-15b64-5e3a0d433f280-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 10912
content-type: text/css
date: Tue, 13 Sep 2022 00:22:55 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 7098fff9d493d4afb692318adc49a294
e56e812430a8869637fea127195fd35bd583667e
badb826641ec7118ce46c3e447b5057fc8ceab8238c9e8fdab4e6c7d4fe4849e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 13 Sep 2022 00:22:55 GMT
Last-Modified: Mon, 12 Sep 2022 23:25:05 GMT
Server: ECS (nyb/1D25)
X-Cache: Miss from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: sfPR3ILZF1Qm3_3XJXIl4lhGFQr3WBKTnzAvBNvrD11FHQreH6tt0Q==
Age: 3470
cdn.newsbusters.org/styles/mobile_thumb_700x400_/s3/2022-09/Alisyn%20Camerota.jpg?itok=I_jQ9dW6
143.204.55.65200 OK 106 kB URL HTTP/2 cdn.newsbusters.org/styles/mobile_thumb_700x400_/s3/2022-09/Alisyn%20Camerota.jpg?itok=I_jQ9dW6
IP 143.204.55.65:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 700x400, components 3\012- data
Size 106 kB (105805 bytes)
Hash a0ec63a252df5acc9cdffb9ba1f4af55
92c46a0833baf7d370db37d862584bd6f631bff9
ca1d3d46a7a30bf9b70847f17a80ae57bc37dad5e33dc5eacc29c410566d89cf
GET /styles/mobile_thumb_700x400_/s3/2022-09/Alisyn%20Camerota.jpg?itok=I_jQ9dW6 HTTP/1.1
Host: cdn.newsbusters.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 105805
date: Mon, 12 Sep 2022 16:54:53 GMT
last-modified: Mon, 12 Sep 2022 16:46:51 GMT
etag: "a0ec63a252df5acc9cdffb9ba1f4af55"
cache-control: public,max-age=604800
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 2Xl80390Z3GfjBtuAalxbHPpHS2ILUc1nXAipGyD8cE6gxKseWiMfQ==
age: 26883
X-Firefox-Spdy: h2
cdn.newsbusters.org/styles/mobile_thumb_700x400_/s3/2022-09/Meet%20the%20Press%20-%2010_30_01%20AM-7.jpg?itok=D8p98fuH
143.204.55.65200 OK 147 kB URL HTTP/2 cdn.newsbusters.org/styles/mobile_thumb_700x400_/s3/2022-09/Meet%20the%20Press%20-%2010_30_01%20AM-7.jpg?itok=D8p98fuH
IP 143.204.55.65:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 700x400, components 3\012- data
Size 147 kB (147361 bytes)
Hash f53bb2ac5e5c5ca3c2e16e57a9c77f60
a7dae8026abe796d70423f3aadab9ed31de4abbe
b29938f62e5685372a5f462e2776a9a4b5d182028a8f07b67eb14c56e5593239
GET /styles/mobile_thumb_700x400_/s3/2022-09/Meet%20the%20Press%20-%2010_30_01%20AM-7.jpg?itok=D8p98fuH HTTP/1.1
Host: cdn.newsbusters.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 147361
date: Sun, 11 Sep 2022 18:57:44 GMT
last-modified: Sun, 11 Sep 2022 18:54:36 GMT
etag: "f53bb2ac5e5c5ca3c2e16e57a9c77f60"
cache-control: public,max-age=604800
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _QIFbcKuUpiW-ISuBfzJKsWzsjcUwEH-lsCZxqR9-KXLvCCFaIAVxA==
age: 105912
X-Firefox-Spdy: h2
cdn.newsbusters.org/styles/mobile_thumb_700x400_/s3/2022-09/KamalaHarrisBlunders2Main.PNG?itok=scTE9pt1
143.204.55.65200 OK 396 kB URL HTTP/2 cdn.newsbusters.org/styles/mobile_thumb_700x400_/s3/2022-09/KamalaHarrisBlunders2Main.PNG?itok=scTE9pt1
IP 143.204.55.65:0
File type PNG image data, 700 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size 396 kB (396425 bytes)
Hash 2f9e6f1ee24e36705577398dfae8dbe7
e49772383765dc3d64d6616ce596bf2b097090ff
734765f2f5f891542f326267d8fc26c5d92827b2947ec7121d7b4667d124c270
GET /styles/mobile_thumb_700x400_/s3/2022-09/KamalaHarrisBlunders2Main.PNG?itok=scTE9pt1 HTTP/1.1
Host: cdn.newsbusters.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 396425
date: Mon, 12 Sep 2022 17:39:07 GMT
last-modified: Mon, 12 Sep 2022 17:39:00 GMT
etag: "2f9e6f1ee24e36705577398dfae8dbe7"
cache-control: public,max-age=604800
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4tWIvtgpupYfDQsNbhhaYMtfhBW_Km6dW5hnuSF8BLc_OedT7lLABw==
age: 24229
X-Firefox-Spdy: h2
theconservativedispatch.com/wp-content/uploads/disruptpress/style.css?ver=6.0.2
132.148.41.74200 OK 11 kB URL HTTP/2 theconservativedispatch.com/wp-content/uploads/disruptpress/style.css?ver=6.0.2
IP 132.148.41.74:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (2334)
Hash 2e81251716c4c4a62fab0db251ea1cb5
7b927b04ed80bfec7856aca07b265c1076a69c79
f28400828d3326585806b6640c59b8bd99eea6122c5d8402822895eac71a2d9c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/disruptpress/style.css?ver=6.0.2 HTTP/1.1
Host: theconservativedispatch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/2020/10/06/new-video-supports-our-initial-observations-that-blm-is-connected-to-democrats-communists-terrorists-and-china/
Cookie: JykSQtVY_XbHfpsN=9PJ%40%5D0VdZe; vWPkrI=XjEH0NaM2Lk96C7; OLYTeqj=O%2A3bAJZnE7c; ehDIEzWbKZO=o9gGki2I; PHPSESSID=7ee28676eb66058fa56a95944cca7512
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 23 May 2020 02:08:39 GMT
etag: "12c1922-f921-5a647395f77c0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 11183
content-type: text/css
date: Tue, 13 Sep 2022 00:22:55 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 06b0e73bc8ae986d95cbc84fa0db1a1b
6a55292cb8ad7d12ed8efae5d95bb9373b4bc630
b743f3d48bd2544725c958ebf422c9d103d6e6799ec40f9198a98b71c2e41fcf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B743F3D48BD2544725C958EBF422C9D103D6E6799EC40F9198A98B71C2E41FCF"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10227
Expires: Tue, 13 Sep 2022 03:13:22 GMT
Date: Tue, 13 Sep 2022 00:22:55 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 06b0e73bc8ae986d95cbc84fa0db1a1b
6a55292cb8ad7d12ed8efae5d95bb9373b4bc630
b743f3d48bd2544725c958ebf422c9d103d6e6799ec40f9198a98b71c2e41fcf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B743F3D48BD2544725C958EBF422C9D103D6E6799EC40F9198A98B71C2E41FCF"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10177
Expires: Tue, 13 Sep 2022 03:12:32 GMT
Date: Tue, 13 Sep 2022 00:22:55 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fc6c757633bf32a75211f213dc91523f
dcefc29672608c36ce64a92b2e9041e4fd743550
a5dae6dd1ccdee1212bde1ca570337ba9195425a9c82aca0e9c088899644d700
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A5DAE6DD1CCDEE1212BDE1CA570337BA9195425A9C82ACA0E9C088899644D700"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5083
Expires: Tue, 13 Sep 2022 01:47:38 GMT
Date: Tue, 13 Sep 2022 00:22:55 GMT
Connection: keep-alive
theconservativedispatch.com/wp-includes/css/dashicons.min.css?ver=6.0.2
132.148.41.74200 OK 35 kB URL HTTP/2 theconservativedispatch.com/wp-includes/css/dashicons.min.css?ver=6.0.2
IP 132.148.41.74:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (58981)
Hash 7fbcc041be6ad8d6c01df3697646add7
cd0d65c3a45063f698a57cc71a8ee2ddd55514d6
0711b72619b3527b17a64dfb69e3141e29d3aae5d1a02c8bf9c06b710d30f900
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dashicons.min.css?ver=6.0.2 HTTP/1.1
Host: theconservativedispatch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/2020/10/06/new-video-supports-our-initial-observations-that-blm-is-connected-to-democrats-communists-terrorists-and-china/
Cookie: JykSQtVY_XbHfpsN=9PJ%40%5D0VdZe; vWPkrI=XjEH0NaM2Lk96C7; OLYTeqj=O%2A3bAJZnE7c; ehDIEzWbKZO=o9gGki2I; PHPSESSID=7ee28676eb66058fa56a95944cca7512
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 03 Mar 2021 21:16:22 GMT
etag: "6a4435-e688-5bca85cdbf580-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 35109
content-type: text/css
date: Tue, 13 Sep 2022 00:22:55 GMT
server: Apache
X-Firefox-Spdy: h2
theconservativedispatch.com/wp-content/themes/disruptpress/bxslider/jquery.bxslider.min.css?ver=6.0.2
132.148.41.74200 OK 720 B URL HTTP/2 theconservativedispatch.com/wp-content/themes/disruptpress/bxslider/jquery.bxslider.min.css?ver=6.0.2
IP 132.148.41.74:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (2978), with no line terminators
Hash 81d63aa0f1df7d7da3a479ab9760bd83
810365eecc7ac1122aee1ab95ca7713bb6a5ef56
a69e138dacd89109f708a24462a0c37d2310ae2688dde2f4c642be3882ca2b3f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/disruptpress/bxslider/jquery.bxslider.min.css?ver=6.0.2 HTTP/1.1
Host: theconservativedispatch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/2020/10/06/new-video-supports-our-initial-observations-that-blm-is-connected-to-democrats-communists-terrorists-and-china/
Cookie: JykSQtVY_XbHfpsN=9PJ%40%5D0VdZe; vWPkrI=XjEH0NaM2Lk96C7; OLYTeqj=O%2A3bAJZnE7c; ehDIEzWbKZO=o9gGki2I; PHPSESSID=7ee28676eb66058fa56a95944cca7512
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 18 May 2020 12:13:25 GMT
etag: "7e183a-ba2-5a5eb16fb0340-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 720
content-type: text/css
date: Tue, 13 Sep 2022 00:22:55 GMT
server: Apache
X-Firefox-Spdy: h2
theconservativedispatch.com/wp-content/plugins/recent-posts-widget-with-thumbnails/public.css?ver=7.1.1
132.148.41.74200 OK 434 B URL HTTP/2 theconservativedispatch.com/wp-content/plugins/recent-posts-widget-with-thumbnails/public.css?ver=7.1.1
IP 132.148.41.74:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (404)
Hash 867f41c6dd5e548aac61831c2b65031d
775a5bbd078d73ab01c783867f6f4dcb7e1972fc
5376b41851fbdd799c7b3ab2bf5acba4f9b91a2259adf437c1a105cb9671f0b6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/recent-posts-widget-with-thumbnails/public.css?ver=7.1.1 HTTP/1.1
Host: theconservativedispatch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/2020/10/06/new-video-supports-our-initial-observations-that-blm-is-connected-to-democrats-communists-terrorists-and-china/
Cookie: JykSQtVY_XbHfpsN=9PJ%40%5D0VdZe; vWPkrI=XjEH0NaM2Lk96C7; OLYTeqj=O%2A3bAJZnE7c; ehDIEzWbKZO=o9gGki2I; PHPSESSID=7ee28676eb66058fa56a95944cca7512
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 29 Jul 2021 19:39:57 GMT
etag: "6c231f-510-5c848448f5d40-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 434
content-type: text/css
date: Tue, 13 Sep 2022 00:22:55 GMT
server: Apache
X-Firefox-Spdy: h2
theconservativedispatch.com/wp-content/themes/disruptpress/js/disruptpress.js?ver=1.0.0
132.148.41.74200 OK 214 B URL HTTP/2 theconservativedispatch.com/wp-content/themes/disruptpress/js/disruptpress.js?ver=1.0.0
IP 132.148.41.74:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with CRLF line terminators
Hash 1691df5b7fdbbc8cf00de9bd66a98ea9
c335f51a581416c55537b8f5d8d945999bb3e280
f6b08e335f4636746bcdc993c46bc5a917b66dc51465d51616ed788f6f2ad4e9
GET /wp-content/themes/disruptpress/js/disruptpress.js?ver=1.0.0 HTTP/1.1
Host: theconservativedispatch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/2020/10/06/new-video-supports-our-initial-observations-that-blm-is-connected-to-democrats-communists-terrorists-and-china/
Cookie: JykSQtVY_XbHfpsN=9PJ%40%5D0VdZe; vWPkrI=XjEH0NaM2Lk96C7; OLYTeqj=O%2A3bAJZnE7c; ehDIEzWbKZO=o9gGki2I; PHPSESSID=7ee28676eb66058fa56a95944cca7512
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 18 May 2020 12:13:32 GMT
etag: "8c1eaf-190-5a5eb1765d300-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 214
content-type: application/javascript
date: Tue, 13 Sep 2022 00:22:55 GMT
server: Apache
X-Firefox-Spdy: h2
theconservativedispatch.com/wp-content/plugins/arscode-ninja-popups/themes/reset-builder.css
132.148.41.74200 OK 598 B URL HTTP/2 theconservativedispatch.com/wp-content/plugins/arscode-ninja-popups/themes/reset-builder.css
IP 132.148.41.74:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (353)
Hash de36885e9caa0b8d349917a472229477
523360d5961000addfbd69e6b148a42c446794ce
81cbd92f4b01ee86eb0e5d213a416cc195710ddffb443d5b432d3a719f57552c
GET /wp-content/plugins/arscode-ninja-popups/themes/reset-builder.css HTTP/1.1
Host: theconservativedispatch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/wp-content/plugins/arscode-ninja-popups/themes/builder/style.css?ver=6.0.2
Cookie: JykSQtVY_XbHfpsN=9PJ%40%5D0VdZe; vWPkrI=XjEH0NaM2Lk96C7; OLYTeqj=O%2A3bAJZnE7c; ehDIEzWbKZO=o9gGki2I; PHPSESSID=7ee28676eb66058fa56a95944cca7512
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 12 Apr 2020 19:24:03 GMT
etag: "6e170c-880-5a31ce8c21ac0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 598
content-type: text/css
date: Tue, 13 Sep 2022 00:22:55 GMT
server: Apache
X-Firefox-Spdy: h2
theconservativedispatch.com/wp-content/plugins/arscode-ninja-popups/js/jquery.ck.min.js?ver=6.0.2
132.148.41.74200 OK 564 B URL HTTP/2 theconservativedispatch.com/wp-content/plugins/arscode-ninja-popups/js/jquery.ck.min.js?ver=6.0.2
IP 132.148.41.74:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (893)
Hash 2d3f17349d678abcb3dd8b68b828a1e2
1d843f6d0145066ac4620b110e56c43e8820d53a
33014850aee7771dcfc7524327d8335491c8ae8db79b4086ae7bdcfe59121f77
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/arscode-ninja-popups/js/jquery.ck.min.js?ver=6.0.2 HTTP/1.1
Host: theconservativedispatch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/2020/10/06/new-video-supports-our-initial-observations-that-blm-is-connected-to-democrats-communists-terrorists-and-china/
Cookie: JykSQtVY_XbHfpsN=9PJ%40%5D0VdZe; vWPkrI=XjEH0NaM2Lk96C7; OLYTeqj=O%2A3bAJZnE7c; ehDIEzWbKZO=o9gGki2I; PHPSESSID=7ee28676eb66058fa56a95944cca7512
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 12 Apr 2020 19:24:03 GMT
etag: "6e1702-48f-5a31ce8c21ac0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 564
content-type: application/javascript
date: Tue, 13 Sep 2022 00:22:55 GMT
server: Apache
X-Firefox-Spdy: h2
theconservativedispatch.com/wp-content/plugins/arscode-ninja-popups/js/dialog_trigger.js?ver=6.0.2
132.148.41.74200 OK 1.5 kB URL HTTP/2 theconservativedispatch.com/wp-content/plugins/arscode-ninja-popups/js/dialog_trigger.js?ver=6.0.2
IP 132.148.41.74:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash de3ad0128746ba8415428da29447ced4
ef6645fbbc2022f3b7080c64292a4540180662d7
bc93626e645a50a3bb2979ca9995230da2ef457a2e9059a52d1bfebd168d6c1b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/arscode-ninja-popups/js/dialog_trigger.js?ver=6.0.2 HTTP/1.1
Host: theconservativedispatch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/2020/10/06/new-video-supports-our-initial-observations-that-blm-is-connected-to-democrats-communists-terrorists-and-china/
Cookie: JykSQtVY_XbHfpsN=9PJ%40%5D0VdZe; vWPkrI=XjEH0NaM2Lk96C7; OLYTeqj=O%2A3bAJZnE7c; ehDIEzWbKZO=o9gGki2I; PHPSESSID=7ee28676eb66058fa56a95944cca7512
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 12 Apr 2020 19:24:03 GMT
etag: "6e16ff-1717-5a31ce8c21ac0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1452
content-type: application/javascript
date: Tue, 13 Sep 2022 00:22:55 GMT
server: Apache
X-Firefox-Spdy: h2
theconservativedispatch.com/wp-content/themes/disruptpress/js/responsive-menu-config.js?ver=1.0.0
132.148.41.74200 OK 178 B URL HTTP/2 theconservativedispatch.com/wp-content/themes/disruptpress/js/responsive-menu-config.js?ver=1.0.0
IP 132.148.41.74:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash ef996812a5dcddaa9888ef9bf3bfc41c
3588d2634a0f6d2275658fd6e6bbe0e03e6f3532
ea6ad683b2ce367d1143104b0d67ee29d53455cd2af3bd7bcb892c724a7233de
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/disruptpress/js/responsive-menu-config.js?ver=1.0.0 HTTP/1.1
Host: theconservativedispatch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/2020/10/06/new-video-supports-our-initial-observations-that-blm-is-connected-to-democrats-communists-terrorists-and-china/
Cookie: JykSQtVY_XbHfpsN=9PJ%40%5D0VdZe; vWPkrI=XjEH0NaM2Lk96C7; OLYTeqj=O%2A3bAJZnE7c; ehDIEzWbKZO=o9gGki2I; PHPSESSID=7ee28676eb66058fa56a95944cca7512
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 18 May 2020 12:13:32 GMT
etag: "8c1eb1-20a-5a5eb1765d300-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 178
content-type: application/javascript
date: Tue, 13 Sep 2022 00:22:55 GMT
server: Apache
X-Firefox-Spdy: h2
theconservativedispatch.com/wp-content/themes/disruptpress/js/sticky-menu-primary.js?ver=1.0.0
132.148.41.74200 OK 178 B URL HTTP/2 theconservativedispatch.com/wp-content/themes/disruptpress/js/sticky-menu-primary.js?ver=1.0.0
IP 132.148.41.74:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 1605099f24ded3b75740b3a55e4aa27a
1623061de08048d6a192285012bee29745805f57
b8d7be0796882acbcedde4f04af0e835273c15f01dea478be2146a81a9c268ad
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/disruptpress/js/sticky-menu-primary.js?ver=1.0.0 HTTP/1.1
Host: theconservativedispatch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/2020/10/06/new-video-supports-our-initial-observations-that-blm-is-connected-to-democrats-communists-terrorists-and-china/
Cookie: JykSQtVY_XbHfpsN=9PJ%40%5D0VdZe; vWPkrI=XjEH0NaM2Lk96C7; OLYTeqj=O%2A3bAJZnE7c; ehDIEzWbKZO=o9gGki2I; PHPSESSID=7ee28676eb66058fa56a95944cca7512
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 18 May 2020 12:13:32 GMT
etag: "8c1eb4-26f-5a5eb1765d300-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 178
content-type: application/javascript
date: Tue, 13 Sep 2022 00:22:55 GMT
server: Apache
X-Firefox-Spdy: h2
theconservativedispatch.com/wp-includes/js/comment-reply.min.js?ver=6.0.2
132.148.41.74200 OK 1.2 kB URL HTTP/2 theconservativedispatch.com/wp-includes/js/comment-reply.min.js?ver=6.0.2
IP 132.148.41.74:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (2946)
Hash 55e754bfade5fee1ec8720ac8bb1e5ee
ea0ef70c1da8c0c63549a7d4ad1a43b336df1353
e628330a7d7aeccf19a568471052f4c9db4e0f87751f261eb598f400b9135792
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/comment-reply.min.js?ver=6.0.2 HTTP/1.1
Host: theconservativedispatch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/2020/10/06/new-video-supports-our-initial-observations-that-blm-is-connected-to-democrats-communists-terrorists-and-china/
Cookie: JykSQtVY_XbHfpsN=9PJ%40%5D0VdZe; vWPkrI=XjEH0NaM2Lk96C7; OLYTeqj=O%2A3bAJZnE7c; ehDIEzWbKZO=o9gGki2I; PHPSESSID=7ee28676eb66058fa56a95944cca7512
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 25 May 2022 07:39:45 GMT
etag: "1600bc4-ba5-5dfd12d511240-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1229
content-type: application/javascript
date: Tue, 13 Sep 2022 00:22:55 GMT
server: Apache
X-Firefox-Spdy: h2
theconservativedispatch.com/wp-content/plugins/wp-spamshield/js/jscripts-ftr2-min.js
132.148.41.74200 OK 637 B URL HTTP/2 theconservativedispatch.com/wp-content/plugins/wp-spamshield/js/jscripts-ftr2-min.js
IP 132.148.41.74:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1135), with no line terminators
Hash 79ba2750a60da3989fcfadc0498c38c7
22bdf1db082f283428236fc6bb9c47303fc5aff0
75f20046cf393331640cda4e4a606b37890dee550b82a39fc849f9c2efe29ceb
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-spamshield/js/jscripts-ftr2-min.js HTTP/1.1
Host: theconservativedispatch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/2020/10/06/new-video-supports-our-initial-observations-that-blm-is-connected-to-democrats-communists-terrorists-and-china/
Cookie: JykSQtVY_XbHfpsN=9PJ%40%5D0VdZe; vWPkrI=XjEH0NaM2Lk96C7; OLYTeqj=O%2A3bAJZnE7c; ehDIEzWbKZO=o9gGki2I; PHPSESSID=7ee28676eb66058fa56a95944cca7512
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 12 Apr 2020 19:24:02 GMT
etag: "15e1410-46f-5a31ce8b2d880-gzip"
accept-ranges: bytes
cache-control: max-age=15552000, must-revalidate
expires: Wed, 13 Sep 2023 00:22:55 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 637
content-type: application/javascript
date: Tue, 13 Sep 2022 00:22:55 GMT
server: Apache
X-Firefox-Spdy: h2
theconservativedispatch.com/wp-content/plugins/wp-autonomous-youtube/public/js/wp-autonomous-youtube-public.js?ver=1.0.0
132.148.41.74200 OK 412 B URL HTTP/2 theconservativedispatch.com/wp-content/plugins/wp-autonomous-youtube/public/js/wp-autonomous-youtube-public.js?ver=1.0.0
IP 132.148.41.74:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 25fa4d7e6373e69d6165c63877991625
408ec7911150405335af7637518437812bc21959
d2dc33e8e9af1373b79bd2bd237fab194766a3a038fa6ff18754317fd84f78ac
GET /wp-content/plugins/wp-autonomous-youtube/public/js/wp-autonomous-youtube-public.js?ver=1.0.0 HTTP/1.1
Host: theconservativedispatch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/2020/10/06/new-video-supports-our-initial-observations-that-blm-is-connected-to-democrats-communists-terrorists-and-china/
Cookie: JykSQtVY_XbHfpsN=9PJ%40%5D0VdZe; vWPkrI=XjEH0NaM2Lk96C7; OLYTeqj=O%2A3bAJZnE7c; ehDIEzWbKZO=o9gGki2I; PHPSESSID=7ee28676eb66058fa56a95944cca7512
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 04 Jan 2021 16:02:55 GMT
etag: "7e1836-346-5b815391429c0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 412
content-type: application/javascript
date: Tue, 13 Sep 2022 00:22:55 GMT
server: Apache
X-Firefox-Spdy: h2
theconservativedispatch.com/wp-content/plugins/wp-autonomous-rss/public/js/wp-autonomous-rss-public.js?ver=1.0.0
132.148.41.74200 OK 412 B URL HTTP/2 theconservativedispatch.com/wp-content/plugins/wp-autonomous-rss/public/js/wp-autonomous-rss-public.js?ver=1.0.0
IP 132.148.41.74:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 25fa4d7e6373e69d6165c63877991625
408ec7911150405335af7637518437812bc21959
d2dc33e8e9af1373b79bd2bd237fab194766a3a038fa6ff18754317fd84f78ac
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-autonomous-rss/public/js/wp-autonomous-rss-public.js?ver=1.0.0 HTTP/1.1
Host: theconservativedispatch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/2020/10/06/new-video-supports-our-initial-observations-that-blm-is-connected-to-democrats-communists-terrorists-and-china/
Cookie: JykSQtVY_XbHfpsN=9PJ%40%5D0VdZe; vWPkrI=XjEH0NaM2Lk96C7; OLYTeqj=O%2A3bAJZnE7c; ehDIEzWbKZO=o9gGki2I; PHPSESSID=7ee28676eb66058fa56a95944cca7512
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 04 Jan 2021 16:02:30 GMT
etag: "15e092d-346-5b8153796b180-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 412
content-type: application/javascript
date: Tue, 13 Sep 2022 00:22:55 GMT
server: Apache
X-Firefox-Spdy: h2
stripe.rs-stripe.com/branding/recommend/short.png
13.84.54.237301 Moved Permanently 17 B URL HTTP/2 stripe.rs-stripe.com/branding/recommend/short.png
IP 13.84.54.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with no line terminators
Hash 58ace0ea86287f4a3c3258b0af3e6993
e04c5335922c5e457f0a7cd62c93c4a7f699f829
d18ed36671b8618520016c81125aa889a5b800872038c5e009ef49cd305088cd
GET /branding/recommend/short.png HTTP/1.1
Host: stripe.rs-stripe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
location: https://branding.revenuestripe.com/recommend/short.png
content-type: text/plain; charset=utf-8
content-length: 17
date: Tue, 13 Sep 2022 00:22:55 GMT
X-Firefox-Spdy: h2
stripe.rs-stripe.com/branding/recommend/web.png
13.84.54.237301 Moved Permanently 17 B URL HTTP/2 stripe.rs-stripe.com/branding/recommend/web.png
IP 13.84.54.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with no line terminators
Hash 58ace0ea86287f4a3c3258b0af3e6993
e04c5335922c5e457f0a7cd62c93c4a7f699f829
d18ed36671b8618520016c81125aa889a5b800872038c5e009ef49cd305088cd
GET /branding/recommend/web.png HTTP/1.1
Host: stripe.rs-stripe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
location: https://branding.revenuestripe.com/recommend/web.png
content-type: text/plain; charset=utf-8
content-length: 17
date: Tue, 13 Sep 2022 00:22:55 GMT
X-Firefox-Spdy: h2
stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_stripeid=26694&cs_offset=0&cs_esp=powerinbox_web&cs_containertype=web
13.84.54.237301 Moved Permanently 0 B URL HTTP/2 stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_stripeid=26694&cs_offset=0&cs_esp=powerinbox_web&cs_containertype=web
IP 13.84.54.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stripe/image?cs_email={{GUID}}&cs_stripeid=26694&cs_offset=0&cs_esp=powerinbox_web&cs_containertype=web HTTP/1.1
Host: stripe.rs-stripe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
access-control-expose-headers: Request-Context
cache-control: no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
date: Tue, 13 Sep 2022 00:22:55 GMT
expires: -1
location: https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=26694&cs_offset=0&cs_esp=powerinbox_web&cs_containertype=web
pragma: no-cache
request-context: appId=cid-v1:b1915e72-e266-47bd-9574-958ec8610746
content-length: 0
X-Firefox-Spdy: h2
stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_stripeid=26693&cs_offset=0&cs_containertype=web&cs_esp=powerinbox_web
13.84.54.237301 Moved Permanently 0 B URL HTTP/2 stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_stripeid=26693&cs_offset=0&cs_containertype=web&cs_esp=powerinbox_web
IP 13.84.54.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stripe/image?cs_email={{GUID}}&cs_stripeid=26693&cs_offset=0&cs_containertype=web&cs_esp=powerinbox_web HTTP/1.1
Host: stripe.rs-stripe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
access-control-expose-headers: Request-Context
cache-control: no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
date: Tue, 13 Sep 2022 00:22:55 GMT
expires: -1
location: https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=26693&cs_offset=0&cs_containertype=web&cs_esp=powerinbox_web
pragma: no-cache
request-context: appId=cid-v1:b1915e72-e266-47bd-9574-958ec8610746
content-length: 0
X-Firefox-Spdy: h2
stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_stripeid=26694&cs_offset=2&cs_esp=powerinbox_web&cs_containertype=web
13.84.54.237301 Moved Permanently 0 B URL HTTP/2 stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_stripeid=26694&cs_offset=2&cs_esp=powerinbox_web&cs_containertype=web
IP 13.84.54.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stripe/image?cs_email={{GUID}}&cs_stripeid=26694&cs_offset=2&cs_esp=powerinbox_web&cs_containertype=web HTTP/1.1
Host: stripe.rs-stripe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
access-control-expose-headers: Request-Context
cache-control: no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
date: Tue, 13 Sep 2022 00:22:55 GMT
expires: -1
location: https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=26694&cs_offset=2&cs_esp=powerinbox_web&cs_containertype=web
pragma: no-cache
request-context: appId=cid-v1:b1915e72-e266-47bd-9574-958ec8610746
content-length: 0
X-Firefox-Spdy: h2
stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_stripeid=26694&cs_offset=1&cs_esp=powerinbox_web&cs_containertype=web
13.84.54.237301 Moved Permanently 0 B URL HTTP/2 stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_stripeid=26694&cs_offset=1&cs_esp=powerinbox_web&cs_containertype=web
IP 13.84.54.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stripe/image?cs_email={{GUID}}&cs_stripeid=26694&cs_offset=1&cs_esp=powerinbox_web&cs_containertype=web HTTP/1.1
Host: stripe.rs-stripe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
access-control-expose-headers: Request-Context
cache-control: no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
date: Tue, 13 Sep 2022 00:22:55 GMT
expires: -1
location: https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=26694&cs_offset=1&cs_esp=powerinbox_web&cs_containertype=web
pragma: no-cache
request-context: appId=cid-v1:b1915e72-e266-47bd-9574-958ec8610746
content-length: 0
X-Firefox-Spdy: h2
www.thegatewaypundit.com/wp-content/uploads/zjq92-600x400-1.jpg
104.22.5.85200 OK 17 kB URL HTTP/2 www.thegatewaypundit.com/wp-content/uploads/zjq92-600x400-1.jpg
IP 104.22.5.85:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 600x400, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 99e7e489380b8660d0b3c1989cfbff7a
ef17679b4ea67ea92f531873e9a21713cedbce3c
bead59e00456a08d4c73a5e36b15f2f4efdaa9883cb58e97d025e9ae127d5daa
GET /wp-content/uploads/zjq92-600x400-1.jpg HTTP/1.1
Host: www.thegatewaypundit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 00:22:55 GMT
content-type: image/webp
content-length: 16880
cache-control: max-age=315360000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=19356
content-disposition: inline; filename="zjq92-600x400-1.webp"
etag: "5af23016-4b9c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 08 May 2018 23:17:42 GMT
vary: Accept
cf-cache-status: REVALIDATED
accept-ranges: bytes
server: cloudflare
cf-ray: 749cbb326b10b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
theconservativedispatch.com/wp-content/plugins/arscode-ninja-popups/themes/animate.min.css
132.148.41.74200 OK 3.5 kB URL HTTP/2 theconservativedispatch.com/wp-content/plugins/arscode-ninja-popups/themes/animate.min.css
IP 132.148.41.74:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (53569), with no line terminators
Hash b284096c4901882d6e0e5a9e87f2b2b1
394bc11b5beb76ce9b2a544ed3220ba15e48d7d6
eb03a3e56b2815687f12f864b0235ce635eac6e7c579d643bb6c2ae131eab3a1
GET /wp-content/plugins/arscode-ninja-popups/themes/animate.min.css HTTP/1.1
Host: theconservativedispatch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/wp-content/plugins/arscode-ninja-popups/themes/builder/style.css?ver=6.0.2
Cookie: JykSQtVY_XbHfpsN=9PJ%40%5D0VdZe; vWPkrI=XjEH0NaM2Lk96C7; OLYTeqj=O%2A3bAJZnE7c; ehDIEzWbKZO=o9gGki2I; PHPSESSID=7ee28676eb66058fa56a95944cca7512
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 12 Apr 2020 19:24:03 GMT
etag: "6e1709-d141-5a31ce8c21ac0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 3459
content-type: text/css
date: Tue, 13 Sep 2022 00:22:55 GMT
server: Apache
X-Firefox-Spdy: h2
branding.revenuestripe.com/recommend/web.png
54.230.111.29200 OK 727 B URL HTTP/2 branding.revenuestripe.com/recommend/web.png
IP 54.230.111.29:0
File type PNG image data, 168 x 30, 8-bit colormap, non-interlaced\012- data
Hash 7f93bb989ae72e1460cbdc374c5e2ac1
978c5f1dc319e26abbb8557952896fbace5a5ac9
868bb6253182e1a037596f1949109ecb9ae33b91ed07f4ddf0c0826eab97c9c3
GET /recommend/web.png HTTP/1.1
Host: branding.revenuestripe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://theconservativedispatch.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 727
date: Mon, 05 Sep 2022 03:46:50 GMT
last-modified: Fri, 21 Jan 2022 22:16:11 GMT
etag: "7f93bb989ae72e1460cbdc374c5e2ac1"
x-amz-server-side-encryption: AES256
x-amz-meta-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8IkfyBOoVo4F-48eGgaKwGsV9qvWdkWoOwqkyckMPfkGWxcRL2I_JQ==
age: 678966
X-Firefox-Spdy: h2
branding.revenuestripe.com/recommend/short.png
54.230.111.29200 OK 872 B URL HTTP/2 branding.revenuestripe.com/recommend/short.png
IP 54.230.111.29:0
File type PNG image data, 175 x 15, 8-bit colormap, non-interlaced\012- data
Hash 69de7bae23dafcc7e38c4e59445aa693
2429723c5d57502d0330c76c041b3f26e1bfa691
58a3242ba747b3c126b4a6f6d6881d569d30a9e2e2c5e70b08d2338293c3c313
GET /recommend/short.png HTTP/1.1
Host: branding.revenuestripe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://theconservativedispatch.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 872
date: Tue, 06 Sep 2022 02:01:45 GMT
last-modified: Fri, 21 Jan 2022 22:16:11 GMT
etag: "69de7bae23dafcc7e38c4e59445aa693"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vG_UpNuk7jToq5uc3CO68-I0lMu8BcfN7Yagxbit7RAGpQZWKQ4iOw==
age: 598871
X-Firefox-Spdy: h2
cdn1.lockerdomecdn.com/embeds/solutionsmarketing_theconservativedispatch_sticky.js?ver=6.0.2
54.230.111.43200 OK 1.0 kB URL HTTP/2 cdn1.lockerdomecdn.com/embeds/solutionsmarketing_theconservativedispatch_sticky.js?ver=6.0.2
IP 54.230.111.43:0
File type ASCII text, with very long lines (1020), with no line terminators
Hash 923215c22b0f3ae25c614bff80096937
99414f260fe2daf7ec1f0734a462373302636ecd
beee298b6eb70f8f9816a73cc6f9f619527a100a21a1dcd53bb2ee94335343a9
GET /embeds/solutionsmarketing_theconservativedispatch_sticky.js?ver=6.0.2 HTTP/1.1
Host: cdn1.lockerdomecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 1020
date: Tue, 13 Sep 2022 00:22:56 GMT
last-modified: Fri, 23 Apr 2021 16:19:03 GMT
etag: "923215c22b0f3ae25c614bff80096937"
x-amz-version-id: 0ZcGY_8ATvjaPfG4OTFJiqmktyOfNj49
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dMjH4aoq_iFGn-xMUYNOYFk-jqnXkFD28-ioa8RqqAEvcSNFSUBUgw==
X-Firefox-Spdy: h2
theconservativedispatch.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
132.148.41.74200 OK 4.0 kB URL HTTP/2 theconservativedispatch.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 132.148.41.74:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (11126)
Hash 1fbb59519536e28eeb7ae7173973c39f
f6542c5d0f96f621eea4f3cb442021dfe33863fa
b1b54befd52c3605721bf8b5a6c0290c572929138358738826873751256b191c
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: theconservativedispatch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/2020/10/06/new-video-supports-our-initial-observations-that-blm-is-connected-to-democrats-communists-terrorists-and-china/
Cookie: JykSQtVY_XbHfpsN=9PJ%40%5D0VdZe; vWPkrI=XjEH0NaM2Lk96C7; OLYTeqj=O%2A3bAJZnE7c; ehDIEzWbKZO=o9gGki2I; PHPSESSID=7ee28676eb66058fa56a95944cca7512
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
etag: "1600cb8-2bd8-5b45debe27b80-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 3998
content-type: application/javascript
date: Tue, 13 Sep 2022 00:22:55 GMT
server: Apache
X-Firefox-Spdy: h2
theconservativedispatch.com/wp-content/plugins/arscode-ninja-popups/font-awesome/css/font-awesome.min.css?ver=6.0.2
132.148.41.74200 OK 5.1 kB URL HTTP/2 theconservativedispatch.com/wp-content/plugins/arscode-ninja-popups/font-awesome/css/font-awesome.min.css?ver=6.0.2
IP 132.148.41.74:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (23577)
Hash 99bb72fdb8e1375b075cc51363cd1a5b
49b32a9d90e1203eafb2cd17bd158f3acb46dde1
e21802221be067d4487629a90f142a0fe98fe7832c0317e234c203f657d5ffd6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/arscode-ninja-popups/font-awesome/css/font-awesome.min.css?ver=6.0.2 HTTP/1.1
Host: theconservativedispatch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/2020/10/06/new-video-supports-our-initial-observations-that-blm-is-connected-to-democrats-communists-terrorists-and-china/
Cookie: JykSQtVY_XbHfpsN=9PJ%40%5D0VdZe; vWPkrI=XjEH0NaM2Lk96C7; OLYTeqj=O%2A3bAJZnE7c; ehDIEzWbKZO=o9gGki2I; PHPSESSID=7ee28676eb66058fa56a95944cca7512
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 12 Apr 2020 19:24:03 GMT
etag: "7013d3-5cbb-5a31ce8c21ac0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 5124
content-type: text/css
date: Tue, 13 Sep 2022 00:22:55 GMT
server: Apache
X-Firefox-Spdy: h2
theconservativedispatch.com/wp-content/themes/disruptpress/bxslider/jquery.bxslider.min.js?ver=1.0.0
132.148.41.74200 OK 5.8 kB URL HTTP/2 theconservativedispatch.com/wp-content/themes/disruptpress/bxslider/jquery.bxslider.min.js?ver=1.0.0
IP 132.148.41.74:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (23355)
Hash b7e320fe3a5286e071844bcf03e65aef
6dad80058ead18f4e70b00992dcc209145688412
c280b4fdf3be964c2533bdc474b44c5d3807c35b91918d4cfc0c549f338e01eb
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/disruptpress/bxslider/jquery.bxslider.min.js?ver=1.0.0 HTTP/1.1
Host: theconservativedispatch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/2020/10/06/new-video-supports-our-initial-observations-that-blm-is-connected-to-democrats-communists-terrorists-and-china/
Cookie: JykSQtVY_XbHfpsN=9PJ%40%5D0VdZe; vWPkrI=XjEH0NaM2Lk96C7; OLYTeqj=O%2A3bAJZnE7c; ehDIEzWbKZO=o9gGki2I; PHPSESSID=7ee28676eb66058fa56a95944cca7512
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 18 May 2020 12:13:25 GMT
etag: "7e183b-5bf7-5a5eb16fb0340-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 5831
content-type: application/javascript
date: Tue, 13 Sep 2022 00:22:55 GMT
server: Apache
X-Firefox-Spdy: h2
theconservativedispatch.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
132.148.41.74200 OK 4.6 kB URL HTTP/2 theconservativedispatch.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP 132.148.41.74:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (15660)
Hash a0083d25b89ea80ecd2393db9f865d62
24eaf2df7c722fb13f2b5bf77ada5ee446720c25
f7533cb93f2efbb9e3bccfa9ff4036a2cafa7dd1bd4d66bea4833306b321e957
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: theconservativedispatch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/2020/10/06/new-video-supports-our-initial-observations-that-blm-is-connected-to-democrats-communists-terrorists-and-china/
Cookie: JykSQtVY_XbHfpsN=9PJ%40%5D0VdZe; vWPkrI=XjEH0NaM2Lk96C7; OLYTeqj=O%2A3bAJZnE7c; ehDIEzWbKZO=o9gGki2I; PHPSESSID=7ee28676eb66058fa56a95944cca7512
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 25 May 2022 07:39:45 GMT
etag: "1600c07-48b9-5dfd12d511240-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 4614
content-type: application/javascript
date: Tue, 13 Sep 2022 00:22:55 GMT
server: Apache
X-Firefox-Spdy: h2
theconservativedispatch.com/wp-content/themes/disruptpress/js/responsive-menu.js?ver=1.0.0
132.148.41.74200 OK 4.0 kB URL HTTP/2 theconservativedispatch.com/wp-content/themes/disruptpress/js/responsive-menu.js?ver=1.0.0
IP 132.148.41.74:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash 119a54d0614bc349098804f3f3d6a6db
4e73dde90d8825f4de3425f269a913d796fe05d6
0ea18673511118e33f2ccaaedc1a33acf48b10bcc584f34e78d2b4e080d955b4
GET /wp-content/themes/disruptpress/js/responsive-menu.js?ver=1.0.0 HTTP/1.1
Host: theconservativedispatch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/2020/10/06/new-video-supports-our-initial-observations-that-blm-is-connected-to-democrats-communists-terrorists-and-china/
Cookie: JykSQtVY_XbHfpsN=9PJ%40%5D0VdZe; vWPkrI=XjEH0NaM2Lk96C7; OLYTeqj=O%2A3bAJZnE7c; ehDIEzWbKZO=o9gGki2I; PHPSESSID=7ee28676eb66058fa56a95944cca7512
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 18 May 2020 12:13:32 GMT
etag: "8c1eb2-406e-5a5eb1765d300-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 4002
content-type: application/javascript
date: Tue, 13 Sep 2022 00:22:55 GMT
server: Apache
X-Firefox-Spdy: h2
www.conservativedailynews.com/wp-content/uploads/2022/09/Ron-Desantis-interview.png
104.21.18.224200 OK 212 kB URL HTTP/2 www.conservativedailynews.com/wp-content/uploads/2022/09/Ron-Desantis-interview.png
IP 104.21.18.224:0
File type PNG image data, 475 x 289, 8-bit/color RGBA, non-interlaced\012- data
Size 212 kB (211990 bytes)
Hash f741bede41a9677a04a769212838bb01
11b0e181e6d5154639e07bf46634d201f66e9e50
7adb07e51a69eb0457849f05d4ff9c7c12d629abb1c91da723f297beab333952
GET /wp-content/uploads/2022/09/Ron-Desantis-interview.png HTTP/1.1
Host: www.conservativedailynews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 00:22:55 GMT
content-type: image/png
content-length: 211990
last-modified: Mon, 12 Sep 2022 13:55:00 GMT
etag: "631f3a34-33c16"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
strict-transport-security: max-age=31536000
cf-cache-status: HIT
age: 37567
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IQZ%2BFx6HLdnkrHv%2ForJqw3P3N1fezXDVSVvFkcH%2BQsx%2Bk1Eb8ygPjGkm%2BukvjWOSJWqR%2FMyVzBxs68P5Xk5sx%2BJqod7IJ9%2BjXBLD6ZBa%2BQm8En5DFIfAk%2B2eRLBaTTm8osws%2FZG9%2FcUEDN4%2BG%2FjECw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 749cbb36482c0b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
theconservativedispatch.com/wp-content/plugins/arscode-ninja-popups/js/ninjapopups.min.js?ver=6.0.2
132.148.41.74200 OK 6.0 kB URL HTTP/2 theconservativedispatch.com/wp-content/plugins/arscode-ninja-popups/js/ninjapopups.min.js?ver=6.0.2
IP 132.148.41.74:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (2017)
Hash f000b7a4fe833bd78765dafb8b4ed275
d6d60a0f47ffeb09230ee38dd70a345cb47a661a
922487315ce7443a7dd9b8a5c2be195aa83e9b0a47c6a5cfa597ba98fb609b06
GET /wp-content/plugins/arscode-ninja-popups/js/ninjapopups.min.js?ver=6.0.2 HTTP/1.1
Host: theconservativedispatch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/2020/10/06/new-video-supports-our-initial-observations-that-blm-is-connected-to-democrats-communists-terrorists-and-china/
Cookie: JykSQtVY_XbHfpsN=9PJ%40%5D0VdZe; vWPkrI=XjEH0NaM2Lk96C7; OLYTeqj=O%2A3bAJZnE7c; ehDIEzWbKZO=o9gGki2I; PHPSESSID=7ee28676eb66058fa56a95944cca7512
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 12 Apr 2020 19:24:03 GMT
etag: "6e1707-4fbf-5a31ce8c21ac0-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 6015
content-type: application/javascript
date: Tue, 13 Sep 2022 00:22:55 GMT
server: Apache
X-Firefox-Spdy: h2
theconservativedispatch.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
132.148.41.74200 OK 30 kB URL HTTP/2 theconservativedispatch.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 132.148.41.74:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (65447)
Hash d5935cacfd471ce64891335a0e163f0f
883b406801168b978994e8d8c7f252a31321cf61
caea13ed31fcdedf7f54e2383e8a64c1d86d6767c11f227c046ab2952a7d3ce9
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: theconservativedispatch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/2020/10/06/new-video-supports-our-initial-observations-that-blm-is-connected-to-democrats-communists-terrorists-and-china/
Cookie: JykSQtVY_XbHfpsN=9PJ%40%5D0VdZe; vWPkrI=XjEH0NaM2Lk96C7; OLYTeqj=O%2A3bAJZnE7c; ehDIEzWbKZO=o9gGki2I; PHPSESSID=7ee28676eb66058fa56a95944cca7512
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
etag: "1600cc0-15db1-5bd3006388300-br"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 30310
content-type: application/javascript
date: Tue, 13 Sep 2022 00:22:55 GMT
server: Apache
X-Firefox-Spdy: h2
assets.rebelmouse.io/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy8zMTY5MjU3MC9vcmlnaW4uanBnIiwiZXhwaXJlc19hdCI6MTY3OTM0ODU4OH0.xJ6I6jLCYdIU4m-2dx7mBQM_PswkINMywuosksEMZnA/img.jpg?width=1200&height=600&coordinates=0%2C44%2C0%2C42
151.101.85.68200 OK 80 kB URL HTTP/2 assets.rebelmouse.io/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy8zMTY5MjU3MC9vcmlnaW4uanBnIiwiZXhwaXJlc19hdCI6MTY3OTM0ODU4OH0.xJ6I6jLCYdIU4m-2dx7mBQM_PswkINMywuosksEMZnA/img.jpg?width=1200&height=600&coordinates=0%2C44%2C0%2C42
IP 151.101.85.68:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1200x600, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5ec002415d8efbac5aa541e0dbeddde5
51e18449d5621fd30aef6057fa75f3b7ab9d2d1c
a9bcd3f6aa081c2574865600c61ebb91a02cb374eb46399c2a4ad7e03ff28f6e
GET /eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy8zMTY5MjU3MC9vcmlnaW4uanBnIiwiZXhwaXJlc19hdCI6MTY3OTM0ODU4OH0.xJ6I6jLCYdIU4m-2dx7mBQM_PswkINMywuosksEMZnA/img.jpg?width=1200&height=600&coordinates=0%2C44%2C0%2C42 HTTP/1.1
Host: assets.rebelmouse.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
etag: W/"14e3a-lXT8YAalCD9rbyFmZAXeiHt3zTc"
content-encoding: gzip
server: istio-envoy
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 13 Sep 2022 00:22:55 GMT
age: 20378
x-served-by: cache-iad-kiad7000172-IAD, cache-bma1674-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1663028576.783295,VS0,VE1
vary: Accept-Encoding
fastly-service: 6n5SeXI9vaBDWRYEBuCDvI
cache-control: max-age=31536000, public, immutable
access-control-allow-origin: *
content-length: 79588
X-Firefox-Spdy: h2
media.townhall.com/townhall/reu/o/2019/249/10d331bd-1d49-4c30-b2ec-5106ec7e8c1e-1110x740.png
205.185.216.42200 OK 64 kB URL HTTP/2 media.townhall.com/townhall/reu/o/2019/249/10d331bd-1d49-4c30-b2ec-5106ec7e8c1e-1110x740.png
IP 205.185.216.42:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1110x740, components 3\012- data
Hash 4d18a0b1414f34cd3b8ca2604b2cff7a
5f2bbc10d7cc7a5cf19be2595115a6df7771983f
dd11c80929cf3fd89302568ad1114d155657602e2c63e95ae09d89e808426d93
GET /townhall/reu/o/2019/249/10d331bd-1d49-4c30-b2ec-5106ec7e8c1e-1110x740.png HTTP/1.1
Host: media.townhall.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 00:22:55 GMT
content-length: 64302
content-type: image/jpeg
accept-ranges: bytes
server: nginx
etag: "5f2bbc10d7cc7a5cf19be2595115a6df7771983f"
cache-control: max-age=604800
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
x-img: thmbor3
cache-tag: img
x-hw: 1663028575.dop014.sk1.t,1663028575.cds204.sk1.hn,1663028575.cds003.sk1.c
X-Firefox-Spdy: h2
assets.rebelmouse.io/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy8zMTY5MTk1OC9vcmlnaW4uanBnIiwiZXhwaXJlc19hdCI6MTY3MTA3NDQ0NX0.RYId4djXrFKn55ZpZoSli5_xhHitjwOgAD_RdLvLwxk/img.jpg?width=1200&height=600&coordinates=0%2C81%2C0%2C90
151.101.85.68200 OK 22 kB URL HTTP/2 assets.rebelmouse.io/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy8zMTY5MTk1OC9vcmlnaW4uanBnIiwiZXhwaXJlc19hdCI6MTY3MTA3NDQ0NX0.RYId4djXrFKn55ZpZoSli5_xhHitjwOgAD_RdLvLwxk/img.jpg?width=1200&height=600&coordinates=0%2C81%2C0%2C90
IP 151.101.85.68:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1200x600, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4cc5dbbdc7d17401e35faa41576f44ca
f47867b2baa56932e750bd277a8ab37bb709934c
b03eef6db50351a6fbb6e97bd853b2dc042981b00a91dabeece8c0de5dbc9a0b
GET /eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy8zMTY5MTk1OC9vcmlnaW4uanBnIiwiZXhwaXJlc19hdCI6MTY3MTA3NDQ0NX0.RYId4djXrFKn55ZpZoSli5_xhHitjwOgAD_RdLvLwxk/img.jpg?width=1200&height=600&coordinates=0%2C81%2C0%2C90 HTTP/1.1
Host: assets.rebelmouse.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
etag: W/"b0c5-MBUDADPmPnVoY6Yi/GpyEXrU3CA"
content-encoding: gzip
server: istio-envoy
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 13 Sep 2022 00:22:55 GMT
age: 21522
x-served-by: cache-iad-kcgs7200164-IAD, cache-bma1674-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1663028576.790093,VS0,VE1
vary: Accept-Encoding
fastly-service: 6n5SeXI9vaBDWRYEBuCDvI
cache-control: max-age=31536000, public, immutable
access-control-allow-origin: *
content-length: 21538
X-Firefox-Spdy: h2
www.dailysignal.com/wp-content/uploads/220912_RonDeSantis-scaled.jpg
151.101.130.133200 OK 181 kB URL HTTP/2 www.dailysignal.com/wp-content/uploads/220912_RonDeSantis-scaled.jpg
IP 151.101.130.133:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 2560x1331, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 181 kB (181144 bytes)
Hash 382825585b5e3d3290ba204ea15d0bca
cd8c9469738aba18531d8ae745da32f018f48b6a
882c62c37ca9bb7e44e06773227f37a1a84201949e46e32c70e201c181d10a4d
GET /wp-content/uploads/220912_RonDeSantis-scaled.jpg HTTP/1.1
Host: www.dailysignal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=31622400
content-type: image/webp
etag: "EF31wI2P0rdacaaS+pKMe2atTOd8LNch38jpm0c+hC4"
expires: Wed, 13 Sep 2023 18:06:48 GMT
fastly-io-info: ifsz=399398 idim=2560x1331 ifmt=jpeg ofsz=181144 odim=2560x1331 ofmt=webp
fastly-stats: io=1
server: nginx
strict-transport-security: max-age=300
traceparent: 00-b11504a4b2584c64822f490294fa9adc-98d529ea8d35045f-00
via: 1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cloud-trace-context: b11504a4b2584c64822f490294fa9adc/11012754551172564063;o=0
x-pantheon-styx-hostname: styx-fe1-a-6d9bbf99db-fssgf
x-styx-req-id: abc1f71e-32c5-11ed-962c-b245f0fec0be
accept-ranges: bytes
age: 22567
date: Tue, 13 Sep 2022 00:22:55 GMT
x-served-by: cache-chi-kigq8000132-CHI, cache-ams21072-AMS, cache-ams12774-AMS, cache-bma1659-BMA, cache-bma1650-BMA
x-cache: MISS, MISS, HIT, HIT, MISS
x-cache-hits: 0, 0, 1, 1, 0
x-timer: S1663028576.789054,VS0,VE5
vary: Accept, orig-host
content-length: 181144
X-Firefox-Spdy: h2
cdn1.lockerdomecdn.com/embeds/sjs.js
54.230.111.43200 OK 17 kB URL HTTP/2 cdn1.lockerdomecdn.com/embeds/sjs.js
IP 54.230.111.43:0
File type Unicode text, UTF-8 text, with very long lines (350)
Hash 1be285356b5d9ac3d0319cc622757910
47c1762c9ed891fad73410b1992a16e40969779f
a4cc6696aa07f6d30c40b78120630256a4dc0253fa916d6f8662874c52c31bfb
GET /embeds/sjs.js HTTP/1.1
Host: cdn1.lockerdomecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 17333
last-modified: Tue, 16 Nov 2021 02:51:44 GMT
x-amz-version-id: JlrJxrw4PUHBe5vaYNP.8A_1stk_uR92
accept-ranges: bytes
server: AmazonS3
date: Mon, 12 Sep 2022 03:11:19 GMT
etag: "1be285356b5d9ac3d0319cc622757910"
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GRHZGV1OPl38vVM7qkubRMxbB70z3x2PTaKIvpvWuymRcI_GfPqQMA==
age: 76297
X-Firefox-Spdy: h2
www.thegatewaypundit.com/wp-content/uploads/blm-matter-freedom-road-violence.jpg
104.22.5.85200 OK 48 kB URL HTTP/2 www.thegatewaypundit.com/wp-content/uploads/blm-matter-freedom-road-violence.jpg
IP 104.22.5.85:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4], baseline, precision 8, 609x432, components 3\012- data
Hash ab6b9d30f4fcd67761c04a195d1821fc
366417768fc64614db5d2b1cf85c2a2b5a1cc3f7
68039dee0a0d685f3e8731c523c3dd227f8d95c5c210fe2ae21b6e92e0b91ed6
GET /wp-content/uploads/blm-matter-freedom-road-violence.jpg HTTP/1.1
Host: www.thegatewaypundit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Sep 2022 00:22:55 GMT
content-type: image/jpeg
content-length: 48326
last-modified: Mon, 21 Sep 2020 23:05:39 GMT
etag: "5f6931c3-bcc6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 749cbb322af2b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e3.365dm.com/22/09/1600x900/skynews-the-queen-joe-biden_5892470.jpg?20220908214130
23.33.119.16200 OK 140 kB URL HTTP/2 e3.365dm.com/22/09/1600x900/skynews-the-queen-joe-biden_5892470.jpg?20220908214130
IP 23.33.119.16:0
ASN #20940 Akamai International B.V.
File type JPEG image data, baseline, precision 8, 1600x900, components 3\012- data
Size 140 kB (139557 bytes)
Hash 71847177b32cc5ef336d97fcfdff063e
113e039407ca5b732af8033417d0563224235091
49d0aa6d5eb8a3bb9dc5a338c2902582ad6a2eb92c77b4a0cf9b472195736115
GET /22/09/1600x900/skynews-the-queen-joe-biden_5892470.jpg?20220908214130 HTTP/1.1
Host: e3.365dm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
strict-transport-security: max-age=15724800; includeSubDomains
server: none
cache-control: public, max-age=453723, s-maxage=15552000
expires: Sun, 18 Sep 2022 06:24:58 GMT
date: Tue, 13 Sep 2022 00:22:55 GMT
content-length: 139557
X-Firefox-Spdy: h2
cdn.newsbusters.org/styles/mobile_thumb_700x400_/s3/2022-09/PaulKrugmanMSNBC.png?itok=TixlGl9N
143.204.55.65200 OK 239 kB URL HTTP/2 cdn.newsbusters.org/styles/mobile_thumb_700x400_/s3/2022-09/PaulKrugmanMSNBC.png?itok=TixlGl9N
IP 143.204.55.65:0
File type PNG image data, 700 x 400, 8-bit/color RGB, non-interlaced\012- data
Size 239 kB (238840 bytes)
Hash 1e78c0135460f908fc396af13060eb4f
0046e6324ddba8475657a77d400addd6ae2546d3
f25935ac191699e19606e5cefbc5ad67f71388bf3e7c954428c33dd9de4484ca
GET /styles/mobile_thumb_700x400_/s3/2022-09/PaulKrugmanMSNBC.png?itok=TixlGl9N HTTP/1.1
Host: cdn.newsbusters.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 238840
date: Thu, 08 Sep 2022 16:42:47 GMT
last-modified: Thu, 08 Sep 2022 16:40:45 GMT
etag: "1e78c0135460f908fc396af13060eb4f"
cache-control: public,max-age=604800
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 297LJ1lhqKGN62jsTiZdNTFtx-GTtHvF9aHxb7sgNY43shrTJ9BIOw==
age: 373208
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 520ec0a718fa4d2bfe7d870ec65598fb
d3b9c7c263b15686722ea49d835472fa2031c531
e49e6d0797d5eef86e4a2035505e101d940ac10209d9ce3a90215753407f48bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E49E6D0797D5EEF86E4A2035505E101D940AC10209D9CE3A90215753407F48BB"
Last-Modified: Sun, 11 Sep 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10847
Expires: Tue, 13 Sep 2022 03:23:42 GMT
Date: Tue, 13 Sep 2022 00:22:55 GMT
Connection: keep-alive
www.dailysignal.com/wp-content/uploads/Biden-speech.jpg
151.101.130.133200 OK 50 kB URL HTTP/2 www.dailysignal.com/wp-content/uploads/Biden-speech.jpg
IP 151.101.130.133:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1250x650, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d739f2845d41bb59f65b840368bcce6a
86ec3c578df501b9f8e62c7c04b671953c7f9e45
afd470c476cb97da0f3dbcbeb5068520a7f93995a7e0e51b76f01c811dcc1567
GET /wp-content/uploads/Biden-speech.jpg HTTP/1.1
Host: www.dailysignal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31622400
content-type: image/webp
etag: "haGUq59UgFfbv+5JWudwpP/f0ztrVqT8Ocw7cj8R1SQ"
expires: Sun, 10 Sep 2023 14:59:23 GMT
fastly-io-info: ifsz=461781 idim=1250x650 ifmt=jpeg ofsz=50184 odim=1250x650 ofmt=webp
fastly-stats: io=1
server: nginx
strict-transport-security: max-age=300
traceparent: 00-36d8b00bf69445679f66530e61626ef5-d629a7ef5968652b-00
via: 1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cloud-trace-context: 36d8b00bf69445679f66530e61626ef5/15432050244600751403;o=0
x-pantheon-styx-hostname: styx-fe1-a-6d9bbf99db-x82wd
x-styx-req-id: fd69f92e-304f-11ed-bce2-f6175214d7da
accept-ranges: bytes
age: 293011
date: Tue, 13 Sep 2022 00:22:55 GMT
x-served-by: cache-chi-klot8100099-CHI, cache-ams21075-AMS, cache-ams21075-AMS, cache-bma1670-BMA, cache-bma1650-BMA
x-cache: MISS, MISS, HIT, HIT, MISS
x-cache-hits: 0, 0, 7, 1, 0
x-timer: S1663028576.917212,VS0,VE4
vary: Accept, orig-host
content-length: 50184
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 520ec0a718fa4d2bfe7d870ec65598fb
d3b9c7c263b15686722ea49d835472fa2031c531
e49e6d0797d5eef86e4a2035505e101d940ac10209d9ce3a90215753407f48bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E49E6D0797D5EEF86E4A2035505E101D940AC10209D9CE3A90215753407F48BB"
Last-Modified: Sun, 11 Sep 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10847
Expires: Tue, 13 Sep 2022 03:23:42 GMT
Date: Tue, 13 Sep 2022 00:22:55 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 520ec0a718fa4d2bfe7d870ec65598fb
d3b9c7c263b15686722ea49d835472fa2031c531
e49e6d0797d5eef86e4a2035505e101d940ac10209d9ce3a90215753407f48bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E49E6D0797D5EEF86E4A2035505E101D940AC10209D9CE3A90215753407F48BB"
Last-Modified: Sun, 11 Sep 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10847
Expires: Tue, 13 Sep 2022 03:23:42 GMT
Date: Tue, 13 Sep 2022 00:22:55 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 520ec0a718fa4d2bfe7d870ec65598fb
d3b9c7c263b15686722ea49d835472fa2031c531
e49e6d0797d5eef86e4a2035505e101d940ac10209d9ce3a90215753407f48bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E49E6D0797D5EEF86E4A2035505E101D940AC10209D9CE3A90215753407F48BB"
Last-Modified: Sun, 11 Sep 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10847
Expires: Tue, 13 Sep 2022 03:23:42 GMT
Date: Tue, 13 Sep 2022 00:22:55 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bd7b5eb635d48acf1428c326eaa892a1
ba9f6c0db831a88b7d6dbdd98f19e76b4b501258
557466a3b642e90e352898073ff23f6a034c3b233e8aee0f0f69cd6ca83d49f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 00:22:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bd7b5eb635d48acf1428c326eaa892a1
ba9f6c0db831a88b7d6dbdd98f19e76b4b501258
557466a3b642e90e352898073ff23f6a034c3b233e8aee0f0f69cd6ca83d49f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 00:22:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
platform.twitter.com/widgets/widget_iframe.c4bdc17e77719578b594d5555bee90db.html?origin=https%3A%2F%2Ftheconservativedispatch.com
151.101.84.157200 OK 105 kB URL HTTP/2 platform.twitter.com/widgets/widget_iframe.c4bdc17e77719578b594d5555bee90db.html?origin=https%3A%2F%2Ftheconservativedispatch.com
IP 151.101.84.157:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (56168)
Size 105 kB (105445 bytes)
Hash 2c908e4df66c813c91eb41dd02376079
29df916bd525b6e273f6a62adb7d6df80789edfb
767b670476dae60cf2ddfda9bf3695fd9be641e1a338564b0d23b80cedaed567
GET /widgets/widget_iframe.c4bdc17e77719578b594d5555bee90db.html?origin=https%3A%2F%2Ftheconservativedispatch.com HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 31 Aug 2022 20:40:57 GMT
cache-control: public, max-age=315360000
content-type: text/html; charset=utf-8
etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Tue, 13 Sep 2022 00:22:56 GMT
x-served-by: cache-iad-kiad7000062-IAD, cache-bma1639-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 105445
X-Firefox-Spdy: h2
fonts.gstatic.com/s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2
142.250.74.163200 OK 27 kB URL HTTP/2 fonts.gstatic.com/s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 27120, version 1.0\012- data
Hash 43e7d3f1dec74478587a2b3cfa272631
c065f24ac428353854ebd6715c49966fc4f4c762
6c6c9c3fad669c3d32227f5cc3467735c8211ddcf4f8c184c2e62e7f3ef7af44
GET /s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://theconservativedispatch.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27120
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 17:22:36 GMT
expires: Wed, 06 Sep 2023 17:22:36 GMT
cache-control: public, max-age=31536000
age: 543620
last-modified: Tue, 26 Apr 2022 16:42:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/pirataone/v22/I_urMpiDvgLdLh0fAtofhi-Org.woff2
142.250.74.163200 OK 8.9 kB URL HTTP/2 fonts.gstatic.com/s/pirataone/v22/I_urMpiDvgLdLh0fAtofhi-Org.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 8868, version 1.0\012- data
Hash 6869a0ed1f214da8a821e01bf81d4c79
c374e15f389547da829a2221b71394a62e8f27db
44b3b2295b8458efd2772a35dad4060f7bd6c434b6c39b31181ca9dff2175576
GET /s/pirataone/v22/I_urMpiDvgLdLh0fAtofhi-Org.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://theconservativedispatch.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8868
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Sep 2022 04:38:49 GMT
expires: Fri, 08 Sep 2023 04:38:49 GMT
cache-control: public, max-age=31536000
age: 416647
last-modified: Wed, 27 Apr 2022 16:05:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bd7b5eb635d48acf1428c326eaa892a1
ba9f6c0db831a88b7d6dbdd98f19e76b4b501258
557466a3b642e90e352898073ff23f6a034c3b233e8aee0f0f69cd6ca83d49f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 00:22:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.theconservativedispatch.com/wp-content/themes/disruptpress/customizer/img/pattern/bg_noise_2.png
132.148.41.74200 OK 48 kB URL HTTP/2 www.theconservativedispatch.com/wp-content/themes/disruptpress/customizer/img/pattern/bg_noise_2.png
IP 132.148.41.74:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash fdcf2bbcfc94b7b664b0caf5de3ccb35
c706900d8f145e11368c1f3f8d4034280b4d1387
811e6a3416ad2f90da1fe6e1223a97af0d13f1a0a70e77bc1e16736dd42f381a
GET /wp-content/themes/disruptpress/customizer/img/pattern/bg_noise_2.png HTTP/1.1
Host: www.theconservativedispatch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/
Cookie: JykSQtVY_XbHfpsN=9PJ%40%5D0VdZe; vWPkrI=XjEH0NaM2Lk96C7; OLYTeqj=O%2A3bAJZnE7c; ehDIEzWbKZO=o9gGki2I; PHPSESSID=43ca6a00fc6cb6d3f3223422808577fe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 18 May 2020 12:13:34 GMT
etag: "aa1530-bd80-5a5eb17845780"
accept-ranges: bytes
content-length: 48512
content-type: image/png
date: Tue, 13 Sep 2022 00:22:55 GMT
server: Apache
X-Firefox-Spdy: h2
www.theconservativedispatch.com/wp-content/themes/disruptpress/customizer/img/pattern/redox-02.png
132.148.41.74200 OK 76 kB URL HTTP/2 www.theconservativedispatch.com/wp-content/themes/disruptpress/customizer/img/pattern/redox-02.png
IP 132.148.41.74:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 600 x 340, 8-bit colormap, non-interlaced\012- data
Hash 870ccf7bd89479a83931e9da02716d98
7b50675689d099222e211d43f961c3d32e1c99d5
a6c6117b8f9c6cd05c6283b8b39fad17da4d7ef6792c5f883349ec0435ca852b
GET /wp-content/themes/disruptpress/customizer/img/pattern/redox-02.png HTTP/1.1
Host: www.theconservativedispatch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/
Cookie: JykSQtVY_XbHfpsN=9PJ%40%5D0VdZe; vWPkrI=XjEH0NaM2Lk96C7; OLYTeqj=O%2A3bAJZnE7c; ehDIEzWbKZO=o9gGki2I; PHPSESSID=43ca6a00fc6cb6d3f3223422808577fe
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 18 May 2020 12:13:34 GMT
etag: "aa1568-126cd-5a5eb17845780"
accept-ranges: bytes
content-length: 75469
content-type: image/png
date: Tue, 13 Sep 2022 00:22:55 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 5c8b40b1b577fd4f5ea241acc68dd95e
e2fa8411e380ecb99c4583f421ef86db4f6f634d
61c3fc832345ad584f7bfb8e8487905f7b97cb923be9deb20c94a6e717c59630
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6577
Cache-Control: max-age=106385
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 00:22:56 GMT
Etag: "631eb040-139"
Expires: Wed, 14 Sep 2022 05:56:01 GMT
Last-Modified: Mon, 12 Sep 2022 04:06:24 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 313
tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=26693&cs_offset=0&cs_containertype=web&cs_esp=powerinbox_web
13.84.54.237303 See Other 0 B URL HTTP/2 tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=26693&cs_offset=0&cs_containertype=web&cs_esp=powerinbox_web
IP 13.84.54.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=26693&cs_offset=0&cs_containertype=web&cs_esp=powerinbox_web HTTP/1.1
Host: tr.rev-stripe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://theconservativedispatch.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 303 See Other
access-control-expose-headers: Request-Context
cache-control: no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
date: Tue, 13 Sep 2022 00:22:55 GMT
expires: -1
location: https://images-prod.powerinboxedge.com/v3/images/0/757508
pragma: no-cache
request-context: appId=cid-v1:b1915e72-e266-47bd-9574-958ec8610746
content-length: 0
X-Firefox-Spdy: h2
tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=26694&cs_offset=0&cs_esp=powerinbox_web&cs_containertype=web
13.84.54.237303 See Other 0 B URL HTTP/2 tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=26694&cs_offset=0&cs_esp=powerinbox_web&cs_containertype=web
IP 13.84.54.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=26694&cs_offset=0&cs_esp=powerinbox_web&cs_containertype=web HTTP/1.1
Host: tr.rev-stripe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://theconservativedispatch.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 303 See Other
access-control-expose-headers: Request-Context
cache-control: no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
date: Tue, 13 Sep 2022 00:22:55 GMT
expires: -1
location: https://images-prod.powerinboxedge.com/v3/images/5130/757489
pragma: no-cache
request-context: appId=cid-v1:b1915e72-e266-47bd-9574-958ec8610746
content-length: 0
X-Firefox-Spdy: h2
tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=26694&cs_offset=1&cs_esp=powerinbox_web&cs_containertype=web
13.84.54.237303 See Other 0 B URL HTTP/2 tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=26694&cs_offset=1&cs_esp=powerinbox_web&cs_containertype=web
IP 13.84.54.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=26694&cs_offset=1&cs_esp=powerinbox_web&cs_containertype=web HTTP/1.1
Host: tr.rev-stripe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://theconservativedispatch.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 303 See Other
access-control-expose-headers: Request-Context
cache-control: no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
date: Tue, 13 Sep 2022 00:22:55 GMT
expires: -1
location: https://images-prod.powerinboxedge.com/v3/images/5130/757539
pragma: no-cache
request-context: appId=cid-v1:b1915e72-e266-47bd-9574-958ec8610746
content-length: 0
X-Firefox-Spdy: h2
tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=26694&cs_offset=2&cs_esp=powerinbox_web&cs_containertype=web
13.84.54.237303 See Other 0 B URL HTTP/2 tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=26694&cs_offset=2&cs_esp=powerinbox_web&cs_containertype=web
IP 13.84.54.237:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=26694&cs_offset=2&cs_esp=powerinbox_web&cs_containertype=web HTTP/1.1
Host: tr.rev-stripe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://theconservativedispatch.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 303 See Other
access-control-expose-headers: Request-Context
cache-control: no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
date: Tue, 13 Sep 2022 00:22:55 GMT
expires: -1
location: https://images-prod.powerinboxedge.com/v3/images/5130/757482
pragma: no-cache
request-context: appId=cid-v1:b1915e72-e266-47bd-9574-958ec8610746
content-length: 0
X-Firefox-Spdy: h2
images-prod.powerinboxedge.com/v3/images/0/757508
54.230.111.90200 OK 72 kB URL HTTP/2 images-prod.powerinboxedge.com/v3/images/0/757508
IP 54.230.111.90:0
File type PNG image data, 970 x 250, 8-bit colormap, non-interlaced\012- data
Hash 8a43210abce4e965c75409fdce1ed0e6
a1cb245ac916f92e7c200eb90ab0f7dc1082af5b
12242e6e9109332f14d6891fd983c220afeea870fff2a0db2ca1e5ec0568a2ee
GET /v3/images/0/757508 HTTP/1.1
Host: images-prod.powerinboxedge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://theconservativedispatch.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 71704
last-modified: Mon, 19 Jul 2021 21:59:51 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 12 Sep 2022 23:34:56 GMT
cache-control: public, max-age=3600
etag: "8a43210abce4e965c75409fdce1ed0e6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9HsGsDdvw2eKsx7m1f82szHzCtfOvdcsKH-vdW1zBp8ByUaW3DEZrQ==
age: 2980
X-Firefox-Spdy: h2
cdn2.lockerdomecdn.com/_js/ajs.js
54.230.111.91200 OK 22 kB URL HTTP/2 cdn2.lockerdomecdn.com/_js/ajs.js
IP 54.230.111.91:0
Hash 1af97563215e98f50b44c6e042fdf773
e126071baaa52ae203a75b38ed667ba2d181747b
627ab249bb3bb214ec1356ce2a359aa78e8684059a8bbafa6e722ea867fe97e6
GET /_js/ajs.js HTTP/1.1
Host: cdn2.lockerdomecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
cache-control: public, max-age=86400
last-modified: Fri, 09 Sep 2022 22:56:58 GMT
etag: W/"1a40-18324787756"
content-encoding: gzip
date: Mon, 12 Sep 2022 21:44:16 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EHWMv6p98z36nK2-fLVkV7XhYtsoBjRZbPJZwGVAYbenT2rat9M0ZQ==
age: 9519
X-Firefox-Spdy: h2
theconservativedispatch.com/wp-content/plugins/arscode-ninja-popups/font-awesome/fonts/fontawesome-webfont.woff2?v=4.3.0
132.148.41.74200 OK 57 kB URL HTTP/2 theconservativedispatch.com/wp-content/plugins/arscode-ninja-popups/font-awesome/fonts/fontawesome-webfont.woff2?v=4.3.0
IP 132.148.41.74:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Web Open Font Format (Version 2), TrueType, length 56780, version 4.197\012- data
Hash 97493d3f11c0a3bd5cbd959f5d19b699
1075231650f579955905bb2f6527148a8e2b4b16
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/arscode-ninja-popups/font-awesome/fonts/fontawesome-webfont.woff2?v=4.3.0 HTTP/1.1
Host: theconservativedispatch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://theconservativedispatch.com/wp-content/plugins/arscode-ninja-popups/font-awesome/css/font-awesome.min.css?ver=6.0.2
Cookie: JykSQtVY_XbHfpsN=9PJ%40%5D0VdZe; vWPkrI=XjEH0NaM2Lk96C7; OLYTeqj=O%2A3bAJZnE7c; ehDIEzWbKZO=o9gGki2I; PHPSESSID=7ee28676eb66058fa56a95944cca7512
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 12 Apr 2020 19:24:03 GMT
etag: "7013db-ddcc-5a31ce8c21ac0"
accept-ranges: bytes
content-length: 56780
vary: Accept-Encoding
content-type: font/woff2
date: Tue, 13 Sep 2022 00:22:56 GMT
server: Apache
X-Firefox-Spdy: h2
pjmedia.com/wp-content/uploads/2021/08/fringe-1-1110x740.jpeg
104.18.19.43200 OK 92 kB URL HTTP/2 pjmedia.com/wp-content/uploads/2021/08/fringe-1-1110x740.jpeg
IP 104.18.19.43:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1110x740, components 3\012- data
Hash 3a5fe40de4a335432ee54162cb9e5575
f8bd2bfb0a3eafd5051a2f22ee03076070221ec4
92f499306a5cd772d9604e55a70b778e65dae9283f4386e2bac2b0db28959578
GET /wp-content/uploads/2021/08/fringe-1-1110x740.jpeg HTTP/1.1
Host: pjmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 00:22:56 GMT
content-type: image/jpeg
content-length: 92453
expires: Tue, 13 Sep 2022 01:22:56 GMT
etag: "f8bd2bfb0a3eafd5051a2f22ee03076070221ec4"
cache-control: public, max-age=3600
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
x-img: tmbor
cf-cache-status: MISS
accept-ranges: bytes
set-cookie: __cf_bm=sX3VK0l41qCIQ89h0hn7dLmaGBuZNat9Vkwtd.USt_c-1663028576-0-ARgHXDUR0kPsI9m3RAE6o52hXwDnRIA+VD0idSay+mxBZk0qPiB4lbQPueFdAAD9see/FNXjQhcevcSjGMIqhco=; path=/; expires=Tue, 13-Sep-22 00:52:56 GMT; domain=.pjmedia.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 749cbb363dd70b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
syndication.twitter.com/settings?session_id=d4323552af5e0a49792c32ea4075449f7cd4ee85
104.244.42.200200 OK 308 B URL HTTP/2 syndication.twitter.com/settings?session_id=d4323552af5e0a49792c32ea4075449f7cd4ee85
IP 104.244.42.200:0
File type JSON data\012- , ASCII text, with very long lines (709), with no line terminators
Hash d8e2887342b363c09cd19d9b36199dbe
47c62bf9e3e60b6ab0b61eae608db43c04f7bea4
c38e646e125827b7520415ecaf228031c848266838cd894fa44a41686fedc553
GET /settings?session_id=d4323552af5e0a49792c32ea4075449f7cd4ee85 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://platform.twitter.com/
Origin: https://platform.twitter.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 00:22:55 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: application/json; charset=utf-8
cache-control: must-revalidate, max-age=600
last-modified: Tue, 13 Sep 2022 00:22:56 GMT
content-length: 308
content-encoding: gzip
x-transaction-id: 59ed540fed7d8be5
strict-transport-security: max-age=631138519
access-control-allow-origin: https://platform.twitter.com
access-control-allow-credentials: true
x-response-time: 117
x-connection-hash: 84209ba2660fedd125cf559eb93d276e138edb1325478b46fda93af652a099c6
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash a83db60b8bf4f2de8a8d7cc88085b5c1
18f5d46700763b12129ea1b2c775d931cb73a26e
d30a3b53b2a6c413d9c7f9ca65e4b19533857882ae35eb8b24627f617c13df89
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 13 Sep 2022 00:22:56 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 13 Sep 2022 00:08:08 GMT
Expires: Wed, 14 Sep 2022 00:08:08 GMT
ETag: "18f5d46700763b12129ea1b2c775d931cb73a26e"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash a83db60b8bf4f2de8a8d7cc88085b5c1
18f5d46700763b12129ea1b2c775d931cb73a26e
d30a3b53b2a6c413d9c7f9ca65e4b19533857882ae35eb8b24627f617c13df89
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 13 Sep 2022 00:22:56 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 13 Sep 2022 00:08:08 GMT
Expires: Wed, 14 Sep 2022 00:08:08 GMT
ETag: "18f5d46700763b12129ea1b2c775d931cb73a26e"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
cdn.newsbusters.org/styles/mobile_thumb_700x400_/s3/2022-09/Meet%20the%20Press%20-%2010_30_00%20AM-7.jpg?itok=v6TXrSNH
143.204.55.65200 OK 151 kB URL HTTP/2 cdn.newsbusters.org/styles/mobile_thumb_700x400_/s3/2022-09/Meet%20the%20Press%20-%2010_30_00%20AM-7.jpg?itok=v6TXrSNH
IP 143.204.55.65:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 700x400, components 3\012- data
Size 151 kB (150927 bytes)
Hash 2fd554ef39e937acbaafe35fd88837c0
79db5fd7317bea3d450beeca4998b71bea6f7e43
67b8c8175278221bff74b621ff1dca5043575eee3e0066ccb682c66f4a655b4f
GET /styles/mobile_thumb_700x400_/s3/2022-09/Meet%20the%20Press%20-%2010_30_00%20AM-7.jpg?itok=v6TXrSNH HTTP/1.1
Host: cdn.newsbusters.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 150927
date: Tue, 13 Sep 2022 00:22:57 GMT
last-modified: Sun, 11 Sep 2022 16:05:27 GMT
etag: "2fd554ef39e937acbaafe35fd88837c0"
cache-control: public,max-age=604800
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Auct4B3D45HPf33fkbXYLx3vaIrwONVnAUzXuFktIbZ2o3RrZ8jJ1w==
X-Firefox-Spdy: h2
lockerdome.com/lad/13531770838791270?pubid=ld-4017-7954&pubo=https%3A%2F%2Ftheconservativedispatch.com&rid=&width=843
104.154.142.214200 OK 1.4 kB URL HTTP/1.1 lockerdome.com/lad/13531770838791270?pubid=ld-4017-7954&pubo=https%3A%2F%2Ftheconservativedispatch.com&rid=&width=843
IP 104.154.142.214:0
File type HTML document text\012- HTML document, ASCII text
Hash 78c1bb1ea25ac2b419010380ca62ab68
fb07eb769a9c7dd5ca3deb260283f8aaeefe5c70
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b
GET /lad/13531770838791270?pubid=ld-4017-7954&pubo=https%3A%2F%2Ftheconservativedispatch.com&rid=&width=843 HTTP/1.1
Host: lockerdome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Content-Type: text/html; charset=utf-8
Content-Length: 1376
Date: Tue, 13 Sep 2022 00:22:56 GMT
lockerdome.com/lad/13696374286005350?pubid=ld-7332-6773&pubo=https%3A%2F%2Ftheconservativedispatch.com&rid=&width=843
104.154.142.214200 OK 1.4 kB URL HTTP/1.1 lockerdome.com/lad/13696374286005350?pubid=ld-7332-6773&pubo=https%3A%2F%2Ftheconservativedispatch.com&rid=&width=843
IP 104.154.142.214:0
File type HTML document text\012- HTML document, ASCII text
Hash 78c1bb1ea25ac2b419010380ca62ab68
fb07eb769a9c7dd5ca3deb260283f8aaeefe5c70
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b
GET /lad/13696374286005350?pubid=ld-7332-6773&pubo=https%3A%2F%2Ftheconservativedispatch.com&rid=&width=843 HTTP/1.1
Host: lockerdome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Content-Type: text/html; charset=utf-8
Content-Length: 1376
Date: Tue, 13 Sep 2022 00:22:56 GMT
images-prod.powerinboxedge.com/v3/images/5130/757489
54.230.111.90200 OK 92 kB URL HTTP/2 images-prod.powerinboxedge.com/v3/images/5130/757489
IP 54.230.111.90:0
File type PNG image data, 350 x 398, 8-bit colormap, non-interlaced\012- data
Hash e1ad374d5de210f18c6cbd07ff691c44
da28a1b9f14d0533189c7a1f5eb97937915a7e0d
8b1ad4cdd3d52bb99b3a48356032c7b07c2d7a39ed6b7cd41949ce12224f7d60
GET /v3/images/5130/757489 HTTP/1.1
Host: images-prod.powerinboxedge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://theconservativedispatch.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 92157
last-modified: Mon, 19 Jul 2021 22:00:01 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 13 Sep 2022 00:22:57 GMT
cache-control: public, max-age=3600
etag: "e1ad374d5de210f18c6cbd07ff691c44"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NRMwBEsmPdDG5YZY1PuoiUz5g_y-TBWFQLsIOYo593M91Z9Zjrv4wQ==
X-Firefox-Spdy: h2
images-prod.powerinboxedge.com/v3/images/5130/757482
54.230.111.90200 OK 61 kB URL HTTP/2 images-prod.powerinboxedge.com/v3/images/5130/757482
IP 54.230.111.90:0
File type PNG image data, 350 x 398, 8-bit colormap, non-interlaced\012- data
Hash e8bd678241392e24ca1c062b7e6594d2
593ebddde2440daaaa92488467f0a111c6dab775
9145d9f06fbe5debc7e8f045ce6b87f29defda2e0e8e2f5ba433feb654da32f2
GET /v3/images/5130/757482 HTTP/1.1
Host: images-prod.powerinboxedge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://theconservativedispatch.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 61175
last-modified: Mon, 19 Jul 2021 22:09:52 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 13 Sep 2022 00:22:57 GMT
cache-control: public, max-age=3600
etag: "e8bd678241392e24ca1c062b7e6594d2"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sMBBc2yvu_X273T4-0aPbli9cQdNs8JnhVv-sUZosR8hUos1I-RvJA==
X-Firefox-Spdy: h2
images-prod.powerinboxedge.com/v3/images/5130/757539
54.230.111.90200 OK 84 kB URL HTTP/2 images-prod.powerinboxedge.com/v3/images/5130/757539
IP 54.230.111.90:0
File type PNG image data, 350 x 398, 8-bit colormap, non-interlaced\012- data
Hash b0dc2e43db3ff91d99236d67f1b2ac9f
3796f5ad55fc8cfe8ec9ef246079317a75c280b1
386630d2e67eb04906ff918f1c479d7b45db3b5d4216aa2aec1ca2d37afbc52a
GET /v3/images/5130/757539 HTTP/1.1
Host: images-prod.powerinboxedge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://theconservativedispatch.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 84419
last-modified: Mon, 19 Jul 2021 22:00:42 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 13 Sep 2022 00:22:57 GMT
cache-control: public, max-age=3600
etag: "b0dc2e43db3ff91d99236d67f1b2ac9f"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GFqfT04roHwBS7lBXyEXGX2CzYvbTP83El-8YlItYKrFbL-dLtZiTQ==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 7c85e22b75dd559a6c65736bae63c5bd
eb57470991666108a01b8ee0adf707e1c1dc8642
bd05cc5dfc5ddd554cc9ac5395035ce302b0b74343d199a64b2dbdcac0070944
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 00:22:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 7c85e22b75dd559a6c65736bae63c5bd
eb57470991666108a01b8ee0adf707e1c1dc8642
bd05cc5dfc5ddd554cc9ac5395035ce302b0b74343d199a64b2dbdcac0070944
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 00:22:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/dc.js
142.251.1.154200 OK 17 kB URL HTTP/2 stats.g.doubleclick.net/dc.js
IP 142.251.1.154:0
File type ASCII text, with very long lines (1305)
Hash 5f65521f6c6223e1e18cb161832bea2a
f03800023e7bbe2579cd24e122cdf8c6ecf8b4c6
787b69b93681cf41784dfa8655cbdafe8a56ecc62f0112a6ea2241a284a0e3c9
GET /dc.js HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lockerdome.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17093
date: Mon, 12 Sep 2022 22:45:39 GMT
expires: Tue, 13 Sep 2022 00:45:39 GMT
cache-control: public, max-age=7200
age: 5837
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.66200 OK 58 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.66:0
File type ASCII text, with very long lines (2903)
Hash 386ea45f6866590040f6542b25f89c4f
23dc73efdb9b2cca98c6566aede6e3e11ddd85fb
a4977c44da176529b168784724d27d32de254869f93807d668cbc2b687fd938c
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Tue, 13 Sep 2022 00:22:56 GMT
expires: Tue, 13 Sep 2022 00:22:56 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 9657692839967803785
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 57458
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 7c85e22b75dd559a6c65736bae63c5bd
eb57470991666108a01b8ee0adf707e1c1dc8642
bd05cc5dfc5ddd554cc9ac5395035ce302b0b74343d199a64b2dbdcac0070944
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 00:22:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 741400b574ef7f9f3236164e28e58c51
811018b86fd196da2faf32b044905e1130002a90
efb8e915e207a776018a5319e449e47a105b1d8692e08317c2b3014135b01418
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 00:22:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=theconservativedispatch.com&callback=_gfp_s_&client=ca-pub-9487171298950379
142.250.74.98200 OK 213 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=theconservativedispatch.com&callback=_gfp_s_&client=ca-pub-9487171298950379
IP 142.250.74.98:0
File type ASCII text, with no line terminators
Hash 2b3fd1ad135f607adb0db86ac63e3503
783e7df156cdb81e2e1c981f4476923ea0aff2f4
3a516491a90aa8528c746bc13824408cb941ef15d6fb2a24ccb0b6901a59d845
GET /gampad/cookie.js?domain=theconservativedispatch.com&callback=_gfp_s_&client=ca-pub-9487171298950379 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 13 Sep 2022 00:22:57 GMT
server: cafe
cache-control: private
content-length: 213
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ad439cab56126bcc402ee9f92365a209
a4b48a9a733c53cbc7020e190b8c787e1f80f55a
d0e2e52b66a8dec8c57092ec332f452a7348941d778d7b4686ca32696aabd065
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 00:22:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=theconservativedispatch.com
142.250.74.2200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=theconservativedispatch.com
IP 142.250.74.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=theconservativedispatch.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 13 Sep 2022 00:22:57 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4fd53df42280409cd83e9f2cbd753bb6
c7879abb078bdc6dfd363f72509d1f36e5a8a622
c6eecc725ec5cf4376f99fafaf029eaa6f207dceefb09c09f1e8aaaa1fa1b5f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 00:22:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 741400b574ef7f9f3236164e28e58c51
811018b86fd196da2faf32b044905e1130002a90
efb8e915e207a776018a5319e449e47a105b1d8692e08317c2b3014135b01418
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 00:22:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=theconservativedispatch.com
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=theconservativedispatch.com
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=theconservativedispatch.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 13 Sep 2022 00:22:57 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ad439cab56126bcc402ee9f92365a209
a4b48a9a733c53cbc7020e190b8c787e1f80f55a
d0e2e52b66a8dec8c57092ec332f452a7348941d778d7b4686ca32696aabd065
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 00:22:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4fd53df42280409cd83e9f2cbd753bb6
c7879abb078bdc6dfd363f72509d1f36e5a8a622
c6eecc725ec5cf4376f99fafaf029eaa6f207dceefb09c09f1e8aaaa1fa1b5f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 00:22:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
theconservativedispatch.com/favicon.ico
132.148.41.74302 Found 1 B URL HTTP/2 theconservativedispatch.com/favicon.ico
IP 132.148.41.74:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash eccbc87e4b5ce2fe28308fd9f2a7baf3
77de68daecd823babbb58edb1c8e14d7106e83bb
4e07408562bedb8b60ce05c1decfe3ad16b72230967de01f640b7e4729b49fce
GET /favicon.ico HTTP/1.1
Host: theconservativedispatch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/2020/10/06/new-video-supports-our-initial-observations-that-blm-is-connected-to-democrats-communists-terrorists-and-china/
Cookie: JykSQtVY_XbHfpsN=9PJ%40%5D0VdZe; vWPkrI=XjEH0NaM2Lk96C7; OLYTeqj=O%2A3bAJZnE7c; ehDIEzWbKZO=o9gGki2I; PHPSESSID=7ee28676eb66058fa56a95944cca7512; JCS_INENREF=; JCS_INENTIM=1663028563595; _wpss_h_=1; _wpss_p_=N%3A0%20%7C%20
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
x-powered-by: PHP/7.3.33
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
link: <https://theconservativedispatch.com/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
set-cookie: JykSQtVY_XbHfpsN=9PJ%40%5D0VdZe; expires=Wed, 14-Sep-2022 00:22:57 GMT; Max-Age=86400; path=/; secure
vWPkrI=XjEH0NaM2Lk96C7; expires=Wed, 14-Sep-2022 00:22:57 GMT; Max-Age=86400; path=/; secure
OLYTeqj=O%2A3bAJZnE7c; expires=Wed, 14-Sep-2022 00:22:57 GMT; Max-Age=86400; path=/; secure
ehDIEzWbKZO=o9gGki2I; expires=Wed, 14-Sep-2022 00:22:57 GMT; Max-Age=86400; path=/; secure
location: https://theconservativedispatch.com/wp-includes/images/w-logo-blue-white-bg.png
vary: Accept-Encoding
content-encoding: br
content-length: 1
content-type: text/html; charset=UTF-8
date: Tue, 13 Sep 2022 00:22:56 GMT
server: Apache
X-Firefox-Spdy: h2
theconservativedispatch.com/wp-includes/images/w-logo-blue-white-bg.png
132.148.41.74200 OK 4.1 kB URL HTTP/2 theconservativedispatch.com/wp-includes/images/w-logo-blue-white-bg.png
IP 132.148.41.74:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 000bf649cc8f6bf27cfb04d1bcdcd3c7
d73d2f6d74ec6cdcbae07955592962e77d8ae814
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: theconservativedispatch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://theconservativedispatch.com/2020/10/06/new-video-supports-our-initial-observations-that-blm-is-connected-to-democrats-communists-terrorists-and-china/
Connection: keep-alive
Cookie: JykSQtVY_XbHfpsN=9PJ%40%5D0VdZe; vWPkrI=XjEH0NaM2Lk96C7; OLYTeqj=O%2A3bAJZnE7c; ehDIEzWbKZO=o9gGki2I; PHPSESSID=7ee28676eb66058fa56a95944cca7512; JCS_INENREF=; JCS_INENTIM=1663028563595; _wpss_h_=1; _wpss_p_=N%3A0%20%7C%20; __gads=ID=8d2e771d261e5786-226c093319ce0090:T=1663028577:RT=1663028577:S=ALNI_MbzeSrLlIEFcIb_d-sQyRjwlONBhQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 16 Nov 2021 00:04:01 GMT
etag: "1600b7d-1017-5d0dca9a37e40"
accept-ranges: bytes
content-length: 4119
content-type: image/png
date: Tue, 13 Sep 2022 00:22:57 GMT
server: Apache
X-Firefox-Spdy: h2
lockerdome.com/lad/13968896202060902?pubid=ld-13968896202060902&pubo=https%3A%2F%2Ftheconservativedispatch.com&rid=&width=1228
104.154.142.214200 OK 1.4 kB URL HTTP/1.1 lockerdome.com/lad/13968896202060902?pubid=ld-13968896202060902&pubo=https%3A%2F%2Ftheconservativedispatch.com&rid=&width=1228
IP 104.154.142.214:0
File type HTML document text\012- HTML document, ASCII text
Hash 78c1bb1ea25ac2b419010380ca62ab68
fb07eb769a9c7dd5ca3deb260283f8aaeefe5c70
ba2d293f01789ef093b5b67ca430d9d1a95a5782e7f72e9b961163f4ba56f43b
GET /lad/13968896202060902?pubid=ld-13968896202060902&pubo=https%3A%2F%2Ftheconservativedispatch.com&rid=&width=1228 HTTP/1.1
Host: lockerdome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Content-Type: text/html; charset=utf-8
Content-Length: 1376
Date: Tue, 13 Sep 2022 00:22:57 GMT
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 535d274bda0c065485a534026ab497a4
0ee92c6de28c6999632b924ba226c3c449ad2e40
14dd3a50213e32e5768046e3e99cd8fc302a94f6b8f9763bbd51d8605ebd16fe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 00:22:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.33200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Tue, 13 Sep 2022 00:22:57 GMT
expires: Tue, 13 Sep 2022 00:22:57 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
142.250.74.33200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Sep 2022 07:47:45 GMT
expires: Fri, 08 Sep 2023 07:47:45 GMT
cache-control: public, max-age=31536000
age: 405312
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 7faa6a78f896de4528c8cc9ed35bfa11
199ad87495595163d7d16b1eddb9506c8ddb4918
7effc4afbb7417799d0ecbb32fce2a94cba732e488fd4ce81ba5a77f4d7c13ca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 00:22:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 513 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 3d075cbbec2cc18a20a1db870bce3f51
536f76feba3296decc5cf6965701b10933ec674c
0679ef5c56cb72b88c00dba680f94a3c8546d6cb773fb2e817af49fe7b5747fa
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 13 Sep 2022 00:22:57 GMT
date: Tue, 13 Sep 2022 00:22:57 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-dKF8yDTuhGjrTu45LGEcNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash a83db60b8bf4f2de8a8d7cc88085b5c1
18f5d46700763b12129ea1b2c775d931cb73a26e
d30a3b53b2a6c413d9c7f9ca65e4b19533857882ae35eb8b24627f617c13df89
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 13 Sep 2022 00:22:58 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 13 Sep 2022 00:08:08 GMT
Expires: Wed, 14 Sep 2022 00:08:08 GMT
ETag: "18f5d46700763b12129ea1b2c775d931cb73a26e"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
fonts.googleapis.com/css?family=Libre+Baskerville&ver=6.0.2
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Libre+Baskerville&ver=6.0.2
IP 142.250.74.10:0
GET /css?family=Libre+Baskerville&ver=6.0.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 13 Sep 2022 00:22:55 GMT
date: Tue, 13 Sep 2022 00:22:55 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans&ver=6.0.2
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans&ver=6.0.2
IP 142.250.74.10:0
GET /css?family=Open+Sans&ver=6.0.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 13 Sep 2022 00:22:55 GMT
date: Tue, 13 Sep 2022 00:22:55 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Pirata+One&ver=6.0.2
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Pirata+One&ver=6.0.2
IP 142.250.74.10:0
GET /css?family=Pirata+One&ver=6.0.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 13 Sep 2022 00:22:55 GMT
date: Tue, 13 Sep 2022 00:22:55 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Play&ver=6.0.2
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Play&ver=6.0.2
IP 142.250.74.10:0
GET /css?family=Play&ver=6.0.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theconservativedispatch.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 13 Sep 2022 00:22:55 GMT
date: Tue, 13 Sep 2022 00:22:55 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2